Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Trolatunt, Moviemode, Iminent und co. (https://www.trojaner-board.de/156478-trolatunt-moviemode-iminent-co.html)

Snorre 15.07.2014 14:47
Trolatunt, Moviemode, Iminent und co.
 
Hi !
Mein Browser macht seit heute komische Dinge....deswegen hab ich nen Scan mit Antimalwarebytes gemacht und es hat 1405 Funde gezeigt :) Nicht schlecht.....

Hier die Logfile:

Warlord711 15.07.2014 15:05
Hallo Snorre



Mein Name ist Timo und ich werde Dir bei deinem Problem behilflich sein.
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lese die Anleitungen sorgfältig. Sollte es Probleme geben, bitte stoppen und hier so gut es geht beschreiben.
  • Nur Scans durchführen zu denen Du von einem Helfer aufgefordert wirst.
  • Bitte kein Crossposting ( posten in mehreren Foren).
  • Installiere oder Deinstalliere während der Bereinigung keine Software ausser Du wurdest dazu aufgefordert.
  • Lese Dir die Anleitung zuerst vollständig durch. Sollte etwas unklar sein, frage bevor Du beginnst.
  • Poste die Logfiles direkt in deinen Thread. Nicht anhängen ausser ich fordere Dich dazu auf.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist immer der sicherste Weg.

Wir "arbeiten" hier alle freiwillig und in unserer Freizeit *hust*. Daher kann es bei Antworten zu Verzögerungen kommen.
Solltest du innerhalb 48 Std keine Antwort von mir erhalten, dann schreib mit eine PM
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis ich oder jemand vom Team sagt, dass Du clean bist.

Wichtig:
Ich habe dein Thema in Arbeit und melde mich so schnell als möglich mit weiteren Anweisungen. Bitte beachte, dass alle meine Antworten zuerst von einem Ausbilder freigegeben werden müssen, bevor ich diese hier posten darf. Dies garantiert, dass Du Hilfe von einem ausgebildeten Helfer bekommst. Ich bedanke mich für deine Geduld :)
Schritt 1

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)



Achja, bitte in Code-Tags posten ;-)

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

Snorre 15.07.2014 15:38
Hi !

Ich weiss wie man die Logfiles postet....allerdings war der Text :) ...sprich zu viele Textzeichen.

Hier die Farbar logfile
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-07-2014 01
Ran by Andreas Tickert at 2014-07-15 16:22:53
Running from C:\Users\Andreas Tickert\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
1&1 Surf-Stick (HKLM-x32\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.2 - )
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
888poker (HKLM-x32\...\888poker) (Version:  - )
ACD/Labs Software in C:\ACDFREE12\ (HKLM-x32\...\ACDLabs in C__ACDFREE12_) (Version: v12.00, FREE - ACD/Labs)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.6.0.6090 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.6.0.6090 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version:  3.0 - Adobe Systems, Inc.)
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}) (Version: 1.5.17.25482 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.5.17.25482 - Alcor Micro Corp.) Hidden
Alice Greenfingers (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}) (Version:  - Oberon Media)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS AI Recovery (HKLM-x32\...\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}) (Version: 1.0.8 - ASUS)
ASUS AP Bank (HKLM-x32\...\ASUS AP Bank_is1) (Version: 1.0.0.0 - ASUSTEK)
ASUS FancyStart (HKLM-x32\...\{2B81872B-A054-48DA-BE3B-FA5C164C303A}) (Version: 1.0.8 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS)
ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS)
ASUS MultiFrame (HKLM-x32\...\{9D48531D-2135-49FC-BC29-ACCDA5396A76}) (Version: 1.0.0019 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}) (Version: 1.1.27 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0007 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0028 - ASUS)
ASUS USB2.0 UVC VGA WebCam (HKLM\...\ASUS USB2.0 UVC VGA WebCam) (Version: 5.8.53120.202 - Sonix)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.19 - asus)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 2.0.46.1429 - eCareme Technologies, Inc.)
ATI Catalyst Install Manager (HKLM\...\{46FE2A95-DD8A-9F52-DD44-6C22D715493D}) (Version: 3.0.804.0 - ATI Technologies, Inc.)
ATI Stream SDK v2 Developer (HKLM\...\{22441735-5983-AD2A-5CC5-FA2CCD7EF732}) (Version: 2.3.0.0 - ATI Technologies Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0001 - ASUS)
Audacity 1.3.12 (Unicode) (HKLM-x32\...\Audacity 1.3 Beta (Unicode)_is1) (Version:  - Audacity Team)
Avira (HKLM-x32\...\{142be4a8-895b-4ed9-b1ff-11c76357e3df}) (Version: 1.1.17.31000 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.17.31000 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.5.464 - Avira)
Biologie heute CD (HKLM-x32\...\com.schroedel.bioheuteeinleger) (Version: 1.0 - Bildungshaus Schulbuchverlage Westermann Schroedel Diesterwe)
Biologie heute CD (x32 Version: 1.0 - Bildungshaus Schulbuchverlage Westermann Schroedel Diesterwe) Hidden
Boingo Wi-Fi (HKLM-x32\...\{B653A2EC-D816-4498-A4FD-651047AB9DC9}) (Version: 1.7.0048 - Boingo Wireless, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center InstallProxy (x32 Version: 2009.1111.1543.28169 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.1125.2142.38865 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.1125.2142.38865 - ATI) Hidden
CCC Help English (x32 Version: 2010.1125.2141.38865 - ATI) Hidden
ccc-core-static (x32 Version: 2010.1125.2142.38865 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2010.1125.2142.38865 - ATI) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.4.0.2838 - CDBurnerXP)
Chemie_Aber_Sicher Version 1.0 (HKLM-x32\...\{0A64BFD0-0511-4C67-A3BF-D4C0C1055255}_is1) (Version: 1.0 - Marco Korn)
Chisela 5.2.2 (HKLM-x32\...\Chisela 5_is1) (Version:  - Axel Piechocki)
Cisco Systems VPN Client 5.0.07.0290 (HKLM\...\{467D5E81-8349-4892-9E81-C3674ED8E451}) (Version: 5.0.7 - Cisco Systems, Inc.)
clicup (HKCU\...\clicup) (Version: 1.0 - )
Clic-Up (HKLM-x32\...\ClicUp_uninstall) (Version:  - )
ControlDeck (HKLM-x32\...\{5B65EF64-1DFA-414A-8C94-7BB726158E21}) (Version: 1.0.5 - ASUS)
ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version:  - DownloadHelper)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1908 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 6.1.3602c - CyberLink Corp.) Hidden
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.3009.50 - CyberLink Corp.)
CyberLink PowerDVD 9 (x32 Version: 9.0.3009.50 - CyberLink Corp.) Hidden
DealPly (HKLM-x32\...\DealPly) (Version:  - DealPly) <==== ATTENTION
D-GISS 2013-2014 (HKLM-x32\...\{FFA79A68-E573-4291-916E-6E3467F52D90}) (Version: 18.0 - Universum Verlag GmbH, Wiesbaden)
Diablo III (HKLM-x32\...\Diablo III) (Version: 1.0.3.10235 - Blizzard Entertainment)
Dream Day Wedding Married in Manhattan (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115233673}) (Version:  - Oberon Media)
DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version:  - )
Elemente Chemie Multimedial 1 (HKLM-x32\...\{A505EBCB-C827-433F-B5A1-D242F20A4B23}) (Version: 1.00.0000 - Ernst Klett Verlag)
Elemente Chemie Multimedial 2 (HKLM-x32\...\{BB91071A-F029-4B98-B6EE-EBA3AB14D530}) (Version: 1.00.0000 - Ernst Klett Verlag)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 15.2.13992 - Landesfinanzdirektion Thüringen)
EndNote X3 (HKLM-x32\...\{86B3F2D6-AC2B-4E88-8AE1-F2F77F781B0C}) (Version: 13.0.0.4094 - Thomson Reuters)
EPSON-Drucker-Software (HKLM\...\EPSON Printer and Utilities) (Version:  - )
ETDWare PS/2-x64 7.0.5.9_WHQL (HKLM\...\Elantech) (Version:  - )
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.5 - ASUS)
Foto-Mosaik-Edda Standard V6.8.13221.1 (HKLM-x32\...\{A2D6ECD0-7E52-42B7-9236-DB2951436616}_is1) (Version:  - Steffen Schirmer)
Free Audio CD Burner version 1.4.7 (HKLM-x32\...\Free Audio CD Burner_is1) (Version:  - DVDVideoSoft Limited.)
Free FLV Converter V 7.5.0 (HKLM-x32\...\Free FLV Converter_is1) (Version: 7.5.0.0 - Koyote Soft)
Free YouTube Download version 3.2.23.218 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.23.218 - DVDVideoSoft Ltd.)
FreeFileSync 6.6 (HKLM-x32\...\FreeFileSync) (Version: 6.6 - Zenju)
Game Park Console (HKLM-x32\...\{C9991C9B-0783-452E-8954-AB93E2AB3B80}_is1) (Version: 6.2.0.2 - Oberon Media, Inc.)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GPL Ghostscript 9.01 (HKLM\...\GPL Ghostscript 9.01) (Version:  - )
HotPotatoes v 6.3.0.4 (HKLM-x32\...\hotpot_is1) (Version:  - HalfBaked)
HP Officejet Pro 8500 A910 - Grundlegende Software für das Gerät (HKLM\...\{E0FE1E14-3A7A-4DB0-9FFA-0DD945AE84DB}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Officejet Pro 8500 A910 Hilfe (HKLM-x32\...\{871B2A9D-0F12-44B3-88C1-E0CB10A232E4}) (Version: 140.0.2.2 - Hewlett Packard)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6259.0 - IDT)
IHMC CmapTools v5.04.02 (HKLM\...\IHMC CmapTools v5.04.02) (Version: 5.0.4.2 - Institute for Human & Machine Cognition)
Iminent (HKLM-x32\...\IMBoosterARP) (Version: 5.18.52.0 - Iminent) <==== ATTENTION
Iminent (x32 Version: 5.18.52.0 - Iminent) Hidden <==== ATTENTION
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.00.01.1002 - Intel Corporation)
Intel(R) Turbo Boost Technology Monitor (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.115.11 - Intel)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Marketsplash Schnellzugriffe (HKLM-x32\...\{7A108EBC-C9DF-4E14-93A8-42CF316F1ECF}) (Version: 1.0.1.7 - Hewlett-Packard)
Mein CEWE FOTOBUCH (HKLM-x32\...\Mein CEWE FOTOBUCH) (Version:  - )
Microsoft – Speichern als PDF – Add-In für 2007 Microsoft Office-Programme (HKLM-x32\...\{90120000-00B0-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Image Composite Editor (HKLM\...\{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}) (Version: 1.4.4 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Save as PDF Add-in for 2007 Microsoft Office programs (HKLM-x32\...\{90120000-00B0-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 2.3.188.0 - Microsoft Corporation) Hidden
Movie Mode (HKLM-x32\...\MovieMode) (Version: 2.7.19 - GenTechnologies Apps, LLC)
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MT66 Software Update (HKLM-x32\...\{F2E4F3A5-A8F0-46F4-8E91-E8C1DE1FCFE5}_is1) (Version:  - )
PanoramaStudio 2.2 ((deinstallieren)) (HKLM\...\PanoramaStudio2) (Version:  - )
partypoker (HKLM-x32\...\PartyPoker) (Version:  - PartyGaming)
PDF Blender (HKLM-x32\...\PDF Blender) (Version:  - )
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge)
PDF-XChange 3 (HKLM\...\PDF-XChange 3_is1) (Version:  - Tracker Software)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Piggly FREE (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-1173957}) (Version:  - Oberon Media)
PokerStars (HKLM-x32\...\PokerStars) (Version:  - PokerStars)
QuickTime (HKLM-x32\...\{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}) (Version: 7.2.0.240 - Apple Inc.)
Rainlendar2 (remove only) (HKLM-x32\...\Rainlendar2) (Version:  - )
ResearchSoft Direct Export Helper (HKLM-x32\...\ResearchSoft Direct Export Helper) (Version:  - )
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.6.8442 - Skype Technologies S.A.)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Smileyville FREE (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117396510}) (Version:  - Oberon Media)
Spotify (HKCU\...\Spotify) (Version: 0.9.8.296.g91f68827 - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
syncables desktop SE (HKLM-x32\...\{BBED4F90-7AE5-40BF-AFB7-1B495692F4AB}) (Version: 5.5.615.9518 - syncables)
trolatunt (HKLM\...\trolatunt) (Version: 2014.07.15.120640 - trolatunt) <==== ATTENTION
Ulead VideoStudio SE DVD (HKLM-x32\...\{8F8D9297-FDD2-405A-97E7-E52C7B2F97B3}) (Version: 10.0 - Ulead Systems)
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version:  - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROPLUS_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883030) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{F5DCAB53-C2FD-4E5A-8C83-0F37485E5E89}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_PROPLUS_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROPLUS_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_PROPLUS_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_PROPLUS_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Update Manager for SweetPacks 1.1 (HKLM-x32\...\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}) (Version: 1.1.0008 - SweetIM Technologies Ltd.) <==== ATTENTION
USB2.0 ATV (HKLM-x32\...\{3C873221-12B9-475D-8DCB-62D0B2179AF9}) (Version: 6.10.000.001 - Regulus)
VLC media player 2.0.8 (HKLM-x32\...\VLC media player) (Version: 2.0.8 - VideoLAN)
WEKA Chemie unterrichten 4.0 (HKLM-x32\...\WEKA Chemie unterrichten 4.0) (Version:  - )
Winamp (HKLM-x32\...\Winamp) (Version: 5.622  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
WinAVI Video Capture 2.0 (HKLM-x32\...\WinAVI Video Capture_is1) (Version:  - ZJ Computing, Inc.)
Windows Live Anmelde-Assistent (HKLM-x32\...\{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}) (Version: 5.000.818.6 - Microsoft Corporation)
Windows Live Call (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 14.0.8118.427 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.29.0 - ASUS)
WinZip 15.0 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240C0}) (Version: 15.0.9334 - WinZip Computing, S.L. )
Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.15 - ASUS)
WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
Yahoo Community Smartbar (HKLM-x32\...\{3BC7022B-CDE0-4664-9AB6-E3EC25CE644A}) (Version: 11.63.66.17714 - Linkury Inc.) <==== ATTENTION

==================== Restore Points  =========================

29-06-2014 14:20:16 Removed iTunes
03-07-2014 07:27:16 DCInstallRestorePoint
09-07-2014 23:07:45 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0A0FDA3F-5E6D-475D-89E0-977CC9F438E7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {19B48CB7-0826-4F6D-AFAB-937593F6F1E2} - System32\Tasks\{CE29DAE2-92A8-4E1F-952F-FAAF8305C5E4} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/en/abandoninstall?page=tsMain
Task: {3BDEC03B-795F-49B4-B52B-E786518853BF} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {5700AE5F-AE4B-4AF1-A8DF-CFBEA8BE9E21} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {69FF2FFD-A154-441D-8AF2-954E264B1BE1} - System32\Tasks\DealPlyUpdate => C:\Program Files (x86)\DealPly\DealPlyUpdate.exe <==== ATTENTION
Task: {77146C79-C0EB-455A-9B93-05640879A8C1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-09-20] (Google Inc.)
Task: {826172F3-9B2B-4514-A9BD-F7E3B64DD4BB} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {8591B643-39F1-49C1-80FE-0AC80CCD5010} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {A441F3BA-8138-4B30-BCAE-D3426581D841} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {A76E6355-9BE2-4960-B88E-BF161C93D556} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2009-05-19] (ASUS)
Task: {AC95DBCC-B3AF-4BC5-9404-4B74CDA8D70F} - System32\Tasks\{2EAB5D51-C12D-4DDD-9346-216B84680D51} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-02-10] (Skype Technologies S.A.)
Task: {B3BB5F81-D17E-4473-88A4-FE6AD6230B33} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2009-12-24] (ATK)
Task: {D1EE42D1-603F-40B7-B6DF-28A0623FFB16} - System32\Tasks\WC3 => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2010-01-05] ()
Task: {DC85D048-076B-4602-ABFC-FDD101171663} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-09-20] (Google Inc.)
Task: {DEAC988E-822A-4B0D-ADC0-11868C89E932} - System32\Tasks\ASUSControlDeck => C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe [2009-11-24] ()
Task: {E83A1D1E-7D36-44A2-B834-07D07EAF274D} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {F2DD509F-617B-4E6B-9A3C-01B3AD45F3B5} - System32\Tasks\MT66 Software Update => C:\Program Files (x86)\Common Files\MT66 Software Update\UpdateClient.exe [2009-11-18] (MedienTeam66)
Task: {FAAE8A0C-0C50-4D7E-860C-674C5989E9F0} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2009-07-23] (ATK)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\MT66 Software Update.job => C:\Program Files (x86)\Common Files\MT66 Software Update\UpdateClient.exe

