Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   duckduckgo versucht zu entfernen aber ohne Erfolg! (https://www.trojaner-board.de/161792-duckduckgo-versucht-entfernen-ohne-erfolg.html)

dvpietsch 12.12.2014 23:25
duckduckgo versucht zu entfernen aber ohne Erfolg!
 
Habe die Suchmaschine duckduckgo auf einmal auf dem Rechner und jetzt versucht es zu deinstalieren leider ohne Erfolg. habe es mit combofix versucht und iobit Uninstaller und IObit Malwarefighter!

ich hoffe das mir einer hier helfen kann bin leider mit meinem Wissen am Ende das leider sehr gering ist !

Danke schonmal DVP

schrauber 13.12.2014 06:48
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


dvpietsch 13.12.2014 06:56
erstmal Danke für die schnelle Hilfe hier die Sachen !FRST Additions Logfile:
FRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-12-2014 03
Ran by sven at 2014-12-13 06:54:02
Running from D:\Users\sven\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Enabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.0.3 - IObit)
Avast Internet Security (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version:  - )
DirectX Buster 2.1 Beta 4 (HKLM-x32\...\DirectX Buster) (Version: 2.1 Beta 4 - Dominik Schindler)
DirectX deinstallieren (HKLM-x32\...\DirectX) (Version:  - )
DirectX Version Checker (HKLM-x32\...\{6122970E-5575-4155-8408-FD624B3F7C4F}_is1) (Version:  - directxupdate.com)
Driver Booster 2 (HKLM-x32\...\Driver Booster_is1) (Version: 2.0 - IObit)
Free YouTube Download version 3.2.46.923 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.46.923 - DVDVideoSoft Ltd.)
IObit Malware Fighter (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 2.5 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.1.5.24 - IObit)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
NVIDIA 3D Vision Controller-Treiber 320.18 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 320.18 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0.1 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.1500.0 - SAMSUNG Electronics Co., Ltd.)
SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) Hidden
Smart Defrag 3 (HKLM-x32\...\Smart Defrag 3_is1) (Version: 3.3 - IObit)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version:  - Tangysoft Ltd.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
X-Wave MP3 Cutter Joiner 1.1 (HKLM-x32\...\X-Wave MP3 Cutter Joiner) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

12-12-2014 19:58:41 Ende der Bereinigung

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____N D:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0EC1ABAF-74D5-4D51-94C5-11E88F4FD74C} - System32\Tasks\Driver Booster Scan => D:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2014-10-08] (IObit)
Task: {1781553B-D325-499F-9FDB-700C9476275F} - System32\Tasks\avast! Emergency Update => D:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-28] (AVAST Software)
Task: {285FBC35-B9B7-46BA-92BE-9BEFC5F04619} - System32\Tasks\{824FFD76-5AB6-4642-B263-A1120F55CCD9} => Firefox.exe
Task: {2BCE6754-493C-48FD-B2AC-4ADC401ACF5F} - System32\Tasks\SpyHunter4Startup => D:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe
Task: {79C2E7DA-2155-4F4D-B368-A0C13EAEC19C} - System32\Tasks\APSnotifierPP2 => D:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {7C605630-6B3B-4AFE-BEEE-BD5B9F46CE3A} - System32\Tasks\Driver Booster SkipUAC (SYSTEM) => D:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-12-09] (IObit)
Task: {7F9C0EED-1E60-4C65-849A-9F24DA242BAB} - System32\Tasks\ASC8_SkipUac_sven => D:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [2014-11-26] (IObit)
Task: {963759C7-9532-4023-ACC0-06451B9768BA} - System32\Tasks\APSnotifierPP1 => D:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {9B859D46-F51B-4C4C-B83F-697E2B705411} - System32\Tasks\Uninstaller_SkipUac_Administrator => D:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-11-04] (IObit)
Task: {9C018D1A-331A-404B-BC7A-F5BC1A188B1C} - System32\Tasks\Driver Booster Update => D:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2014-10-13] (IObit)
Task: {9DA97BEE-3D04-4BA2-8AC2-B96C335FFFA4} - System32\Tasks\Driver Booster SkipUAC (sven) => D:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-12-09] (IObit)
Task: {A1EF7D17-59A5-4571-AA69-15DC23D0931A} - System32\Tasks\{F6CEB399-2EBA-4EC6-A99A-05BF97ACE2A4} => Firefox.exe
Task: {A83054AE-6786-4278-81BB-76138F0E4C4B} - System32\Tasks\Adobe Flash Player Updater => D:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-12] (Adobe Systems Incorporated)
Task: {A873F80C-A826-4C2C-B73A-B99038CB3B1F} - System32\Tasks\APSnotifierPP3 => D:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {C36D8B82-62AA-4D86-84B8-709C733B0157} - System32\Tasks\SmartDefrag3_Update => D:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe [2014-07-23] (IObit)
Task: {D5BA52AB-878B-41CC-9D13-8C6B1CE986EB} - System32\Tasks\Uninstaller_SkipUac_sven => D:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-11-04] (IObit)
Task: {E08185C6-F991-4952-974B-1A831DB73133} - System32\Tasks\ASC8_PerformanceMonitor => D:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe [2014-11-26] (IObit)
Task: {ECBE98A5-15D3-47CE-8D86-555B8594C508} - System32\Tasks\{6412C0DF-1E8B-426D-AED6-F8DA7567113B} => pcalua.exe -a "D:\Program Files (x86)\X-Wave MP3 Cutter Joiner\uninstall.exe"
Task: D:\Windows\Tasks\Adobe Flash Player Updater.job => D:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: D:\Windows\Tasks\APSnotifierPP1.job => D:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: D:\Windows\Tasks\APSnotifierPP2.job => D:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: D:\Windows\Tasks\APSnotifierPP3.job => D:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2014-06-14 15:08 - 2014-10-16 09:11 - 00116880 _____ () D:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-11-28 07:18 - 2014-11-28 07:18 - 00388208 _____ () D:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2014-11-28 07:18 - 2014-11-28 07:18 - 05851328 _____ () D:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00121363 _____ () D:\Program Files\VideoLAN\VLC\libvlc.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 02524691 _____ () D:\Program Files\VideoLAN\VLC\libvlccore.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00713235 _____ () D:\Program Files\VideoLAN\VLC\plugins\access\libdshow_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00031251 _____ () D:\Program Files\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00034323 _____ () D:\Program Files\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 12501523 _____ () D:\Program Files\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 01470995 _____ () D:\Program Files\VideoLAN\VLC\plugins\misc\libxml_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00070163 _____ () D:\Program Files\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 02376211 _____ () D:\Program Files\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00106515 _____ () D:\Program Files\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00263699 _____ () D:\Program Files\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00080915 _____ () D:\Program Files\VideoLAN\VLC\plugins\access\libaccess_vdr_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00051219 _____ () D:\Program Files\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00063507 _____ () D:\Program Files\VideoLAN\VLC\plugins\stream_filter\libsmooth_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00608275 _____ () D:\Program Files\VideoLAN\VLC\plugins\stream_filter\libhttplive_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 01022995 _____ () D:\Program Files\VideoLAN\VLC\plugins\stream_filter\libdash_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00125459 _____ () D:\Program Files\VideoLAN\VLC\plugins\access\libzip_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00043539 _____ () D:\Program Files\VideoLAN\VLC\plugins\access\libstream_filter_rar_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00017427 _____ () D:\Program Files\VideoLAN\VLC\plugins\stream_filter\librecord_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00140307 _____ () D:\Program Files\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 02218003 _____ () D:\Program Files\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00318995 _____ () D:\Program Files\VideoLAN\VLC\plugins\lua\liblua_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00058387 _____ () D:\Program Files\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00043027 _____ () D:\Program Files\VideoLAN\VLC\plugins\control\libglobalhotkeys_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00190995 _____ () D:\Program Files\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00091667 _____ () D:\Program Files\VideoLAN\VLC\plugins\demux\libavi_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00071187 _____ () D:\Program Files\VideoLAN\VLC\plugins\demux\libasf_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00081939 _____ () D:\Program Files\VideoLAN\VLC\plugins\demux\libflacsys_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00028179 _____ () D:\Program Files\VideoLAN\VLC\plugins\demux\libes_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00085523 _____ () D:\Program Files\VideoLAN\VLC\plugins\demux\libmpc_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00018963 _____ () D:\Program Files\VideoLAN\VLC\plugins\demux\libtta_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00025619 _____ () D:\Program Files\VideoLAN\VLC\plugins\demux\libnuv_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00024595 _____ () D:\Program Files\VideoLAN\VLC\plugins\demux\libwav_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 01261075 _____ () D:\Program Files\VideoLAN\VLC\plugins\demux\libsid_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00126483 _____ () D:\Program Files\VideoLAN\VLC\plugins\services_discovery\libsap_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00152595 _____ () D:\Program Files\VideoLAN\VLC\plugins\demux\libogg_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 01739283 _____ () D:\Program Files\VideoLAN\VLC\plugins\demux\libmkv_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00017427 _____ () D:\Program Files\VideoLAN\VLC\plugins\demux\libdemux_cdg_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00079891 _____ () D:\Program Files\VideoLAN\VLC\plugins\demux\libvobsub_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00019987 _____ () D:\Program Files\VideoLAN\VLC\plugins\demux\libdemux_stl_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00091155 _____ () D:\Program Files\VideoLAN\VLC\plugins\demux\libsubtitle_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00341011 _____ () D:\Program Files\VideoLAN\VLC\plugins\codec\libpng_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00021523 _____ () D:\Program Files\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 01505811 _____ () D:\Program Files\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00023059 _____ () D:\Program Files\VideoLAN\VLC\plugins\codec\libdts_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00330771 _____ () D:\Program Files\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00417811 _____ () D:\Program Files\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00230931 _____ () D:\Program Files\VideoLAN\VLC\plugins\codec\libflac_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00029715 _____ () D:\Program Files\VideoLAN\VLC\plugins\codec\libg711_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00019475 _____ () D:\Program Files\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 01745427 _____ () D:\Program Files\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00192019 _____ () D:\Program Files\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00025619 _____ () D:\Program Files\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00833555 _____ () D:\Program Files\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00022035 _____ () D:\Program Files\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00031763 _____ () D:\Program Files\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00218643 _____ () D:\Program Files\VideoLAN\VLC\plugins\codec\libopus_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00023059 _____ () D:\Program Files\VideoLAN\VLC\plugins\codec\liba52_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00023059 _____ () D:\Program Files\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 11244051 _____ () D:\Program Files\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00857107 _____ () D:\Program Files\VideoLAN\VLC\plugins\text_renderer\libfreetype_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00040467 _____ () D:\Program Files\VideoLAN\VLC\plugins\sse2\libi420_yuy2_sse2_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00028179 _____ () D:\Program Files\VideoLAN\VLC\plugins\mmx\libi420_yuy2_mmx_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00701459 _____ () D:\Program Files\VideoLAN\VLC\plugins\video_filter\libswscale_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00121875 _____ () D:\Program Files\VideoLAN\VLC\plugins\sse2\libi420_rgb_sse2_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00032787 _____ () D:\Program Files\VideoLAN\VLC\plugins\sse2\libi422_yuy2_sse2_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00024083 _____ () D:\Program Files\VideoLAN\VLC\plugins\mmx\libi422_yuy2_mmx_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00057363 _____ () D:\Program Files\VideoLAN\VLC\plugins\mmx\libi420_rgb_mmx_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00023059 _____ () D:\Program Files\VideoLAN\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00019475 _____ () D:\Program Files\VideoLAN\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00038419 _____ () D:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00024083 _____ () D:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00027667 _____ () D:\Program Files\VideoLAN\VLC\plugins\video_chroma\libyuy2_i420_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00023059 _____ () D:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00018451 _____ () D:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_i420_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00018451 _____ () D:\Program Files\VideoLAN\VLC\plugins\video_filter\libscale_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00017427 _____ () D:\Program Files\VideoLAN\VLC\plugins\video_filter\libyuvp_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00072211 _____ () D:\Program Files\VideoLAN\VLC\plugins\video_output\libdirect3d_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00017427 _____ () D:\Program Files\VideoLAN\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00023059 _____ () D:\Program Files\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00139795 _____ () D:\Program Files\VideoLAN\VLC\plugins\audio_filter\libmpgatofixed32_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00186387 _____ () D:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdtstofloat32_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00081939 _____ () D:\Program Files\VideoLAN\VLC\plugins\audio_filter\liba52tofloat32_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 01506835 _____ () D:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00025619 _____ () D:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00016915 _____ () D:\Program Files\VideoLAN\VLC\plugins\audio_filter\liba52tospdif_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00017939 _____ () D:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdtstospdif_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00017939 _____ () D:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00017427 _____ () D:\Program Files\VideoLAN\VLC\plugins\audio_filter\libugly_resampler_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00018963 _____ () D:\Program Files\VideoLAN\VLC\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll
2014-07-30 04:38 - 2014-07-30 04:38 - 00029715 _____ () D:\Program Files\VideoLAN\VLC\plugins\audio_filter\libaudio_format_plugin.dll
2014-11-10 13:23 - 2013-10-25 12:08 - 00517408 _____ () D:\Program Files (x86)\IObit\Advanced SystemCare 8\sqlite3.dll
2014-12-12 16:13 - 2014-12-12 16:13 - 02905600 _____ () D:\Program Files\AVAST Software\Avast\defs\14121201\algo.dll
2014-11-28 07:18 - 2014-11-28 07:18 - 04495336 _____ () D:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2014-11-10 13:23 - 2013-01-15 18:48 - 00348992 _____ () D:\Program Files (x86)\IObit\Advanced SystemCare 8\madExcept_.bpl
2014-11-10 13:23 - 2013-01-15 18:48 - 00183616 _____ () D:\Program Files (x86)\IObit\Advanced SystemCare 8\madBasic_.bpl
2014-11-10 13:23 - 2013-01-15 18:48 - 00051008 _____ () D:\Program Files (x86)\IObit\Advanced SystemCare 8\madDisAsm_.bpl
2014-11-10 13:23 - 2014-10-16 10:26 - 00622880 _____ () D:\Program Files (x86)\IObit\Advanced SystemCare 8\ProductStatistics.dll
2014-11-10 13:23 - 2013-01-15 18:47 - 00893248 _____ () D:\Program Files (x86)\IObit\Advanced SystemCare 8\webres.dll
2012-08-10 15:51 - 2012-08-10 15:51 - 00985088 _____ () D:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2014-11-28 07:19 - 2014-11-28 07:19 - 38562088 _____ () D:\Program Files\AVAST Software\Avast\libcef.dll
2014-07-06 01:46 - 2013-01-15 18:48 - 00348992 _____ () D:\Program Files (x86)\IObit\IObit Malware Fighter\madExcept_.bpl
2014-07-06 01:46 - 2013-01-15 18:48 - 00183616 _____ () D:\Program Files (x86)\IObit\IObit Malware Fighter\madBasic_.bpl
2014-07-06 01:46 - 2013-01-15 18:48 - 00051008 _____ () D:\Program Files (x86)\IObit\IObit Malware Fighter\madDisAsm_.bpl
2014-07-06 01:46 - 2013-12-12 18:46 - 08001344 _____ () D:\Program Files (x86)\IObit\IObit Malware Fighter\WebUI.dll
2014-07-06 01:46 - 2013-05-16 19:26 - 00182080 _____ () D:\Program Files (x86)\IObit\IObit Malware Fighter\unrar.dll
2014-07-06 01:46 - 2013-10-16 22:17 - 00185168 _____ () D:\Program Files (x86)\IObit\IObit Malware Fighter\libcurl-4.dll
2014-07-06 01:46 - 2013-05-16 19:26 - 00145216 _____ () D:\Program Files (x86)\IObit\IObit Malware Fighter\zlibwapi.dll
2014-12-12 15:02 - 2014-11-26 11:40 - 03758192 _____ () D:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-07-03 17:04 - 2013-01-15 18:48 - 00348992 _____ () D:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2014-07-03 17:04 - 2013-01-15 18:48 - 00183616 _____ () D:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2014-07-03 17:04 - 2013-01-15 18:48 - 00051008 _____ () D:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2014-12-12 14:41 - 2014-12-12 14:41 - 16843952 _____ () D:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-1088142728-589118971-3801686269-500 - Administrator - Disabled)
Gast (S-1-5-21-1088142728-589118971-3801686269-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1088142728-589118971-3801686269-1002 - Limited - Enabled)
sven (S-1-5-21-1088142728-589118971-3801686269-1001 - Administrator - Enabled) => D:\Users\sven

==================== Faulty Device Manager Devices =============

Name: Serieller ATA-Controller
Description: Serieller ATA-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/12/2014 05:32:16 PM) (Source: D:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: D:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (12/12/2014 05:08:20 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost (1852) WebCacheLocal: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei D:\Users\sven\AppData\Local\Microsoft\Windows\WebCache\V01.log.

Error: (12/12/2014 05:05:39 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Das Handle ist ungültig

Error: (12/12/2014 02:36:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000004e4e4
ID des fehlerhaften Prozesses: 0xdb0
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3

Error: (12/12/2014 02:24:32 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"1".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (12/12/2014 08:58:47 AM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Das Handle ist ungültig

Error: (12/12/2014 08:58:47 AM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Das Handle ist ungültig

Error: (12/12/2014 06:56:27 AM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Das Handle ist ungültig

Error: (12/12/2014 06:56:27 AM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Das Handle ist ungültig

Error: (12/11/2014 01:34:42 PM) (Source: D:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: D:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]


System errors:
=============
Error: (12/13/2014 00:30:03 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Type" aufgrund folgenden Fehlers fehlgeschlagen:
%%5

Error: (12/13/2014 00:29:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Razer Wizard Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (12/13/2014 00:29:06 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Razer Wizard Service erreicht.

Error: (12/13/2014 00:28:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SpyHunter 4 Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3

Error: (12/12/2014 05:07:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SpyHunter 4 Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3

Error: (12/12/2014 03:11:25 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (12/12/2014 02:22:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Advanced SystemCare Service 8" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/12/2014 06:53:01 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800b0100 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework 3.5.1 unter Windows 7 und Windows Server 2008 R2 SP1 für x64-basierte Systeme (KB2861698)

Error: (12/11/2014 06:38:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Razer Wizard Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (12/11/2014 06:38:38 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Razer Wizard Service erreicht.