==================== Loaded Modules (whitelisted) =============

2010-03-16 03:48 - 2010-03-16 03:48 - 00148816 _____ () C:\Program Files (x86)\ASUS\ASUS WebStorage\EcaremeDLL.dll
2010-09-20 08:34 - 2010-09-20 08:34 - 00030032 _____ () C:\Windows\assembly\GAC_MSIL\SqliteShared\1.0.3726.20828__0d0f4b69e50e559b\SqliteShared.dll
2010-09-20 08:34 - 2010-09-20 08:34 - 00931840 _____ () C:\Windows\assembly\GAC_64\System.Data.SQLite\1.0.60.0__db937bc2d44ff139\System.Data.SQLite.dll
2010-09-20 08:56 - 2007-11-30 20:20 - 00051768 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
2009-12-23 22:12 - 2009-12-23 22:12 - 00017920 _____ () C:\Program Files\P4G\DevMng.dll
2009-12-19 04:11 - 2009-12-19 04:11 - 00033280 _____ () C:\Program Files\P4G\OvrClk.dll
2010-01-05 02:43 - 2010-01-05 02:43 - 01597440 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
2009-11-24 22:45 - 2009-11-24 22:45 - 00053888 _____ () C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
2008-10-01 08:02 - 2008-10-01 08:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2010-03-16 03:48 - 2010-03-16 03:48 - 01754448 _____ () C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
2012-07-02 09:11 - 2012-07-02 09:11 - 03931136 _____ () C:\Program Files\Rainlendar2\Rainlendar2.exe
2012-05-16 21:12 - 2012-05-16 21:12 - 00179200 _____ () C:\Program Files\Rainlendar2\lua52.dll
2012-07-02 09:11 - 2012-07-02 09:11 - 00312320 _____ () C:\Program Files\Rainlendar2\plugins\iCalendarPlugin.dll
2012-06-17 15:21 - 2012-06-17 15:21 - 00015360 _____ () C:\Program Files\Rainlendar2\lfs.dll
2012-07-20 15:06 - 2011-08-25 10:50 - 00153424 _____ () C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe
2012-07-20 15:06 - 2011-08-25 10:50 - 00270672 _____ () C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe
2010-11-25 22:41 - 2010-11-25 22:41 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2010-03-16 03:48 - 2010-03-16 03:48 - 00079184 _____ () C:\Program Files (x86)\ASUS\ASUS WebStorage\EeeStorageUploader.exe
2014-07-15 14:08 - 2014-07-15 14:08 - 00321824 _____ () C:\Program Files (x86)\trolatunt\updatetrolatunt.exe
2014-07-15 16:14 - 2014-07-15 16:14 - 00321824 _____ () C:\Program Files (x86)\trolatunt\bin\utiltrolatunt.exe
2009-11-02 23:20 - 2009-11-02 23:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 23:23 - 2009-11-02 23:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 16:04 - 2014-04-23 16:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-03-23 14:26 - 2010-03-23 14:26 - 00201512 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00045848 _____ () C:\Users\Andreas Tickert\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00070936 _____ () C:\Users\Andreas Tickert\AppData\Local\Smartbar\Application\srau.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00166680 _____ () C:\Users\Andreas Tickert\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 02337048 _____ () C:\Users\Andreas Tickert\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00067864 _____ () C:\Users\Andreas Tickert\AppData\Local\Smartbar\Application\spbl.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00156952 _____ () C:\Users\Andreas Tickert\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00015128 _____ () C:\Users\Andreas Tickert\AppData\Local\Smartbar\Application\siem.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00066840 _____ () C:\Users\Andreas Tickert\AppData\Local\Smartbar\Application\sppsm.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00697624 _____ () C:\Users\Andreas Tickert\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00015640 _____ () C:\Users\Andreas Tickert\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00079640 _____ () C:\Users\Andreas Tickert\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00027928 _____ () C:\Users\Andreas Tickert\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
2014-06-11 15:29 - 2014-06-11 15:29 - 00060184 _____ () C:\Users\Andreas Tickert\AppData\Local\Smartbar\Application\srut.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00030488 _____ () C:\Users\Andreas Tickert\AppData\Local\Smartbar\Application\srsbs.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00066328 _____ () C:\Users\Andreas Tickert\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00150296 _____ () C:\Users\Andreas Tickert\AppData\Local\Smartbar\Application\smti.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00032024 _____ () C:\Users\Andreas Tickert\AppData\Local\Smartbar\Application\srom.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00031512 _____ () C:\Users\Andreas Tickert\AppData\Local\Smartbar\Application\smtu.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00040216 _____ () C:\Users\Andreas Tickert\AppData\Local\Smartbar\Application\smta.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00024856 _____ () C:\Users\Andreas Tickert\AppData\Local\Smartbar\Application\sgml.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00046872 _____ () C:\Users\Andreas Tickert\AppData\Local\Smartbar\Application\srbu.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00062744 _____ () C:\Users\Andreas Tickert\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00025368 _____ () C:\Users\Andreas Tickert\AppData\Local\Smartbar\Application\srpdm.dll
2014-06-11 15:27 - 2014-06-11 15:27 - 00044312 _____ () C:\Users\Andreas Tickert\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
2014-06-11 15:27 - 2014-06-11 15:27 - 00025880 _____ () C:\Users\Andreas Tickert\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00036120 _____ () C:\Users\Andreas Tickert\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
2014-06-11 15:28 - 2014-06-11 15:28 - 00256280 _____ () C:\Users\Andreas Tickert\AppData\Local\Smartbar\Application\srns.dll
2014-06-19 11:07 - 2014-06-19 11:07 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-07-15 15:15 - 2014-07-15 15:15 - 01177968 _____ () C:\ProgramData\MqiPCym\dat\MaeWsZX.dll
2014-07-07 13:53 - 2014-07-07 13:53 - 00137296 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-07-07 13:52 - 2014-07-07 13:52 - 00065616 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-07-15 15:57 - 2014-07-07 13:53 - 00049744 _____ () C:\Users\Andreas Tickert\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-07-09 15:33 - 2014-07-09 15:33 - 17029808 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: BDRegion => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: Iminent => C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"
MSCONFIG\startupreg: IminentMessenger => C:\Program Files (x86)\Iminent\Iminent.Messengers.exe /startup
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RemoteControl9 => "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
MSCONFIG\startupreg: Spotify => "C:\Users\Andreas Tickert\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Andreas Tickert\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

==================== Faulty Device Manager Devices =============

Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/15/2014 03:22:57 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: Tickert)
Description: Die Anwendung oder der Dienst "linmsl" konnte nicht heruntergefahren werden.

Error: (07/15/2014 03:22:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x17cc
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (07/15/2014 03:17:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0xe18
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (07/15/2014 03:14:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x146c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (07/15/2014 03:13:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0xbd4
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (07/14/2014 06:59:10 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (07/14/2014 06:58:01 PM) (Source: SideBySide) (EventID: 75) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.

Error: (07/13/2014 06:40:10 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (07/13/2014 06:38:45 PM) (Source: SideBySide) (EventID: 75) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.

Error: (07/12/2014 02:10:54 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


System errors:
=============
Error: (07/15/2014 02:46:52 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (07/14/2014 06:03:40 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (07/14/2014 07:43:49 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (07/13/2014 06:10:07 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (07/12/2014 01:40:53 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (07/11/2014 01:53:01 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (07/11/2014 05:53:17 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (07/10/2014 06:51:53 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (07/10/2014 08:59:29 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (07/09/2014 06:56:23 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.


Microsoft Office Sessions:
=========================
Error: (07/06/2014 07:01:58 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 2663 seconds with 780 seconds of active time.  This session ended with a crash.

Error: (05/30/2014 01:49:53 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 14749 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (12/11/2013 11:48:22 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 18462 seconds with 900 seconds of active time.  This session ended with a crash.

Error: (10/06/2013 11:51:13 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6679.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 11676 seconds with 240 seconds of active time.  This session ended with a crash.

Error: (09/21/2013 02:55:14 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6679.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3518 seconds with 420 seconds of active time.  This session ended with a crash.

Error: (09/05/2013 02:43:23 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 12542 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (04/24/2013 03:32:12 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 465 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (01/20/2013 11:28:07 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 504 seconds with 180 seconds of active time.  This session ended with a crash.

Error: (01/18/2013 04:39:09 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 17965 seconds with 6900 seconds of active time.  This session ended with a crash.

Error: (12/11/2012 06:38:31 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 4452 seconds with 2040 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2012-10-24 15:33:53.025
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-10-24 15:33:52.931
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Percentage of memory in use: 65%
Total physical RAM: 3948.54 MB
Available physical RAM: 1365.1 MB
Total Pagefile: 7895.27 MB
Available Pagefile: 4480.73 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:116.44 GB) (Free:19.9 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:329.79 GB) (Free:207.78 GB) NTFS
Drive f: (Festplatte Zuhause) (Fixed) (Total:931.51 GB) (Free:548.91 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: E0C5913D)
Partition 1: (Not Active) - (Size=20 GB) - (Type=1C)
Partition 2: (Active) - (Size=116 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=330 GB) - (Type=OF Extended)

========================================================
Disk: 1 (Size: 932 GB) (Disk ID: 00E90BC7)
Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Ups, der erste war die Addition:


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-07-2014 01
Ran by Andreas Tickert (administrator) on TICKERT on 15-07-2014 16:22:02
Running from C:\Users\Andreas Tickert\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_38986e29a8b510a2\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
(ASUS) C:\Windows\AsScrPro.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
() C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
(ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
() C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(AlcorMicro Co., Ltd.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
() C:\Program Files\Rainlendar2\Rainlendar2.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Spotify Ltd) C:\Users\Andreas Tickert\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Boingo Wireless, Inc.) C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
() C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files (x86)\ASUS\ASUS WebStorage\EeeStorageUploader.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files (x86)\trolatunt\updatetrolatunt.exe
(GenTechnologies Apps, LLC) C:\ProgramData\MqiPCym\mPJoeZ.exe
(Clichelper) C:\Users\Andreas Tickert\AppData\Local\Temp\clicup\clicup.exe
(Smartbar) C:\Users\Andreas Tickert\AppData\Local\Smartbar\Application\Smartbar.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
() C:\Program Files (x86)\trolatunt\bin\utiltrolatunt.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [621440 2009-09-30] (ELAN Microelectronic Corp.)
HKLM\...\Run: [ASUS WebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [1754448 2010-03-16] ()
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2009-11-27] (IDT, Inc.)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323584 2009-09-01] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [EPSON Stylus DX3800 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIACE.EXE [98304 2005-02-08] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [Boingo Wi-Fi] => C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk [2429 2010-09-20] ()
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [6998656 2009-10-27] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2009-08-20] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-11-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [UIExec] => C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe [153424 2011-08-25] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [UVS10 Preload] => C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe [36864 2006-08-09] (Ulead Systems, Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [189520 2014-07-07] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-07-02] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Runonce: [streamtransportzizt] -  [X]
HKU\S-1-5-21-3844998663-1645465265-2987210626-1001\...\Run: [Rainlendar2] => C:\Program Files\Rainlendar2\Rainlendar2.exe [3931136 2012-07-02] ()
HKU\S-1-5-21-3844998663-1645465265-2987210626-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-3844998663-1645465265-2987210626-1001\...\Run: [Spotify Web Helper] => C:\Users\Andreas Tickert\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-26] (Spotify Ltd)
HKU\S-1-5-21-3844998663-1645465265-2987210626-1001\...\Run: [Browser Infrastructure Helper] => C:\Users\Andreas Tickert\AppData\Local\Smartbar\Application\Smartbar.exe [28952 2014-06-11] (Smartbar)
HKU\S-1-5-21-3844998663-1645465265-2987210626-1001\...\Run: [clicup-Agent] => C:\Users\Andreas Tickert\AppData\Local\Temp\clicup\clicup.exe [445424 2014-07-10] (Clichelper) <===== ATTENTION
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe ()
ShellIconOverlayIdentifiers: AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll (eCareme Technologies, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82Kv8OE52z3gdcHRY9zLVEANQ_Xpco98KoTzpcBtLRV0aRiVIt3BWVRzLiwBy0bsdp0P4xPhJt1tPZJPI_5upEROJIlMaVXIPa2QGMqim6qxy4-3YT-c4nqmzpjhoPMa0-FG0kJ4pBER-JQ4lUGGKv0C_oDSToUVXYi1Uw,,
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82Kv8OE52z3gdcHRY9zLVEANQ_Xpco98KoTzpcBtLRV0aRiVIt3BWVRzLiwBy0bsdp0D8rJCu3i4eGOrkhDjGEbDwOrhuV2U02xjRH4gGeqd1OLfx0U584_bdDBRNhTgWBv_lg9VClazgTjgXVp6FglhU0pN4i34c2g7Mg,,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82Kv8OE52z3gdcHRY9zLVEANQ_Xpco98KoTzpcBtLRV0aRiVIt3BWVRzLiwBy0bsdp0D8rJCu3i4eGOrkhDjGEbDwOrhuV2U02xjRH4gGeqd1OLfx0U584_bdDBRNhTgWBv_lg9VClazgTjgXVp6FglhU0pN4i34c2g7Mg,,&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82Kv8OE52z3gdcHRY9zLVEANQ_Xpco98KoTzpcBtLRV0aRiVIt3BWVRzLiwBy0bsdp0D8rJCu3i4eGOrkhDjGEbDwOrhuV2U02xjRH4gGeqd1OLfx0U584_bdDBRNhTgWBv_lg9VClazgTjgXVp_o55zRxm6cvZxuyb4yg,,&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82Kv8OE52z3gdcHRY9zLVEANQ_Xpco98KoTzpcBtLRV0aRiVIt3BWVRzLiwBy0bsdp0D8rJCu3i4eGOrkhDjGEbDwOrhuV2U02xjRH4gGeqd1OLfx0U584_bdDBRNhTgWBv_lg9VClazgTjgXVp_o55zRxm6cvZxuyb4yg,,&q={searchTerms}
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82Kv8OE52z3gdcHRY9zLVEANQ_Xpco98KoTzpcBtLRV0aRiVIt3BWVRzLiwBy0bsdp0D8rJCu3i4eGOrkhDjGEbDwOrhuV2U02xjRH4gGeqd1OLfx0U584_bdDBRNhTgWBv_lg9VClazgTjgXVp6FglhU0pN4i34c2g7Mg,,&q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82Kv8OE52z3gdcHRY9zLVEANQ_Xpco98KoTzpcBtLRV0aRiVIt3BWVRzLiwBy0bsdp0D8rJCu3i4eGOrkhDjGEbDwOrhuV2U02xjRH4gGeqd1OLfx0U584_bdDBRNhTgWBv_lg9VClazgTjgXVp6FglhU0pN4i34c2g7Mg,,&q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Yahoo Community Smartbar (by Linkury)Engine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Windows Live Family Safety Browser Helper Class -> {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} -> C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: No Name -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} ->  No File
BHO-x32: No Name -> {120A8821-2BEE-4C29-BCDA-62C577781992} ->  No File
BHO-x32: Yahoo Community Smartbar (by Linkury)Engine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: trolatunt -> {59bc35cc-f3cb-4e2b-a21d-481d781207af} -> C:\Program Files (x86)\trolatunt\trolatuntbho.dll (trolatunt)
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: IMinent WebBooster (BHO) -> {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} -> C:\Program Files (x86)\Iminent\Iminent.WebBooster.InternetExplorer.dll (Iminent)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} ->  No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 01 %SystemRoot%\System32\mswsock.dll [327168] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Andreas Tickert\AppData\Roaming\Mozilla\Firefox\Profiles\wkarz4j6.default
FF DefaultSearchEngine: Web Search
FF SelectedSearchEngine: Web Search
FF Homepage: hxxp://www.spiegel.de/
FF NetworkProxy: "gopher", ""
FF NetworkProxy: "gopher_port", 0
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Andreas Tickert\AppData\Roaming\Mozilla\Firefox\Profiles\wkarz4j6.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\Andreas Tickert\AppData\Roaming\Mozilla\Firefox\Profiles\wkarz4j6.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Andreas Tickert\AppData\Roaming\Mozilla\Firefox\Profiles\wkarz4j6.default\Extensions\abs@avira.com [2014-07-15]
FF Extension: DownloadHelper - C:\Users\Andreas Tickert\AppData\Roaming\Mozilla\Firefox\Profiles\wkarz4j6.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-25]
FF Extension: Free Hide IP - C:\Users\Andreas Tickert\AppData\Roaming\Mozilla\Firefox\Profiles\wkarz4j6.default\Extensions\support@free-hideip.com.xpi [2014-07-03]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Andreas Tickert\AppData\Roaming\Mozilla\Firefox\Profiles\wkarz4j6.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-11-20]
FF Extension: Recorder Toolbar - C:\Program Files (x86)\Mozilla Firefox\extensions\{10743931-94DF-476f-A987-4391233C17A2} [2014-06-19]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-06-19]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff

Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (Softonic Chrome Toolbar) - C:\Users\Andreas Tickert\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf [2013-12-08]
CHR HKCU\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files (x86)\DealPly\DealPly.crx [2013-12-08]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\Andreas Tickert\AppData\Roaming\DVDVideoSoft\DVDVideoSoftBrowserExtension.crx [2012-11-06]
CHR HKLM-x32\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files (x86)\DealPly\DealPly.crx [2012-11-06]
CHR HKLM-x32\...\Chrome\Extension: [igdhbblpcellaljokkpfhcjlagemhgjl] - C:\Program Files (x86)\Iminent\Iminent.crx [2012-04-27]
CHR HKLM-x32\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\Andreas Tickert\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx [2012-09-12]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-10-10]
CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Users\Andreas Tickert\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx [2012-09-12]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-07-02] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-02] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [141392 2014-07-07] (Avira Operations GmbH & Co. KG)
R2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-10-01] (Intel Corporation) [File not signed]
R2 mPJoeZ; C:\ProgramData\MqiPCym\mPJoeZ.exe [2315632 2014-07-15] (GenTechnologies Apps, LLC)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_38986e29a8b510a2\STacSV64.exe [243712 2009-11-27] (IDT, Inc.)
R2 UI Assistant Service; C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe [270672 2011-08-25] ()
R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-09-28] (Ulead Systems, Inc.) [File not signed]
R2 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-10-01] (Intel Corporation) [File not signed]
R2 Update trolatunt; C:\Program Files (x86)\trolatunt\updatetrolatunt.exe [321824 2014-07-15] ()
R2 Util trolatunt; C:\Program Files (x86)\trolatunt\bin\utiltrolatunt.exe [321824 2014-07-15] ()

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-02] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-07-02] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-07-02] (Avira Operations GmbH & Co. KG)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-15] (Malwarebytes Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1799680 2009-08-12] ()
S3 StkTMini; C:\Windows\System32\Drivers\StkTMini.sys [528256 2007-11-15] (Syntek)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-08-06] ()
R1 {0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64; C:\Windows\System32\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64.sys [61112 2014-07-12] (StdLib)
R2 {B154377D-700F-42cc-9474-23858FBDF4BD}; C:\Program Files (x86)\CyberLink\PowerDVD9\000.fcl [146928 2010-02-24] (CyberLink Corp.)
U3 tmlwf;
U3 tmwfp;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-15 16:22 - 2014-07-15 16:22 - 00025579 _____ () C:\Users\Andreas Tickert\Downloads\FRST.txt
2014-07-15 16:21 - 2014-07-15 16:22 - 00000000 ____D () C:\FRST
2014-07-15 16:21 - 2014-07-15 16:21 - 02086912 _____ (Farbar) C:\Users\Andreas Tickert\Downloads\FRST64.exe
2014-07-15 16:15 - 2014-07-12 10:05 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64.sys
2014-07-15 16:02 - 2014-07-15 16:02 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Roaming\Avira
2014-07-15 15:59 - 2014-07-15 15:57 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-07-15 15:56 - 2014-07-02 13:06 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-07-15 15:56 - 2014-07-02 13:06 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-07-15 15:56 - 2014-07-02 13:06 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-07-15 15:52 - 2014-07-15 15:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-07-15 15:52 - 2014-07-15 15:56 - 00000000 ____D () C:\ProgramData\Avira
2014-07-15 15:52 - 2014-07-15 15:56 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-07-15 15:52 - 2014-07-15 15:52 - 00001139 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-07-15 15:52 - 2014-07-15 15:52 - 00000000 ____D () C:\ProgramData\Package Cache
2014-07-15 15:51 - 2014-07-15 15:51 - 00021304 _____ () C:\Users\Andreas Tickert\Desktop\Malwarebytes Logdatei.zip
2014-07-15 15:48 - 2014-07-15 15:49 - 00238937 _____ () C:\Users\Andreas Tickert\Desktop\Malwarebytes Logdatei.Xml
2014-07-15 15:40 - 2014-07-15 15:40 - 04621032 _____ (Avira Operations GmbH & Co. KG) C:\Users\Andreas Tickert\Downloads\avira_de_av___ws2.exe
2014-07-15 15:25 - 2014-07-15 15:25 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-15 15:24 - 2014-07-15 15:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-15 15:24 - 2014-07-15 15:24 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-15 15:24 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-15 15:24 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-15 15:15 - 2014-07-15 15:16 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Local\MovieMode
2014-07-15 15:15 - 2014-07-15 15:15 - 00000000 ____D () C:\ProgramData\MqiPCym
2014-07-15 15:14 - 2014-07-15 16:14 - 00000000 ____D () C:\Program Files (x86)\trolatunt
2014-07-15 15:14 - 2014-07-15 15:14 - 00002512 _____ () C:\Users\Andreas Tickert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-07-15 15:14 - 2014-07-15 15:14 - 00000000 ____D () C:\ProgramData\MovieMode
2014-07-15 15:13 - 2014-07-15 15:13 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Local\Smartbar
2014-07-15 15:13 - 2014-07-15 15:13 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Local\LPT
2014-07-15 15:09 - 2014-07-15 15:10 - 02975799 _____ (hxxp://www.streamtransport.com/ ) C:\Users\Andreas Tickert\Downloads\streamtransport_setup(1).exe
2014-07-10 11:01 - 2014-07-10 11:01 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Local\Adobe
2014-07-09 16:48 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-09 16:48 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-09 16:48 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 16:48 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 16:48 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 16:48 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 16:48 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-09 16:48 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 16:48 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-09 16:48 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 16:48 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-09 16:48 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-09 16:48 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 16:48 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 16:48 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 16:48 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-09 16:48 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-09 16:48 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-09 16:48 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 16:48 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-09 16:48 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 16:48 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 16:48 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 16:48 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 16:48 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 16:48 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 16:48 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 16:48 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 16:48 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-09 16:48 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-09 16:48 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-09 16:48 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-09 16:48 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 16:48 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 16:48 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 16:48 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-09 16:48 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 16:48 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-09 16:48 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-09 16:48 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-09 16:48 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-09 16:48 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 16:48 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-09 16:48 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-09 16:48 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 16:48 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 16:48 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 16:48 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 16:48 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 16:48 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 16:48 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-09 16:48 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 16:48 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 16:48 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 16:48 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-09 16:48 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 16:48 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 16:48 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-09 16:48 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 16:48 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 16:48 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 16:48 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 16:48 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 16:48 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-09 16:48 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-09 16:48 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-09 16:48 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-09 16:48 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-09 16:48 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-09 16:48 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-09 16:48 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-09 16:48 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-09 16:48 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-09 16:48 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-09 16:48 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-09 16:48 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-09 16:48 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-09 16:48 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-09 16:47 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 16:47 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-09 16:47 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-03 15:24 - 2014-07-03 15:25 - 08754136 _____ (CyberGhost S.R.L. ) C:\Users\Andreas Tickert\Downloads\CG_5.0.13.14.exe
2014-07-03 15:15 - 2014-07-03 15:16 - 02355259 _____ () C:\Users\Andreas Tickert\Downloads\FreeHideIP-3.9.7.8.Setup.exe
2014-07-03 15:15 - 2014-07-03 15:15 - 02355217 _____ () C:\Users\Andreas Tickert\Downloads\FreeHideIP-3.9.7.6.Setup.exe
2014-07-03 09:29 - 2014-07-03 09:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus- und Tastatur-Center
2014-07-03 09:28 - 2014-07-03 09:28 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-06-29 21:50 - 2014-06-29 21:57 - 72397448 _____ () C:\Users\Andreas Tickert\Downloads\5500912.zip
2014-06-29 20:31 - 2014-06-29 21:44 - 794544584 _____ () C:\Users\Andreas Tickert\Downloads\5511021.zip
2014-06-29 16:00 - 2014-06-29 16:00 - 02350139 _____ () C:\Users\Andreas Tickert\Downloads\WinAVI_Video_Capture.zip
2014-06-29 16:00 - 2014-06-29 16:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinAVI Video Capture
2014-06-29 16:00 - 2014-06-29 16:00 - 00000000 ____D () C:\Program Files (x86)\WinAVI Video Capture
2014-06-27 16:58 - 2014-06-29 16:22 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-27 16:58 - 2014-06-27 17:04 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Roaming\Apple Computer
2014-06-27 16:58 - 2014-06-27 16:58 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Local\Apple Computer
2014-06-27 16:55 - 2014-06-27 16:55 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-06-27 16:55 - 2014-06-27 16:55 - 00000000 ____D () C:\Program Files\Bonjour
2014-06-27 16:55 - 2014-06-27 16:55 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-06-27 16:55 - 2014-06-27 16:55 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-06-27 16:44 - 2014-06-27 16:47 - 112616784 _____ (Apple Inc.) C:\Users\Andreas Tickert\Downloads\iTunes64Setup.exe
2014-06-23 19:24 - 2014-06-23 19:24 - 00321424 _____ () C:\Windows\Minidump\062314-29655-01.dmp
2014-06-23 18:59 - 2014-06-23 19:14 - 00000000 ____D () C:\Users\Andreas Tickert\Documents\Ulead VideoStudio SE
2014-06-23 18:58 - 2014-06-23 19:02 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Roaming\Ulead Systems
2014-06-23 18:56 - 2014-06-23 18:56 - 00000000 ____D () C:\ProgramData\InstallShield
2014-06-23 18:55 - 2014-06-23 18:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ulead VideoStudio SE DVD
2014-06-23 18:55 - 2014-06-23 18:55 - 00002220 _____ () C:\Users\Public\Desktop\Ulead VideoStudio SE DVD.lnk
2014-06-23 18:55 - 2014-06-23 18:55 - 00000000 ____D () C:\Program Files (x86)\Windows Media-Komponenten
2014-06-23 18:54 - 2014-06-23 18:58 - 00000000 ____D () C:\ProgramData\Ulead Systems
2014-06-23 18:54 - 2014-06-23 18:54 - 00000000 ____D () C:\Program Files (x86)\Ulead Systems
2014-06-23 18:52 - 2014-06-23 18:52 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Roaming\InstallShield
2014-06-23 18:52 - 2007-11-15 20:33 - 00528256 _____ (Syntek) C:\Windows\system32\Drivers\StkTMini.sys
2014-06-23 18:52 - 2007-10-06 17:03 - 00053248 _____ (Syntek America Inc.) C:\Windows\SysWOW64\StkTProp.ax
2014-06-23 18:52 - 2006-12-20 09:08 - 06921856 _____ (Syntek America Inc.) C:\Windows\system32\Drivers\StkCPipe.sys
2014-06-19 11:07 - 2014-06-19 11:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2014-07-15 16:22 - 2014-07-15 16:22 - 00025579 _____ () C:\Users\Andreas Tickert\Downloads\FRST.txt
2014-07-15 16:22 - 2014-07-15 16:21 - 00000000 ____D () C:\FRST
2014-07-15 16:21 - 2014-07-15 16:21 - 02086912 _____ (Farbar) C:\Users\Andreas Tickert\Downloads\FRST64.exe
2014-07-15 16:15 - 2009-07-14 04:34 - 00000580 _____ () C:\Windows\win.ini
2014-07-15 16:14 - 2014-07-15 15:14 - 00000000 ____D () C:\Program Files (x86)\trolatunt
2014-07-15 16:02 - 2014-07-15 16:02 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Roaming\Avira
2014-07-15 15:57 - 2014-07-15 15:59 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-07-15 15:57 - 2014-07-15 15:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-07-15 15:56 - 2014-07-15 15:52 - 00000000 ____D () C:\ProgramData\Avira
2014-07-15 15:56 - 2014-07-15 15:52 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-07-15 15:53 - 2010-09-20 08:33 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-15 15:53 - 2010-09-20 08:07 - 01887411 _____ () C:\Windows\WindowsUpdate.log
2014-07-15 15:52 - 2014-07-15 15:52 - 00001139 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-07-15 15:52 - 2014-07-15 15:52 - 00000000 ____D () C:\ProgramData\Package Cache
2014-07-15 15:51 - 2014-07-15 15:51 - 00021304 _____ () C:\Users\Andreas Tickert\Desktop\Malwarebytes Logdatei.zip
2014-07-15 15:49 - 2014-07-15 15:48 - 00238937 _____ () C:\Users\Andreas Tickert\Desktop\Malwarebytes Logdatei.Xml
2014-07-15 15:40 - 2014-07-15 15:40 - 04621032 _____ (Avira Operations GmbH & Co. KG) C:\Users\Andreas Tickert\Downloads\avira_de_av___ws2.exe
2014-07-15 15:33 - 2012-04-02 08:34 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-15 15:25 - 2014-07-15 15:25 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-15 15:24 - 2014-07-15 15:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-15 15:24 - 2014-07-15 15:24 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-15 15:24 - 2012-01-16 19:52 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Roaming\Malwarebytes
2014-07-15 15:24 - 2012-01-16 19:52 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-15 15:24 - 2012-01-16 19:52 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-07-15 15:16 - 2014-07-15 15:15 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Local\MovieMode
2014-07-15 15:15 - 2014-07-15 15:15 - 00000000 ____D () C:\ProgramData\MqiPCym
2014-07-15 15:14 - 2014-07-15 15:14 - 00002512 _____ () C:\Users\Andreas Tickert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-07-15 15:14 - 2014-07-15 15:14 - 00000000 ____D () C:\ProgramData\MovieMode
2014-07-15 15:13 - 2014-07-15 15:13 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Local\Smartbar
2014-07-15 15:13 - 2014-07-15 15:13 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Local\LPT
2014-07-15 15:10 - 2014-07-15 15:09 - 02975799 _____ (hxxp://www.streamtransport.com/ ) C:\Users\Andreas Tickert\Downloads\streamtransport_setup(1).exe
2014-07-15 14:53 - 2009-07-14 06:45 - 00010240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-15 14:53 - 2009-07-14 06:45 - 00010240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-15 14:46 - 2012-09-10 20:31 - 00000000 ____D () C:\Users\Andreas Tickert\.rainlendar2
2014-07-15 14:45 - 2010-09-20 08:33 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-15 14:45 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-15 14:45 - 2009-07-14 06:51 - 00256317 _____ () C:\Windows\setupact.log
2014-07-15 08:41 - 2011-01-22 00:40 - 00000334 _____ () C:\Windows\Tasks\MT66 Software Update.job
2014-07-14 08:16 - 2012-10-31 19:36 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Roaming\vlc
2014-07-12 10:05 - 2014-07-15 16:15 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64.sys
2014-07-10 13:19 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-07-10 11:41 - 2014-03-13 13:54 - 00000000 ____D () C:\giss2013
2014-07-10 11:01 - 2014-07-10 11:01 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Local\Adobe
2014-07-10 08:58 - 2009-07-14 06:45 - 00438240 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-10 08:55 - 2014-05-06 20:17 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-10 08:55 - 2010-09-20 08:41 - 00200546 _____ () C:\Windows\PFRO.log
2014-07-10 08:55 - 2009-07-14 09:45 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-10 08:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-10 08:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-10 08:53 - 2013-08-26 20:39 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-10 08:50 - 2010-12-16 16:55 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-10 08:50 - 2010-12-13 10:27 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-09 15:33 - 2012-04-02 08:34 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-09 15:33 - 2012-04-02 08:34 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-09 15:33 - 2011-05-16 09:00 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-03 16:34 - 2010-12-09 11:40 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Roaming\Skype
2014-07-03 15:25 - 2014-07-03 15:24 - 08754136 _____ (CyberGhost S.R.L. ) C:\Users\Andreas Tickert\Downloads\CG_5.0.13.14.exe
2014-07-03 15:16 - 2014-07-03 15:15 - 02355259 _____ () C:\Users\Andreas Tickert\Downloads\FreeHideIP-3.9.7.8.Setup.exe
2014-07-03 15:15 - 2014-07-03 15:15 - 02355217 _____ () C:\Users\Andreas Tickert\Downloads\FreeHideIP-3.9.7.6.Setup.exe
2014-07-03 10:58 - 2009-08-04 11:51 - 00699682 _____ () C:\Windows\system32\perfh007.dat
2014-07-03 10:58 - 2009-08-04 11:51 - 00149790 _____ () C:\Windows\system32\perfc007.dat
2014-07-03 10:58 - 2009-07-14 07:13 - 01620510 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-03 09:29 - 2014-07-03 09:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus- und Tastatur-Center
2014-07-03 09:29 - 2014-01-09 15:40 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-07-03 09:29 - 2014-01-09 15:40 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-07-03 09:29 - 2014-01-09 15:40 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-07-03 09:29 - 2014-01-09 15:40 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-07-03 09:29 - 2014-01-09 15:40 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-07-03 09:28 - 2014-07-03 09:28 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-07-02 13:06 - 2014-07-15 15:56 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-07-02 13:06 - 2014-07-15 15:56 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-07-02 13:06 - 2014-07-15 15:56 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-07-01 13:57 - 2012-01-25 11:00 - 00000584 _____ () C:\Users\Andreas Tickert\Documents\grstyles.stl
2014-07-01 13:57 - 2012-01-25 10:59 - 00000328 _____ () C:\Users\Andreas Tickert\Documents\UserStl.sk
2014-06-30 04:09 - 2014-07-09 16:48 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-30 04:04 - 2014-07-09 16:48 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-29 21:57 - 2014-06-29 21:50 - 72397448 _____ () C:\Users\Andreas Tickert\Downloads\5500912.zip
2014-06-29 21:44 - 2014-06-29 20:31 - 794544584 _____ () C:\Users\Andreas Tickert\Downloads\5511021.zip
2014-06-29 20:10 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-06-29 16:22 - 2014-06-27 16:58 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-29 16:00 - 2014-06-29 16:00 - 02350139 _____ () C:\Users\Andreas Tickert\Downloads\WinAVI_Video_Capture.zip
2014-06-29 16:00 - 2014-06-29 16:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinAVI Video Capture
2014-06-29 16:00 - 2014-06-29 16:00 - 00000000 ____D () C:\Program Files (x86)\WinAVI Video Capture
2014-06-28 06:57 - 2010-09-20 08:56 - 00002486 _____ () C:\Windows\system32\AutoRunFilter.ini
2014-06-28 06:57 - 2010-09-20 08:56 - 00001473 _____ () C:\Windows\system32\ServiceFilter.ini
2014-06-27 17:04 - 2014-06-27 16:58 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Roaming\Apple Computer
2014-06-27 16:58 - 2014-06-27 16:58 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Local\Apple Computer
2014-06-27 16:58 - 2012-09-29 12:43 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-06-27 16:55 - 2014-06-27 16:55 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-06-27 16:55 - 2014-06-27 16:55 - 00000000 ____D () C:\Program Files\Bonjour
2014-06-27 16:55 - 2014-06-27 16:55 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-06-27 16:55 - 2014-06-27 16:55 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-06-27 16:55 - 2012-09-29 12:42 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-06-27 16:55 - 2012-09-29 12:42 - 00000000 ____D () C:\ProgramData\Apple
2014-06-27 16:47 - 2014-06-27 16:44 - 112616784 _____ (Apple Inc.) C:\Users\Andreas Tickert\Downloads\iTunes64Setup.exe
2014-06-27 16:43 - 2014-02-09 20:11 - 00000000 ____D () C:\Users\Andreas Tickert\.gimp-2.8
2014-06-23 19:24 - 2014-06-23 19:24 - 00321424 _____ () C:\Windows\Minidump\062314-29655-01.dmp
2014-06-23 19:24 - 2010-12-31 19:40 - 00000000 ____D () C:\Windows\Minidump
2014-06-23 19:14 - 2014-06-23 18:59 - 00000000 ____D () C:\Users\Andreas Tickert\Documents\Ulead VideoStudio SE
2014-06-23 19:02 - 2014-06-23 18:58 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Roaming\Ulead Systems
2014-06-23 18:58 - 2014-06-23 18:54 - 00000000 ____D () C:\ProgramData\Ulead Systems
2014-06-23 18:58 - 2010-12-09 11:25 - 00121480 _____ () C:\Users\Andreas Tickert\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-23 18:56 - 2014-06-23 18:56 - 00000000 ____D () C:\ProgramData\InstallShield
2014-06-23 18:56 - 2014-06-23 18:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ulead VideoStudio SE DVD
2014-06-23 18:55 - 2014-06-23 18:55 - 00002220 _____ () C:\Users\Public\Desktop\Ulead VideoStudio SE DVD.lnk
2014-06-23 18:55 - 2014-06-23 18:55 - 00000000 ____D () C:\Program Files (x86)\Windows Media-Komponenten
2014-06-23 18:55 - 2010-09-20 08:23 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-23 18:54 - 2014-06-23 18:54 - 00000000 ____D () C:\Program Files (x86)\Ulead Systems
2014-06-23 18:52 - 2014-06-23 18:52 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Roaming\InstallShield
2014-06-21 14:39 - 2012-03-21 22:57 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Roaming\CmapTools
2014-06-21 11:24 - 2012-04-07 16:04 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Roaming\dvdcss
2014-06-21 11:18 - 2012-03-21 22:57 - 00000000 ____D () C:\Users\Andreas Tickert\Documents\My Cmaps
2014-06-21 10:31 - 2012-03-21 22:57 - 00002054 _____ () C:\Users\Andreas Tickert\.powerupdate.user.properties
2014-06-20 22:14 - 2014-07-09 16:48 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-20 21:39 - 2014-07-09 16:48 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-06-20 12:48 - 2010-09-20 08:33 - 00004120 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-20 12:48 - 2010-09-20 08:33 - 00003868 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-20 11:55 - 2012-08-05 21:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-19 11:07 - 2014-06-19 11:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-19 03:39 - 2014-07-09 16:48 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-19 03:06 - 2014-07-09 16:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-19 03:06 - 2014-07-09 16:48 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-19 02:48 - 2014-07-09 16:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-19 02:42 - 2014-07-09 16:48 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-19 02:42 - 2014-07-09 16:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-19 02:41 - 2014-07-09 16:48 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-06-19 02:41 - 2014-07-09 16:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-19 02:32 - 2014-07-09 16:48 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-19 02:31 - 2014-07-09 16:48 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-19 02:26 - 2014-07-09 16:48 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-19 02:24 - 2014-07-09 16:48 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-19 02:24 - 2014-07-09 16:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-19 02:23 - 2014-07-09 16:48 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-19 02:16 - 2014-07-09 16:48 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-19 02:14 - 2014-07-09 16:48 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-19 02:09 - 2014-07-09 16:48 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-19 01:59 - 2014-07-09 16:48 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-19 01:56 - 2014-07-09 16:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-19 01:53 - 2014-07-09 16:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-19 01:51 - 2014-07-09 16:48 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-19 01:50 - 2014-07-09 16:48 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-19 01:48 - 2014-07-09 16:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-19 01:39 - 2014-07-09 16:48 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-19 01:38 - 2014-07-09 16:48 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-19 01:37 - 2014-07-09 16:48 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-19 01:36 - 2014-07-09 16:48 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-19 01:35 - 2014-07-09 16:48 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-06-19 01:33 - 2014-07-09 16:48 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-19 01:32 - 2014-07-09 16:48 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-19 01:28 - 2014-07-09 16:48 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-19 01:28 - 2014-07-09 16:48 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-19 01:27 - 2014-07-09 16:48 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-19 01:27 - 2014-07-09 16:48 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-19 01:25 - 2014-07-09 16:48 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-19 01:23 - 2014-07-09 16:48 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-19 01:22 - 2014-07-09 16:48 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-19 01:12 - 2014-07-09 16:48 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-19 01:06 - 2014-07-09 16:48 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-19 01:01 - 2014-07-09 16:48 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-19 00:59 - 2014-07-09 16:48 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-19 00:58 - 2014-07-09 16:48 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-19 00:58 - 2014-07-09 16:48 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-19 00:52 - 2014-07-09 16:48 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-19 00:51 - 2014-07-09 16:48 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-19 00:49 - 2014-07-09 16:48 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-19 00:46 - 2014-07-09 16:48 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-19 00:45 - 2014-07-09 16:48 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-19 00:35 - 2014-07-09 16:48 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-19 00:34 - 2014-07-09 16:48 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-19 00:15 - 2014-07-09 16:48 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-19 00:13 - 2014-07-09 16:48 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-19 00:09 - 2014-07-09 16:48 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-19 00:07 - 2014-07-09 16:48 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-18 04:18 - 2014-07-09 16:48 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-06-18 03:51 - 2014-07-09 16:48 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-06-18 03:10 - 2014-07-09 16:48 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