Microsoft Office Sessions:
=========================
Error: (12/12/2014 05:32:16 PM) (Source: D:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: D:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (12/12/2014 05:08:20 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost1852WebCacheLocal: D:\Users\sven\AppData\Local\Microsoft\Windows\WebCache\V01.log-1811 (0xfffff8ed)

Error: (12/12/2014 05:05:39 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Das Handle ist ungültig

Error: (12/12/2014 02:36:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.1.7601.18247521eaf24c0000005000000000004e4e4db001d01642cd8f1f21D:\Program Files\VideoLAN\VLC\vlc.exeD:\Windows\SYSTEM32\ntdll.dll26e78d4f-8236-11e4-9ae8-a4badbff13aa

Error: (12/12/2014 02:24:32 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"H:\Von C juni 2014\Downloads\CNSEMAIN.EXE

Error: (12/12/2014 08:58:47 AM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Das Handle ist ungültig

Error: (12/12/2014 08:58:47 AM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Das Handle ist ungültig

Error: (12/12/2014 06:56:27 AM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Das Handle ist ungültig

Error: (12/12/2014 06:56:27 AM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Das Handle ist ungültig

Error: (12/11/2014 01:34:42 PM) (Source: D:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: D:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]


CodeIntegrity Errors:
===================================
  Date: 2014-07-06 19:30:05.438
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22379_none_b5bfb7f5e210be96\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-06 19:30:05.228
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22379_none_b5bfb7f5e210be96\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-06 19:30:04.978
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22379_none_b5bfb7f5e210be96\appid.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-06 19:30:04.768
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22379_none_b5bfb7f5e210be96\appid.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-06 19:19:44.266
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22379_none_c014624816718091\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-06 19:19:44.054
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22379_none_c014624816718091\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz
Percentage of memory in use: 54%
Total physical RAM: 4086.93 MB
Available physical RAM: 1874.73 MB
Total Pagefile: 8172.03 MB
Available Pagefile: 5103.67 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:271.35 GB) (Free:266.65 GB) NTFS
Drive d: (DATAPART1) (Fixed) (Total:931.51 GB) (Free:136.51 GB) NTFS
Drive g: (RECOVERY) (Fixed) (Total:8.03 GB) (Free:2.88 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive h: (Elements) (Fixed) (Total:1863.01 GB) (Free:575.8 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 4A57007C)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 279.5 GB) (Disk ID: 48000000)
Partition 1: (Not Active) - (Size=86 MB) - (Type=DE)
Partition 2: (Active) - (Size=8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=271.3 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 000CE27C)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End Of Log ============================
--- --- ---

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-12-2014 03
Ran by sven (administrator) on SVEN-DVP2014 on 13-12-2014 06:53:42
Running from D:\Users\sven\Downloads
Loaded Profile: sven (Available profiles: sven)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) D:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
(NVIDIA Corporation) D:\Windows\System32\nvvsvc.exe
(Logitech Inc.) D:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AVAST Software) D:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) D:\Windows\System32\nvvsvc.exe
(IObit) D:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(AVAST Software) D:\Program Files\AVAST Software\Avast\afwServ.exe
(IObit) D:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe
(NVIDIA Corporation) D:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) D:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) D:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(IObit) D:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe
(OpenOffice.org) D:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) D:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(AVAST Software) D:\Program Files\AVAST Software\Avast\avastui.exe
(Adobe Systems Incorporated) D:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(IObit) D:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(Mozilla Corporation) D:\Program Files (x86)\Mozilla Firefox\firefox.exe
(IObit) D:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Avast Software) D:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) D:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(VideoLAN) D:\Program Files\VideoLAN\VLC\vlc.exe
(Microsoft Corporation) D:\Program Files\Internet Explorer\iexplore.exe
(Adblock) D:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.exe
(Adobe Systems Incorporated) D:\Windows\System32\Macromed\Flash\FlashUtil64_16_0_0_235_ActiveX.exe
(Adobe Systems, Inc.) D:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
(Adobe Systems, Inc.) D:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
(Microsoft Corporation) D:\Windows\System32\rundll32.exe
(Microsoft Corporation) D:\Windows\System32\rundll32.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => D:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => D:\Windows\system32\rundll32.exe D:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RtHDVCpl] => D:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-07-03] (Realtek Semiconductor)
HKLM-x32\...\Run: [AvastUI.exe] => D:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2014-12-12] (AVAST Software)
HKLM-x32\...\Run: [RzWizard] => D:\Program Files (x86)\Razer\RzWizard\RzWizard.exe [254464 2014-05-20] (Razer Inc.)
HKLM-x32\...\Run: [Adobe ARM] => D:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IObit Malware Fighter] => D:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [1802048 2014-10-13] (IObit)
HKU\S-1-5-21-1088142728-589118971-3801686269-1001\...\Run: [Advanced SystemCare 8] => D:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2426144 2014-11-25] (IObit)
HKU\S-1-5-21-1088142728-589118971-3801686269-1001\...\MountPoints2: {f7b67ce3-7802-11e4-b175-a4badbff13aa} - I:\iStudio.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => D:\Windows\System32\SPReview\SPReview.exe [301568 2014-06-15] (Microsoft Corporation)
Startup: D:\Users\sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> D:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => D:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1088142728-589118971-3801686269-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-1088142728-589118971-3801686269-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.startfenster.de
HKU\S-1-5-21-1088142728-589118971-3801686269-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.t-online.de/cpm-redir/ie-11.html
SearchScopes: HKLM -> DefaultScope {461C8600-EEF9-4D3D-A3CC-3B1D61E1D286} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM -> {461C8600-EEF9-4D3D-A3CC-3B1D61E1D286} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1088142728-589118971-3801686269-1001 -> DefaultScope {B54C0AB0-47A7-4668-981D-61E6F46E85C9} URL = hxxp://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=internet-tab&tpc=internet&ptl=std&classification=internet-tab_internet_std&q={searchTerms}&br=ie10-toi
SearchScopes: HKU\S-1-5-21-1088142728-589118971-3801686269-1001 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3331617&octid=EB_ORIGINAL_CTID&ISID=MA2D51137-A31B-4051-8D09-21A082F89C87&SearchSource=58&CUI=&UM=6&UP=SP25ED9B09-090A-43DE-BF78-64B26258530F&q={searchTerms}&SSPV=SP21726TB_sp_ie
SearchScopes: HKU\S-1-5-21-1088142728-589118971-3801686269-1001 -> {268F4782-82F0-4FDD-A280-41401C8866C8} URL = hxxp://rover.ebay.com/rover/1/707-1403-27640-2/4?mpre=hxxp://search.ebay.de/search/search.dll?shortcut=4&query={searchTerms}
SearchScopes: HKU\S-1-5-21-1088142728-589118971-3801686269-1001 -> {2A72D499-19BC-4C6B-8B33-2EF95EF19C86} URL = hxxp://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&tag=interactivemesuche-21&index=blended&linkCode=ur2&camp=1638&creative=6742
SearchScopes: HKU\S-1-5-21-1088142728-589118971-3801686269-1001 -> {461C8600-EEF9-4D3D-A3CC-3B1D61E1D286} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1088142728-589118971-3801686269-1001 -> {B54C0AB0-47A7-4668-981D-61E6F46E85C9} URL = hxxp://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=internet-tab&tpc=internet&ptl=std&classification=internet-tab_internet_std&q={searchTerms}&br=ie10-toi
SearchScopes: HKU\S-1-5-21-1088142728-589118971-3801686269-1001 -> {F07A64E4-2727-4408-A746-BA89B9FCC220} URL = hxxp://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=wiki-tab&tpc=internet&ptl=std&classification=wiki-tab_internet_std&q={searchTerms}&br=ie10-toi
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> D:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Ads Removal -> {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -> D:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll (Adblock)
BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> D:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
Tcpip\Parameters: [DhcpNameServer] 82.212.62.62 78.42.43.62 192.168.1.1

FireFox:
========
FF ProfilePath: D:\Users\sven\AppData\Roaming\Mozilla\Firefox\Profiles\60jjrv1t.default-1418420050602
FF SelectedSearchEngine: DuckDuckGo
FF Homepage: about:home
FF DefaultSearchEngine: DuckDuckGo
FF Plugin: @adobe.com/FlashPlayer -> D:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @videolan.org/vlc,version=2.1.4 -> D:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> D:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> D:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: Adobe Reader -> D:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - D:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - D:\Program Files\AVAST Software\Avast\WebRep\FF [2014-06-14]
FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [Not Found]

Chrome:
=======
CHR Profile: D:\Users\sven\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Ads Removal) - D:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopdddcinljmpmioaklghcalngfhbaen [2014-11-18]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - D:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-28]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService8; D:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit)
R2 avast! Antivirus; D:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-28] (AVAST Software)
R2 avast! Firewall; D:\Program Files\AVAST Software\Avast\afwServ.exe [104416 2014-11-28] (AVAST Software)
R3 AvastVBoxSvc; D:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-11-28] (Avast Software)
R2 IMFservice; D:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [344896 2014-09-30] (IObit)
S2 LiveUpdateSvc; D:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2631456 2014-11-26] (IObit)
R2 NvNetworkService; D:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617696 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; D:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21007192 2014-04-30] (NVIDIA Corporation)
S2 RzWizardService; D:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe [367616 2014-05-20] (Razer Inc.) [File not signed]
S2 SpyHunter 4 Service; No ImagePath