Files to move or delete:
====================
C:\Users\Andreas Tickert\AppData\Local\Temp\clicup\clicup.exe


Some content of TEMP:
====================
C:\Users\Andreas Tickert\AppData\Local\Temp\avgnt.exe
C:\Users\Andreas Tickert\AppData\Local\Temp\f.exe
C:\Users\Andreas Tickert\AppData\Local\Temp\ICReinstall_CodecPack.exe
C:\Users\Andreas Tickert\AppData\Local\Temp\Installer.exe
C:\Users\Andreas Tickert\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\Andreas Tickert\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Andreas Tickert\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Andreas Tickert\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Andreas Tickert\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Andreas Tickert\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Andreas Tickert\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Andreas Tickert\AppData\Local\Temp\MouseKeyboardCenterx64_1031.exe
C:\Users\Andreas Tickert\AppData\Local\Temp\PreExe_ID_13667.exe
C:\Users\Andreas Tickert\AppData\Local\Temp\setup.exe
C:\Users\Andreas Tickert\AppData\Local\Temp\somoto_falcon.exe
C:\Users\Andreas Tickert\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Andreas Tickert\AppData\Local\Temp\trolatuntSetup.exe
C:\Users\Andreas Tickert\AppData\Local\Temp\vlc-2.0.8-win32.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-08 13:15

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

Noch ne Frage zum formatieren.
Ich hab mal vor ner Weile ne Recovery CD erstellt wenn ich mich nich irre.
Wie gehe ich dann vor?
Oder kann es sein dass da dann auch schon Viren mit drauf sind?
Ne Windows 7 Cd hab ich nämlich nich.

Warlord711 17.07.2014 19:05
Adware & Co. deinstallieren

Solltest Du ein Programm nicht finden oder nicht deinstallieren können, mache bitte mit dem nächsten Schritt weiter:


Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Snorre 18.07.2014 05:45
Hey !

Hier die Combo-fix Logdatei

Code:
ComboFix 14-07-17.03 - Andreas Tickert 18.07.2014  6:23.2.4 - x64
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.3949.2184 [GMT 2:00]
ausgeführt von:: c:\users\Andreas Tickert\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
c:\programdata\moviemode
c:\programdata\moviemode\app.dat
c:\programdata\moviemode\data.dat
c:\programdata\moviemode\MovieMode.ico
c:\programdata\moviemode\Uninstall.exe
c:\users\ANDREA~1\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\users\Andreas Tickert\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
F:\Autorun.inf
F:\khq
H:\Autorun.inf
.
.
(((((((((((((((((((((((  Dateien erstellt von 2014-06-18 bis 2014-07-18  ))))))))))))))))))))))))))))))
.
.
2014-07-17 18:08 . 2014-07-17 18:08        --------        d-----w-        c:\program files (x86)\VS Revo Group
2014-07-15 16:05 . 2014-07-15 16:07        --------        d-----w-        c:\users\Andreas Tickert\AppData\Roaming\ImgBurn
2014-07-15 15:58 . 2014-07-15 15:58        --------        d-----w-        c:\program files (x86)\ImgBurn
2014-07-15 14:21 . 2014-07-15 14:24        --------        d-----w-        C:\FRST
2014-07-15 14:15 . 2014-07-12 08:05        61112        ----a-w-        c:\windows\system32\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64.sys
2014-07-15 14:02 . 2014-07-15 14:02        --------        d-----w-        c:\users\Andreas Tickert\AppData\Roaming\Avira
2014-07-15 13:59 . 2014-07-15 13:57        42040        ----a-w-        c:\windows\system32\drivers\avnetflt.sys
2014-07-15 13:56 . 2014-07-02 11:06        28600        ----a-w-        c:\windows\system32\drivers\avkmgr.sys
2014-07-15 13:56 . 2014-07-02 11:06        130584        ----a-w-        c:\windows\system32\drivers\avipbb.sys
2014-07-15 13:56 . 2014-07-02 11:06        117712        ----a-w-        c:\windows\system32\drivers\avgntflt.sys
2014-07-15 13:52 . 2014-07-15 13:56        --------        d-----w-        c:\program files (x86)\Avira
2014-07-15 13:52 . 2014-07-15 13:56        --------        d-----w-        c:\programdata\Avira
2014-07-15 13:52 . 2014-07-15 13:52        --------        d-----w-        c:\programdata\Package Cache
2014-07-15 13:25 . 2014-07-17 06:48        122584        ----a-w-        c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-07-15 13:24 . 2014-07-15 13:24        --------        d-----w-        c:\program files (x86)\Malwarebytes Anti-Malware
2014-07-15 13:24 . 2014-05-12 05:26        63704        ----a-w-        c:\windows\system32\drivers\mwac.sys
2014-07-15 13:24 . 2014-05-12 05:26        91352        ----a-w-        c:\windows\system32\drivers\mbamchameleon.sys
2014-07-15 13:15 . 2014-07-15 16:12        --------        d-----w-        c:\users\Andreas Tickert\AppData\Local\MovieMode
2014-07-15 13:15 . 2014-07-15 13:15        --------        d-----w-        c:\programdata\MqiPCym
2014-07-15 13:13 . 2014-07-15 13:13        --------        d-----w-        c:\users\Andreas Tickert\AppData\Local\LPT
2014-07-15 13:13 . 2014-07-15 13:13        --------        d-----w-        c:\users\Andreas Tickert\AppData\Local\Smartbar
2014-07-10 09:01 . 2014-07-10 09:01        --------        d-----w-        c:\users\Andreas Tickert\AppData\Local\Adobe
2014-07-09 14:47 . 2014-06-05 14:45        1460736        ----a-w-        c:\windows\system32\lsasrv.dll
2014-07-09 14:47 . 2014-06-05 14:26        22016        ----a-w-        c:\windows\SysWow64\secur32.dll
2014-07-09 14:47 . 2014-06-05 14:25        96768        ----a-w-        c:\windows\SysWow64\sspicli.dll
2014-07-03 07:28 . 2014-07-03 07:28        --------        d-----w-        c:\program files\Microsoft Mouse and Keyboard Center
2014-06-29 14:00 . 2014-06-29 14:00        --------        d-----w-        c:\program files (x86)\WinAVI Video Capture
2014-06-27 14:58 . 2014-06-27 15:04        --------        d-----w-        c:\users\Andreas Tickert\AppData\Roaming\Apple Computer
2014-06-27 14:58 . 2014-06-27 14:58        --------        d-----w-        c:\users\Andreas Tickert\AppData\Local\Apple Computer
2014-06-27 14:58 . 2014-06-29 14:22        --------        d-----w-        c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-27 14:55 . 2014-06-27 14:55        --------        d-----w-        c:\program files (x86)\Apple Software Update
2014-06-27 14:55 . 2014-06-27 14:55        --------        d-----w-        c:\program files\Common Files\Apple
2014-06-27 14:55 . 2014-06-27 14:55        --------        d-----w-        c:\program files\Bonjour
2014-06-27 14:55 . 2014-06-27 14:55        --------        d-----w-        c:\program files (x86)\Bonjour
2014-06-27 14:54 . 2014-06-29 14:22        --------        d-----w-        c:\program files (x86)\Common Files\Apple
2014-06-23 16:58 . 2014-06-23 17:02        --------        d-----w-        c:\users\Andreas Tickert\AppData\Roaming\Ulead Systems
2014-06-23 16:56 . 2014-06-23 16:56        --------        d-----w-        c:\programdata\InstallShield
2014-06-23 16:56 . 2005-06-10 03:44        81920        ----a-r-        c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe
2014-06-23 16:56 . 2005-06-10 03:44        278528        ----a-r-        c:\program files (x86)\Common Files\InstallShield\UpdateService\ISDM.exe
2014-06-23 16:55 . 2005-06-10 03:44        368640        ----a-r-        c:\program files (x86)\Common Files\InstallShield\UpdateService\_isusres.dll
2014-06-23 16:55 . 2014-06-23 16:55        --------        d-----w-        c:\program files (x86)\Windows Media-Komponenten
2014-06-23 16:54 . 2014-06-23 16:58        --------        d-----w-        c:\programdata\Ulead Systems
2014-06-23 16:54 . 2014-06-23 16:54        --------        d-----w-        c:\program files (x86)\Common Files\Ulead Systems
2014-06-23 16:54 . 2014-06-23 16:54        --------        d-----w-        c:\program files (x86)\Ulead Systems
2014-06-23 16:54 . 2005-06-10 03:44        618496        ----a-r-        c:\program files (x86)\Common Files\InstallShield\UpdateService\agent.exe
2014-06-23 16:53 . 2003-02-27 14:12        696320        ----a-w-        c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll
2014-06-23 16:53 . 2002-12-05 12:10        155648        ----a-w-        c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll
2014-06-23 16:53 . 2002-12-02 13:22        5632        ----a-w-        c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
2014-06-23 16:53 . 2002-12-02 11:33        57344        ----a-w-        c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll
2014-06-23 16:53 . 2002-12-02 11:33        32768        ----a-w-        c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
2014-06-23 16:53 . 2002-12-02 11:33        237568        ----a-w-        c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll
2014-06-23 16:53 . 2014-06-23 16:53        163972        ----a-w-        c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll
2014-06-23 16:53 . 2014-06-23 16:53        282756        ----a-w-        c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll
2014-06-23 16:52 . 2007-10-06 15:03        53248        ----a-w-        c:\windows\SysWow64\StkTProp.ax
2014-06-23 16:52 . 2007-11-15 18:33        528256        ----a-w-        c:\windows\system32\drivers\StkTMini.sys
2014-06-23 16:52 . 2006-12-20 07:08        6921856        ----a-w-        c:\windows\system32\drivers\StkCPipe.sys
2014-06-23 16:52 . 2014-06-23 16:52        --------        d-----w-        c:\users\Andreas Tickert\AppData\Roaming\InstallShield
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-10 06:50 . 2010-12-16 14:55        96441528        ----a-w-        c:\windows\system32\MRT.exe
2014-07-09 13:33 . 2012-04-02 06:34        699056        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2014-07-09 13:33 . 2011-05-16 07:00        71344        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-06-06 10:47 . 2014-06-06 10:47        4558848        ----a-w-        c:\windows\SysWow64\GPhotos.scr
2014-05-12 05:25 . 2012-01-16 17:52        25816        ----a-w-        c:\windows\system32\drivers\mbam.sys
2014-04-25 02:34 . 2014-06-14 10:25        801280        ----a-w-        c:\windows\system32\usp10.dll
2014-04-25 02:06 . 2014-06-14 10:25        626688        ----a-w-        c:\windows\SysWow64\usp10.dll
2003-03-21 12:45 . 2012-02-14 18:33        250544        ----a-w-        c:\program files (x86)\Common Files\keyhelp.ocx
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}]
2010-11-05 01:58        297808        ----a-w-        c:\windows\System32\mscoree.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Rainlendar2"="c:\program files\Rainlendar2\Rainlendar2.exe" [2012-07-02 3931136]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Spotify Web Helper"="c:\users\Andreas Tickert\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-04-26 1171000]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"Boingo Wi-Fi"="c:\program files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk" [2010-09-20 2429]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2009-10-27 6998656]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2009-08-20 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-11-25 98304]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]
"UIExec"="c:\program files (x86)\1&1 Surf-Stick\UIExec.exe" [2011-08-25 153424]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"UVS10 Preload"="c:\program files (x86)\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe" [2006-08-09 36864]
"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2014-07-07 189520]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-07-02 750160]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe -d [2010-9-20 12862]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 UI Assistant Service;UI Assistant Service;c:\program files (x86)\1&1 Surf-Stick\AssistantServices.exe;c:\program files (x86)\1&1 Surf-Stick\AssistantServices.exe [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys;c:\windows\SYSNATIVE\drivers\massfilter.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 StkTMini;Syntek AVStream USB2.0 ATV;c:\windows\system32\Drivers\StkTMini.sys;c:\windows\SYSNATIVE\Drivers\StkTMini.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S1 {0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64;{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64;c:\windows\system32\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64.sys;c:\windows\SYSNATIVE\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/09/19 23:23];c:\program files (x86)\CyberLink\PowerDVD9\000.fcl;c:\program files (x86)\CyberLink\PowerDVD9\000.fcl [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe;c:\windows\SYSNATIVE\FBAgent.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x]
S2 mPJoeZ;mPJoeZ;c:\programdata\MqiPCym\mPJoeZ.exe;c:\programdata\MqiPCym\mPJoeZ.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2014-07-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 13:33]
.
2014-07-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-20 06:33]
.
2014-07-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-20 06:33]
.
2014-07-17 c:\windows\Tasks\MT66 Software Update.job
- c:\program files (x86)\Common Files\MT66 Software Update\UpdateClient.exe [2011-01-21 17:44]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49        70656        ----a-w-        c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49        70656        ----a-w-        c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-09-30 621440]
"ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-11-27 487424]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-01 323584]
"EPSON Stylus DX3800 Series"="c:\windows\system32\spool\DRIVERS\x64\3\E_FATIACE.EXE" [2005-02-08 98304]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82Kv8OE52z3gdcHRY9zLVEANQ_Xpco98KoTzpcBtLRV0aRiVIt3BWVRzLiwBy0bsdp0P4xPhJt1tPZJPI_5upEROJIlMaVXIPa2QGMqim6qxy4-3YT-c4nqmzpjhoPMa0-FG0kJ4pBER-JQ4lUGFtH9qmVBX6b0dwypyDA,,
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82Kv8OE52z3gdcHRY9zLVEANQ_Xpco98KoTzpcBtLRV0aRiVIt3BWVRzLiwBy0bsdp0D8rJCu3i4eGOrkhDjGEbDwOrhuV2U02xjRH4gGeqd1OLfx0U584_bdDBRNhTgWBv_lg9VClazgTjgXVp5YI9X3aHDqOgCG-OL1g,,&q={searchTerms}
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Andreas Tickert\AppData\Roaming\Mozilla\Firefox\Profiles\wkarz4j6.default\
FF - prefs.js: network.proxy.gopher -
FF - prefs.js: network.proxy.gopher_port - 0
FF - prefs.js: network.proxy.type - 0
FF - user.js: extensions.Softonic.tlbrSrchUrl - hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=1&cc=&mi=988cac050000000000004e5d603dcb7e&q=
FF - user.js: extensions.Softonic.id - 988cac050000000000004e5d603dcb7e
FF - user.js: extensions.Softonic.appId - {7ABBFE1C-E485-44AA-8F36-353751B4124D}
FF - user.js: extensions.Softonic.instlDay - 16047
FF - user.js: extensions.Softonic.vrsn - 1.8.21.14
FF - user.js: extensions.Softonic.vrsni - 1.8.21.14
FF - user.js: extensions.Softonic.vrsnTs - 1.8.21.1410:29
FF - user.js: extensions.Softonic.prtnrId - softonic
FF - user.js: extensions.Softonic.prdct - Softonic
FF - user.js: extensions.Softonic.aflt - OC
FF - user.js: extensions.Softonic.smplGrp - none
FF - user.js: extensions.Softonic.tlbrId - opencandy2013
FF - user.js: extensions.Softonic.instlRef - MOY00621
FF - user.js: extensions.Softonic.dfltLng - de
FF - user.js: extensions.Softonic.excTlbr - false
FF - user.js: extensions.Softonic.ffxUnstlRst - false
FF - user.js: extensions.Softonic.admin - false
FF - user.js: extensions.Softonic.autoRvrt - false
FF - user.js: extensions.Softonic.rvrt - false
FF - user.js: extensions.Softonic.hmpg - true
FF - user.js: extensions.Softonic.hmpgUrl - hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=13&cc=&mi=988cac050000000000004e5d603dcb7e
FF - user.js: extensions.Softonic.dfltSrch - true
FF - user.js: extensions.Softonic.srchPrvdr - Search the web (Softonic)
FF - user.js: extensions.Softonic.dnsErr - true
FF - user.js: extensions.Softonic.newTab - true
FF - user.js: extensions.Softonic.newTabUrl - hxxp://search.softonic.com/MOY00621/tb_v1/?SearchSource=15&cc=&mi=988cac050000000000004e5d603dcb7e
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - (no file)
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
Wow6432Node-HKCU-Run-Browser Infrastructure Helper - c:\users\Andreas Tickert\AppData\Local\Smartbar\Application\Smartbar.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
BHO-{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - (no file)
AddRemove-DealPly - c:\program files (x86)\DealPly\uninst.exe
AddRemove-Free Audio CD Burner_is1 - c:\program files (x86)\DVDVideoSoft\Free Audio CD Burner\unins000.exe
AddRemove-MovieMode - c:\programdata\MovieMode\uninstall.exe
AddRemove-PokerStars - c:\program files (x86)\PokerStars\PokerStarsUninstall.exe
AddRemove-Uninstall_is1 - c:\program files (x86)\Common Files\DVDVideoSoft\unins000.exe
AddRemove-WEKA Chemie unterrichten 4.0 - c:\windows\IsUn0407.exe
AddRemove-clicup - c:\users\ANDREA~1\AppData\Local\Temp\clicup\Uninstaller.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{B154377D-700F-42cc-9474-23858FBDF4BD}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD9\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\SmartLogon\smartlogon.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
c:\windows\AsScrPro.exe
c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Cisco Systems\VPN Client\cvpnd.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-07-18  06:41:34 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-07-18 04:41
.
Vor Suchlauf: 24 Verzeichnis(se), 21.121.245.184 Bytes frei
Nach Suchlauf: 26 Verzeichnis(se), 22.542.360.576 Bytes frei
.
- - End Of File - - 95E7AFC2E3E6AD4B7A6679E8F8C10675
A36C5E4F47E84449FF07ED3517B43A31

Warlord711 18.07.2014 17:17
Adware & Co. deinstallieren

Solltest Du ein Programm nicht finden oder nicht deinstallieren können, mache bitte mit dem nächsten Schritt weiter:


Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Schritt 2

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.



Schritt 3
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.



Schritt 4
Starte noch einmal FRST.
  • Ändere keine der Voreinstellungen und drücke auf Scan.
  • Wenn der Scan abgeschlossen ist, werden ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
  • Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.


In der Antwort bitte posten:
  • AdwCleaner Log
  • JRT Log
  • Malwarebytes Log
  • frischer FRST Log

Warlord711 21.07.2014 13:14
Fehlende Rückmeldung
Benötigst du noch Hilfe ? Ansonsten wird dieses Thema in 48h aus meinen Abos gelöscht. Somit bekomme ich dann keine Benachrichtigung über neue Antworten.
PM an mich falls Du denoch weiter machen willst.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen

Snorre 21.07.2014 14:56
Logs kommen

Warlord711 21.07.2014 14:57
OK ;-)

Snorre 21.07.2014 15:04
ADW Cleaner 1
Code:
# AdwCleaner v3.216 - Bericht erstellt am 21/07/2014 um 07:52:05
# Aktualisiert 17/07/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Andreas Tickert - TICKERT
# Gestartet von : C:\Users\Andreas Tickert\Downloads\adwcleaner_3.216.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly
Ordner Gelöscht : C:\Program Files (x86)\Red Sky
Ordner Gelöscht : C:\Users\Andreas Tickert\AppData\Local\Linkury
Ordner Gelöscht : C:\Users\Andreas Tickert\AppData\Local\LPT
Ordner Gelöscht : C:\Users\Andreas Tickert\AppData\Local\MovieMode
Ordner Gelöscht : C:\Users\Andreas Tickert\AppData\Local\Smartbar
Ordner Gelöscht : C:\Users\Andreas Tickert\AppData\LocalLow\Softonic
Ordner Gelöscht : C:\Users\Andreas Tickert\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Andreas Tickert\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\Andreas Tickert\AppData\Roaming\pdfforge
Ordner Gelöscht : C:\Users\Andreas Tickert\Documents\Updater
Ordner Gelöscht : C:\Users\Andreas Tickert\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf
Datei Gelöscht : C:\Users\Andreas Tickert\AppData\Roaming\Mozilla\Firefox\Profiles\wkarz4j6.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
Datei Gelöscht : C:\Users\Public\Desktop\eBay.lnk
Datei Gelöscht : C:\Users\Andreas Tickert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
Datei Gelöscht : C:\Users\Andreas Tickert\AppData\Roaming\Mozilla\Firefox\Profiles\wkarz4j6.default\invalidprefs.js
Datei Gelöscht : C:\Users\Andreas Tickert\AppData\Roaming\Mozilla\Firefox\Profiles\wkarz4j6.default\searchplugins\Web Search.xml
Datei Gelöscht : C:\Users\Andreas Tickert\AppData\Roaming\Mozilla\Firefox\Profiles\wkarz4j6.default\user.js
Datei Gelöscht : C:\Windows\System32\Tasks\DealPlyUpdate

***** [ Verknüpfungen ] *****

ADW Cleaner 2
Code:
# AdwCleaner v3.216 - Bericht erstellt am 21/07/2014 um 07:53:43
# Aktualisiert 17/07/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Andreas Tickert - TICKERT
# Gestartet von : C:\Users\Andreas Tickert\Downloads\adwcleaner_3.216.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\Andreas Tickert\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_burnaware-free_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_burnaware-free_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_picasa_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_picasa_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Schlüssel Gelöscht : HKCU\Software\DealPly
Schlüssel Gelöscht : HKCU\Software\Microsoft\IntelliType Pro\AppSpecific\Iminent.exe
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\smartbarbackup
Schlüssel Gelöscht : HKCU\Software\smartbarlog
Schlüssel Gelöscht : HKCU\Software\SweetIM
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\DynConIE
Schlüssel Gelöscht : HKLM\Software\DealPly
Schlüssel Gelöscht : HKLM\Software\SweetIM
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17207

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]

-\\ Mozilla Firefox v30.0 (de)

[ Datei : C:\Users\Andreas Tickert\AppData\Roaming\Mozilla\Firefox\Profiles\wkarz4j6.default\prefs.js ]

Zeile gelöscht : user_pref("extensions.Softonic.admin", false);
Zeile gelöscht : user_pref("extensions.Softonic.aflt", "OC");
Zeile gelöscht : user_pref("extensions.Softonic.appId", "{7ABBFE1C-E485-44AA-8F36-353751B4124D}");
Zeile gelöscht : user_pref("extensions.Softonic.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.Softonic.dfltLng", "de");
Zeile gelöscht : user_pref("extensions.Softonic.dfltSrch", true);
Zeile gelöscht : user_pref("extensions.Softonic.dnsErr", true);
Zeile gelöscht : user_pref("extensions.Softonic.excTlbr", false);
Zeile gelöscht : user_pref("extensions.Softonic.ffxUnstlRst", false);
Zeile gelöscht : user_pref("extensions.Softonic.hmpg", true);
Zeile gelöscht : user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=13&cc=&mi=988cac050000000000004e5d603dcb7e");
Zeile gelöscht : user_pref("extensions.Softonic.id", "988cac050000000000004e5d603dcb7e");
Zeile gelöscht : user_pref("extensions.Softonic.instlDay", "16047");
Zeile gelöscht : user_pref("extensions.Softonic.instlRef", "MOY00621");
Zeile gelöscht : user_pref("extensions.Softonic.newTab", true);
Zeile gelöscht : user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/MOY00621/tb_v1/?SearchSource=15&cc=&mi=988cac050000000000004e5d603dcb7e");
Zeile gelöscht : user_pref("extensions.Softonic.prdct", "Softonic");
Zeile gelöscht : user_pref("extensions.Softonic.prtnrId", "softonic");
Zeile gelöscht : user_pref("extensions.Softonic.rvrt", "false");
Zeile gelöscht : user_pref("extensions.Softonic.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");
Zeile gelöscht : user_pref("extensions.Softonic.tlbrId", "opencandy2013");
Zeile gelöscht : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=1&cc=&mi=988cac050000000000004e5d603dcb7e&q=");
Zeile gelöscht : user_pref("extensions.Softonic.vrsn", "1.8.21.14");
Zeile gelöscht : user_pref("extensions.Softonic.vrsnTs", "1.8.21.1410:29:10");
Zeile gelöscht : user_pref("extensions.Softonic.vrsni", "1.8.21.14");
Zeile gelöscht : user_pref("extensions.helperbar.DockingPositionDown", false);
Zeile gelöscht : user_pref("extensions.helperbar.SmartbarDisabled", false);
Zeile gelöscht : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
Zeile gelöscht : user_pref("extensions.helperbar.Visibility", false);
Zeile gelöscht : user_pref("extensions.helperbar.backPageCapacity", 3);
Zeile gelöscht : user_pref("extensions.helperbar.backPageCounter", 0);
Zeile gelöscht : user_pref("extensions.helperbar.backPageDay", 15);
Zeile gelöscht : user_pref("extensions.helperbar.backPageLastEvent", "1405257256954");
Zeile gelöscht : user_pref("extensions.helperbar.backPageMinInterval", 15);
Zeile gelöscht : user_pref("extensions.helperbar.barcodeid", "145243");
Zeile gelöscht : user_pref("extensions.helperbar.countryiso", "de");
Zeile gelöscht : user_pref("extensions.helperbar.downloadprovider", "yahoosm");
Zeile gelöscht : user_pref("extensions.helperbar.externalJsFiles", "{\"d\":\"[{\\\"ExcludeDomains\\\":[\\\"snap.do\\\",\\\"snapdo.com\\\",\\\".search.yahoo.com\\\\\\/yhs\\\\\\/search?hspart=lkry\\\",\\\"www.only-apart[...]
Zeile gelöscht : user_pref("extensions.helperbar.fromautoupdate", "false");
Zeile gelöscht : user_pref("extensions.helperbar.installationid", "2095e419-55ea-60a0-8c3c-674b00277234");
Zeile gelöscht : user_pref("extensions.helperbar.installdate", "15/07/2014");
Zeile gelöscht : user_pref("extensions.helperbar.keepAliveLastevent", "1405430054");
Zeile gelöscht : user_pref("extensions.helperbar.lastExternalJsUpdate", "1405430060405");
Zeile gelöscht : user_pref("extensions.helperbar.publisher", "yahoosm");

-\\ Google Chrome v

*************************

AdwCleaner[R0].txt - [23654 octets] - [21/07/2014 07:50:09]
AdwCleaner[R1].txt - [21947 octets] - [21/07/2014 07:53:13]
AdwCleaner[S0].txt - [2063 octets] - [21/07/2014 07:52:05]
AdwCleaner[S1].txt - [19779 octets] - [21/07/2014 07:53:43]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [19840 octets] ##########
JRT

Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Andreas Tickert on 21.07.2014 at  8:00:52,85
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3844998663-1645465265-2987210626-1001\Software\sweetim



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Andreas Tickert\AppData\Roaming\mozilla\firefox\profiles\wkarz4j6.default\minidumps [776 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 21.07.2014 at  8:07:20,45
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Mbam Suchlauf Protokoll:

Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 21.07.2014
Suchlauf-Zeit: 08:21:42
Logdatei: mbam1.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.07.20.07
Rootkit Datenbank: v2014.07.17.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Andreas Tickert

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 308605
Verstrichene Zeit: 13 Min, 55 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 1
Adware.MovieMode, C:\ProgramData\MqiPCym\mPJoeZ.exe, 4076, Löschen bei Neustart, [dfe8336e86f592a4e4000f5b13ee39c7]

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 6
Adware.MovieMode, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\mPJoeZ, In Quarantäne, [dfe8336e86f592a4e4000f5b13ee39c7],
PUP.Optional.Outbrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{6D4506CE-F855-4657-AA38-DB6B1F733982}, In Quarantäne, [06c1dbc64239d561ad76603414eeb749],
PUP.Optional.Outbrowse, HKLM\SOFTWARE\CLASSES\TYPELIB\{03771AEF-400D-4A13-B712-25878EC4A3F5}, In Quarantäne, [06c1dbc64239d561ad76603414eeb749],
PUP.Optional.Outbrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{03771AEF-400D-4A13-B712-25878EC4A3F5}, In Quarantäne, [06c1dbc64239d561ad76603414eeb749],
PUP.Optional.Sanbreel.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64, In Quarantäne, [4483c2df63180f27ab72e0e1a260837d],
PUP.Optional.DealPly.A, HKU\S-1-5-21-3844998663-1645465265-2987210626-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\gaiilaahiahdejapggenmdmafpmbipje, In Quarantäne, [10b7bae7a5d61d19570fb31d0bf7e31d],

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 17
Adware.MovieMode, C:\ProgramData\MqiPCym\mPJoeZ.exe, Löschen bei Neustart, [dfe8336e86f592a4e4000f5b13ee39c7],
PUP.Optional.MovieMode.A, C:\ProgramData\MqiPCym\dat\kxzAqTUCZ.dll, In Quarantäne, [d8effba6c2b9ae88eeb9a9f1f50f1be5],
Adware.MovieMode, C:\ProgramData\MqiPCym\dat\xbHfDwKkZP.exe, Löschen bei Neustart, [4f78851c9ae149ed30b4da9028d99b65],
Adware.MovieMode, C:\ProgramData\MqiPCym\dat\ypzTYrL.exe, Löschen bei Neustart, [9e29c1e083f8b581b23222485ca50df3],
PUP.Optional.OpenCandy, C:\Users\Andreas Tickert\Downloads\FreeFileSync_5.23_Windows_Setup.exe, In Quarantäne, [77502180c2b982b491abf4db9f6503fd],
PUP.Optional.OpenCandy, C:\Users\Andreas Tickert\Downloads\FreeFileSync_6.0_Windows_Setup.exe, In Quarantäne, [cff8257c0d6e191de05cece340c4d12f],
PUP.Optional.OpenCandy, C:\Users\Andreas Tickert\Downloads\FreeFileSync_6.1_Windows_Setup.exe, In Quarantäne, [f5d2673af08b86b048f4e5ea4eb66f91],
PUP.Optional.OpenCandy, C:\Users\Andreas Tickert\Downloads\FreeFileSync_6.3_Windows_Setup.exe, In Quarantäne, [537459481a6152e49ca0844bf50f8779],
PUP.Optional.OpenCandy, C:\Users\Andreas Tickert\Downloads\FreeFileSync_6.4_Windows_Setup.exe, In Quarantäne, [6c5bc2df314a092d0735a02fd0347f81],
PUP.Optional.OpenCandy, C:\Users\Andreas Tickert\Downloads\FreeFileSync_6.6_Windows_Setup.exe, In Quarantäne, [5671653c88f38ea80c301db2b252966a],
PUP.Optional.TenkiTechnology, C:\Users\Andreas Tickert\Downloads\FreeHideIP-3.9.7.6.Setup.exe, In Quarantäne, [13b4148d0972310568946c2c25df32ce],
PUP.Optional.TenkiTechnology, C:\Users\Andreas Tickert\Downloads\FreeHideIP-3.9.7.8.Setup.exe, In Quarantäne, [7651b9e83e3de353a65622760df77090],
PUP.Optional.Outbrowse, C:\Users\Andreas Tickert\Downloads\setup.exe, In Quarantäne, [dceb168b413a01359794f096a1601fe1],
PUP.Optional.OpenCandy, C:\Users\Andreas Tickert\Downloads\SetupImgBurn_2.5.8.0.exe, In Quarantäne, [07c0e5bcc5b63006e458fad5eb19e41c],
PUP.Optional.SnapDo.A, C:\Windows\Installer\19ae10.msi, In Quarantäne, [03c41190512ab08605b7523912ef21df],
PUP.Optional.SmartBar, C:\Windows\Installer\MSI8BA1.tmp-\Smartbar.Installer.CustomActions.dll, In Quarantäne, [d8ef6f3225561422b57eb27cfb05ad53],
PUP.Optional.Sanbreel.A, C:\Windows\System32\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64.sys, In Quarantäne, [4483c2df63180f27ab72e0e1a260837d],

Physische Sektoren: 0
(No malicious items detected)


(end)
FRST


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-07-2014
Ran by Andreas Tickert (administrator) on TICKERT on 21-07-2014 15:53:30
Running from C:\Users\Andreas Tickert\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_38986e29a8b510a2\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Windows\AsScrPro.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
() C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
(ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
() C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(AlcorMicro Co., Ltd.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
() C:\Program Files\Rainlendar2\Rainlendar2.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Spotify Ltd) C:\Users\Andreas Tickert\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Boingo Wireless, Inc.) C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
() C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
() C:\Program Files (x86)\ASUS\ASUS WebStorage\EeeStorageUploader.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(WinZip Computing, S.L.) C:\Program Files (x86)\WinZip\WzPreviewer32.exe
(WinZip Computing, S.L.) C:\Program Files (x86)\WinZip\WZSRVR32.EXE


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [621440 2009-09-30] (ELAN Microelectronic Corp.)
HKLM\...\Run: [ASUS WebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [1754448 2010-03-16] ()
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2009-11-27] (IDT, Inc.)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323584 2009-09-01] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [EPSON Stylus DX3800 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIACE.EXE [98304 2005-02-08] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [Boingo Wi-Fi] => C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk [2429 2010-09-20] ()
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [6998656 2009-10-27] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2009-08-20] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-11-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [UIExec] => C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe [153424 2011-08-25] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [UVS10 Preload] => C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe [36864 2006-08-09] (Ulead Systems, Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [189520 2014-07-07] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-07-02] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3844998663-1645465265-2987210626-1001\...\Run: [Rainlendar2] => C:\Program Files\Rainlendar2\Rainlendar2.exe [3931136 2012-07-02] ()
HKU\S-1-5-21-3844998663-1645465265-2987210626-1001\...\Run: [Spotify Web Helper] => C:\Users\Andreas Tickert\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-26] (Spotify Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe ()
ShellIconOverlayIdentifiers: AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll (eCareme Technologies, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live Family Safety Browser Helper Class -> {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} -> C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: No Name -> {120A8821-2BEE-4C29-BCDA-62C577781992} ->  No File
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 01 %SystemRoot%\System32\mswsock.dll [327168] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Andreas Tickert\AppData\Roaming\Mozilla\Firefox\Profiles\wkarz4j6.default
FF Homepage: hxxp://www.spiegel.de/
FF NetworkProxy: "gopher", ""
FF NetworkProxy: "gopher_port", 0
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Andreas Tickert\AppData\Roaming\Mozilla\Firefox\Profiles\wkarz4j6.default\Extensions\abs@avira.com [2014-07-15]
FF Extension: DownloadHelper - C:\Users\Andreas Tickert\AppData\Roaming\Mozilla\Firefox\Profiles\wkarz4j6.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-25]
FF Extension: Free Hide IP - C:\Users\Andreas Tickert\AppData\Roaming\Mozilla\Firefox\Profiles\wkarz4j6.default\Extensions\support@free-hideip.com.xpi [2014-07-03]
FF Extension: Recorder Toolbar - C:\Program Files (x86)\Mozilla Firefox\extensions\{10743931-94DF-476f-A987-4391233C17A2} [2014-06-19]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-06-19]

Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-10-10]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-07-02] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-02] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [141392 2014-07-07] (Avira Operations GmbH & Co. KG)
R2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-10-01] (Intel Corporation) [File not signed]
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_38986e29a8b510a2\STacSV64.exe [243712 2009-11-27] (IDT, Inc.)
S2 UI Assistant Service; C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe [270672 2011-08-25] ()
R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-09-28] (Ulead Systems, Inc.) [File not signed]
R2 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-10-01] (Intel Corporation) [File not signed]