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; D:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 aswHwid; D:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-28] ()
R1 aswKbd; D:\Windows\system32\drivers\aswKbd.sys [28184 2014-11-28] (AVAST Software)
R2 aswMonFlt; D:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-28] (AVAST Software)
R0 aswNdisFlt; D:\Windows\System32\DRIVERS\aswNdisFlt.sys [449936 2014-11-28] (AVAST Software)
R1 aswRdr; D:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-28] (AVAST Software)
R0 aswRvrt; D:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-28] ()
R1 aswSnx; D:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-28] (AVAST Software)
R1 aswSP; D:\Windows\system32\drivers\aswSP.sys [436624 2014-11-28] (AVAST Software)
R2 aswStm; D:\Windows\system32\drivers\aswStm.sys [116728 2014-11-28] (AVAST Software)
R0 aswVmm; D:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-28] ()
S3 esgiguard; No ImagePath
S3 EsgScanner; D:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2014-12-12] ()
R3 FileMonitor; D:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
R3 NvStreamKms; D:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18776 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; D:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 RegFilter; D:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2013-11-19] (IObit.com)
R0 SmartDefragDriver; D:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
R3 UrlFilter; D:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-11-19] (IObit.com)
U4 VBoxAswDrv; D:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-11-28] (Avast Software)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-13 00:51 - 2014-12-13 00:52 - 00035368 _____ () D:\Users\sven\Downloads\Addition.txt
2014-12-13 00:50 - 2014-12-13 06:53 - 00014025 _____ () D:\Users\sven\Downloads\FRST.txt
2014-12-13 00:50 - 2014-12-13 06:53 - 00000000 ____D () D:\FRST
2014-12-13 00:49 - 2014-12-13 00:49 - 02119680 _____ (Farbar) D:\Users\sven\Downloads\FRST64.exe
2014-12-12 17:13 - 2014-12-12 17:13 - 00000000 ____D () D:\Qoobox
2014-12-12 17:07 - 2014-12-13 00:28 - 00000336 _____ () D:\Windows\setupact.log
2014-12-12 17:07 - 2014-12-12 17:07 - 00000000 _____ () D:\Windows\setuperr.log
2014-12-12 17:06 - 2014-12-12 17:06 - 00001850 _____ () D:\Windows\PFRO.log
2014-12-12 17:03 - 2014-12-12 17:03 - 00000000 ____D () D:\Windows\erdnt
2014-12-12 17:02 - 2014-12-12 17:03 - 05600944 _____ (Swearware) D:\Users\sven\Downloads\ComboFix.exe
2014-12-12 16:34 - 2014-12-12 16:34 - 00000000 ____D () D:\Users\sven\Desktop\Alte Firefox-Daten
2014-12-12 15:10 - 2014-12-12 15:10 - 00022704 _____ () D:\Windows\system32\Drivers\EsgScanner.sys
2014-12-12 15:10 - 2014-12-12 15:10 - 00003330 _____ () D:\Windows\System32\Tasks\SpyHunter4Startup
2014-12-12 15:10 - 2014-12-12 15:10 - 00000000 ____D () D:\Users\sven\AppData\Roaming\Enigma Software Group
2014-12-12 15:10 - 2014-12-12 15:10 - 00000000 ____D () D:\sh4ldr
2014-12-12 15:10 - 2014-12-12 15:10 - 00000000 ____D () D:\Program Files\Enigma Software Group
2014-12-12 15:10 - 2014-12-12 15:10 - 00000000 _____ () D:\autoexec.bat
2014-12-12 15:09 - 2014-12-12 15:09 - 03044736 _____ (Enigma Software Group USA, LLC.) D:\Users\sven\Downloads\SpyHunter-Installer.exe
2014-12-12 15:02 - 2014-12-12 15:02 - 00001168 _____ () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-12 15:02 - 2014-12-12 15:02 - 00001156 _____ () D:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-12-12 15:02 - 2014-12-12 15:02 - 00000000 ____D () D:\Program Files (x86)\Mozilla Maintenance Service
2014-12-12 15:02 - 2014-12-12 15:02 - 00000000 ____D () D:\Program Files (x86)\Mozilla Firefox
2014-12-12 15:01 - 2014-12-12 15:01 - 00244264 _____ () D:\Users\sven\Downloads\Firefox Setup Stub 34.0.5.exe
2014-12-12 14:54 - 2014-12-12 14:59 - 00002458 _____ () D:\DelFix.txt
2014-12-12 14:54 - 2014-12-12 14:54 - 00000000 ____D () D:\Windows\ERUNT
2014-12-12 14:47 - 2014-12-12 14:47 - 00709564 _____ () D:\Users\sven\Downloads\delfix_10.8.exe
2014-12-12 14:42 - 2014-12-12 14:42 - 00000000 ____D () D:\Program Files (x86)\AGEIA Technologies
2014-12-12 14:38 - 2014-12-12 14:38 - 00197408 _____ (NVIDIA Corporation) D:\Windows\system32\Drivers\nvhda64v.sys
2014-12-12 14:38 - 2014-12-12 14:38 - 00031520 _____ (NVIDIA Corporation) D:\Windows\system32\nvhdap64.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 31890064 _____ (NVIDIA Corporation) D:\Windows\system32\nvoglv64.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 24555840 _____ (NVIDIA Corporation) D:\Windows\SysWOW64\nvoglv32.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 20968040 _____ (NVIDIA Corporation) D:\Windows\system32\nvwgf2umx.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 20922696 _____ (NVIDIA Corporation) D:\Windows\system32\nvcompiler.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 19966856 _____ (NVIDIA Corporation) D:\Windows\system32\nvd3dumx.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 18499648 _____ (NVIDIA Corporation) D:\Windows\SysWOW64\nvwgf2um.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 17260864 _____ (NVIDIA Corporation) D:\Windows\SysWOW64\nvcompiler.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 16886168 _____ (NVIDIA Corporation) D:\Windows\SysWOW64\nvd3dum.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 14029400 _____ (NVIDIA Corporation) D:\Windows\system32\nvopencl.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 13942368 _____ (NVIDIA Corporation) D:\Windows\system32\nvcuda.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 13190288 _____ (NVIDIA Corporation) D:\Windows\system32\Drivers\nvlddmkm.sys
2014-12-12 14:34 - 2014-12-12 14:34 - 11395672 _____ (NVIDIA Corporation) D:\Windows\SysWOW64\nvopencl.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 11333848 _____ (NVIDIA Corporation) D:\Windows\SysWOW64\nvcuda.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 04289856 _____ (NVIDIA Corporation) D:\Windows\system32\nvcuvid.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 04009672 _____ (NVIDIA Corporation) D:\Windows\SysWOW64\nvcuvid.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 01876296 _____ (NVIDIA Corporation) D:\Windows\system32\nvdispco6434448.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 01539272 _____ (NVIDIA Corporation) D:\Windows\system32\nvdispgenco6434448.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 00962376 _____ (NVIDIA Corporation) D:\Windows\system32\NvIFR64.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 00931984 _____ (NVIDIA Corporation) D:\Windows\system32\NvFBC64.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 00921928 _____ (NVIDIA Corporation) D:\Windows\SysWOW64\NvIFR.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 00895176 _____ (NVIDIA Corporation) D:\Windows\SysWOW64\NvFBC.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 00870112 _____ (NVIDIA Corporation) D:\Windows\SysWOW64\nvumdshim.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 00352016 _____ (NVIDIA Corporation) D:\Windows\system32\nvoglshim64.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 00303600 _____ (NVIDIA Corporation) D:\Windows\SysWOW64\nvoglshim32.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 00174856 _____ (NVIDIA Corporation) D:\Windows\system32\nvinitx.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 00156840 _____ (NVIDIA Corporation) D:\Windows\SysWOW64\nvinit.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 00027024 _____ () D:\Windows\system32\nvinfo.pb
2014-12-12 14:30 - 2014-12-13 00:31 - 00002860 _____ () D:\Windows\System32\Tasks\Driver Booster SkipUAC (SYSTEM)
2014-12-12 14:30 - 2014-12-12 14:42 - 00002083 _____ () D:\Users\Public\Desktop\Driver Booster 2.lnk
2014-12-12 14:30 - 2014-12-12 14:30 - 00003220 _____ () D:\Windows\System32\Tasks\Driver Booster Scan
2014-12-12 14:30 - 2014-12-12 14:30 - 00003170 _____ () D:\Windows\System32\Tasks\SmartDefrag3_Update
2014-12-12 14:30 - 2014-12-12 14:30 - 00003164 _____ () D:\Windows\System32\Tasks\Driver Booster Update
2014-12-12 14:30 - 2014-12-12 14:30 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
2014-12-12 08:40 - 2014-12-12 08:40 - 00014096 _____ () D:\Users\sven\Documents\Rezepteinreichung.odt
2014-12-12 08:27 - 2014-12-12 08:27 - 00000000 ____D () D:\Windows\system32\appraiser
2014-12-12 06:53 - 2014-10-17 21:05 - 04121600 _____ (Microsoft Corporation) D:\Windows\system32\mf.dll
2014-12-12 06:53 - 2014-10-17 20:33 - 03209728 _____ (Microsoft Corporation) D:\Windows\SysWOW64\mf.dll
2014-12-12 05:57 - 2014-11-26 20:43 - 00389296 _____ (Microsoft Corporation) D:\Windows\system32\iedkcs32.dll
2014-12-12 05:57 - 2014-11-26 20:10 - 00342200 _____ (Microsoft Corporation) D:\Windows\SysWOW64\iedkcs32.dll
2014-12-12 05:57 - 2014-11-21 22:13 - 25059840 _____ (Microsoft Corporation) D:\Windows\system32\mshtml.dll
2014-12-12 05:57 - 2014-11-21 22:06 - 02724864 _____ (Microsoft Corporation) D:\Windows\system32\mshtml.tlb
2014-12-12 05:57 - 2014-11-21 22:06 - 00004096 _____ (Microsoft Corporation) D:\Windows\system32\ieetwcollectorres.dll
2014-12-12 05:57 - 2014-11-21 21:50 - 00580096 _____ (Microsoft Corporation) D:\Windows\system32\vbscript.dll
2014-12-12 05:57 - 2014-11-21 21:50 - 00066560 _____ (Microsoft Corporation) D:\Windows\system32\iesetup.dll
2014-12-12 05:57 - 2014-11-21 21:49 - 02885120 _____ (Microsoft Corporation) D:\Windows\system32\iertutil.dll
2014-12-12 05:57 - 2014-11-21 21:49 - 00048640 _____ (Microsoft Corporation) D:\Windows\system32\ieetwproxystub.dll
2014-12-12 05:57 - 2014-11-21 21:48 - 00088064 _____ (Microsoft Corporation) D:\Windows\system32\MshtmlDac.dll
2014-12-12 05:57 - 2014-11-21 21:41 - 00054784 _____ (Microsoft Corporation) D:\Windows\system32\jsproxy.dll
2014-12-12 05:57 - 2014-11-21 21:40 - 00034304 _____ (Microsoft Corporation) D:\Windows\system32\iernonce.dll
2014-12-12 05:57 - 2014-11-21 21:37 - 00633856 _____ (Microsoft Corporation) D:\Windows\system32\ieui.dll
2014-12-12 05:57 - 2014-11-21 21:35 - 00144384 _____ (Microsoft Corporation) D:\Windows\system32\ieUnatt.exe
2014-12-12 05:57 - 2014-11-21 21:35 - 00114688 _____ (Microsoft Corporation) D:\Windows\system32\ieetwcollector.exe
2014-12-12 05:57 - 2014-11-21 21:34 - 06039552 _____ (Microsoft Corporation) D:\Windows\system32\jscript9.dll
2014-12-12 05:57 - 2014-11-21 21:34 - 00814080 _____ (Microsoft Corporation) D:\Windows\system32\jscript9diag.dll
2014-12-12 05:57 - 2014-11-21 21:26 - 00968704 _____ (Microsoft Corporation) D:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-12 05:57 - 2014-11-21 21:22 - 19749376 _____ (Microsoft Corporation) D:\Windows\SysWOW64\mshtml.dll
2014-12-12 05:57 - 2014-11-21 21:22 - 00490496 _____ (Microsoft Corporation) D:\Windows\system32\dxtmsft.dll
2014-12-12 05:57 - 2014-11-21 21:20 - 02724864 _____ (Microsoft Corporation) D:\Windows\SysWOW64\mshtml.tlb
2014-12-12 05:57 - 2014-11-21 21:14 - 00077824 _____ (Microsoft Corporation) D:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-12 05:57 - 2014-11-21 21:09 - 00199680 _____ (Microsoft Corporation) D:\Windows\system32\msrating.dll
2014-12-12 05:57 - 2014-11-21 21:08 - 00092160 _____ (Microsoft Corporation) D:\Windows\system32\mshtmled.dll
2014-12-12 05:57 - 2014-11-21 21:07 - 00501248 _____ (Microsoft Corporation) D:\Windows\SysWOW64\vbscript.dll
2014-12-12 05:57 - 2014-11-21 21:07 - 00062464 _____ (Microsoft Corporation) D:\Windows\SysWOW64\iesetup.dll
2014-12-12 05:57 - 2014-11-21 21:06 - 00047616 _____ (Microsoft Corporation) D:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-12 05:57 - 2014-11-21 21:05 - 00316928 _____ (Microsoft Corporation) D:\Windows\system32\dxtrans.dll
2014-12-12 05:57 - 2014-11-21 21:05 - 00064000 _____ (Microsoft Corporation) D:\Windows\SysWOW64\MshtmlDac.dll
2014-12-12 05:57 - 2014-11-21 21:01 - 02277888 _____ (Microsoft Corporation) D:\Windows\SysWOW64\iertutil.dll
2014-12-12 05:57 - 2014-11-21 20:59 - 00047104 _____ (Microsoft Corporation) D:\Windows\SysWOW64\jsproxy.dll
2014-12-12 05:57 - 2014-11-21 20:58 - 00030720 _____ (Microsoft Corporation) D:\Windows\SysWOW64\iernonce.dll
2014-12-12 05:57 - 2014-11-21 20:56 - 00478208 _____ (Microsoft Corporation) D:\Windows\SysWOW64\ieui.dll
2014-12-12 05:57 - 2014-11-21 20:55 - 00115712 _____ (Microsoft Corporation) D:\Windows\SysWOW64\ieUnatt.exe
2014-12-12 05:57 - 2014-11-21 20:54 - 00620032 _____ (Microsoft Corporation) D:\Windows\SysWOW64\jscript9diag.dll
2014-12-12 05:57 - 2014-11-21 20:49 - 00800768 _____ (Microsoft Corporation) D:\Windows\system32\msfeeds.dll
2014-12-12 05:57 - 2014-11-21 20:49 - 00718848 _____ (Microsoft Corporation) D:\Windows\system32\ie4uinit.exe
2014-12-12 05:57 - 2014-11-21 20:47 - 01359360 _____ (Microsoft Corporation) D:\Windows\system32\mshtmlmedia.dll
2014-12-12 05:57 - 2014-11-21 20:46 - 02125312 _____ (Microsoft Corporation) D:\Windows\system32\inetcpl.cpl
2014-12-12 05:57 - 2014-11-21 20:45 - 00418304 _____ (Microsoft Corporation) D:\Windows\SysWOW64\dxtmsft.dll
2014-12-12 05:57 - 2014-11-21 20:43 - 14412800 _____ (Microsoft Corporation) D:\Windows\system32\ieframe.dll
2014-12-12 05:57 - 2014-11-21 20:40 - 00060416 _____ (Microsoft Corporation) D:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-12 05:57 - 2014-11-21 20:36 - 00168960 _____ (Microsoft Corporation) D:\Windows\SysWOW64\msrating.dll
2014-12-12 05:57 - 2014-11-21 20:35 - 00076288 _____ (Microsoft Corporation) D:\Windows\SysWOW64\mshtmled.dll
2014-12-12 05:57 - 2014-11-21 20:33 - 00285696 _____ (Microsoft Corporation) D:\Windows\SysWOW64\dxtrans.dll
2014-12-12 05:57 - 2014-11-21 20:29 - 04299264 _____ (Microsoft Corporation) D:\Windows\SysWOW64\jscript9.dll
2014-12-12 05:57 - 2014-11-21 20:28 - 02358272 _____ (Microsoft Corporation) D:\Windows\system32\wininet.dll
2014-12-12 05:57 - 2014-11-21 20:23 - 00688640 _____ (Microsoft Corporation) D:\Windows\SysWOW64\msfeeds.dll
2014-12-12 05:57 - 2014-11-21 20:22 - 02052096 _____ (Microsoft Corporation) D:\Windows\SysWOW64\inetcpl.cpl
2014-12-12 05:57 - 2014-11-21 20:21 - 01155072 _____ (Microsoft Corporation) D:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-12 05:57 - 2014-11-21 20:15 - 01548288 _____ (Microsoft Corporation) D:\Windows\system32\urlmon.dll
2014-12-12 05:57 - 2014-11-21 20:13 - 12836864 _____ (Microsoft Corporation) D:\Windows\SysWOW64\ieframe.dll
2014-12-12 05:57 - 2014-11-21 20:03 - 00800768 _____ (Microsoft Corporation) D:\Windows\system32\ieapfltr.dll
2014-12-12 05:57 - 2014-11-21 20:00 - 01888256 _____ (Microsoft Corporation) D:\Windows\SysWOW64\wininet.dll
2014-12-12 05:57 - 2014-11-21 19:56 - 01307136 _____ (Microsoft Corporation) D:\Windows\SysWOW64\urlmon.dll
2014-12-12 05:57 - 2014-11-21 19:54 - 00710144 _____ (Microsoft Corporation) D:\Windows\SysWOW64\ieapfltr.dll
2014-12-12 05:56 - 2014-12-03 21:50 - 00830976 _____ (Microsoft Corporation) D:\Windows\system32\appraiser.dll
2014-12-12 05:56 - 2014-12-03 21:50 - 00741376 _____ (Microsoft Corporation) D:\Windows\system32\invagent.dll
2014-12-12 05:56 - 2014-12-03 21:50 - 00413184 _____ (Microsoft Corporation) D:\Windows\system32\generaltel.dll
2014-12-12 05:56 - 2014-12-03 21:50 - 00396800 _____ (Microsoft Corporation) D:\Windows\system32\devinv.dll
2014-12-12 05:56 - 2014-12-03 21:50 - 00227328 _____ (Microsoft Corporation) D:\Windows\system32\aepdu.dll
2014-12-12 05:56 - 2014-12-03 21:50 - 00192000 _____ (Microsoft Corporation) D:\Windows\system32\aepic.dll
2014-12-12 05:56 - 2014-12-03 21:44 - 01083392 _____ (Microsoft Corporation) D:\Windows\system32\aeinv.dll
2014-12-12 05:56 - 2014-12-01 18:28 - 01232040 _____ (Microsoft Corporation) D:\Windows\system32\aitstatic.exe
2014-12-12 05:56 - 2014-11-10 22:09 - 01424384 _____ (Microsoft Corporation) D:\Windows\system32\WindowsCodecs.dll
2014-12-12 05:56 - 2014-11-10 21:44 - 01230336 _____ (Microsoft Corporation) D:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-12 05:56 - 2014-11-10 20:46 - 00119296 _____ (Microsoft Corporation) D:\Windows\system32\Drivers\tdx.sys
2014-12-12 05:56 - 2014-10-29 21:03 - 00165888 _____ (Microsoft Corporation) D:\Windows\system32\charmap.exe
2014-12-12 05:56 - 2014-10-29 20:45 - 00155136 _____ (Microsoft Corporation) D:\Windows\SysWOW64\charmap.exe
2014-12-12 05:56 - 2014-10-02 21:12 - 02020352 _____ (Microsoft Corporation) D:\Windows\system32\WsmSvc.dll
2014-12-12 05:56 - 2014-10-02 21:12 - 00346624 _____ (Microsoft Corporation) D:\Windows\system32\WSManMigrationPlugin.dll
2014-12-12 05:56 - 2014-10-02 21:12 - 00310272 _____ (Microsoft Corporation) D:\Windows\system32\WsmWmiPl.dll
2014-12-12 05:56 - 2014-10-02 21:12 - 00181248 _____ (Microsoft Corporation) D:\Windows\system32\WsmAuto.dll
2014-12-12 05:56 - 2014-10-02 21:11 - 00266240 _____ (Microsoft Corporation) D:\Windows\system32\WSManHTTPConfig.exe
2014-12-12 05:56 - 2014-10-02 20:45 - 01177088 _____ (Microsoft Corporation) D:\Windows\SysWOW64\WsmSvc.dll
2014-12-12 05:56 - 2014-10-02 20:45 - 00248832 _____ (Microsoft Corporation) D:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-12 05:56 - 2014-10-02 20:45 - 00214016 _____ (Microsoft Corporation) D:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-12 05:56 - 2014-10-02 20:45 - 00145920 _____ (Microsoft Corporation) D:\Windows\SysWOW64\WsmAuto.dll
2014-12-12 05:56 - 2014-10-02 20:44 - 00198656 _____ (Microsoft Corporation) D:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-12 05:55 - 2014-11-07 22:16 - 00002048 _____ (Microsoft Corporation) D:\Windows\system32\tzres.dll
2014-12-12 05:55 - 2014-11-07 21:45 - 00002048 _____ (Microsoft Corporation) D:\Windows\SysWOW64\tzres.dll
2014-12-11 13:33 - 2014-12-11 13:33 - 00002972 _____ () D:\Windows\System32\Tasks\{F6CEB399-2EBA-4EC6-A99A-05BF97ACE2A4}
2014-12-11 13:33 - 2014-12-11 13:33 - 00002972 _____ () D:\Windows\System32\Tasks\{824FFD76-5AB6-4642-B263-A1120F55CCD9}
2014-12-02 10:44 - 2014-12-02 10:44 - 00292516 _____ () D:\Users\sven\Desktop\Mozilla Firefox-Startseite.xht
2014-12-02 10:44 - 2014-12-02 10:44 - 00000000 ____D () D:\Users\sven\Desktop\Mozilla Firefox-Startseite-Dateien
2014-11-29 15:10 - 2014-11-29 15:10 - 36282808 _____ () D:\Users\sven\Downloads\Firefox Setup 33.1.1.exe
2014-11-28 21:52 - 2014-11-28 21:52 - 00000247 _____ () D:\Windows\system32\2014-11-29-02-52-40.017-aswFe.exe-5416.log
2014-11-28 21:52 - 2014-11-28 21:52 - 00000197 _____ () D:\Windows\system32\2014-11-29-02-52-28.057-AvastVBoxSVC.exe-5176.log
2014-11-28 12:36 - 2014-11-28 12:36 - 00000247 _____ () D:\Windows\system32\2014-11-28-17-36-45.018-aswFe.exe-3212.log
2014-11-28 12:36 - 2014-11-28 12:36 - 00000197 _____ () D:\Windows\system32\2014-11-28-17-36-39.077-AvastVBoxSVC.exe-3512.log
2014-11-28 12:29 - 2014-11-28 12:29 - 00000000 ____D () D:\Windows\SysWOW64\vbox
2014-11-28 12:29 - 2014-11-28 12:29 - 00000000 ____D () D:\Windows\system32\vbox
2014-11-28 07:20 - 2014-11-28 07:20 - 00001999 _____ () D:\Users\Public\Desktop\Avast SafeZone.lnk
2014-11-28 07:20 - 2014-11-28 07:20 - 00001939 _____ () D:\Users\Public\Desktop\Avast Internet Security.lnk
2014-11-28 07:20 - 2014-11-28 07:20 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-11-28 07:19 - 2014-11-28 07:19 - 00364512 _____ (AVAST Software) D:\Windows\system32\aswBoot.exe
2014-11-28 07:19 - 2014-11-28 07:19 - 00043152 _____ (AVAST Software) D:\Windows\avastSS.scr
2014-11-28 07:18 - 2014-11-28 07:18 - 00449936 _____ (AVAST Software) D:\Windows\system32\Drivers\aswNdisFlt.sys
2014-11-19 02:51 - 2014-11-10 22:08 - 00728064 _____ (Microsoft Corporation) D:\Windows\system32\kerberos.dll
2014-11-19 02:51 - 2014-11-10 22:08 - 00241152 _____ (Microsoft Corporation) D:\Windows\system32\pku2u.dll
2014-11-19 02:51 - 2014-11-10 21:44 - 00550912 _____ (Microsoft Corporation) D:\Windows\SysWOW64\kerberos.dll
2014-11-19 02:51 - 2014-11-10 21:44 - 00186880 _____ (Microsoft Corporation) D:\Windows\SysWOW64\pku2u.dll
2014-11-18 00:02 - 2014-11-18 00:02 - 00000000 ____D () D:\Users\sven\AppData\Local\Google
2014-11-15 00:35 - 2014-11-15 00:35 - 00000000 __SHD () D:\Users\sven\AppData\Local\EmieBrowserModeList
2014-11-14 11:40 - 2014-11-14 11:40 - 69140480 _____ () D:\Windows\system32\config\SOFTWARE.iobit
2014-11-14 11:40 - 2014-11-14 11:40 - 00290816 _____ () D:\Windows\system32\config\DEFAULT.iobit
2014-11-14 11:40 - 2014-11-14 11:40 - 00024576 _____ () D:\Windows\system32\config\SECURITY.iobit
2014-11-14 11:40 - 2014-11-14 11:40 - 00024576 _____ () D:\Windows\system32\config\SAM.iobit
2014-11-13 11:42 - 2014-11-13 11:42 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2014-11-13 11:32 - 2014-11-13 11:32 - 32809520 _____ (IObit ) D:\Users\sven\Downloads\IObit-Malware-Fighter-Setup.exe
2014-11-13 08:20 - 2014-10-13 21:16 - 00155064 _____ (Microsoft Corporation) D:\Windows\system32\Drivers\ksecpkg.sys
2014-11-13 08:20 - 2014-10-13 21:13 - 00683520 _____ (Microsoft Corporation) D:\Windows\system32\termsrv.dll
2014-11-13 08:20 - 2014-10-13 21:12 - 01460736 _____ (Microsoft Corporation) D:\Windows\system32\lsasrv.dll
2014-11-13 08:20 - 2014-10-13 21:09 - 00146432 _____ (Microsoft Corporation) D:\Windows\system32\msaudite.dll
2014-11-13 08:20 - 2014-10-13 21:07 - 00681984 _____ (Microsoft Corporation) D:\Windows\system32\adtschema.dll
2014-11-13 08:20 - 2014-10-13 20:50 - 00022016 _____ (Microsoft Corporation) D:\Windows\SysWOW64\secur32.dll
2014-11-13 08:20 - 2014-10-13 20:49 - 00096768 _____ (Microsoft Corporation) D:\Windows\SysWOW64\sspicli.dll
2014-11-13 08:20 - 2014-10-13 20:47 - 00146432 _____ (Microsoft Corporation) D:\Windows\SysWOW64\msaudite.dll
2014-11-13 08:20 - 2014-10-13 20:46 - 00681984 _____ (Microsoft Corporation) D:\Windows\SysWOW64\adtschema.dll
2014-11-13 08:19 - 2014-10-24 20:57 - 00077824 _____ (Microsoft Corporation) D:\Windows\system32\packager.dll
2014-11-13 08:19 - 2014-10-24 20:32 - 00067584 _____ (Microsoft Corporation) D:\Windows\SysWOW64\packager.dll
2014-11-13 08:19 - 2014-10-09 19:57 - 03198976 _____ (Microsoft Corporation) D:\Windows\system32\win32k.sys
2014-11-13 08:19 - 2014-10-02 21:12 - 00500224 _____ (Microsoft Corporation) D:\Windows\system32\AUDIOKSE.dll
2014-11-13 08:19 - 2014-10-02 21:11 - 00680960 _____ (Microsoft Corporation) D:\Windows\system32\audiosrv.dll
2014-11-13 08:19 - 2014-10-02 21:11 - 00440832 _____ (Microsoft Corporation) D:\Windows\system32\AudioEng.dll
2014-11-13 08:19 - 2014-10-02 21:11 - 00296448 _____ (Microsoft Corporation) D:\Windows\system32\AudioSes.dll
2014-11-13 08:19 - 2014-10-02 21:11 - 00284672 _____ (Microsoft Corporation) D:\Windows\system32\EncDump.dll
2014-11-13 08:19 - 2014-10-02 20:44 - 00442880 _____ (Microsoft Corporation) D:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-13 08:19 - 2014-10-02 20:44 - 00374784 _____ (Microsoft Corporation) D:\Windows\SysWOW64\AudioEng.dll
2014-11-13 08:19 - 2014-10-02 20:44 - 00195584 _____ (Microsoft Corporation) D:\Windows\SysWOW64\AudioSes.dll
2014-11-13 08:19 - 2014-09-19 04:42 - 00342016 _____ (Microsoft Corporation) D:\Windows\system32\schannel.dll
2014-11-13 08:19 - 2014-09-19 04:42 - 00314880 _____ (Microsoft Corporation) D:\Windows\system32\msv1_0.dll
2014-11-13 08:19 - 2014-09-19 04:42 - 00309760 _____ (Microsoft Corporation) D:\Windows\system32\ncrypt.dll
2014-11-13 08:19 - 2014-09-19 04:42 - 00210944 _____ (Microsoft Corporation) D:\Windows\system32\wdigest.dll
2014-11-13 08:19 - 2014-09-19 04:42 - 00086528 _____ (Microsoft Corporation) D:\Windows\system32\TSpkg.dll
2014-11-13 08:19 - 2014-09-19 04:42 - 00022016 _____ (Microsoft Corporation) D:\Windows\system32\credssp.dll
2014-11-13 08:19 - 2014-09-19 04:23 - 00259584 _____ (Microsoft Corporation) D:\Windows\SysWOW64\msv1_0.dll
2014-11-13 08:19 - 2014-09-19 04:23 - 00248832 _____ (Microsoft Corporation) D:\Windows\SysWOW64\schannel.dll
2014-11-13 08:19 - 2014-09-19 04:23 - 00221184 _____ (Microsoft Corporation) D:\Windows\SysWOW64\ncrypt.dll
2014-11-13 08:19 - 2014-09-19 04:23 - 00172032 _____ (Microsoft Corporation) D:\Windows\SysWOW64\wdigest.dll
2014-11-13 08:19 - 2014-09-19 04:23 - 00065536 _____ (Microsoft Corporation) D:\Windows\SysWOW64\TSpkg.dll
2014-11-13 08:19 - 2014-09-19 04:23 - 00017408 _____ (Microsoft Corporation) D:\Windows\SysWOW64\credssp.dll
2014-11-13 08:19 - 2014-08-21 01:43 - 01882624 _____ (Microsoft Corporation) D:\Windows\system32\msxml3.dll
2014-11-13 08:19 - 2014-08-21 01:40 - 00002048 _____ (Microsoft Corporation) D:\Windows\system32\msxml3r.dll
2014-11-13 08:19 - 2014-08-21 01:26 - 01237504 _____ (Microsoft Corporation) D:\Windows\SysWOW64\msxml3.dll
2014-11-13 08:19 - 2014-08-21 01:23 - 00002048 _____ (Microsoft Corporation) D:\Windows\SysWOW64\msxml3r.dll
2014-11-13 08:19 - 2014-08-11 21:02 - 00878080 _____ (Microsoft Corporation) D:\Windows\system32\IMJP10K.DLL
2014-11-13 08:19 - 2014-08-11 20:36 - 00701440 _____ (Microsoft Corporation) D:\Windows\SysWOW64\IMJP10K.DLL
2014-11-13 08:18 - 2014-10-17 21:05 - 00861696 _____ (Microsoft Corporation) D:\Windows\system32\oleaut32.dll
2014-11-13 08:18 - 2014-10-17 20:33 - 00571904 _____ (Microsoft Corporation) D:\Windows\SysWOW64\oleaut32.dll
2014-11-13 08:18 - 2014-10-13 21:13 - 03241984 _____ (Microsoft Corporation) D:\Windows\system32\msi.dll
2014-11-13 08:18 - 2014-10-13 20:50 - 02363904 _____ (Microsoft Corporation) D:\Windows\SysWOW64\msi.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-13 00:48 - 2014-06-15 16:11 - 00000884 _____ () D:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-13 00:38 - 2009-07-13 23:45 - 00022464 ____H () D:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-13 00:38 - 2009-07-13 23:45 - 00022464 ____H () D:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-13 00:36 - 2014-06-14 08:32 - 01579109 _____ () D:\Windows\WindowsUpdate.log
2014-12-13 00:28 - 2009-07-14 00:08 - 00000006 ____H () D:\Windows\Tasks\SA.DAT
2014-12-12 17:04 - 2014-06-15 19:32 - 00000000 ____D () D:\Users\sven\AppData\Roaming\vlc
2014-12-12 16:28 - 2014-06-14 15:34 - 00000000 ____D () D:\Users\sven\AppData\Roaming\UseNeXT
2014-12-12 16:27 - 2010-12-19 05:03 - 00000000 ____D () D:\Usenext
2014-12-12 15:10 - 2014-06-14 14:52 - 00000000 ____D () D:\Users\sven
2014-12-12 14:44 - 2014-11-10 13:23 - 00002118 _____ () D:\Users\Public\Desktop\Advanced SystemCare 8.lnk
2014-12-12 14:42 - 2014-06-14 15:08 - 00000000 ____D () D:\Program Files (x86)\NVIDIA Corporation
2014-12-12 14:41 - 2014-06-15 16:11 - 00701616 _____ (Adobe Systems Incorporated) D:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-12 14:41 - 2014-06-15 16:11 - 00071344 _____ (Adobe Systems Incorporated) D:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-12 14:41 - 2014-06-15 16:11 - 00003822 _____ () D:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-12 14:38 - 2014-06-27 21:07 - 01538880 _____ (NVIDIA Corporation) D:\Windows\system32\nvhdagenco6420103.dll
2014-12-12 14:37 - 2014-06-14 15:09 - 00000000 ____D () D:\ProgramData\NVIDIA
2014-12-12 14:34 - 2013-02-25 23:32 - 03237528 _____ (NVIDIA Corporation) D:\Windows\system32\nvapi64.dll
2014-12-12 14:34 - 2013-02-25 23:32 - 02849224 _____ (NVIDIA Corporation) D:\Windows\SysWOW64\nvapi.dll
2014-12-12 14:34 - 2013-02-25 23:32 - 00987008 _____ (NVIDIA Corporation) D:\Windows\system32\nvumdshimx.dll
2014-12-12 14:30 - 2014-07-06 01:46 - 00001107 _____ () D:\Users\Public\Desktop\Smart Defrag 3.lnk
2014-12-12 14:30 - 2014-07-06 01:46 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 3
2014-12-12 14:30 - 2014-07-03 17:04 - 00000000 ____D () D:\ProgramData\ProductData
2014-12-12 14:30 - 2014-07-03 17:03 - 00000000 ____D () D:\Program Files (x86)\IObit
2014-12-12 14:22 - 2014-11-10 13:23 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8
2014-12-12 08:27 - 2014-06-16 16:19 - 00000000 ___SD () D:\Windows\system32\CompatTel
2014-12-12 08:27 - 2009-07-13 22:20 - 00000000 ____D () D:\Windows\PolicyDefinitions
2014-12-12 08:27 - 2009-07-13 22:20 - 00000000 ____D () D:\Windows\AppCompat
2014-12-12 06:56 - 2014-06-14 17:55 - 00000000 ____D () D:\Windows\system32\MRT
2014-12-12 06:54 - 2014-06-14 17:55 - 112710672 _____ (Microsoft Corporation) D:\Windows\system32\MRT.exe
2014-12-11 06:39 - 2014-06-14 15:30 - 00004182 _____ () D:\Windows\System32\Tasks\avast! Emergency Update
2014-12-09 11:35 - 2014-06-15 16:11 - 00000000 ____D () D:\Users\sven\AppData\Roaming\Adobe
2014-12-08 14:11 - 2014-06-20 07:20 - 00000000 ____D () D:\Users\sven\Desktop\OpenOffice.org 3.4.1 (de) Installation Files
2014-12-06 14:46 - 2009-08-06 16:30 - 00699092 _____ () D:\Windows\system32\perfh007.dat
2014-12-06 14:46 - 2009-08-06 16:30 - 00149232 _____ () D:\Windows\system32\perfc007.dat
2014-12-06 14:46 - 2009-07-14 00:13 - 01619284 _____ () D:\Windows\system32\PerfStringBackup.INI
2014-12-02 12:18 - 2014-05-25 15:42 - 00000000 ____D () D:\Users\sven\Desktop\2014.05.19 - Reichardsroth
2014-12-02 12:18 - 2014-05-25 15:41 - 00000000 ____D () D:\Users\sven\Desktop\2014.05.20 - Reichardsroth - Geb. Sven - Tierpark Bad Mergentheim - Abendessen Rothenburg
2014-11-29 08:26 - 2014-11-01 14:26 - 00000000 ____D () D:\Users\sven\Desktop\volti
2014-11-28 07:19 - 2014-06-14 15:30 - 01050432 _____ (AVAST Software) D:\Windows\system32\Drivers\aswsnx.sys
2014-11-28 07:19 - 2014-06-14 15:30 - 00436624 _____ (AVAST Software) D:\Windows\system32\Drivers\aswsp.sys
2014-11-28 07:19 - 2014-06-14 15:30 - 00267632 _____ () D:\Windows\system32\Drivers\aswVmm.sys
2014-11-28 07:19 - 2014-06-14 15:30 - 00116728 _____ (AVAST Software) D:\Windows\system32\Drivers\aswstm.sys
2014-11-28 07:19 - 2014-06-14 15:30 - 00093568 _____ (AVAST Software) D:\Windows\system32\Drivers\aswRdr2.sys
2014-11-28 07:19 - 2014-06-14 15:30 - 00083280 _____ (AVAST Software) D:\Windows\system32\Drivers\aswMonFlt.sys
2014-11-28 07:19 - 2014-06-14 15:30 - 00065776 _____ () D:\Windows\system32\Drivers\aswRvrt.sys
2014-11-28 07:19 - 2014-06-14 15:30 - 00029208 _____ () D:\Windows\system32\Drivers\aswHwid.sys
2014-11-28 07:19 - 2014-06-14 15:30 - 00028184 _____ (AVAST Software) D:\Windows\system32\Drivers\aswKbd.sys
2014-11-23 19:38 - 2014-11-05 17:15 - 00000000 ____D () D:\Users\sven\Desktop\Pixum
2014-11-20 16:22 - 2014-06-14 15:31 - 00001866 _____ () D:\Users\sven\Desktop\UseNeXT by Tangysoft.lnk
2014-11-20 16:22 - 2014-06-14 15:31 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT
2014-11-20 16:22 - 2014-06-14 15:31 - 00000000 ____D () D:\Program Files (x86)\UseNeXT
2014-11-14 12:44 - 2009-07-13 22:20 - 00000000 ____D () D:\Windows\rescache
2014-11-14 07:47 - 2009-07-13 23:45 - 00294680 _____ () D:\Windows\system32\FNTCACHE.DAT
2014-11-13 11:42 - 2014-07-06 01:46 - 00001182 _____ () D:\Users\Public\Desktop\IObit Malware Fighter.lnk
2014-11-13 11:42 - 2014-07-03 17:03 - 00000000 ____D () D:\ProgramData\IObit