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-02] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-07-02] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-07-02] (Avira Operations GmbH & Co. KG)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1799680 2009-08-12] ()
S3 StkTMini; C:\Windows\System32\Drivers\StkTMini.sys [528256 2007-11-15] (Syntek)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-08-06] ()
R2 {B154377D-700F-42cc-9474-23858FBDF4BD}; C:\Program Files (x86)\CyberLink\PowerDVD9\000.fcl [146928 2010-02-24] (CyberLink Corp.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U3 tmlwf;
U3 tmwfp;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-21 15:53 - 2014-07-21 15:53 - 00000000 ____D () C:\Users\Andreas Tickert\Downloads\FRST-OlderVersion
2014-07-21 08:07 - 2014-07-21 08:07 - 00000968 _____ () C:\Users\Andreas Tickert\Desktop\JRT.txt
2014-07-21 08:00 - 2014-07-21 08:00 - 00000000 ____D () C:\Windows\ERUNT
2014-07-21 07:50 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-21 07:49 - 2014-07-21 07:53 - 00000000 ____D () C:\AdwCleaner
2014-07-21 07:41 - 2014-07-21 07:41 - 01016261 _____ (Thisisu) C:\Users\Andreas Tickert\Downloads\JRT.exe
2014-07-21 07:40 - 2014-07-21 07:40 - 01354223 _____ () C:\Users\Andreas Tickert\Downloads\adwcleaner_3.216.exe
2014-07-18 06:41 - 2014-07-18 06:41 - 00023991 _____ () C:\ComboFix.txt
2014-07-18 06:21 - 2014-07-18 06:41 - 00000000 ____D () C:\Qoobox
2014-07-18 06:21 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-07-18 06:21 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-07-18 06:21 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-07-18 06:21 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-07-18 06:21 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-07-18 06:21 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-07-18 06:21 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-07-18 06:21 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-07-18 06:20 - 2014-07-18 06:20 - 05221938 ____R (Swearware) C:\Users\Andreas Tickert\Downloads\ComboFix.exe
2014-07-17 20:08 - 2014-07-17 20:08 - 00001270 _____ () C:\Users\Andreas Tickert\Desktop\Revo Uninstaller.lnk
2014-07-17 20:08 - 2014-07-17 20:08 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-17 20:07 - 2014-07-17 20:07 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Andreas Tickert\Downloads\revosetup95.exe
2014-07-15 18:05 - 2014-07-15 18:07 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Roaming\ImgBurn
2014-07-15 17:58 - 2014-07-15 17:58 - 00000000 ____D () C:\Program Files (x86)\ImgBurn
2014-07-15 17:48 - 2014-07-15 17:58 - 446706255 _____ () C:\Users\Andreas Tickert\Downloads\X15-65741(1).iso
2014-07-15 17:40 - 2014-07-15 17:43 - 00000000 ____D () C:\Users\Andreas Tickert\Downloads\X15-65741
2014-07-15 16:54 - 2014-07-15 17:05 - 446705930 _____ () C:\Users\Andreas Tickert\Downloads\X15-65741.iso
2014-07-15 16:22 - 2014-07-21 15:53 - 00018561 _____ () C:\Users\Andreas Tickert\Downloads\FRST.txt
2014-07-15 16:22 - 2014-07-15 16:24 - 00052002 _____ () C:\Users\Andreas Tickert\Downloads\Addition.txt
2014-07-15 16:21 - 2014-07-21 15:53 - 02089984 _____ (Farbar) C:\Users\Andreas Tickert\Downloads\FRST64.exe
2014-07-15 16:21 - 2014-07-21 15:53 - 00000000 ____D () C:\FRST
2014-07-15 16:02 - 2014-07-15 16:02 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Roaming\Avira
2014-07-15 15:59 - 2014-07-15 15:57 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-07-15 15:56 - 2014-07-02 13:06 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-07-15 15:56 - 2014-07-02 13:06 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-07-15 15:56 - 2014-07-02 13:06 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-07-15 15:52 - 2014-07-15 15:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-07-15 15:52 - 2014-07-15 15:56 - 00000000 ____D () C:\ProgramData\Avira
2014-07-15 15:52 - 2014-07-15 15:56 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-07-15 15:52 - 2014-07-15 15:52 - 00001139 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-07-15 15:52 - 2014-07-15 15:52 - 00000000 ____D () C:\ProgramData\Package Cache
2014-07-15 15:51 - 2014-07-15 15:51 - 00021304 _____ () C:\Users\Andreas Tickert\Desktop\Malwarebytes Logdatei.zip
2014-07-15 15:48 - 2014-07-15 15:49 - 00238937 _____ () C:\Users\Andreas Tickert\Desktop\Malwarebytes Logdatei.Xml
2014-07-15 15:40 - 2014-07-15 15:40 - 04621032 _____ (Avira Operations GmbH & Co. KG) C:\Users\Andreas Tickert\Downloads\avira_de_av___ws2.exe
2014-07-15 15:25 - 2014-07-21 08:21 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-15 15:24 - 2014-07-15 15:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-15 15:24 - 2014-07-15 15:24 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-15 15:24 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-15 15:24 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-15 15:15 - 2014-07-21 08:37 - 00000000 ____D () C:\ProgramData\MqiPCym
2014-07-10 11:01 - 2014-07-10 11:01 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Local\Adobe
2014-07-09 16:48 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-09 16:48 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-09 16:48 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 16:48 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 16:48 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 16:48 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 16:48 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-09 16:48 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 16:48 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-09 16:48 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 16:48 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-09 16:48 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-09 16:48 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 16:48 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 16:48 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 16:48 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-09 16:48 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-09 16:48 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-09 16:48 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 16:48 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-09 16:48 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 16:48 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 16:48 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 16:48 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 16:48 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 16:48 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 16:48 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 16:48 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 16:48 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-09 16:48 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-09 16:48 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-09 16:48 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-09 16:48 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 16:48 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 16:48 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 16:48 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-09 16:48 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 16:48 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-09 16:48 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-09 16:48 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-09 16:48 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-09 16:48 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 16:48 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-09 16:48 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-09 16:48 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 16:48 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 16:48 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 16:48 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 16:48 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 16:48 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 16:48 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-09 16:48 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 16:48 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 16:48 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 16:48 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-09 16:48 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 16:48 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 16:48 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-09 16:48 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 16:48 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 16:48 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 16:48 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 16:48 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 16:48 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-09 16:48 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-09 16:48 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-09 16:48 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-09 16:48 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-09 16:48 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-09 16:48 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-09 16:48 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-09 16:48 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-09 16:48 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-09 16:48 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-09 16:48 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-09 16:48 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-09 16:48 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-09 16:48 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-09 16:47 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 16:47 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-09 16:47 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-03 15:24 - 2014-07-03 15:25 - 08754136 _____ (CyberGhost S.R.L. ) C:\Users\Andreas Tickert\Downloads\CG_5.0.13.14.exe
2014-07-03 09:29 - 2014-07-03 09:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus- und Tastatur-Center
2014-07-03 09:28 - 2014-07-03 09:28 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-06-29 21:50 - 2014-06-29 21:57 - 72397448 _____ () C:\Users\Andreas Tickert\Downloads\5500912.zip
2014-06-29 20:31 - 2014-06-29 21:44 - 794544584 _____ () C:\Users\Andreas Tickert\Downloads\5511021.zip
2014-06-29 16:00 - 2014-06-29 16:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinAVI Video Capture
2014-06-29 16:00 - 2014-06-29 16:00 - 00000000 ____D () C:\Program Files (x86)\WinAVI Video Capture
2014-06-27 16:58 - 2014-06-29 16:22 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-27 16:58 - 2014-06-27 17:04 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Roaming\Apple Computer
2014-06-27 16:58 - 2014-06-27 16:58 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Local\Apple Computer
2014-06-27 16:55 - 2014-06-27 16:55 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-06-27 16:55 - 2014-06-27 16:55 - 00000000 ____D () C:\Program Files\Bonjour
2014-06-27 16:55 - 2014-06-27 16:55 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-06-27 16:55 - 2014-06-27 16:55 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-06-27 16:44 - 2014-06-27 16:47 - 112616784 _____ (Apple Inc.) C:\Users\Andreas Tickert\Downloads\iTunes64Setup.exe
2014-06-23 19:24 - 2014-06-23 19:24 - 00321424 _____ () C:\Windows\Minidump\062314-29655-01.dmp
2014-06-23 18:59 - 2014-06-23 19:14 - 00000000 ____D () C:\Users\Andreas Tickert\Documents\Ulead VideoStudio SE
2014-06-23 18:58 - 2014-06-23 19:02 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Roaming\Ulead Systems
2014-06-23 18:56 - 2014-06-23 18:56 - 00000000 ____D () C:\ProgramData\InstallShield
2014-06-23 18:55 - 2014-06-23 18:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ulead VideoStudio SE DVD
2014-06-23 18:55 - 2014-06-23 18:55 - 00002220 _____ () C:\Users\Public\Desktop\Ulead VideoStudio SE DVD.lnk
2014-06-23 18:55 - 2014-06-23 18:55 - 00000000 ____D () C:\Program Files (x86)\Windows Media-Komponenten
2014-06-23 18:54 - 2014-06-23 18:58 - 00000000 ____D () C:\ProgramData\Ulead Systems
2014-06-23 18:54 - 2014-06-23 18:54 - 00000000 ____D () C:\Program Files (x86)\Ulead Systems
2014-06-23 18:52 - 2014-06-23 18:52 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Roaming\InstallShield
2014-06-23 18:52 - 2007-11-15 20:33 - 00528256 _____ (Syntek) C:\Windows\system32\Drivers\StkTMini.sys
2014-06-23 18:52 - 2007-10-06 17:03 - 00053248 _____ (Syntek America Inc.) C:\Windows\SysWOW64\StkTProp.ax
2014-06-23 18:52 - 2006-12-20 09:08 - 06921856 _____ (Syntek America Inc.) C:\Windows\system32\Drivers\StkCPipe.sys

==================== One Month Modified Files and Folders =======

2014-07-21 15:54 - 2014-07-15 16:22 - 00018561 _____ () C:\Users\Andreas Tickert\Downloads\FRST.txt
2014-07-21 15:53 - 2014-07-21 15:53 - 00000000 ____D () C:\Users\Andreas Tickert\Downloads\FRST-OlderVersion
2014-07-21 15:53 - 2014-07-15 16:21 - 02089984 _____ (Farbar) C:\Users\Andreas Tickert\Downloads\FRST64.exe
2014-07-21 15:53 - 2014-07-15 16:21 - 00000000 ____D () C:\FRST
2014-07-21 15:53 - 2010-09-20 08:33 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-21 15:48 - 2009-07-14 06:45 - 00010240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-21 15:48 - 2009-07-14 06:45 - 00010240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-21 15:39 - 2012-09-10 20:31 - 00000000 ____D () C:\Users\Andreas Tickert\.rainlendar2
2014-07-21 15:39 - 2010-09-20 08:33 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-21 15:38 - 2010-09-20 08:41 - 00342622 _____ () C:\Windows\PFRO.log
2014-07-21 15:38 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-21 15:38 - 2009-07-14 06:51 - 00256989 _____ () C:\Windows\setupact.log
2014-07-21 08:41 - 2010-09-20 08:07 - 02002105 _____ () C:\Windows\WindowsUpdate.log
2014-07-21 08:37 - 2014-07-15 15:15 - 00000000 ____D () C:\ProgramData\MqiPCym
2014-07-21 08:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\L2Schemas
2014-07-21 08:33 - 2012-04-02 08:34 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-21 08:21 - 2014-07-15 15:25 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-21 08:07 - 2014-07-21 08:07 - 00000968 _____ () C:\Users\Andreas Tickert\Desktop\JRT.txt
2014-07-21 08:00 - 2014-07-21 08:00 - 00000000 ____D () C:\Windows\ERUNT
2014-07-21 07:53 - 2014-07-21 07:49 - 00000000 ____D () C:\AdwCleaner
2014-07-21 07:46 - 2010-09-20 08:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Park
2014-07-21 07:41 - 2014-07-21 07:41 - 01016261 _____ (Thisisu) C:\Users\Andreas Tickert\Downloads\JRT.exe
2014-07-21 07:40 - 2014-07-21 07:40 - 01354223 _____ () C:\Users\Andreas Tickert\Downloads\adwcleaner_3.216.exe
2014-07-18 06:41 - 2014-07-18 06:41 - 00023991 _____ () C:\ComboFix.txt
2014-07-18 06:41 - 2014-07-18 06:21 - 00000000 ____D () C:\Qoobox
2014-07-18 06:36 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-07-18 06:32 - 2012-10-24 15:12 - 00000000 ____D () C:\Windows\erdnt
2014-07-18 06:20 - 2014-07-18 06:20 - 05221938 ____R (Swearware) C:\Users\Andreas Tickert\Downloads\ComboFix.exe
2014-07-17 20:12 - 2012-05-18 20:00 - 00000898 _____ () C:\Windows\SysWOW64\InstallUtil.InstallLog
2014-07-17 20:08 - 2014-07-17 20:08 - 00001270 _____ () C:\Users\Andreas Tickert\Desktop\Revo Uninstaller.lnk
2014-07-17 20:08 - 2014-07-17 20:08 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-17 20:07 - 2014-07-17 20:07 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Andreas Tickert\Downloads\revosetup95.exe
2014-07-17 19:22 - 2014-03-15 12:56 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Local\.elfohilfe
2014-07-17 10:49 - 2009-07-14 04:34 - 00000580 _____ () C:\Windows\win.ini
2014-07-17 08:40 - 2011-01-22 00:40 - 00000334 _____ () C:\Windows\Tasks\MT66 Software Update.job
2014-07-15 22:33 - 2010-09-20 08:56 - 00002600 _____ () C:\Windows\system32\AutoRunFilter.ini
2014-07-15 22:33 - 2010-09-20 08:56 - 00001533 _____ () C:\Windows\system32\ServiceFilter.ini
2014-07-15 22:33 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-15 18:07 - 2014-07-15 18:05 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Roaming\ImgBurn
2014-07-15 17:58 - 2014-07-15 17:58 - 00000000 ____D () C:\Program Files (x86)\ImgBurn
2014-07-15 17:58 - 2014-07-15 17:48 - 446706255 _____ () C:\Users\Andreas Tickert\Downloads\X15-65741(1).iso
2014-07-15 17:43 - 2014-07-15 17:40 - 00000000 ____D () C:\Users\Andreas Tickert\Downloads\X15-65741
2014-07-15 17:05 - 2014-07-15 16:54 - 446705930 _____ () C:\Users\Andreas Tickert\Downloads\X15-65741.iso
2014-07-15 16:39 - 2014-03-26 20:36 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-15 16:24 - 2014-07-15 16:22 - 00052002 _____ () C:\Users\Andreas Tickert\Downloads\Addition.txt
2014-07-15 16:02 - 2014-07-15 16:02 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Roaming\Avira
2014-07-15 15:57 - 2014-07-15 15:59 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-07-15 15:57 - 2014-07-15 15:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-07-15 15:56 - 2014-07-15 15:52 - 00000000 ____D () C:\ProgramData\Avira
2014-07-15 15:56 - 2014-07-15 15:52 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-07-15 15:52 - 2014-07-15 15:52 - 00001139 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-07-15 15:52 - 2014-07-15 15:52 - 00000000 ____D () C:\ProgramData\Package Cache
2014-07-15 15:51 - 2014-07-15 15:51 - 00021304 _____ () C:\Users\Andreas Tickert\Desktop\Malwarebytes Logdatei.zip
2014-07-15 15:49 - 2014-07-15 15:48 - 00238937 _____ () C:\Users\Andreas Tickert\Desktop\Malwarebytes Logdatei.Xml
2014-07-15 15:40 - 2014-07-15 15:40 - 04621032 _____ (Avira Operations GmbH & Co. KG) C:\Users\Andreas Tickert\Downloads\avira_de_av___ws2.exe
2014-07-15 15:24 - 2014-07-15 15:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-15 15:24 - 2014-07-15 15:24 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-15 15:24 - 2012-01-16 19:52 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Roaming\Malwarebytes
2014-07-15 15:24 - 2012-01-16 19:52 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-14 08:16 - 2012-10-31 19:36 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Roaming\vlc
2014-07-10 13:19 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-07-10 11:41 - 2014-03-13 13:54 - 00000000 ____D () C:\giss2013
2014-07-10 11:01 - 2014-07-10 11:01 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Local\Adobe
2014-07-10 08:58 - 2009-07-14 06:45 - 00438240 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-10 08:55 - 2014-05-06 20:17 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-10 08:55 - 2009-07-14 09:45 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-10 08:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-10 08:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-10 08:53 - 2013-08-26 20:39 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-10 08:50 - 2010-12-16 16:55 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-10 08:50 - 2010-12-13 10:27 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-09 15:33 - 2012-04-02 08:34 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-09 15:33 - 2012-04-02 08:34 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-09 15:33 - 2011-05-16 09:00 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-03 16:34 - 2010-12-09 11:40 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Roaming\Skype
2014-07-03 15:25 - 2014-07-03 15:24 - 08754136 _____ (CyberGhost S.R.L. ) C:\Users\Andreas Tickert\Downloads\CG_5.0.13.14.exe
2014-07-03 10:58 - 2009-08-04 11:51 - 00699682 _____ () C:\Windows\system32\perfh007.dat
2014-07-03 10:58 - 2009-08-04 11:51 - 00149790 _____ () C:\Windows\system32\perfc007.dat
2014-07-03 10:58 - 2009-07-14 07:13 - 01620510 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-03 09:29 - 2014-07-03 09:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus- und Tastatur-Center
2014-07-03 09:29 - 2014-01-09 15:40 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-07-03 09:29 - 2014-01-09 15:40 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-07-03 09:29 - 2014-01-09 15:40 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-07-03 09:29 - 2014-01-09 15:40 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-07-03 09:29 - 2014-01-09 15:40 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-07-03 09:28 - 2014-07-03 09:28 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-07-02 13:06 - 2014-07-15 15:56 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-07-02 13:06 - 2014-07-15 15:56 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-07-02 13:06 - 2014-07-15 15:56 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-07-01 13:57 - 2012-01-25 11:00 - 00000584 _____ () C:\Users\Andreas Tickert\Documents\grstyles.stl
2014-07-01 13:57 - 2012-01-25 10:59 - 00000328 _____ () C:\Users\Andreas Tickert\Documents\UserStl.sk
2014-06-30 04:09 - 2014-07-09 16:48 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-30 04:04 - 2014-07-09 16:48 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-29 21:57 - 2014-06-29 21:50 - 72397448 _____ () C:\Users\Andreas Tickert\Downloads\5500912.zip
2014-06-29 21:44 - 2014-06-29 20:31 - 794544584 _____ () C:\Users\Andreas Tickert\Downloads\5511021.zip
2014-06-29 20:10 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-06-29 16:22 - 2014-06-27 16:58 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-29 16:00 - 2014-06-29 16:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinAVI Video Capture
2014-06-29 16:00 - 2014-06-29 16:00 - 00000000 ____D () C:\Program Files (x86)\WinAVI Video Capture
2014-06-27 17:04 - 2014-06-27 16:58 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Roaming\Apple Computer
2014-06-27 16:58 - 2014-06-27 16:58 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Local\Apple Computer
2014-06-27 16:58 - 2012-09-29 12:43 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-06-27 16:55 - 2014-06-27 16:55 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-06-27 16:55 - 2014-06-27 16:55 - 00000000 ____D () C:\Program Files\Bonjour
2014-06-27 16:55 - 2014-06-27 16:55 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-06-27 16:55 - 2014-06-27 16:55 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-06-27 16:55 - 2012-09-29 12:42 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-06-27 16:55 - 2012-09-29 12:42 - 00000000 ____D () C:\ProgramData\Apple
2014-06-27 16:47 - 2014-06-27 16:44 - 112616784 _____ (Apple Inc.) C:\Users\Andreas Tickert\Downloads\iTunes64Setup.exe
2014-06-27 16:43 - 2014-02-09 20:11 - 00000000 ____D () C:\Users\Andreas Tickert\.gimp-2.8
2014-06-23 19:24 - 2014-06-23 19:24 - 00321424 _____ () C:\Windows\Minidump\062314-29655-01.dmp
2014-06-23 19:24 - 2010-12-31 19:40 - 00000000 ____D () C:\Windows\Minidump
2014-06-23 19:14 - 2014-06-23 18:59 - 00000000 ____D () C:\Users\Andreas Tickert\Documents\Ulead VideoStudio SE
2014-06-23 19:02 - 2014-06-23 18:58 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Roaming\Ulead Systems
2014-06-23 18:58 - 2014-06-23 18:54 - 00000000 ____D () C:\ProgramData\Ulead Systems
2014-06-23 18:58 - 2010-12-09 11:25 - 00121480 _____ () C:\Users\Andreas Tickert\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-23 18:56 - 2014-06-23 18:56 - 00000000 ____D () C:\ProgramData\InstallShield
2014-06-23 18:56 - 2014-06-23 18:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ulead VideoStudio SE DVD
2014-06-23 18:55 - 2014-06-23 18:55 - 00002220 _____ () C:\Users\Public\Desktop\Ulead VideoStudio SE DVD.lnk
2014-06-23 18:55 - 2014-06-23 18:55 - 00000000 ____D () C:\Program Files (x86)\Windows Media-Komponenten
2014-06-23 18:55 - 2010-09-20 08:23 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-23 18:54 - 2014-06-23 18:54 - 00000000 ____D () C:\Program Files (x86)\Ulead Systems
2014-06-23 18:52 - 2014-06-23 18:52 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Roaming\InstallShield
2014-06-21 14:39 - 2012-03-21 22:57 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Roaming\CmapTools
2014-06-21 11:24 - 2012-04-07 16:04 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Roaming\dvdcss
2014-06-21 11:18 - 2012-03-21 22:57 - 00000000 ____D () C:\Users\Andreas Tickert\Documents\My Cmaps
2014-06-21 10:31 - 2012-03-21 22:57 - 00002054 _____ () C:\Users\Andreas Tickert\.powerupdate.user.properties