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

D:\Windows\System32\winlogon.exe => File is digitally signed
D:\Windows\System32\wininit.exe => File is digitally signed
D:\Windows\SysWOW64\wininit.exe => File is digitally signed
D:\Windows\explorer.exe => File is digitally signed
D:\Windows\SysWOW64\explorer.exe => File is digitally signed
D:\Windows\System32\svchost.exe => File is digitally signed
D:\Windows\SysWOW64\svchost.exe => File is digitally signed
D:\Windows\System32\services.exe => File is digitally signed
D:\Windows\System32\User32.dll => File is digitally signed
D:\Windows\SysWOW64\User32.dll => File is digitally signed
D:\Windows\System32\userinit.exe => File is digitally signed
D:\Windows\SysWOW64\userinit.exe => File is digitally signed
D:\Windows\System32\rpcss.dll => File is digitally signed
D:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-05 02:59

==================== End Of Log ============================
--- --- ---

--- --- ---

schrauber 13.12.2014 20:14
hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

dvpietsch 13.12.2014 21:12
Combofix Logfile:
Code:
ComboFix 14-12-10.03 - sven 13.12.2014  21:00:05.1.8 - x64
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.4087.2094 [GMT -5:00]
ausgeführt von:: d:\users\sven\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
d:\users\sven\AppData\Local\nsyB520.tmp
d:\users\sven\AppData\Roaming\AnyProtectEx
d:\users\sven\AppData\Roaming\AnyProtectEx\locale\de.xml
d:\users\sven\AppData\Roaming\AnyProtectEx\locale\en.xml
d:\users\sven\AppData\Roaming\AnyProtectEx\locale\fr.xml
d:\users\sven\AppData\Roaming\dplaysvr.exe
G:\AUTORUN.INF
H:\autorun.inf
.
.
(((((((((((((((((((((((  Dateien erstellt von 2014-11-14 bis 2014-12-14  ))))))))))))))))))))))))))))))
.
.
2014-12-14 02:07 . 2014-12-14 02:07        --------        d-----w-        d:\users\Default\AppData\Local\temp
2014-12-13 13:03 . 2014-12-13 13:03        75888        ----a-w-        d:\programdata\Microsoft\Windows Defender\Definition Updates\{62675B45-C62F-4164-8826-242C6C2F0C42}\offreg.dll
2014-12-13 05:50 . 2014-12-13 11:54        --------        d-----w-        D:\FRST
2014-12-12 20:10 . 2014-12-12 20:10        --------        d-----w-        d:\users\sven\AppData\Roaming\Enigma Software Group
2014-12-12 20:10 . 2014-12-12 20:10        --------        d-----w-        D:\sh4ldr
2014-12-12 20:10 . 2014-12-12 20:10        22704        ----a-w-        d:\windows\system32\drivers\EsgScanner.sys
2014-12-12 20:10 . 2014-12-12 20:10        --------        d-----w-        d:\program files\Enigma Software Group
2014-12-12 20:02 . 2014-12-12 20:02        --------        d-----w-        d:\program files (x86)\Mozilla Maintenance Service
2014-12-12 19:54 . 2014-12-12 19:54        --------        d-----w-        d:\windows\ERUNT
2014-12-12 19:42 . 2014-12-12 19:42        --------        d-----w-        d:\program files (x86)\AGEIA Technologies
2014-12-12 19:38 . 2014-12-12 19:38        31520        ----a-w-        d:\windows\system32\nvhdap64.dll
2014-12-12 19:38 . 2014-12-12 19:38        197408        ----a-w-        d:\windows\system32\drivers\nvhda64v.sys
2014-12-12 13:27 . 2014-12-12 13:27        --------        d-----w-        d:\windows\system32\appraiser
2014-12-12 11:53 . 2014-10-18 01:33        3209728        ----a-w-        d:\windows\SysWow64\mf.dll
2014-12-12 11:53 . 2014-10-18 02:05        4121600        ----a-w-        d:\windows\system32\mf.dll
2014-12-12 10:56 . 2014-12-01 23:28        1232040        ----a-w-        d:\windows\system32\aitstatic.exe
2014-12-12 10:55 . 2014-11-08 03:16        2048        ----a-w-        d:\windows\system32\tzres.dll
2014-12-12 10:55 . 2014-11-08 02:45        2048        ----a-w-        d:\windows\SysWow64\tzres.dll
2014-12-12 10:45 . 2014-11-02 04:20        11632448        ----a-w-        d:\programdata\Microsoft\Windows Defender\Definition Updates\{62675B45-C62F-4164-8826-242C6C2F0C42}\mpengine.dll
2014-12-11 18:34 . 2014-12-11 18:34        --------        d-----w-        d:\users\sven\AppData\Local\Diagnostics
2014-11-28 17:29 . 2014-11-28 17:29        --------        d-----w-        d:\windows\SysWow64\vbox
2014-11-28 17:29 . 2014-11-28 17:29        --------        d-----w-        d:\windows\system32\vbox
2014-11-28 12:19 . 2014-11-28 12:19        364512        ----a-w-        d:\windows\system32\aswBoot.exe
2014-11-28 12:19 . 2014-11-28 12:19        43152        ----a-w-        d:\windows\avastSS.scr
2014-11-28 12:18 . 2014-11-28 12:18        449936        ----a-w-        d:\windows\system32\drivers\aswNdisFlt.sys
2014-11-21 08:01 . 2014-11-21 08:01        --------        d-----w-        d:\windows\SysWow64\Wat
2014-11-21 08:01 . 2014-11-21 08:01        --------        d-----w-        d:\windows\system32\Wat
2014-11-19 07:51 . 2014-11-11 03:08        241152        ----a-w-        d:\windows\system32\pku2u.dll
2014-11-19 07:51 . 2014-11-11 03:08        728064        ----a-w-        d:\windows\system32\kerberos.dll
2014-11-19 07:51 . 2014-11-11 02:44        186880        ----a-w-        d:\windows\SysWow64\pku2u.dll
2014-11-19 07:51 . 2014-11-11 02:44        550912        ----a-w-        d:\windows\SysWow64\kerberos.dll
2014-11-18 05:02 . 2014-11-18 05:02        --------        d-----w-        d:\users\sven\AppData\Local\Google
2014-11-15 05:35 . 2014-11-15 05:35        --------        d-sh--w-        d:\users\sven\AppData\Local\EmieBrowserModeList
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-12 19:41 . 2014-06-15 21:11        71344        ----a-w-        d:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-12 19:41 . 2014-06-15 21:11        701616        ----a-w-        d:\windows\SysWow64\FlashPlayerApp.exe
2014-12-12 19:38 . 2014-06-28 02:07        1538880        ----a-w-        d:\windows\system32\nvhdagenco6420103.dll
2014-12-12 19:34 . 2013-02-26 04:32        987008        ----a-w-        d:\windows\system32\nvumdshimx.dll
2014-12-12 19:34 . 2013-02-26 04:32        2849224        ----a-w-        d:\windows\SysWow64\nvapi.dll
2014-12-12 19:34 . 2013-02-26 04:32        3237528        ----a-w-        d:\windows\system32\nvapi64.dll
2014-12-12 11:54 . 2014-06-14 22:55        112710672        ----a-w-        d:\windows\system32\MRT.exe
2014-12-04 18:11 . 2014-10-31 21:40        893552        ----a-w-        d:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2014-12-04 18:10 . 2014-10-31 21:39        42168        ----a-w-        d:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2014-12-01 17:24 . 2014-10-06 22:59        1236816        ----a-w-        d:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2014-11-28 12:19 . 2014-06-14 20:30        1050432        ----a-w-        d:\windows\system32\drivers\aswsnx.sys
2014-11-28 12:19 . 2014-06-14 20:30        116728        ----a-w-        d:\windows\system32\drivers\aswstm.sys
2014-11-28 12:19 . 2014-06-14 20:30        267632        ----a-w-        d:\windows\system32\drivers\aswVmm.sys
2014-11-28 12:19 . 2014-06-14 20:30        436624        ----a-w-        d:\windows\system32\drivers\aswsp.sys
2014-11-28 12:19 . 2014-06-14 20:30        83280        ----a-w-        d:\windows\system32\drivers\aswMonFlt.sys
2014-11-28 12:19 . 2014-06-14 20:30        65776        ----a-w-        d:\windows\system32\drivers\aswRvrt.sys
2014-11-28 12:19 . 2014-06-14 20:30        93568        ----a-w-        d:\windows\system32\drivers\aswRdr2.sys
2014-11-28 12:19 . 2014-06-14 20:30        29208        ----a-w-        d:\windows\system32\drivers\aswHwid.sys
2014-11-28 12:19 . 2014-06-14 20:30        28184        ----a-w-        d:\windows\system32\drivers\aswKbd.sys
2014-11-18 17:17 . 2014-10-06 22:59        893552        ----a-w-        d:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2014-11-18 17:17 . 2014-10-06 22:59        42168        ----a-w-        d:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2014-11-17 16:37 . 2014-10-28 18:13        1236816        ----a-w-        d:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2014-11-04 19:30 . 2014-06-14 20:11        275080        ------w-        d:\windows\system32\MpSigStub.exe
2014-11-04 10:40 . 2014-11-04 10:40        1876296        ----a-w-        d:\windows\system32\nvdispco6434411.dll
2014-11-04 10:40 . 2014-11-04 10:40        1539272        ----a-w-        d:\windows\system32\nvdispgenco6434411.dll
2014-10-25 01:57 . 2014-11-13 13:19        77824        ----a-w-        d:\windows\system32\packager.dll
2014-10-25 01:32 . 2014-11-13 13:19        67584        ----a-w-        d:\windows\SysWow64\packager.dll
2014-10-18 02:05 . 2014-11-13 13:18        861696        ----a-w-        d:\windows\system32\oleaut32.dll
2014-10-18 01:33 . 2014-11-13 13:18        571904        ----a-w-        d:\windows\SysWow64\oleaut32.dll
2014-10-16 14:11 . 2014-06-14 20:08        6883136        ----a-w-        d:\windows\system32\nvcpl.dll
2014-10-16 14:11 . 2014-06-14 20:08        3533632        ----a-w-        d:\windows\system32\nvsvc64.dll
2014-10-16 14:11 . 2014-06-14 20:08        933064        ----a-w-        d:\windows\system32\nvvsvc.exe
2014-10-16 14:11 . 2014-06-14 20:08        61640        ----a-w-        d:\windows\system32\nvshext.dll
2014-10-16 14:11 . 2014-06-14 20:08        384200        ----a-w-        d:\windows\system32\nvmctray.dll
2014-10-16 14:11 . 2014-06-14 20:08        2559808        ----a-w-        d:\windows\system32\nvsvcr.dll
2014-10-15 00:48 . 2014-06-14 20:08        4047877        ----a-w-        d:\windows\system32\nvcoproc.bin
2014-10-14 02:16 . 2014-11-13 13:20        155064        ----a-w-        d:\windows\system32\drivers\ksecpkg.sys
2014-10-14 02:13 . 2014-11-13 13:20        683520        ----a-w-        d:\windows\system32\termsrv.dll
2014-10-14 02:13 . 2014-11-13 13:18        3241984        ----a-w-        d:\windows\system32\msi.dll
2014-10-14 02:12 . 2014-11-13 13:20        1460736        ----a-w-        d:\windows\system32\lsasrv.dll
2014-10-14 02:09 . 2014-11-13 13:20        146432        ----a-w-        d:\windows\system32\msaudite.dll
2014-10-14 02:07 . 2014-11-13 13:20        681984        ----a-w-        d:\windows\system32\adtschema.dll
2014-10-14 01:50 . 2014-11-13 13:20        22016        ----a-w-        d:\windows\SysWow64\secur32.dll
2014-10-14 01:50 . 2014-11-13 13:18        2363904        ----a-w-        d:\windows\SysWow64\msi.dll
2014-10-14 01:49 . 2014-11-13 13:20        96768        ----a-w-        d:\windows\SysWow64\sspicli.dll
2014-10-14 01:47 . 2014-11-13 13:20        146432        ----a-w-        d:\windows\SysWow64\msaudite.dll
2014-10-14 01:46 . 2014-11-13 13:20        681984        ----a-w-        d:\windows\SysWow64\adtschema.dll
2014-10-13 04:14 . 2014-10-13 04:14        1890080        ----a-w-        d:\windows\system32\nvdispco6434052.dll
2014-10-13 04:14 . 2014-10-13 04:14        1539928        ----a-w-        d:\windows\system32\nvdispgenco6434052.dll
2014-10-10 00:57 . 2014-11-13 13:19        3198976        ----a-w-        d:\windows\system32\win32k.sys
2014-10-03 02:12 . 2014-11-13 13:19        500224        ----a-w-        d:\windows\system32\AUDIOKSE.dll
2014-10-03 02:11 . 2014-11-13 13:19        284672        ----a-w-        d:\windows\system32\EncDump.dll
2014-10-03 02:11 . 2014-11-13 13:19        680960        ----a-w-        d:\windows\system32\audiosrv.dll
2014-10-03 02:11 . 2014-11-13 13:19        440832        ----a-w-        d:\windows\system32\AudioEng.dll
2014-10-03 02:11 . 2014-11-13 13:19        296448        ----a-w-        d:\windows\system32\AudioSes.dll
2014-10-03 01:44 . 2014-11-13 13:19        442880        ----a-w-        d:\windows\SysWow64\AUDIOKSE.dll
2014-10-03 01:44 . 2014-11-13 13:19        374784        ----a-w-        d:\windows\SysWow64\AudioEng.dll
2014-10-03 01:44 . 2014-11-13 13:19        195584        ----a-w-        d:\windows\SysWow64\AudioSes.dll
2014-09-25 02:08 . 2014-10-01 09:35        371712        ----a-w-        d:\windows\system32\qdvd.dll
2014-09-25 01:40 . 2014-10-01 09:35        519680        ----a-w-        d:\windows\SysWow64\qdvd.dll
2014-09-19 09:42 . 2014-11-13 13:19        210944        ----a-w-        d:\windows\system32\wdigest.dll
2014-09-19 09:42 . 2014-11-13 13:19        86528        ----a-w-        d:\windows\system32\TSpkg.dll
2014-09-19 09:42 . 2014-11-13 13:19        342016        ----a-w-        d:\windows\system32\schannel.dll
2014-09-19 09:42 . 2014-11-13 13:19        314880        ----a-w-        d:\windows\system32\msv1_0.dll
2014-09-19 09:42 . 2014-11-13 13:19        309760        ----a-w-        d:\windows\system32\ncrypt.dll
2014-09-19 09:42 . 2014-11-13 13:19        22016        ----a-w-        d:\windows\system32\credssp.dll
2014-09-19 09:23 . 2014-11-13 13:19        172032        ----a-w-        d:\windows\SysWow64\wdigest.dll
2014-09-19 09:23 . 2014-11-13 13:19        65536        ----a-w-        d:\windows\SysWow64\TSpkg.dll
2014-09-19 09:23 . 2014-11-13 13:19        248832        ----a-w-        d:\windows\SysWow64\schannel.dll
2014-09-19 09:23 . 2014-11-13 13:19        221184        ----a-w-        d:\windows\SysWow64\ncrypt.dll
2014-09-19 09:23 . 2014-11-13 13:19        259584        ----a-w-        d:\windows\SysWow64\msv1_0.dll
2014-09-19 09:23 . 2014-11-13 13:19        17408        ----a-w-        d:\windows\SysWow64\credssp.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F}]
2014-06-11 20:20        464720        ----a-w-        d:\program files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 8"="d:\program files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" [2014-11-25 2426144]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="d:\program files\AVAST Software\Avast\AvastUI.exe" [2014-12-12 5227112]
"RzWizard"="d:\program files (x86)\Razer\RzWizard\RzWizard.exe" [2014-05-20 254464]
"Adobe ARM"="d:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-09-12 959176]
"IObit Malware Fighter"="d:\program files (x86)\IObit\IObit Malware Fighter\IMF.exe" [2014-10-13 1802048]
.
d:\users\sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.4.1.lnk - d:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2012-8-13 1199104]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
"EnableSecureUIAPath"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;d:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;d:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 LiveUpdateSvc;LiveUpdate;d:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;d:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
R2 RzWizardService;Razer Wizard Service;d:\program files (x86)\Razer\RzWizard\RzWizardService.exe;d:\program files (x86)\Razer\RzWizard\RzWizardService.exe [x]
R2 SpyHunter 4 Service;SpyHunter 4 Service; [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);d:\windows\system32\DRIVERS\ssudbus.sys;d:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 esgiguard;esgiguard; [x]
R3 EsgScanner;EsgScanner;d:\windows\system32\DRIVERS\EsgScanner.sys;d:\windows\SYSNATIVE\DRIVERS\EsgScanner.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;d:\windows\system32\IEEtwCollector.exe;d:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 LVUVC64;Logitech HD Webcam C270(UVC);d:\windows\system32\DRIVERS\lvuvc64.sys;d:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;d:\windows\system32\drivers\rdpvideominiport.sys;d:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);d:\windows\system32\DRIVERS\ssudmdm.sys;d:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;d:\windows\system32\drivers\tsusbflt.sys;d:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 UrlFilter;UrlFilter;d:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys;d:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;d:\windows\system32\Wat\WatAdminSvc.exe;d:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 FileMonitor;FileMonitor;d:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys;d:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [x]
S0 aswNdisFlt;Avast! Firewall Driver;d:\windows\system32\DRIVERS\aswNdisFlt.sys;d:\windows\SYSNATIVE\DRIVERS\aswNdisFlt.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 SmartDefragDriver;SmartDefragDriver;d:\windows\System32\Drivers\SmartDefragDriver.sys;d:\windows\SYSNATIVE\Drivers\SmartDefragDriver.sys [x]
S1 aswKbd;aswKbd;d:\windows\system32\drivers\aswKbd.sys;d:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;d:\windows\system32\drivers\aswSnx.sys;d:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;d:\windows\system32\drivers\aswSP.sys;d:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 AdvancedSystemCareService8;Advanced SystemCare Service 8;d:\program files (x86)\IObit\Advanced SystemCare 8\ASCService.exe;d:\program files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [x]
S2 aswHwid;avast! HardwareID;d:\windows\system32\drivers\aswHwid.sys;d:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;d:\windows\system32\drivers\aswMonFlt.sys;d:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;d:\windows\system32\drivers\aswStm.sys;d:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 avast! Firewall;avast! Firewall;d:\program files\AVAST Software\Avast\afwServ.exe;d:\program files\AVAST Software\Avast\afwServ.exe [x]
S2 IMFservice;IMF Service;d:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe;d:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [x]
S2 NvNetworkService;NVIDIA Network Service;d:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;d:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;d:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;d:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 UMVPFSrv;UMVPFSrv;d:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;d:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]
S3 AvastVBoxSvc;AvastVBox COM Service;d:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe;d:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;d:\windows\system32\DRIVERS\k57nd60a.sys;d:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 NvStreamKms;NvStreamKms;d:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;d:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);d:\windows\system32\drivers\nvvad64v.sys;d:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RegFilter;RegFilter;d:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys;d:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2014-12-14 d:\windows\Tasks\Adobe Flash Player Updater.job
- d:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-15 19:41]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
2014-11-10 18:23        2471744        ----a-w-        d:\program files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-11-28 12:19        860984        ----a-w-        d:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"="d:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-04-30 2199840]
"ShadowPlay"="d:\windows\system32\nvspcap64.dll" [2014-04-30 1225920]
"RtHDVCpl"="d:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2014-07-03 13672152]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = d:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mLocal Page = d:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
TCP: DhcpNameServer = 82.212.62.62 78.42.43.62 192.168.1.1
FF - ProfilePath - d:\users\sven\AppData\Roaming\Mozilla\Firefox\Profiles\60jjrv1t.default-1418420050602\
FF - prefs.js: browser.search.selectedEngine - DuckDuckGo
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKU-Default-RunOnce-SPReview - d:\windows\System32\SPReview\SPReview.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@d:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="d:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@d:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="d:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="d:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.16"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="d:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="d:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="d:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-12-13  21:10:28
ComboFix-quarantined-files.txt  2014-12-14 02:10
.
Vor Suchlauf: 23 Verzeichnis(se), 138.799.251.456 Bytes frei
Nach Suchlauf: 26 Verzeichnis(se), 138.844.905.472 Bytes frei
.
- - End Of File - - 8E007EB886E040D24E8913BECF988396
--- --- ---
A36C5E4F47E84449FF07ED3517B43A31

schrauber 14.12.2014 16:26
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

dvpietsch 15.12.2014 19:39
Dann mal alles rein hier!JRT Logfile:
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 7 Home Premium x64
Ran by sven on 15.12.2014 at 13:28:49,02
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] "D:\Users\sven\favorites\links\startfenster.lnk"
Successfully deleted: [File] "D:\Windows\wininit.ini"



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15.12.2014 at 13:33:16,66
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
--- --- ---

# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : sven - SVEN-DVP2014
# Gestartet von : D:\Users\sven\Desktop\AdwCleaner_4.105.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : D:\Users\sven\AppData\Roaming\ap_logs
Ordner Gelöscht : D:\Users\sven\AppData\Roaming\Tuneup Pro
Ordner Gelöscht : D:\Users\sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopdddcinljmpmioaklghcalngfhbaen
Datei Gelöscht : D:\Users\sven\Favorites\Startfenster.lnk
Datei Gelöscht : D:\Users\sven\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Startfenster.lnk
Datei Gelöscht : D:\Users\sven\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Startfenster.lnk
Datei Gelöscht : D:\Users\sven\AppData\Roaming\Microsoft\Windows\Start Menu\Startfenster.lnk

***** [ Tasks ] *****

Task Gelöscht : Driver Booster Scan
Task Gelöscht : Driver Booster Update

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{461C8600-EEF9-4D3D-A3CC-3B1D61E1D286}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{461C8600-EEF9-4D3D-A3CC-3B1D61E1D286}
Schlüssel Gelöscht : HKCU\Software\AnyProtect
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKLM\SOFTWARE\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\Tuneup Pro

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17496

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]

-\\ Mozilla Firefox v34.0.5 (x86 de)


-\\ Google Chrome v


*************************

AdwCleaner[R0].txt - [2803 octets] - [15/12/2014 00:42:18]
AdwCleaner[S0].txt - [2420 octets] - [15/12/2014 00:45:17]

########## EOF - D:\AdwCleaner\AdwCleaner[S0].txt - [2480 octets] ##########


Malwarebytes Anti-Malware
Malwarebytes | Free Anti-Malware & Internet Security Software

Suchlauf Datum: 15.12.2014
Suchlauf-Zeit: 00:16:50
Logdatei: mbam.txt
Administrator: Nein

Version: 2.00.4.1028
Malware Datenbank: v2014.12.14.07
Rootkit Datenbank: v2014.12.14.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: sven

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 329581
Verstrichene Zeit: 21 Min, 35 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 1
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-1088142728-589118971-3801686269-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, In Quarantäne, [a01f3a28215b2c0af56aa728e31f9a66],

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 1
Stolen.Data, D:\Users\sven\AppData\Roaming\Imminent\Logs, In Quarantäne, [e4db570ba2da5bdbc07be1927291df21],

Dateien: 6
Malware.Trace.E, D:\Users\sven\AppData\Roaming\pidloc.txt, In Quarantäne, [209f85ddb4c8df57c93086cd7a8921df],
Malware.Trace.E, D:\Users\sven\AppData\Roaming\pid.txt, In Quarantäne, [635cb6ac4834e551a654233019ea0000],
Stolen.Data, D:\Users\sven\AppData\Roaming\Imminent\Logs\09-10-2014, In Quarantäne, [e4db570ba2da5bdbc07be1927291df21],
Stolen.Data, D:\Users\sven\AppData\Roaming\Imminent\Logs\10-10-2014, In Quarantäne, [e4db570ba2da5bdbc07be1927291df21],
Stolen.Data, D:\Users\sven\AppData\Roaming\Imminent\Logs\11-10-2014, In Quarantäne, [e4db570ba2da5bdbc07be1927291df21],
Malware.Trace.E, D:\Users\sven\AppData\Roaming\Imminent\Path.dat, In Quarantäne, [1aa5580a7ffd46f01e1e8ee5c73c49b7],

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-12-2014 01
Ran by sven (administrator) on SVEN-DVP2014 on 15-12-2014 13:37:31
Running from D:\Users\sven\Desktop
Loaded Profile: sven (Available profiles: sven)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) D:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
(NVIDIA Corporation) D:\Windows\System32\nvvsvc.exe
(Logitech Inc.) D:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AVAST Software) D:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) D:\Windows\System32\nvvsvc.exe
(IObit) D:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(AVAST Software) D:\Program Files\AVAST Software\Avast\afwServ.exe
(IObit) D:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe
(Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(NVIDIA Corporation) D:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) D:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(IObit) D:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe
(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(OpenOffice.org) D:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(AVAST Software) D:\Program Files\AVAST Software\Avast\avastui.exe
(Razer Inc.) D:\Program Files (x86)\Razer\RzWizard\RzWizard.exe
(OpenOffice.org) D:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Adobe Systems Incorporated) D:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(NVIDIA Corporation) D:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Razer Inc.) D:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe
(IObit) D:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Avast Software) D:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) D:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Mozilla Corporation) D:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) D:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => D:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => D:\Windows\system32\rundll32.exe D:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RtHDVCpl] => D:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-07-03] (Realtek Semiconductor)
HKLM-x32\...\Run: [AvastUI.exe] => D:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2014-12-12] (AVAST Software)
HKLM-x32\...\Run: [RzWizard] => D:\Program Files (x86)\Razer\RzWizard\RzWizard.exe [254464 2014-05-20] (Razer Inc.)
HKLM-x32\...\Run: [Adobe ARM] => D:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IObit Malware Fighter] => D:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [1802048 2014-10-13] (IObit)
HKU\S-1-5-21-1088142728-589118971-3801686269-1001\...\Run: [Advanced SystemCare 8] => D:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2426144 2014-11-25] (IObit)
Startup: D:\Users\sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> D:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => D:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1088142728-589118971-3801686269-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1088142728-589118971-3801686269-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - D:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1088142728-589118971-3801686269-1001 -> DefaultScope {B54C0AB0-47A7-4668-981D-61E6F46E85C9} URL = hxxp://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=internet-tab&tpc=internet&ptl=std&classification=internet-tab_internet_std&q={searchTerms}&br=ie10-toi
SearchScopes: HKU\S-1-5-21-1088142728-589118971-3801686269-1001 -> {268F4782-82F0-4FDD-A280-41401C8866C8} URL = hxxp://rover.ebay.com/rover/1/707-1403-27640-2/4?mpre=hxxp://search.ebay.de/search/search.dll?shortcut=4&query={searchTerms}
SearchScopes: HKU\S-1-5-21-1088142728-589118971-3801686269-1001 -> {2A72D499-19BC-4C6B-8B33-2EF95EF19C86} URL = hxxp://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&tag=interactivemesuche-21&index=blended&linkCode=ur2&camp=1638&creative=6742
SearchScopes: HKU\S-1-5-21-1088142728-589118971-3801686269-1001 -> {B54C0AB0-47A7-4668-981D-61E6F46E85C9} URL = hxxp://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=internet-tab&tpc=internet&ptl=std&classification=internet-tab_internet_std&q={searchTerms}&br=ie10-toi
SearchScopes: HKU\S-1-5-21-1088142728-589118971-3801686269-1001 -> {F07A64E4-2727-4408-A746-BA89B9FCC220} URL = hxxp://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=wiki-tab&tpc=internet&ptl=std&classification=wiki-tab_internet_std&q={searchTerms}&br=ie10-toi
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> D:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Ads Removal -> {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -> D:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll (Adblock)
Tcpip\Parameters: [DhcpNameServer] 82.212.62.62 78.42.43.62 192.168.1.1

FireFox:
========
FF ProfilePath: D:\Users\sven\AppData\Roaming\Mozilla\Firefox\Profiles\60jjrv1t.default-1418420050602
FF SelectedSearchEngine: DuckDuckGo
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> D:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @videolan.org/vlc,version=2.1.4 -> D:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> D:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> D:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: Adobe Reader -> D:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - D:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - D:\Program Files\AVAST Software\Avast\WebRep\FF [2014-06-14]
FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [Not Found]

Chrome:
=======
CHR Profile: D:\Users\sven\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - D:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-28]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService8; D:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit)
R2 avast! Antivirus; D:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-28] (AVAST Software)
R2 avast! Firewall; D:\Program Files\AVAST Software\Avast\afwServ.exe [104416 2014-11-28] (AVAST Software)
R3 AvastVBoxSvc; D:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-11-28] (Avast Software)
R2 IMFservice; D:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [344896 2014-09-30] (IObit)
S2 LiveUpdateSvc; D:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2631456 2014-11-26] (IObit)
R2 MBAMScheduler; D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 NvNetworkService; D:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617696 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; D:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21007192 2014-04-30] (NVIDIA Corporation)
R2 RzWizardService; D:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe [367616 2014-05-20] (Razer Inc.) [File not signed]
S2 SpyHunter 4 Service; No ImagePath

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; D:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 aswHwid; D:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-28] ()
R1 aswKbd; D:\Windows\system32\drivers\aswKbd.sys [28184 2014-11-28] (AVAST Software)
R2 aswMonFlt; D:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-28] (AVAST Software)
R0 aswNdisFlt; D:\Windows\System32\DRIVERS\aswNdisFlt.sys [449936 2014-11-28] (AVAST Software)
R1 aswRdr; D:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-28] (AVAST Software)
R0 aswRvrt; D:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-28] ()
R1 aswSnx; D:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-28] (AVAST Software)
R1 aswSP; D:\Windows\system32\drivers\aswSP.sys [436624 2014-11-28] (AVAST Software)
R2 aswStm; D:\Windows\system32\drivers\aswStm.sys [116728 2014-11-28] (AVAST Software)
R0 aswVmm; D:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-28] ()
S3 esgiguard; No ImagePath
S3 EsgScanner; D:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2014-12-12] ()
S4 FileMonitor; D:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
R3 MBAMProtector; D:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; D:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-15] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; D:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R3 NvStreamKms; D:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18776 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; D:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 RegFilter; D:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2013-11-19] (IObit.com)
R0 SmartDefragDriver; D:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
S3 UrlFilter; D:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-11-19] (IObit.com)
U4 VBoxAswDrv; D:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-11-28] (Avast Software)
S3 catchme; \??\D:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-15 13:37 - 2014-12-15 13:37 - 00013583 _____ () D:\Users\sven\Desktop\FRST.txt
2014-12-15 13:37 - 2014-12-15 13:37 - 00000000 ____D () D:\Users\sven\Desktop\FRST-OlderVersion
2014-12-15 13:33 - 2014-12-15 13:33 - 00000760 _____ () D:\Users\sven\Desktop\JRT.txt
2014-12-15 13:25 - 2014-12-15 13:25 - 01707646 _____ (Thisisu) D:\Users\sven\Desktop\JRT.exe
2014-12-15 00:42 - 2014-12-15 00:45 - 00000000 ____D () D:\AdwCleaner
2014-12-15 00:40 - 2014-12-15 00:40 - 02166272 _____ () D:\Users\sven\Desktop\AdwCleaner_4.105.exe
2014-12-15 00:39 - 2014-12-15 00:39 - 00002172 _____ () D:\Users\sven\Desktop\mbam.txt
2014-12-15 00:16 - 2014-12-15 12:55 - 00129752 _____ (Malwarebytes Corporation) D:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-15 00:15 - 2014-12-15 00:15 - 00001111 _____ () D:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-15 00:15 - 2014-12-15 00:15 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-15 00:15 - 2014-12-15 00:15 - 00000000 ____D () D:\ProgramData\Malwarebytes
2014-12-15 00:15 - 2014-12-15 00:15 - 00000000 ____D () D:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-15 00:15 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) D:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-15 00:15 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) D:\Windows\system32\Drivers\mwac.sys
2014-12-15 00:15 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) D:\Windows\system32\Drivers\mbam.sys
2014-12-15 00:13 - 2014-12-15 00:13 - 20447072 _____ (Malwarebytes Corporation ) D:\Users\sven\Downloads\mbam-setup-2.0.4.1028.exe
2014-12-13 21:10 - 2014-12-13 21:10 - 00025195 _____ () D:\ComboFix.txt
2014-12-13 20:58 - 2011-06-26 01:45 - 00256000 _____ () D:\Windows\PEV.exe
2014-12-13 20:58 - 2010-11-07 12:20 - 00208896 _____ () D:\Windows\MBR.exe
2014-12-13 20:58 - 2009-04-19 23:56 - 00060416 _____ (NirSoft) D:\Windows\NIRCMD.exe
2014-12-13 20:58 - 2000-08-30 19:00 - 00518144 _____ (SteelWerX) D:\Windows\SWREG.exe
2014-12-13 20:58 - 2000-08-30 19:00 - 00406528 _____ (SteelWerX) D:\Windows\SWSC.exe
2014-12-13 20:58 - 2000-08-30 19:00 - 00098816 _____ () D:\Windows\sed.exe
2014-12-13 20:58 - 2000-08-30 19:00 - 00080412 _____ () D:\Windows\grep.exe
2014-12-13 20:58 - 2000-08-30 19:00 - 00068096 _____ () D:\Windows\zip.exe
2014-12-13 20:57 - 2014-12-13 20:57 - 05600944 _____ (Swearware) D:\Users\sven\Downloads\ComboFix(1).exe
2014-12-13 00:51 - 2014-12-13 06:54 - 00035368 _____ () D:\Users\sven\Downloads\Addition.txt
2014-12-13 00:50 - 2014-12-15 13:37 - 00000000 ____D () D:\FRST
2014-12-13 00:50 - 2014-12-13 06:54 - 00044574 _____ () D:\Users\sven\Downloads\FRST.txt
2014-12-13 00:49 - 2014-12-15 13:37 - 02119168 _____ (Farbar) D:\Users\sven\Desktop\FRST64.exe
2014-12-12 17:13 - 2014-12-13 21:10 - 00000000 ____D () D:\Qoobox
2014-12-12 17:07 - 2014-12-15 12:00 - 00001176 _____ () D:\Windows\setupact.log
2014-12-12 17:07 - 2014-12-12 17:07 - 00000000 _____ () D:\Windows\setuperr.log
2014-12-12 17:06 - 2014-12-15 00:46 - 00002980 _____ () D:\Windows\PFRO.log
2014-12-12 17:03 - 2014-12-13 21:09 - 00000000 ____D () D:\Windows\erdnt
2014-12-12 17:02 - 2014-12-13 20:57 - 05600944 ____R (Swearware) D:\Users\sven\Desktop\ComboFix.exe
2014-12-12 16:34 - 2014-12-12 16:34 - 00000000 ____D () D:\Users\sven\Desktop\Alte Firefox-Daten
2014-12-12 15:10 - 2014-12-12 15:10 - 00022704 _____ () D:\Windows\system32\Drivers\EsgScanner.sys
2014-12-12 15:10 - 2014-12-12 15:10 - 00003330 _____ () D:\Windows\System32\Tasks\SpyHunter4Startup
2014-12-12 15:10 - 2014-12-12 15:10 - 00000000 ____D () D:\Users\sven\AppData\Roaming\Enigma Software Group
2014-12-12 15:10 - 2014-12-12 15:10 - 00000000 ____D () D:\sh4ldr
2014-12-12 15:10 - 2014-12-12 15:10 - 00000000 ____D () D:\Program Files\Enigma Software Group
2014-12-12 15:10 - 2014-12-12 15:10 - 00000000 _____ () D:\autoexec.bat
2014-12-12 15:09 - 2014-12-12 15:09 - 03044736 _____ (Enigma Software Group USA, LLC.) D:\Users\sven\Downloads\SpyHunter-Installer.exe
2014-12-12 15:02 - 2014-12-12 15:02 - 00001168 _____ () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-12 15:02 - 2014-12-12 15:02 - 00001156 _____ () D:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-12-12 15:02 - 2014-12-12 15:02 - 00000000 ____D () D:\Program Files (x86)\Mozilla Maintenance Service
2014-12-12 15:02 - 2014-12-12 15:02 - 00000000 ____D () D:\Program Files (x86)\Mozilla Firefox
2014-12-12 15:01 - 2014-12-12 15:01 - 00244264 _____ () D:\Users\sven\Downloads\Firefox Setup Stub 34.0.5.exe
2014-12-12 14:54 - 2014-12-15 13:28 - 00000000 ____D () D:\Windows\ERUNT
2014-12-12 14:54 - 2014-12-12 14:59 - 00002458 _____ () D:\DelFix.txt
2014-12-12 14:47 - 2014-12-12 14:47 - 00709564 _____ () D:\Users\sven\Downloads\delfix_10.8.exe
2014-12-12 14:42 - 2014-12-12 14:42 - 00000000 ____D () D:\Program Files (x86)\AGEIA Technologies
2014-12-12 14:38 - 2014-12-12 14:38 - 00197408 _____ (NVIDIA Corporation) D:\Windows\system32\Drivers\nvhda64v.sys
2014-12-12 14:38 - 2014-12-12 14:38 - 00031520 _____ (NVIDIA Corporation) D:\Windows\system32\nvhdap64.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 31890064 _____ (NVIDIA Corporation) D:\Windows\system32\nvoglv64.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 24555840 _____ (NVIDIA Corporation) D:\Windows\SysWOW64\nvoglv32.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 20968040 _____ (NVIDIA Corporation) D:\Windows\system32\nvwgf2umx.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 20922696 _____ (NVIDIA Corporation) D:\Windows\system32\nvcompiler.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 19966856 _____ (NVIDIA Corporation) D:\Windows\system32\nvd3dumx.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 18499648 _____ (NVIDIA Corporation) D:\Windows\SysWOW64\nvwgf2um.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 17260864 _____ (NVIDIA Corporation) D:\Windows\SysWOW64\nvcompiler.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 16886168 _____ (NVIDIA Corporation) D:\Windows\SysWOW64\nvd3dum.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 14029400 _____ (NVIDIA Corporation) D:\Windows\system32\nvopencl.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 13942368 _____ (NVIDIA Corporation) D:\Windows\system32\nvcuda.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 13190288 _____ (NVIDIA Corporation) D:\Windows\system32\Drivers\nvlddmkm.sys
2014-12-12 14:34 - 2014-12-12 14:34 - 11395672 _____ (NVIDIA Corporation) D:\Windows\SysWOW64\nvopencl.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 11333848 _____ (NVIDIA Corporation) D:\Windows\SysWOW64\nvcuda.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 04289856 _____ (NVIDIA Corporation) D:\Windows\system32\nvcuvid.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 04009672 _____ (NVIDIA Corporation) D:\Windows\SysWOW64\nvcuvid.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 01876296 _____ (NVIDIA Corporation) D:\Windows\system32\nvdispco6434448.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 01539272 _____ (NVIDIA Corporation) D:\Windows\system32\nvdispgenco6434448.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 00962376 _____ (NVIDIA Corporation) D:\Windows\system32\NvIFR64.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 00931984 _____ (NVIDIA Corporation) D:\Windows\system32\NvFBC64.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 00921928 _____ (NVIDIA Corporation) D:\Windows\SysWOW64\NvIFR.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 00895176 _____ (NVIDIA Corporation) D:\Windows\SysWOW64\NvFBC.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 00870112 _____ (NVIDIA Corporation) D:\Windows\SysWOW64\nvumdshim.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 00352016 _____ (NVIDIA Corporation) D:\Windows\system32\nvoglshim64.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 00303600 _____ (NVIDIA Corporation) D:\Windows\SysWOW64\nvoglshim32.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 00174856 _____ (NVIDIA Corporation) D:\Windows\system32\nvinitx.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 00156840 _____ (NVIDIA Corporation) D:\Windows\SysWOW64\nvinit.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 00027024 _____ () D:\Windows\system32\nvinfo.pb
2014-12-12 14:30 - 2014-12-15 00:08 - 00002860 _____ () D:\Windows\System32\Tasks\Driver Booster SkipUAC (SYSTEM)
2014-12-12 14:30 - 2014-12-12 14:42 - 00002083 _____ () D:\Users\Public\Desktop\Driver Booster 2.lnk
2014-12-12 14:30 - 2014-12-12 14:30 - 00003170 _____ () D:\Windows\System32\Tasks\SmartDefrag3_Update
2014-12-12 14:30 - 2014-12-12 14:30 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
2014-12-12 08:40 - 2014-12-12 08:40 - 00014096 _____ () D:\Users\sven\Documents\Rezepteinreichung.odt
2014-12-12 08:27 - 2014-12-12 08:27 - 00000000 ____D () D:\Windows\system32\appraiser
2014-12-12 06:53 - 2014-10-17 21:05 - 04121600 _____ (Microsoft Corporation) D:\Windows\system32\mf.dll
2014-12-12 06:53 - 2014-10-17 20:33 - 03209728 _____ (Microsoft Corporation) D:\Windows\SysWOW64\mf.dll
2014-12-12 05:57 - 2014-11-26 20:43 - 00389296 _____ (Microsoft Corporation) D:\Windows\system32\iedkcs32.dll
2014-12-12 05:57 - 2014-11-26 20:10 - 00342200 _____ (Microsoft Corporation) D:\Windows\SysWOW64\iedkcs32.dll
2014-12-12 05:57 - 2014-11-21 22:13 - 25059840 _____ (Microsoft Corporation) D:\Windows\system32\mshtml.dll
2014-12-12 05:57 - 2014-11-21 22:06 - 02724864 _____ (Microsoft Corporation) D:\Windows\system32\mshtml.tlb
2014-12-12 05:57 - 2014-11-21 22:06 - 00004096 _____ (Microsoft Corporation) D:\Windows\system32\ieetwcollectorres.dll
2014-12-12 05:57 - 2014-11-21 21:50 - 00580096 _____ (Microsoft Corporation) D:\Windows\system32\vbscript.dll
2014-12-12 05:57 - 2014-11-21 21:50 - 00066560 _____ (Microsoft Corporation) D:\Windows\system32\iesetup.dll
2014-12-12 05:57 - 2014-11-21 21:49 - 02885120 _____ (Microsoft Corporation) D:\Windows\system32\iertutil.dll
2014-12-12 05:57 - 2014-11-21 21:49 - 00048640 _____ (Microsoft Corporation) D:\Windows\system32\ieetwproxystub.dll
2014-12-12 05:57 - 2014-11-21 21:48 - 00088064 _____ (Microsoft Corporation) D:\Windows\system32\MshtmlDac.dll
2014-12-12 05:57 - 2014-11-21 21:41 - 00054784 _____ (Microsoft Corporation) D:\Windows\system32\jsproxy.dll
2014-12-12 05:57 - 2014-11-21 21:40 - 00034304 _____ (Microsoft Corporation) D:\Windows\system32\iernonce.dll
2014-12-12 05:57 - 2014-11-21 21:37 - 00633856 _____ (Microsoft Corporation) D:\Windows\system32\ieui.dll
2014-12-12 05:57 - 2014-11-21 21:35 - 00144384 _____ (Microsoft Corporation) D:\Windows\system32\ieUnatt.exe
2014-12-12 05:57 - 2014-11-21 21:35 - 00114688 _____ (Microsoft Corporation) D:\Windows\system32\ieetwcollector.exe
2014-12-12 05:57 - 2014-11-21 21:34 - 06039552 _____ (Microsoft Corporation) D:\Windows\system32\jscript9.dll
2014-12-12 05:57 - 2014-11-21 21:34 - 00814080 _____ (Microsoft Corporation) D:\Windows\system32\jscript9diag.dll
2014-12-12 05:57 - 2014-11-21 21:26 - 00968704 _____ (Microsoft Corporation) D:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-12 05:57 - 2014-11-21 21:22 - 19749376 _____ (Microsoft Corporation) D:\Windows\SysWOW64\mshtml.dll
2014-12-12 05:57 - 2014-11-21 21:22 - 00490496 _____ (Microsoft Corporation) D:\Windows\system32\dxtmsft.dll
2014-12-12 05:57 - 2014-11-21 21:20 - 02724864 _____ (Microsoft Corporation) D:\Windows\SysWOW64\mshtml.tlb
2014-12-12 05:57 - 2014-11-21 21:14 - 00077824 _____ (Microsoft Corporation) D:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-12 05:57 - 2014-11-21 21:09 - 00199680 _____ (Microsoft Corporation) D:\Windows\system32\msrating.dll
2014-12-12 05:57 - 2014-11-21 21:08 - 00092160 _____ (Microsoft Corporation) D:\Windows\system32\mshtmled.dll
2014-12-12 05:57 - 2014-11-21 21:07 - 00501248 _____ (Microsoft Corporation) D:\Windows\SysWOW64\vbscript.dll
2014-12-12 05:57 - 2014-11-21 21:07 - 00062464 _____ (Microsoft Corporation) D:\Windows\SysWOW64\iesetup.dll
2014-12-12 05:57 - 2014-11-21 21:06 - 00047616 _____ (Microsoft Corporation) D:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-12 05:57 - 2014-11-21 21:05 - 00316928 _____ (Microsoft Corporation) D:\Windows\system32\dxtrans.dll
2014-12-12 05:57 - 2014-11-21 21:05 - 00064000 _____ (Microsoft Corporation) D:\Windows\SysWOW64\MshtmlDac.dll
2014-12-12 05:57 - 2014-11-21 21:01 - 02277888 _____ (Microsoft Corporation) D:\Windows\SysWOW64\iertutil.dll
2014-12-12 05:57 - 2014-11-21 20:59 - 00047104 _____ (Microsoft Corporation) D:\Windows\SysWOW64\jsproxy.dll
2014-12-12 05:57 - 2014-11-21 20:58 - 00030720 _____ (Microsoft Corporation) D:\Windows\SysWOW64\iernonce.dll
2014-12-12 05:57 - 2014-11-21 20:56 - 00478208 _____ (Microsoft Corporation) D:\Windows\SysWOW64\ieui.dll
2014-12-12 05:57 - 2014-11-21 20:55 - 00115712 _____ (Microsoft Corporation) D:\Windows\SysWOW64\ieUnatt.exe
2014-12-12 05:57 - 2014-11-21 20:54 - 00620032 _____ (Microsoft Corporation) D:\Windows\SysWOW64\jscript9diag.dll
2014-12-12 05:57 - 2014-11-21 20:49 - 00800768 _____ (Microsoft Corporation) D:\Windows\system32\msfeeds.dll
2014-12-12 05:57 - 2014-11-21 20:49 - 00718848 _____ (Microsoft Corporation) D:\Windows\system32\ie4uinit.exe
2014-12-12 05:57 - 2014-11-21 20:47 - 01359360 _____ (Microsoft Corporation) D:\Windows\system32\mshtmlmedia.dll
2014-12-12 05:57 - 2014-11-21 20:46 - 02125312 _____ (Microsoft Corporation) D:\Windows\system32\inetcpl.cpl
2014-12-12 05:57 - 2014-11-21 20:45 - 00418304 _____ (Microsoft Corporation) D:\Windows\SysWOW64\dxtmsft.dll
2014-12-12 05:57 - 2014-11-21 20:43 - 14412800 _____ (Microsoft Corporation) D:\Windows\system32\ieframe.dll
2014-12-12 05:57 - 2014-11-21 20:40 - 00060416 _____ (Microsoft Corporation) D:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-12 05:57 - 2014-11-21 20:36 - 00168960 _____ (Microsoft Corporation) D:\Windows\SysWOW64\msrating.dll
2014-12-12 05:57 - 2014-11-21 20:35 - 00076288 _____ (Microsoft Corporation) D:\Windows\SysWOW64\mshtmled.dll
2014-12-12 05:57 - 2014-11-21 20:33 - 00285696 _____ (Microsoft Corporation) D:\Windows\SysWOW64\dxtrans.dll
2014-12-12 05:57 - 2014-11-21 20:29 - 04299264 _____ (Microsoft Corporation) D:\Windows\SysWOW64\jscript9.dll
2014-12-12 05:57 - 2014-11-21 20:28 - 02358272 _____ (Microsoft Corporation) D:\Windows\system32\wininet.dll
2014-12-12 05:57 - 2014-11-21 20:23 - 00688640 _____ (Microsoft Corporation) D:\Windows\SysWOW64\msfeeds.dll
2014-12-12 05:57 - 2014-11-21 20:22 - 02052096 _____ (Microsoft Corporation) D:\Windows\SysWOW64\inetcpl.cpl
2014-12-12 05:57 - 2014-11-21 20:21 - 01155072 _____ (Microsoft Corporation) D:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-12 05:57 - 2014-11-21 20:15 - 01548288 _____ (Microsoft Corporation) D:\Windows\system32\urlmon.dll
2014-12-12 05:57 - 2014-11-21 20:13 - 12836864 _____ (Microsoft Corporation) D:\Windows\SysWOW64\ieframe.dll
2014-12-12 05:57 - 2014-11-21 20:03 - 00800768 _____ (Microsoft Corporation) D:\Windows\system32\ieapfltr.dll
2014-12-12 05:57 - 2014-11-21 20:00 - 01888256 _____ (Microsoft Corporation) D:\Windows\SysWOW64\wininet.dll
2014-12-12 05:57 - 2014-11-21 19:56 - 01307136 _____ (Microsoft Corporation) D:\Windows\SysWOW64\urlmon.dll
2014-12-12 05:57 - 2014-11-21 19:54 - 00710144 _____ (Microsoft Corporation) D:\Windows\SysWOW64\ieapfltr.dll
2014-12-12 05:56 - 2014-12-03 21:50 - 00830976 _____ (Microsoft Corporation) D:\Windows\system32\appraiser.dll
2014-12-12 05:56 - 2014-12-03 21:50 - 00741376 _____ (Microsoft Corporation) D:\Windows\system32\invagent.dll
2014-12-12 05:56 - 2014-12-03 21:50 - 00413184 _____ (Microsoft Corporation) D:\Windows\system32\generaltel.dll
2014-12-12 05:56 - 2014-12-03 21:50 - 00396800 _____ (Microsoft Corporation) D:\Windows\system32\devinv.dll
2014-12-12 05:56 - 2014-12-03 21:50 - 00227328 _____ (Microsoft Corporation) D:\Windows\system32\aepdu.dll
2014-12-12 05:56 - 2014-12-03 21:50 - 00192000 _____ (Microsoft Corporation) D:\Windows\system32\aepic.dll
2014-12-12 05:56 - 2014-12-03 21:44 - 01083392 _____ (Microsoft Corporation) D:\Windows\system32\aeinv.dll
2014-12-12 05:56 - 2014-12-01 18:28 - 01232040 _____ (Microsoft Corporation) D:\Windows\system32\aitstatic.exe
2014-12-12 05:56 - 2014-11-10 22:09 - 01424384 _____ (Microsoft Corporation) D:\Windows\system32\WindowsCodecs.dll
2014-12-12 05:56 - 2014-11-10 21:44 - 01230336 _____ (Microsoft Corporation) D:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-12 05:56 - 2014-11-10 20:46 - 00119296 _____ (Microsoft Corporation) D:\Windows\system32\Drivers\tdx.sys
2014-12-12 05:56 - 2014-10-29 21:03 - 00165888 _____ (Microsoft Corporation) D:\Windows\system32\charmap.exe
2014-12-12 05:56 - 2014-10-29 20:45 - 00155136 _____ (Microsoft Corporation) D:\Windows\SysWOW64\charmap.exe
2014-12-12 05:56 - 2014-10-02 21:12 - 02020352 _____ (Microsoft Corporation) D:\Windows\system32\WsmSvc.dll
2014-12-12 05:56 - 2014-10-02 21:12 - 00346624 _____ (Microsoft Corporation) D:\Windows\system32\WSManMigrationPlugin.dll
2014-12-12 05:56 - 2014-10-02 21:12 - 00310272 _____ (Microsoft Corporation) D:\Windows\system32\WsmWmiPl.dll
2014-12-12 05:56 - 2014-10-02 21:12 - 00181248 _____ (Microsoft Corporation) D:\Windows\system32\WsmAuto.dll
2014-12-12 05:56 - 2014-10-02 21:11 - 00266240 _____ (Microsoft Corporation) D:\Windows\system32\WSManHTTPConfig.exe
2014-12-12 05:56 - 2014-10-02 20:45 - 01177088 _____ (Microsoft Corporation) D:\Windows\SysWOW64\WsmSvc.dll
2014-12-12 05:56 - 2014-10-02 20:45 - 00248832 _____ (Microsoft Corporation) D:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-12 05:56 - 2014-10-02 20:45 - 00214016 _____ (Microsoft Corporation) D:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-12 05:56 - 2014-10-02 20:45 - 00145920 _____ (Microsoft Corporation) D:\Windows\SysWOW64\WsmAuto.dll
2014-12-12 05:56 - 2014-10-02 20:44 - 00198656 _____ (Microsoft Corporation) D:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-12 05:55 - 2014-11-07 22:16 - 00002048 _____ (Microsoft Corporation) D:\Windows\system32\tzres.dll
2014-12-12 05:55 - 2014-11-07 21:45 - 00002048 _____ (Microsoft Corporation) D:\Windows\SysWOW64\tzres.dll
2014-12-11 13:33 - 2014-12-11 13:33 - 00002972 _____ () D:\Windows\System32\Tasks\{F6CEB399-2EBA-4EC6-A99A-05BF97ACE2A4}
2014-12-11 13:33 - 2014-12-11 13:33 - 00002972 _____ () D:\Windows\System32\Tasks\{824FFD76-5AB6-4642-B263-A1120F55CCD9}
2014-12-02 10:44 - 2014-12-02 10:44 - 00292516 _____ () D:\Users\sven\Desktop\Mozilla Firefox-Startseite.xht
2014-12-02 10:44 - 2014-12-02 10:44 - 00000000 ____D () D:\Users\sven\Desktop\Mozilla Firefox-Startseite-Dateien
2014-11-29 15:10 - 2014-11-29 15:10 - 36282808 _____ () D:\Users\sven\Downloads\Firefox Setup 33.1.1.exe
2014-11-28 21:52 - 2014-11-28 21:52 - 00000247 _____ () D:\Windows\system32\2014-11-29-02-52-40.017-aswFe.exe-5416.log
2014-11-28 21:52 - 2014-11-28 21:52 - 00000197 _____ () D:\Windows\system32\2014-11-29-02-52-28.057-AvastVBoxSVC.exe-5176.log
2014-11-28 12:36 - 2014-11-28 12:36 - 00000247 _____ () D:\Windows\system32\2014-11-28-17-36-45.018-aswFe.exe-3212.log
2014-11-28 12:36 - 2014-11-28 12:36 - 00000197 _____ () D:\Windows\system32\2014-11-28-17-36-39.077-AvastVBoxSVC.exe-3512.log
2014-11-28 12:29 - 2014-11-28 12:29 - 00000000 ____D () D:\Windows\SysWOW64\vbox
2014-11-28 12:29 - 2014-11-28 12:29 - 00000000 ____D () D:\Windows\system32\vbox
2014-11-28 07:20 - 2014-11-28 07:20 - 00001999 _____ () D:\Users\Public\Desktop\Avast SafeZone.lnk
2014-11-28 07:20 - 2014-11-28 07:20 - 00001939 _____ () D:\Users\Public\Desktop\Avast Internet Security.lnk
2014-11-28 07:20 - 2014-11-28 07:20 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-11-28 07:19 - 2014-11-28 07:19 - 00364512 _____ (AVAST Software) D:\Windows\system32\aswBoot.exe
2014-11-28 07:19 - 2014-11-28 07:19 - 00043152 _____ (AVAST Software) D:\Windows\avastSS.scr
2014-11-28 07:18 - 2014-11-28 07:18 - 00449936 _____ (AVAST Software) D:\Windows\system32\Drivers\aswNdisFlt.sys
2014-11-19 02:51 - 2014-11-10 22:08 - 00728064 _____ (Microsoft Corporation) D:\Windows\system32\kerberos.dll
2014-11-19 02:51 - 2014-11-10 22:08 - 00241152 _____ (Microsoft Corporation) D:\Windows\system32\pku2u.dll
2014-11-19 02:51 - 2014-11-10 21:44 - 00550912 _____ (Microsoft Corporation) D:\Windows\SysWOW64\kerberos.dll
2014-11-19 02:51 - 2014-11-10 21:44 - 00186880 _____ (Microsoft Corporation) D:\Windows\SysWOW64\pku2u.dll
2014-11-18 00:02 - 2014-11-18 00:02 - 00000000 ____D () D:\Users\sven\AppData\Local\Google
2014-11-15 00:35 - 2014-11-15 00:35 - 00000000 __SHD () D:\Users\sven\AppData\Local\EmieBrowserModeList