Some content of TEMP:
====================
C:\Users\Andreas Tickert\AppData\Local\Temp\avgnt.exe
C:\Users\Andreas Tickert\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-08 13:15

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

Dieses Mal hat es irgendwie keine Addition File gegeben?

Warlord711 21.07.2014 15:49
Jop, es gibt beim 2. Lauf keine Addition.txt mehr, das passt schon.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
FF Extension: Free Hide IP - C:\Users\Andreas Tickert\AppData\Roaming\Mozilla\Firefox\Profiles\wkarz4j6.default\Extensions\support@free-hideip.com.xpi [2014-07-03]
FF Extension: Recorder Toolbar - C:\Program Files (x86)\Mozilla Firefox\extensions\{10743931-94DF-476f-A987-4391233C17A2} [2014-06-19]
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
C:\ProgramData\MqiPCym

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Und in Anschluss daran ESET Online Scanner, der dauert einige Zeit:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset




Und dann bitte nochmal:

Starte noch einmal FRST.
  • Ändere keine der Voreinstellungen und drücke auf Scan.
  • Wenn der Scan abgeschlossen ist, werden ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
  • Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.

Snorre 22.07.2014 08:34
Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 20-07-2014
Ran by Andreas Tickert at 2014-07-21 17:15:10 Run:1
Running from C:\Users\Andreas Tickert\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
FF Extension: Free Hide IP - C:\Users\Andreas Tickert\AppData\Roaming\Mozilla\Firefox\Profiles\wkarz4j6.default\Extensions\support@free-hideip.com.xpi [2014-07-03]
FF Extension: Recorder Toolbar - C:\Program Files (x86)\Mozilla Firefox\extensions\{10743931-94DF-476f-A987-4391233C17A2} [2014-06-19]
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
C:\ProgramData\MqiPCym


*****************

C:\Users\Andreas Tickert\AppData\Roaming\Mozilla\Firefox\Profiles\wkarz4j6.default\Extensions\support@free-hideip.com.xpi => Moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{10743931-94DF-476f-A987-4391233C17A2} => Moved successfully.
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION => Error: No automatic fix found for this entry.
C:\ProgramData\MqiPCym => Moved successfully.

==== End of Fixlog ====
Also der eset scan dauert ewig....weil meine ganzen Platten noch dranhängen.
Irgendwie beschleicht mich das Gefühl dass immer noch was drauf ist....Firefox hängt immer wieder und bringt "Keine Rückmeldung" für ne Sekunde.
Ist es normal dass eset noch was findet?
Findet das die Quarantäne-Dateien?

Warlord711 22.07.2014 08:40
Ja, der findet die Quarantäne Dateien, das ist aber völlig ok.

Ja, ESET kann mehrere Stunden dauern, je nachdem was alles am Rechner hängt.
Den Rechner idealweise während der Zeit nicht benutzen.

Snorre 22.07.2014 08:47
Hab beim scan gesehen, dass ich noch ein paar alte sagen wir Jugendsünden auf meinen alten Platten hab....

Code:
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\LPT\lrrot.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\LPT\Newtonsoft.Json.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\LPT\Proxy.Lib.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\LPT\ProxySettings.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\LPT\Smartbar.Common.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\LPT\Smartbar.Communication.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\LPT\Smartbar.Communication.NamedPipe.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\LPT\Smartbar.Infrastructure.Utilities.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\LPT\Smartbar.Monetization.Proxy.ProxyService.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\LPT\Smartbar.Personalization.Common.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\LPT\Smartbar.Resources.HistoryAndStatsWrapper.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\LPT\sppsm.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\LPT\spusm.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\LPT\srbs.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\LPT\srbu.dll.vir        Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\LPT\sreu.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\LPT\srpdm.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\LPT\srprl.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\LPT\srpt.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\LPT\srptc.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\LPT\srut.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\Interop.SHDocVw.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\lrcnt.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\lrrot.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\MACTrackBarLib.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\NDde.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\Newtonsoft.Json.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\Proxy.Lib.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\ProxySettings.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\sgml.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\sidb.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\siem.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\sipb.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\sismlp.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\Smartbar.Common.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\Smartbar.Communication.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\Smartbar.Communication.NamedPipe.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll.unused.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.ChromeLocalPlugin.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.FireFoxLocalPlugin.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\Smartbar.Monetization.Proxy.ProxyService.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.XmlSerializers.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\Smartbar.Resources.Translations.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO.dll.vir        Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO2.dll.vir        Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension.dll.vir        Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension2.dll.vir        Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\smta.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\smti.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\smtu.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\spbe.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\spbl.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\sppsm.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\spsm.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\spusm.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\srau.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\srbhu.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\srbs.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\srbu.dll.vir        Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\sreu.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\srgu.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\srns.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\srom.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\srpdm.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\srprl.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\srpu.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\srsbs.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\srsbsau.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\srsl.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\sruhs.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\srus.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\srut.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\GoogleChromeRemotePlugin.dll.vir        Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\ar\Smartbar.Resources.LanguageSettings.resources.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\es\Smartbar.Resources.LanguageSettings.resources.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\fr\Smartbar.Resources.LanguageSettings.resources.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\he\Smartbar.Resources.LanguageSettings.resources.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_25.dll.vir        Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_26.dll.vir        Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_27.dll.vir        Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_28.dll.vir        Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_29.dll.vir        Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_30.dll.vir        Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\it\Smartbar.Resources.LanguageSettings.resources.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\nl\Smartbar.Resources.LanguageSettings.resources.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\pt\Smartbar.Resources.LanguageSettings.resources.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\ru\Smartbar.Resources.LanguageSettings.resources.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Application\tr\Smartbar.Resources.LanguageSettings.resources.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.DMP.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.MessengerPlugin.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.WeatherPlugin.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.WordPlugin.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.YoutubeDownloadPlugin.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Local\Smartbar\Common\ServicesPlugins\spup.dll.vir        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Roaming\OpenCandy\606309A917FC4FFCBB16A91A67E233A2\LatestDLMgr.exe.vir        Win32/OpenCandy potenziell unsichere Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Roaming\OpenCandy\6F37EA5DB54D451BA3A05AB942D2A54B\Setupsft_chr_p1v7.exe.vir        Win32/Toolbar.Montiera.I evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Roaming\OpenCandy\C144639109124812A896B5BC2323A96F\LinkuryInstaller_p1v9.exe.vir        möglicherweise Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Andreas Tickert\AppData\Roaming\OpenCandy\C144639109124812A896B5BC2323A96F\OCBrowserHelper_1.0.3.81.dll.vir        Variante von Win32/OpenCandy.A potenziell unsichere Anwendung
C:\Users\Andreas Tickert\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx        Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung
C:\Users\Andreas Tickert\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx        Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung
C:\Users\Andreas Tickert\Downloads\DVDFabQtNonDecAll8.2.2.4.exe        Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung
C:\Users\Andreas Tickert\Downloads\FreeYouTubeDownload.exe        Win32/OpenCandy potenziell unsichere Anwendung
C:\Users\Andreas Tickert\Downloads\FreeYouTubeToMP3Converter.exe        Win32/OpenCandy potenziell unsichere Anwendung
C:\Users\Andreas Tickert\Downloads\PDFCreator-1_7_1_setup(1).exe        Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung
C:\Users\Andreas Tickert\Downloads\PDFCreator-1_7_1_setup.exe        Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung
C:\Users\Andreas Tickert\Downloads\PDFCreator-1_7_2_setup(1).exe        Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung
C:\Users\Andreas Tickert\Downloads\PDFCreator-1_7_2_setup.exe        Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung
C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\Windows\Installer\MSI8BA1.tmp-\FiddlerCore.dll        Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung
C:\Windows\Installer\MSI8BA1.tmp-\Smartbar.Resources.LanguageSettings.resources.dll        Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung
C:\Windows\Installer\MSI8BA1.tmp-\srbs.dll        Variante von MSIL/Toolbar.Linkury.C evtl. unerwünschte Anwendung
C:\Windows\Installer\MSI8BA1.tmp-\srbu.dll        Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ApnIC[1].0        Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ApnIC[1].0        Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung
G:\Download 2\Spiele\C&C Tiberium Wars\Command_And_Conquer_3_Tiberium_Wars_Kane_Edition_Keygen-RazorDOX.tar        Variante von Win32/Keygen.DQ potenziell unsichere Anwendung
G:\Download 2\Spiele\C&C Tiberium Wars\Command_And_Conquer_3_Tiberium_Wars_Kane_Edition_Keygen-RazorDOX\rzr-cc3k.001        Variante von Win32/Keygen.DQ potenziell unsichere Anwendung
G:\Download 2\Spiele\Quake 4\rld-q4kg.exe        Win32/Keygen.EW potenziell unsichere Anwendung
G:\Download 2\Spiele\Quake 4\Quake.4.KEYGEN-RELOADED\rld-q4kg.rar        Win32/Keygen.EW potenziell unsichere Anwendung

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-07-2014
Ran by Andreas Tickert (administrator) on TICKERT on 22-07-2014 09:43:08
Running from C:\Users\Andreas Tickert\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_38986e29a8b510a2\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Windows\AsScrPro.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
(ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
() C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
() C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(AlcorMicro Co., Ltd.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
() C:\Program Files\Rainlendar2\Rainlendar2.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Spotify Ltd) C:\Users\Andreas Tickert\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Boingo Wireless, Inc.) C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
() C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
() C:\Program Files (x86)\ASUS\ASUS WebStorage\EeeStorageUploader.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(WinZip Computing, S.L.) C:\Program Files (x86)\WinZip\WzPreviewer32.exe
(WinZip Computing, S.L.) C:\Program Files (x86)\WinZip\WZSRVR32.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [621440 2009-09-30] (ELAN Microelectronic Corp.)
HKLM\...\Run: [ASUS WebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [1754448 2010-03-16] ()
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2009-11-27] (IDT, Inc.)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323584 2009-09-01] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [EPSON Stylus DX3800 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIACE.EXE [98304 2005-02-08] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [Boingo Wi-Fi] => C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk [2429 2010-09-20] ()
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [6998656 2009-10-27] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2009-08-20] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-11-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [UIExec] => C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe [153424 2011-08-25] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [UVS10 Preload] => C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe [36864 2006-08-09] (Ulead Systems, Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [189520 2014-07-07] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-07-02] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3844998663-1645465265-2987210626-1001\...\Run: [Rainlendar2] => C:\Program Files\Rainlendar2\Rainlendar2.exe [3931136 2012-07-02] ()
HKU\S-1-5-21-3844998663-1645465265-2987210626-1001\...\Run: [Spotify Web Helper] => C:\Users\Andreas Tickert\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-26] (Spotify Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe ()
ShellIconOverlayIdentifiers: AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll (eCareme Technologies, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live Family Safety Browser Helper Class -> {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} -> C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: No Name -> {120A8821-2BEE-4C29-BCDA-62C577781992} ->  No File
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 01 %SystemRoot%\System32\mswsock.dll [327168] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Andreas Tickert\AppData\Roaming\Mozilla\Firefox\Profiles\wkarz4j6.default
FF Homepage: hxxp://www.spiegel.de/
FF NetworkProxy: "gopher", ""
FF NetworkProxy: "gopher_port", 0
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Andreas Tickert\AppData\Roaming\Mozilla\Firefox\Profiles\wkarz4j6.default\Extensions\abs@avira.com [2014-07-15]
FF Extension: DownloadHelper - C:\Users\Andreas Tickert\AppData\Roaming\Mozilla\Firefox\Profiles\wkarz4j6.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-25]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-06-19]

Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-10-10]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-07-02] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-02] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [141392 2014-07-07] (Avira Operations GmbH & Co. KG)
R2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-10-01] (Intel Corporation) [File not signed]
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_38986e29a8b510a2\STacSV64.exe [243712 2009-11-27] (IDT, Inc.)
S2 UI Assistant Service; C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe [270672 2011-08-25] ()
R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-09-28] (Ulead Systems, Inc.) [File not signed]
R2 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-10-01] (Intel Corporation) [File not signed]