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-15 13:24 - 2014-06-14 08:32 - 01773544 _____ () D:\Windows\WindowsUpdate.log
2014-12-15 12:48 - 2014-06-15 16:11 - 00000884 _____ () D:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-15 12:08 - 2009-07-13 23:45 - 00022464 ____H () D:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-15 12:08 - 2009-07-13 23:45 - 00022464 ____H () D:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-15 11:59 - 2009-07-14 00:08 - 00000006 ____H () D:\Windows\Tasks\SA.DAT
2014-12-15 07:16 - 2014-07-03 17:04 - 00000000 ____D () D:\ProgramData\ProductData
2014-12-15 00:47 - 2014-06-14 15:30 - 00004182 _____ () D:\Windows\System32\Tasks\avast! Emergency Update
2014-12-15 00:39 - 2014-10-09 18:47 - 00000000 ____D () D:\Users\sven\AppData\Roaming\Imminent
2014-12-15 00:03 - 2014-11-10 13:23 - 00002118 _____ () D:\Users\Public\Desktop\Advanced SystemCare 8.lnk
2014-12-14 13:21 - 2014-06-14 15:34 - 00000000 ____D () D:\Users\sven\AppData\Roaming\UseNeXT
2014-12-14 13:21 - 2010-12-19 05:03 - 00000000 ____D () D:\Usenext
2014-12-13 23:03 - 2014-06-15 19:32 - 00000000 ____D () D:\Users\sven\AppData\Roaming\vlc
2014-12-13 21:08 - 2009-07-13 21:34 - 00000215 _____ () D:\Windows\system.ini
2014-12-13 21:04 - 2014-07-15 05:04 - 00000000 ____D () D:\ProgramData\TEMP
2014-12-13 08:16 - 2009-07-13 22:20 - 00000000 ____D () D:\Windows\rescache
2014-12-12 15:10 - 2014-06-14 14:52 - 00000000 ____D () D:\Users\sven
2014-12-12 14:42 - 2014-06-14 15:08 - 00000000 ____D () D:\Program Files (x86)\NVIDIA Corporation
2014-12-12 14:41 - 2014-06-15 16:11 - 00701616 _____ (Adobe Systems Incorporated) D:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-12 14:41 - 2014-06-15 16:11 - 00071344 _____ (Adobe Systems Incorporated) D:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-12 14:41 - 2014-06-15 16:11 - 00003822 _____ () D:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-12 14:38 - 2014-06-27 21:07 - 01538880 _____ (NVIDIA Corporation) D:\Windows\system32\nvhdagenco6420103.dll
2014-12-12 14:37 - 2014-06-14 15:09 - 00000000 ____D () D:\ProgramData\NVIDIA
2014-12-12 14:34 - 2013-02-25 23:32 - 03237528 _____ (NVIDIA Corporation) D:\Windows\system32\nvapi64.dll
2014-12-12 14:34 - 2013-02-25 23:32 - 02849224 _____ (NVIDIA Corporation) D:\Windows\SysWOW64\nvapi.dll
2014-12-12 14:34 - 2013-02-25 23:32 - 00987008 _____ (NVIDIA Corporation) D:\Windows\system32\nvumdshimx.dll
2014-12-12 14:30 - 2014-07-06 01:46 - 00001107 _____ () D:\Users\Public\Desktop\Smart Defrag 3.lnk
2014-12-12 14:30 - 2014-07-06 01:46 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 3
2014-12-12 14:30 - 2014-07-03 17:03 - 00000000 ____D () D:\Program Files (x86)\IObit
2014-12-12 14:22 - 2014-11-10 13:23 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8
2014-12-12 08:27 - 2014-06-16 16:19 - 00000000 ___SD () D:\Windows\system32\CompatTel
2014-12-12 08:27 - 2009-07-13 22:20 - 00000000 ____D () D:\Windows\PolicyDefinitions
2014-12-12 08:27 - 2009-07-13 22:20 - 00000000 ____D () D:\Windows\AppCompat
2014-12-12 06:56 - 2014-06-14 17:55 - 00000000 ____D () D:\Windows\system32\MRT
2014-12-12 06:54 - 2014-06-14 17:55 - 112710672 _____ (Microsoft Corporation) D:\Windows\system32\MRT.exe
2014-12-09 11:35 - 2014-06-15 16:11 - 00000000 ____D () D:\Users\sven\AppData\Roaming\Adobe
2014-12-08 14:11 - 2014-06-20 07:20 - 00000000 ____D () D:\Users\sven\Desktop\OpenOffice.org 3.4.1 (de) Installation Files
2014-12-06 14:46 - 2009-08-06 16:30 - 00699092 _____ () D:\Windows\system32\perfh007.dat
2014-12-06 14:46 - 2009-08-06 16:30 - 00149232 _____ () D:\Windows\system32\perfc007.dat
2014-12-06 14:46 - 2009-07-14 00:13 - 01619284 _____ () D:\Windows\system32\PerfStringBackup.INI
2014-12-02 12:18 - 2014-05-25 15:42 - 00000000 ____D () D:\Users\sven\Desktop\2014.05.19 - Reichardsroth
2014-12-02 12:18 - 2014-05-25 15:41 - 00000000 ____D () D:\Users\sven\Desktop\2014.05.20 - Reichardsroth - Geb. Sven - Tierpark Bad Mergentheim - Abendessen Rothenburg
2014-11-29 08:26 - 2014-11-01 14:26 - 00000000 ____D () D:\Users\sven\Desktop\volti
2014-11-28 07:19 - 2014-06-14 15:30 - 01050432 _____ (AVAST Software) D:\Windows\system32\Drivers\aswsnx.sys
2014-11-28 07:19 - 2014-06-14 15:30 - 00436624 _____ (AVAST Software) D:\Windows\system32\Drivers\aswsp.sys
2014-11-28 07:19 - 2014-06-14 15:30 - 00267632 _____ () D:\Windows\system32\Drivers\aswVmm.sys
2014-11-28 07:19 - 2014-06-14 15:30 - 00116728 _____ (AVAST Software) D:\Windows\system32\Drivers\aswstm.sys
2014-11-28 07:19 - 2014-06-14 15:30 - 00093568 _____ (AVAST Software) D:\Windows\system32\Drivers\aswRdr2.sys
2014-11-28 07:19 - 2014-06-14 15:30 - 00083280 _____ (AVAST Software) D:\Windows\system32\Drivers\aswMonFlt.sys
2014-11-28 07:19 - 2014-06-14 15:30 - 00065776 _____ () D:\Windows\system32\Drivers\aswRvrt.sys
2014-11-28 07:19 - 2014-06-14 15:30 - 00029208 _____ () D:\Windows\system32\Drivers\aswHwid.sys
2014-11-28 07:19 - 2014-06-14 15:30 - 00028184 _____ (AVAST Software) D:\Windows\system32\Drivers\aswKbd.sys
2014-11-23 19:38 - 2014-11-05 17:15 - 00000000 ____D () D:\Users\sven\Desktop\Pixum
2014-11-20 16:22 - 2014-06-14 15:31 - 00001866 _____ () D:\Users\sven\Desktop\UseNeXT by Tangysoft.lnk
2014-11-20 16:22 - 2014-06-14 15:31 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT
2014-11-20 16:22 - 2014-06-14 15:31 - 00000000 ____D () D:\Program Files (x86)\UseNeXT