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-02] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-07-02] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-07-02] (Avira Operations GmbH & Co. KG)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1799680 2009-08-12] ()
S3 StkTMini; C:\Windows\System32\Drivers\StkTMini.sys [528256 2007-11-15] (Syntek)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-08-06] ()
R2 {B154377D-700F-42cc-9474-23858FBDF4BD}; C:\Program Files (x86)\CyberLink\PowerDVD9\000.fcl [146928 2010-02-24] (CyberLink Corp.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U3 tmlwf;
U3 tmwfp;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-22 09:43 - 2014-07-22 09:43 - 00000000 ____D () C:\Users\Andreas Tickert\Downloads\FRST-OlderVersion
2014-07-22 09:40 - 2014-07-22 09:40 - 00022583 _____ () C:\Users\Andreas Tickert\Desktop\eset.txt
2014-07-22 09:29 - 2014-07-22 09:29 - 00000000 _____ () C:\Users\Andreas Tickert\Downloads\X15-65741(2).iso
2014-07-22 09:28 - 2014-07-22 09:29 - 634822835 _____ () C:\Users\Andreas Tickert\Downloads\X15-65741(2).iso.part
2014-07-22 09:20 - 2014-07-22 09:20 - 00137982 _____ () C:\Users\Andreas Tickert\Downloads\HashMyFiles-2.02.zip
2014-07-21 17:17 - 2014-07-21 17:17 - 02347384 _____ (ESET) C:\Users\Andreas Tickert\Downloads\esetsmartinstaller_deu.exe
2014-07-21 17:17 - 2014-07-21 17:17 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-21 16:01 - 2014-07-21 16:01 - 00004513 _____ () C:\Users\Andreas Tickert\Desktop\mbam2.txt
2014-07-21 16:00 - 2014-07-21 16:00 - 00004513 _____ () C:\Users\Andreas Tickert\Desktop\mbam1.txt
2014-07-21 08:07 - 2014-07-21 08:07 - 00000968 _____ () C:\Users\Andreas Tickert\Desktop\JRT.txt
2014-07-21 08:00 - 2014-07-21 08:00 - 00000000 ____D () C:\Windows\ERUNT
2014-07-21 07:50 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-21 07:49 - 2014-07-21 07:53 - 00000000 ____D () C:\AdwCleaner
2014-07-21 07:41 - 2014-07-21 07:41 - 01016261 _____ (Thisisu) C:\Users\Andreas Tickert\Downloads\JRT.exe
2014-07-21 07:40 - 2014-07-21 07:40 - 01354223 _____ () C:\Users\Andreas Tickert\Downloads\adwcleaner_3.216.exe
2014-07-18 06:41 - 2014-07-18 06:41 - 00023991 _____ () C:\ComboFix.txt
2014-07-18 06:21 - 2014-07-18 06:41 - 00000000 ____D () C:\Qoobox
2014-07-18 06:21 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-07-18 06:21 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-07-18 06:21 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-07-18 06:21 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-07-18 06:21 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-07-18 06:21 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-07-18 06:21 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-07-18 06:21 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-07-18 06:20 - 2014-07-18 06:20 - 05221938 ____R (Swearware) C:\Users\Andreas Tickert\Downloads\ComboFix.exe
2014-07-17 20:08 - 2014-07-17 20:08 - 00001270 _____ () C:\Users\Andreas Tickert\Desktop\Revo Uninstaller.lnk
2014-07-17 20:08 - 2014-07-17 20:08 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-17 20:07 - 2014-07-17 20:07 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Andreas Tickert\Downloads\revosetup95.exe
2014-07-15 18:05 - 2014-07-15 18:07 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Roaming\ImgBurn
2014-07-15 17:58 - 2014-07-15 17:58 - 00000000 ____D () C:\Program Files (x86)\ImgBurn
2014-07-15 17:48 - 2014-07-15 17:58 - 446706255 _____ () C:\Users\Andreas Tickert\Downloads\X15-65741(1).iso
2014-07-15 16:54 - 2014-07-15 17:05 - 446705930 _____ () C:\Users\Andreas Tickert\Downloads\X15-65741.iso
2014-07-15 16:22 - 2014-07-22 09:43 - 00018451 _____ () C:\Users\Andreas Tickert\Downloads\FRST.txt
2014-07-15 16:22 - 2014-07-15 16:24 - 00052002 _____ () C:\Users\Andreas Tickert\Downloads\Addition.txt
2014-07-15 16:21 - 2014-07-22 09:43 - 02090496 _____ (Farbar) C:\Users\Andreas Tickert\Downloads\FRST64.exe
2014-07-15 16:21 - 2014-07-22 09:43 - 00000000 ____D () C:\FRST
2014-07-15 16:02 - 2014-07-15 16:02 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Roaming\Avira
2014-07-15 15:59 - 2014-07-15 15:57 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-07-15 15:56 - 2014-07-02 13:06 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-07-15 15:56 - 2014-07-02 13:06 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-07-15 15:56 - 2014-07-02 13:06 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-07-15 15:52 - 2014-07-15 15:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-07-15 15:52 - 2014-07-15 15:56 - 00000000 ____D () C:\ProgramData\Avira
2014-07-15 15:52 - 2014-07-15 15:56 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-07-15 15:52 - 2014-07-15 15:52 - 00001139 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-07-15 15:52 - 2014-07-15 15:52 - 00000000 ____D () C:\ProgramData\Package Cache
2014-07-15 15:51 - 2014-07-15 15:51 - 00021304 _____ () C:\Users\Andreas Tickert\Desktop\Malwarebytes Logdatei.zip
2014-07-15 15:48 - 2014-07-15 15:49 - 00238937 _____ () C:\Users\Andreas Tickert\Desktop\Malwarebytes Logdatei.Xml
2014-07-15 15:40 - 2014-07-15 15:40 - 04621032 _____ (Avira Operations GmbH & Co. KG) C:\Users\Andreas Tickert\Downloads\avira_de_av___ws2.exe
2014-07-15 15:25 - 2014-07-22 00:57 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-15 15:24 - 2014-07-15 15:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-15 15:24 - 2014-07-15 15:24 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-15 15:24 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-15 15:24 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-10 11:01 - 2014-07-10 11:01 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Local\Adobe
2014-07-09 16:48 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-09 16:48 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-09 16:48 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 16:48 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 16:48 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 16:48 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 16:48 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-09 16:48 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 16:48 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-09 16:48 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 16:48 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-09 16:48 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-09 16:48 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 16:48 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 16:48 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 16:48 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-09 16:48 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-09 16:48 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-09 16:48 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 16:48 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-09 16:48 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 16:48 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 16:48 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 16:48 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 16:48 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 16:48 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 16:48 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 16:48 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 16:48 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-09 16:48 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-09 16:48 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-09 16:48 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-09 16:48 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 16:48 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 16:48 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 16:48 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-09 16:48 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 16:48 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-09 16:48 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-09 16:48 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-09 16:48 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-09 16:48 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 16:48 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-09 16:48 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-09 16:48 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 16:48 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 16:48 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 16:48 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 16:48 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 16:48 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 16:48 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-09 16:48 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 16:48 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 16:48 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 16:48 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-09 16:48 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 16:48 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 16:48 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-09 16:48 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 16:48 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 16:48 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 16:48 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 16:48 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 16:48 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-09 16:48 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-09 16:48 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-09 16:48 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-09 16:48 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-09 16:48 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-09 16:48 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-09 16:48 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-09 16:48 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-09 16:48 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-09 16:48 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-09 16:48 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-09 16:48 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-09 16:48 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-09 16:48 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-09 16:47 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 16:47 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-09 16:47 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-03 09:29 - 2014-07-03 09:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus- und Tastatur-Center
2014-07-03 09:28 - 2014-07-03 09:28 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-06-29 16:00 - 2014-06-29 16:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinAVI Video Capture
2014-06-29 16:00 - 2014-06-29 16:00 - 00000000 ____D () C:\Program Files (x86)\WinAVI Video Capture
2014-06-27 16:58 - 2014-06-29 16:22 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-27 16:58 - 2014-06-27 17:04 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Roaming\Apple Computer
2014-06-27 16:58 - 2014-06-27 16:58 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Local\Apple Computer
2014-06-27 16:55 - 2014-06-27 16:55 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-06-27 16:55 - 2014-06-27 16:55 - 00000000 ____D () C:\Program Files\Bonjour
2014-06-27 16:55 - 2014-06-27 16:55 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-06-27 16:55 - 2014-06-27 16:55 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-06-27 16:44 - 2014-06-27 16:47 - 112616784 _____ (Apple Inc.) C:\Users\Andreas Tickert\Downloads\iTunes64Setup.exe
2014-06-23 19:24 - 2014-06-23 19:24 - 00321424 _____ () C:\Windows\Minidump\062314-29655-01.dmp
2014-06-23 18:59 - 2014-06-23 19:14 - 00000000 ____D () C:\Users\Andreas Tickert\Documents\Ulead VideoStudio SE
2014-06-23 18:58 - 2014-06-23 19:02 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Roaming\Ulead Systems
2014-06-23 18:56 - 2014-06-23 18:56 - 00000000 ____D () C:\ProgramData\InstallShield
2014-06-23 18:55 - 2014-06-23 18:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ulead VideoStudio SE DVD
2014-06-23 18:55 - 2014-06-23 18:55 - 00002220 _____ () C:\Users\Public\Desktop\Ulead VideoStudio SE DVD.lnk
2014-06-23 18:55 - 2014-06-23 18:55 - 00000000 ____D () C:\Program Files (x86)\Windows Media-Komponenten
2014-06-23 18:54 - 2014-06-23 18:58 - 00000000 ____D () C:\ProgramData\Ulead Systems
2014-06-23 18:54 - 2014-06-23 18:54 - 00000000 ____D () C:\Program Files (x86)\Ulead Systems
2014-06-23 18:52 - 2014-06-23 18:52 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Roaming\InstallShield
2014-06-23 18:52 - 2007-11-15 20:33 - 00528256 _____ (Syntek) C:\Windows\system32\Drivers\StkTMini.sys
2014-06-23 18:52 - 2007-10-06 17:03 - 00053248 _____ (Syntek America Inc.) C:\Windows\SysWOW64\StkTProp.ax
2014-06-23 18:52 - 2006-12-20 09:08 - 06921856 _____ (Syntek America Inc.) C:\Windows\system32\Drivers\StkCPipe.sys

==================== One Month Modified Files and Folders =======

2014-07-22 09:45 - 2014-07-15 16:22 - 00018451 _____ () C:\Users\Andreas Tickert\Downloads\FRST.txt
2014-07-22 09:43 - 2014-07-22 09:43 - 00000000 ____D () C:\Users\Andreas Tickert\Downloads\FRST-OlderVersion
2014-07-22 09:43 - 2014-07-15 16:21 - 02090496 _____ (Farbar) C:\Users\Andreas Tickert\Downloads\FRST64.exe
2014-07-22 09:43 - 2014-07-15 16:21 - 00000000 ____D () C:\FRST
2014-07-22 09:40 - 2014-07-22 09:40 - 00022583 _____ () C:\Users\Andreas Tickert\Desktop\eset.txt
2014-07-22 09:33 - 2012-04-02 08:34 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-22 09:29 - 2014-07-22 09:29 - 00000000 _____ () C:\Users\Andreas Tickert\Downloads\X15-65741(2).iso
2014-07-22 09:29 - 2014-07-22 09:28 - 634822835 _____ () C:\Users\Andreas Tickert\Downloads\X15-65741(2).iso.part
2014-07-22 09:20 - 2014-07-22 09:20 - 00137982 _____ () C:\Users\Andreas Tickert\Downloads\HashMyFiles-2.02.zip
2014-07-22 08:53 - 2010-09-20 08:33 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-22 03:32 - 2010-09-20 08:07 - 02022039 _____ () C:\Windows\WindowsUpdate.log
2014-07-22 01:58 - 2009-07-14 06:45 - 00010240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-22 01:58 - 2009-07-14 06:45 - 00010240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-22 01:49 - 2012-09-10 20:31 - 00000000 ____D () C:\Users\Andreas Tickert\.rainlendar2
2014-07-22 01:49 - 2010-09-20 08:33 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-22 01:48 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-22 01:48 - 2009-07-14 06:51 - 00257045 _____ () C:\Windows\setupact.log
2014-07-22 00:57 - 2014-07-15 15:25 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-21 23:40 - 2011-01-22 00:40 - 00000334 _____ () C:\Windows\Tasks\MT66 Software Update.job
2014-07-21 17:19 - 2009-08-04 11:51 - 00699682 _____ () C:\Windows\system32\perfh007.dat
2014-07-21 17:19 - 2009-08-04 11:51 - 00149790 _____ () C:\Windows\system32\perfc007.dat
2014-07-21 17:19 - 2009-07-14 07:13 - 01620510 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-21 17:17 - 2014-07-21 17:17 - 02347384 _____ (ESET) C:\Users\Andreas Tickert\Downloads\esetsmartinstaller_deu.exe
2014-07-21 17:17 - 2014-07-21 17:17 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-21 16:01 - 2014-07-21 16:01 - 00004513 _____ () C:\Users\Andreas Tickert\Desktop\mbam2.txt
2014-07-21 16:00 - 2014-07-21 16:00 - 00004513 _____ () C:\Users\Andreas Tickert\Desktop\mbam1.txt
2014-07-21 15:38 - 2010-09-20 08:41 - 00342622 _____ () C:\Windows\PFRO.log
2014-07-21 08:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\L2Schemas
2014-07-21 08:07 - 2014-07-21 08:07 - 00000968 _____ () C:\Users\Andreas Tickert\Desktop\JRT.txt
2014-07-21 08:00 - 2014-07-21 08:00 - 00000000 ____D () C:\Windows\ERUNT
2014-07-21 07:53 - 2014-07-21 07:49 - 00000000 ____D () C:\AdwCleaner
2014-07-21 07:46 - 2010-09-20 08:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Park
2014-07-21 07:41 - 2014-07-21 07:41 - 01016261 _____ (Thisisu) C:\Users\Andreas Tickert\Downloads\JRT.exe
2014-07-21 07:40 - 2014-07-21 07:40 - 01354223 _____ () C:\Users\Andreas Tickert\Downloads\adwcleaner_3.216.exe
2014-07-18 06:41 - 2014-07-18 06:41 - 00023991 _____ () C:\ComboFix.txt
2014-07-18 06:41 - 2014-07-18 06:21 - 00000000 ____D () C:\Qoobox
2014-07-18 06:36 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-07-18 06:32 - 2012-10-24 15:12 - 00000000 ____D () C:\Windows\erdnt
2014-07-18 06:20 - 2014-07-18 06:20 - 05221938 ____R (Swearware) C:\Users\Andreas Tickert\Downloads\ComboFix.exe
2014-07-17 20:12 - 2012-05-18 20:00 - 00000898 _____ () C:\Windows\SysWOW64\InstallUtil.InstallLog
2014-07-17 20:08 - 2014-07-17 20:08 - 00001270 _____ () C:\Users\Andreas Tickert\Desktop\Revo Uninstaller.lnk
2014-07-17 20:08 - 2014-07-17 20:08 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-17 20:07 - 2014-07-17 20:07 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Andreas Tickert\Downloads\revosetup95.exe
2014-07-17 19:22 - 2014-03-15 12:56 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Local\.elfohilfe
2014-07-17 10:49 - 2009-07-14 04:34 - 00000580 _____ () C:\Windows\win.ini
2014-07-15 22:33 - 2010-09-20 08:56 - 00002600 _____ () C:\Windows\system32\AutoRunFilter.ini
2014-07-15 22:33 - 2010-09-20 08:56 - 00001533 _____ () C:\Windows\system32\ServiceFilter.ini
2014-07-15 22:33 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-15 18:07 - 2014-07-15 18:05 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Roaming\ImgBurn
2014-07-15 17:58 - 2014-07-15 17:58 - 00000000 ____D () C:\Program Files (x86)\ImgBurn
2014-07-15 17:58 - 2014-07-15 17:48 - 446706255 _____ () C:\Users\Andreas Tickert\Downloads\X15-65741(1).iso
2014-07-15 17:05 - 2014-07-15 16:54 - 446705930 _____ () C:\Users\Andreas Tickert\Downloads\X15-65741.iso
2014-07-15 16:39 - 2014-03-26 20:36 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-15 16:24 - 2014-07-15 16:22 - 00052002 _____ () C:\Users\Andreas Tickert\Downloads\Addition.txt
2014-07-15 16:02 - 2014-07-15 16:02 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Roaming\Avira
2014-07-15 15:57 - 2014-07-15 15:59 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-07-15 15:57 - 2014-07-15 15:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-07-15 15:56 - 2014-07-15 15:52 - 00000000 ____D () C:\ProgramData\Avira
2014-07-15 15:56 - 2014-07-15 15:52 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-07-15 15:52 - 2014-07-15 15:52 - 00001139 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-07-15 15:52 - 2014-07-15 15:52 - 00000000 ____D () C:\ProgramData\Package Cache
2014-07-15 15:51 - 2014-07-15 15:51 - 00021304 _____ () C:\Users\Andreas Tickert\Desktop\Malwarebytes Logdatei.zip
2014-07-15 15:49 - 2014-07-15 15:48 - 00238937 _____ () C:\Users\Andreas Tickert\Desktop\Malwarebytes Logdatei.Xml
2014-07-15 15:40 - 2014-07-15 15:40 - 04621032 _____ (Avira Operations GmbH & Co. KG) C:\Users\Andreas Tickert\Downloads\avira_de_av___ws2.exe
2014-07-15 15:24 - 2014-07-15 15:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-15 15:24 - 2014-07-15 15:24 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-15 15:24 - 2012-01-16 19:52 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Roaming\Malwarebytes
2014-07-15 15:24 - 2012-01-16 19:52 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-14 08:16 - 2012-10-31 19:36 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Roaming\vlc
2014-07-10 13:19 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-07-10 11:41 - 2014-03-13 13:54 - 00000000 ____D () C:\giss2013
2014-07-10 11:01 - 2014-07-10 11:01 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Local\Adobe
2014-07-10 08:58 - 2009-07-14 06:45 - 00438240 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-10 08:55 - 2014-05-06 20:17 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-10 08:55 - 2009-07-14 09:45 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-10 08:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-10 08:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-10 08:53 - 2013-08-26 20:39 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-10 08:50 - 2010-12-16 16:55 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-10 08:50 - 2010-12-13 10:27 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-09 15:33 - 2012-04-02 08:34 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-09 15:33 - 2012-04-02 08:34 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-09 15:33 - 2011-05-16 09:00 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-03 16:34 - 2010-12-09 11:40 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Roaming\Skype
2014-07-03 09:29 - 2014-07-03 09:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus- und Tastatur-Center
2014-07-03 09:29 - 2014-01-09 15:40 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-07-03 09:29 - 2014-01-09 15:40 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-07-03 09:29 - 2014-01-09 15:40 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-07-03 09:29 - 2014-01-09 15:40 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-07-03 09:29 - 2014-01-09 15:40 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-07-03 09:28 - 2014-07-03 09:28 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-07-02 13:06 - 2014-07-15 15:56 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-07-02 13:06 - 2014-07-15 15:56 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-07-02 13:06 - 2014-07-15 15:56 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-07-01 13:57 - 2012-01-25 11:00 - 00000584 _____ () C:\Users\Andreas Tickert\Documents\grstyles.stl
2014-07-01 13:57 - 2012-01-25 10:59 - 00000328 _____ () C:\Users\Andreas Tickert\Documents\UserStl.sk
2014-06-30 04:09 - 2014-07-09 16:48 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-30 04:04 - 2014-07-09 16:48 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-29 20:10 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-06-29 16:22 - 2014-06-27 16:58 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-29 16:00 - 2014-06-29 16:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinAVI Video Capture
2014-06-29 16:00 - 2014-06-29 16:00 - 00000000 ____D () C:\Program Files (x86)\WinAVI Video Capture
2014-06-27 17:04 - 2014-06-27 16:58 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Roaming\Apple Computer
2014-06-27 16:58 - 2014-06-27 16:58 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Local\Apple Computer
2014-06-27 16:58 - 2012-09-29 12:43 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-06-27 16:55 - 2014-06-27 16:55 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-06-27 16:55 - 2014-06-27 16:55 - 00000000 ____D () C:\Program Files\Bonjour
2014-06-27 16:55 - 2014-06-27 16:55 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-06-27 16:55 - 2014-06-27 16:55 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-06-27 16:55 - 2012-09-29 12:42 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-06-27 16:55 - 2012-09-29 12:42 - 00000000 ____D () C:\ProgramData\Apple
2014-06-27 16:47 - 2014-06-27 16:44 - 112616784 _____ (Apple Inc.) C:\Users\Andreas Tickert\Downloads\iTunes64Setup.exe
2014-06-27 16:43 - 2014-02-09 20:11 - 00000000 ____D () C:\Users\Andreas Tickert\.gimp-2.8
2014-06-23 19:24 - 2014-06-23 19:24 - 00321424 _____ () C:\Windows\Minidump\062314-29655-01.dmp
2014-06-23 19:24 - 2010-12-31 19:40 - 00000000 ____D () C:\Windows\Minidump
2014-06-23 19:14 - 2014-06-23 18:59 - 00000000 ____D () C:\Users\Andreas Tickert\Documents\Ulead VideoStudio SE
2014-06-23 19:02 - 2014-06-23 18:58 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Roaming\Ulead Systems
2014-06-23 18:58 - 2014-06-23 18:54 - 00000000 ____D () C:\ProgramData\Ulead Systems
2014-06-23 18:58 - 2010-12-09 11:25 - 00121480 _____ () C:\Users\Andreas Tickert\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-23 18:56 - 2014-06-23 18:56 - 00000000 ____D () C:\ProgramData\InstallShield
2014-06-23 18:56 - 2014-06-23 18:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ulead VideoStudio SE DVD
2014-06-23 18:55 - 2014-06-23 18:55 - 00002220 _____ () C:\Users\Public\Desktop\Ulead VideoStudio SE DVD.lnk
2014-06-23 18:55 - 2014-06-23 18:55 - 00000000 ____D () C:\Program Files (x86)\Windows Media-Komponenten
2014-06-23 18:55 - 2010-09-20 08:23 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-23 18:54 - 2014-06-23 18:54 - 00000000 ____D () C:\Program Files (x86)\Ulead Systems
2014-06-23 18:52 - 2014-06-23 18:52 - 00000000 ____D () C:\Users\Andreas Tickert\AppData\Roaming\InstallShield

Some content of TEMP:
====================
C:\Users\Andreas Tickert\AppData\Local\Temp\avgnt.exe
C:\Users\Andreas Tickert\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-08 13:15

==================== End Of Log ============================
--- --- ---

--- --- ---

Warlord711 22.07.2014 09:15
Ist das die C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) Datei ?

Irgendwie ist das nicht komplett ;-)


Alle Zeitangaben in WEZ +1. Es ist jetzt 04:58 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131