Some content of TEMP:
====================
D:\Users\sven\AppData\Local\Temp\Quarantine.exe
D:\Users\sven\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

D:\Windows\System32\winlogon.exe => File is digitally signed
D:\Windows\System32\wininit.exe => File is digitally signed
D:\Windows\SysWOW64\wininit.exe => File is digitally signed
D:\Windows\explorer.exe => File is digitally signed
D:\Windows\SysWOW64\explorer.exe => File is digitally signed
D:\Windows\System32\svchost.exe => File is digitally signed
D:\Windows\SysWOW64\svchost.exe => File is digitally signed
D:\Windows\System32\services.exe => File is digitally signed
D:\Windows\System32\User32.dll => File is digitally signed
D:\Windows\SysWOW64\User32.dll => File is digitally signed
D:\Windows\System32\userinit.exe => File is digitally signed
D:\Windows\SysWOW64\userinit.exe => File is digitally signed
D:\Windows\System32\rpcss.dll => File is digitally signed
D:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-15 07:59

==================== End Of Log ============================
--- --- ---



FRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2014 01
Ran by sven at 2014-12-15 13:38:14
Running from D:\Users\sven\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Disabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.0.3 - IObit)
Avast Internet Security (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version:  - )
DirectX Buster 2.1 Beta 4 (HKLM-x32\...\DirectX Buster) (Version: 2.1 Beta 4 - Dominik Schindler)
DirectX deinstallieren (HKLM-x32\...\DirectX) (Version:  - )
DirectX Version Checker (HKLM-x32\...\{6122970E-5575-4155-8408-FD624B3F7C4F}_is1) (Version:  - directxupdate.com)
Driver Booster 2 (HKLM-x32\...\Driver Booster_is1) (Version: 2.0 - IObit)
Free YouTube Download version 3.2.46.923 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.46.923 - DVDVideoSoft Ltd.)
IObit Malware Fighter (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 2.5 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.1.5.24 - IObit)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
NVIDIA 3D Vision Controller-Treiber 320.18 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 320.18 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0.1 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.1500.0 - SAMSUNG Electronics Co., Ltd.)
SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) Hidden
Smart Defrag 3 (HKLM-x32\...\Smart Defrag 3_is1) (Version: 3.3 - IObit)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version:  - Tangysoft Ltd.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
X-Wave MP3 Cutter Joiner 1.1 (HKLM-x32\...\X-Wave MP3 Cutter Joiner) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

12-12-2014 19:58:41 Ende der Bereinigung
13-12-2014 12:55:52 Windows Update
14-12-2014 04:06:37 Windows Update
14-12-2014 08:00:20 Windows Update
14-12-2014 19:50:24 Windows Update
15-12-2014 05:15:30 Windows-Sicherung
15-12-2014 06:18:26 Windows Update
15-12-2014 13:32:15 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2014-12-13 21:07 - 00000027 ____A D:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1781553B-D325-499F-9FDB-700C9476275F} - System32\Tasks\avast! Emergency Update => D:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-28] (AVAST Software)
Task: {285FBC35-B9B7-46BA-92BE-9BEFC5F04619} - System32\Tasks\{824FFD76-5AB6-4642-B263-A1120F55CCD9} => Firefox.exe
Task: {2BCE6754-493C-48FD-B2AC-4ADC401ACF5F} - System32\Tasks\SpyHunter4Startup => D:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe
Task: {7C605630-6B3B-4AFE-BEEE-BD5B9F46CE3A} - System32\Tasks\Driver Booster SkipUAC (SYSTEM) => D:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-12-09] (IObit)
Task: {7F9C0EED-1E60-4C65-849A-9F24DA242BAB} - System32\Tasks\ASC8_SkipUac_sven => D:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [2014-11-26] (IObit)
Task: {9B859D46-F51B-4C4C-B83F-697E2B705411} - System32\Tasks\Uninstaller_SkipUac_Administrator => D:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-11-04] (IObit)
Task: {9DA97BEE-3D04-4BA2-8AC2-B96C335FFFA4} - System32\Tasks\Driver Booster SkipUAC (sven) => D:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-12-09] (IObit)
Task: {A1EF7D17-59A5-4571-AA69-15DC23D0931A} - System32\Tasks\{F6CEB399-2EBA-4EC6-A99A-05BF97ACE2A4} => Firefox.exe
Task: {A83054AE-6786-4278-81BB-76138F0E4C4B} - System32\Tasks\Adobe Flash Player Updater => D:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-12] (Adobe Systems Incorporated)
Task: {C36D8B82-62AA-4D86-84B8-709C733B0157} - System32\Tasks\SmartDefrag3_Update => D:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe [2014-07-23] (IObit)
Task: {D5BA52AB-878B-41CC-9D13-8C6B1CE986EB} - System32\Tasks\Uninstaller_SkipUac_sven => D:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-11-04] (IObit)
Task: {E08185C6-F991-4952-974B-1A831DB73133} - System32\Tasks\ASC8_PerformanceMonitor => D:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe [2014-11-26] (IObit)
Task: {ECBE98A5-15D3-47CE-8D86-555B8594C508} - System32\Tasks\{6412C0DF-1E8B-426D-AED6-F8DA7567113B} => pcalua.exe -a "D:\Program Files (x86)\X-Wave MP3 Cutter Joiner\uninstall.exe"
Task: D:\Windows\Tasks\Adobe Flash Player Updater.job => D:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2014-06-14 15:08 - 2014-10-16 09:11 - 00116880 _____ () D:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-11-28 07:18 - 2014-11-28 07:18 - 00388208 _____ () D:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2014-11-28 07:18 - 2014-11-28 07:18 - 05851328 _____ () D:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2014-11-10 13:23 - 2013-10-25 12:08 - 00517408 _____ () D:\Program Files (x86)\IObit\Advanced SystemCare 8\sqlite3.dll
2014-12-15 07:16 - 2014-12-15 07:16 - 02908160 _____ () D:\Program Files\AVAST Software\Avast\defs\14121500\algo.dll
2014-11-28 07:18 - 2014-11-28 07:18 - 04495336 _____ () D:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2014-12-15 13:01 - 2014-12-15 13:01 - 02908160 _____ () D:\Program Files\AVAST Software\Avast\defs\14121502\algo.dll
2014-11-10 13:23 - 2013-01-15 18:48 - 00348992 _____ () D:\Program Files (x86)\IObit\Advanced SystemCare 8\madExcept_.bpl
2014-11-10 13:23 - 2013-01-15 18:48 - 00183616 _____ () D:\Program Files (x86)\IObit\Advanced SystemCare 8\madBasic_.bpl
2014-11-10 13:23 - 2013-01-15 18:48 - 00051008 _____ () D:\Program Files (x86)\IObit\Advanced SystemCare 8\madDisAsm_.bpl
2014-11-10 13:23 - 2014-10-16 10:26 - 00622880 _____ () D:\Program Files (x86)\IObit\Advanced SystemCare 8\ProductStatistics.dll
2014-11-10 13:23 - 2013-01-15 18:47 - 00893248 _____ () D:\Program Files (x86)\IObit\Advanced SystemCare 8\webres.dll
2014-11-28 07:19 - 2014-11-28 07:19 - 38562088 _____ () D:\Program Files\AVAST Software\Avast\libcef.dll
2012-08-10 15:51 - 2012-08-10 15:51 - 00985088 _____ () D:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2014-07-03 17:04 - 2013-01-15 18:48 - 00348992 _____ () D:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2014-07-03 17:04 - 2013-01-15 18:48 - 00183616 _____ () D:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2014-07-03 17:04 - 2013-01-15 18:48 - 00051008 _____ () D:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2014-12-12 15:02 - 2014-11-26 11:40 - 03758192 _____ () D:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-1088142728-589118971-3801686269-500 - Administrator - Disabled)
Gast (S-1-5-21-1088142728-589118971-3801686269-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1088142728-589118971-3801686269-1002 - Limited - Enabled)
sven (S-1-5-21-1088142728-589118971-3801686269-1001 - Administrator - Enabled) => D:\Users\sven

==================== Faulty Device Manager Devices =============

Name: Serieller ATA-Controller
Description: Serieller ATA-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-12-13 21:06:40.052
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-12-13 21:06:39.989
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-06 19:30:05.438
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22379_none_b5bfb7f5e210be96\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-06 19:30:05.228
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22379_none_b5bfb7f5e210be96\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-06 19:30:04.978
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22379_none_b5bfb7f5e210be96\appid.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-06 19:30:04.768
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22379_none_b5bfb7f5e210be96\appid.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-06 19:19:44.266
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22379_none_c014624816718091\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-06 19:19:44.054
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22379_none_c014624816718091\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz
Percentage of memory in use: 36%
Total physical RAM: 4086.93 MB
Available physical RAM: 2588.6 MB
Total Pagefile: 8172.03 MB
Available Pagefile: 5898.42 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:271.35 GB) (Free:266.65 GB) NTFS
Drive d: (DATAPART1) (Fixed) (Total:931.51 GB) (Free:119.74 GB) NTFS
Drive g: (RECOVERY) (Fixed) (Total:8.03 GB) (Free:2.88 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive h: (Elements) (Fixed) (Total:1863.01 GB) (Free:607.23 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 4A57007C)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 279.5 GB) (Disk ID: 48000000)
Partition 1: (Not Active) - (Size=86 MB) - (Type=DE)
Partition 2: (Active) - (Size=8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=271.3 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 000CE27C)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End Of Log ============================
--- --- ---

schrauber 16.12.2014 19:24

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

dvpietsch 17.12.2014 16:33
so hier wieder das was du wolltest. Weil du fragst ob ich probleme habe hast du da noch was entdeckt oder frägst du nur so!
Den meine Uhr am PC stellt sich immer 6std zurück komischer weise!

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=a4196353d2a129469e27ee7e1ff3be15
# engine=21584
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-12-17 05:12:17
# local_time=2014-12-17 12:12:17 (-0500, Eastern Normalzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 0 170336586 0 0
# scanned=81402
# found=20
# cleaned=0
# scan_time=24962
sh=750184025EC562A438677D06D8C20DFEA321D633 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\SVEN-DVP2014\Backup Set 2014-08-23 094359\Backup Files 2014-08-23 094359\Backup files 4.zip"
sh=8351C1C5CCCC207CFC18430AED7A1FBEE3B78751 ft=0 fh=0000000000000000 vn="Win32/Systweak.K evtl. unerwünschte Anwendung" ac=I fn="C:\SVEN-DVP2014\Backup Set 2014-08-23 094359\Backup Files 2014-08-23 101215\Backup files 1.zip"
sh=7A0F1147D8A90E53377753D7417A8E7FAB02905F ft=1 fh=9b8d0603f50f8958 vn="Win32/VOPackage.BC evtl. unerwünschte Anwendung" ac=I fn="D:\Qoobox\Quarantine\D\Users\sven\AppData\Local\nsyB520.tmp.vir"
sh=399A586BBE249CDD6E0B6A28A5044132806A5854 ft=1 fh=c71c0011d5ddfaed vn="Variante von MSIL/Injector.GPS Trojaner" ac=I fn="D:\Qoobox\Quarantine\D\Users\sven\AppData\Roaming\dplaysvr.exe.vir"
sh=FADE54DA0058B8C5140663F824DF4485A339ED23 ft=1 fh=efb59306b085019d vn="Variante von MSIL/Injector.FSW Trojaner" ac=I fn="D:\steam\HyperCam.exe"
sh=399A586BBE249CDD6E0B6A28A5044132806A5854 ft=1 fh=c71c0011d5ddfaed vn="Variante von MSIL/Injector.GPS Trojaner" ac=I fn="D:\Usenext\wizard\Absolute MP3 Splitter .rar (001_274)\Absolute MP3 Splitter .exe"
sh=3EDA368653FDAA15D79193BDCCBD8B32893D8276 ft=0 fh=0000000000000000 vn="Variante von Win32/Kryptik.AWYM Trojaner" ac=I fn="D:\Usenext\wizard\Anton Mayday - Mindscapes 157 - Pure FM - SBD 03 0\Anton_Mayday-Mindscapes_157_(Pure_FM)-SBD-03-02-2013-B2RLiVE_INT.rar"
sh=A7CAF83E813ED0F4DB1ED6C6A570D60F1455C591 ft=0 fh=0000000000000000 vn="Variante von Win32/Kryptik.AWYM Trojaner" ac=I fn="D:\Usenext\wizard\Danny Avila - Delicious Housetunes Mayday Special\Danny_Avila_-_Delicious_Housetunes__Mayday_Special_(Hitradio_MSOne)-04-25-CABLE-2013-UME_INT.rar"
sh=F7EAA26375D35D1D3ACB3FC520D7CD1363EECD1E ft=0 fh=0000000000000000 vn="Win32/Toolbar.Conduit.A evtl. unerwünschte Anwendung" ac=I fn="D:\Usenext\wizard\Jennifer Rush Album Collection\Jennifer Rush Jennifer Rush\Jennifer Rush - Alben - 1984 - Jennifer Rush brothers-of-usenet.org - Informationen zum Thema brothers-of-usenet. Diese Website steht zum Verkauf! sponsored by www.Newsconnection.nl\Brothers\Brothers Bar Community Toolbar für Firefox.xpi"
sh=7D52AD23EC9F49564CF6A7F99A550AE10017344F ft=1 fh=2ff7c59f63c86a4e vn="Win32/MyPCBackup.C evtl. unerwünschte Anwendung" ac=I fn="D:\Users\sven\Downloads\IObit-Malware-Fighter-Setup.exe"
sh=DA38DF0E772229ADDF239B04185CAE486CE75990 ft=1 fh=31688d337dd00540 vn="Win32/InstallMonetizer.AF evtl. unerwünschte Anwendung" ac=I fn="D:\Users\sven\Downloads\MP3CutterSetup.exe"
sh=EAE2784C9115FE9CFA44A116B74E72C1BCCFA7F6 ft=1 fh=2e79e77116fe19c4 vn="Win32/DownWare.L evtl. unerwünschte Anwendung" ac=I fn="D:\Users\sven\Downloads\MyPhoneExplorer_1.8.5.exe"
sh=955DB52990DE2D71A7BA2B52C001A8810E0B1C34 ft=1 fh=52ea0ff07569d6d1 vn="Variante von Win32/ReImageRepair.C evtl. unerwünschte Anwendung" ac=I fn="D:\Users\sven\Downloads\ReimageRepair.exe"
sh=0BBE6B557F0D710AF7D1E12615BAB5696BFE1F2F ft=1 fh=7f5ebdd46cadd7d4 vn="Variante von Win32/Toolbar.Widgi.B evtl. unerwünschte Anwendung" ac=I fn="D:\Users\sven\Downloads\smart-defrag-setup.exe"
sh=E55DA6BAC6CA0E85E13D3FC2805B1C49D8045DD0 ft=1 fh=a341758a219db876 vn="Win32/Systweak.K evtl. unerwünschte Anwendung" ac=I fn="D:\Users\sven\Downloads\tall_23080144408003232.exe"
sh=E79CE0DA43C79F2A4E48A4F4A02905DE783FBD16 ft=1 fh=a9eb553813c219ce vn="NSIS/StartPage.CC Trojaner" ac=I fn="D:\Users\sven\Downloads\vlc-2.1.4-win64.exe"
sh=702E069AD7FE26F25122A3E7B58CE43A2088788D ft=1 fh=63e03a2239909e75 vn="Variante von Win32/Toolbar.SearchSuite.Z evtl. unerwünschte Anwendung" ac=I fn="D:\VON C\Downloads\iMeshV10.exe"
sh=84719368418BA2E346906042BF38F77DF55BEBB9 ft=1 fh=1a364c99d27798e6 vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="D:\VON C\Downloads\SoftonicDownloader_fuer_hamster-free-video-converter.exe"
sh=B5B2A05B5E37F948963ABB641D6CBF04B2EAC9D1 ft=1 fh=88c6eaa40a33fef3 vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="D:\VON C\Downloads\SoftonicDownloader_fuer_ratdvd.exe"
sh=E661227D021D228CB60786B68099240F76F1CBF7 ft=1 fh=f0c74b3c3191e1d9 vn="Variante von Win32/InstallCore.D evtl. unerwünschte Anwendung" ac=I fn="D:\VON C\Downloads\VideoToMp3Setup.exe"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=a4196353d2a129469e27ee7e1ff3be15
# engine=21590
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-12-17 09:18:19
# local_time=2014-12-17 04:18:19 (-0500, Eastern Normalzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 0 170351349 0 0
# scanned=250106
# found=36
# cleaned=0
# scan_time=13115
sh=750184025EC562A438677D06D8C20DFEA321D633 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\SVEN-DVP2014\Backup Set 2014-08-23 094359\Backup Files 2014-08-23 094359\Backup files 4.zip"
sh=8351C1C5CCCC207CFC18430AED7A1FBEE3B78751 ft=0 fh=0000000000000000 vn="Win32/Systweak.K evtl. unerwünschte Anwendung" ac=I fn="C:\SVEN-DVP2014\Backup Set 2014-08-23 094359\Backup Files 2014-08-23 101215\Backup files 1.zip"
sh=7A0F1147D8A90E53377753D7417A8E7FAB02905F ft=1 fh=9b8d0603f50f8958 vn="Win32/VOPackage.BC evtl. unerwünschte Anwendung" ac=I fn="D:\Qoobox\Quarantine\D\Users\sven\AppData\Local\nsyB520.tmp.vir"
sh=399A586BBE249CDD6E0B6A28A5044132806A5854 ft=1 fh=c71c0011d5ddfaed vn="Variante von MSIL/Injector.GPS Trojaner" ac=I fn="D:\Qoobox\Quarantine\D\Users\sven\AppData\Roaming\dplaysvr.exe.vir"
sh=FADE54DA0058B8C5140663F824DF4485A339ED23 ft=1 fh=efb59306b085019d vn="Variante von MSIL/Injector.FSW Trojaner" ac=I fn="D:\steam\HyperCam.exe"
sh=399A586BBE249CDD6E0B6A28A5044132806A5854 ft=1 fh=c71c0011d5ddfaed vn="Variante von MSIL/Injector.GPS Trojaner" ac=I fn="D:\Usenext\wizard\Absolute MP3 Splitter .rar (001_274)\Absolute MP3 Splitter .exe"
sh=3EDA368653FDAA15D79193BDCCBD8B32893D8276 ft=0 fh=0000000000000000 vn="Variante von Win32/Kryptik.AWYM Trojaner" ac=I fn="D:\Usenext\wizard\Anton Mayday - Mindscapes 157 - Pure FM - SBD 03 0\Anton_Mayday-Mindscapes_157_(Pure_FM)-SBD-03-02-2013-B2RLiVE_INT.rar"
sh=A7CAF83E813ED0F4DB1ED6C6A570D60F1455C591 ft=0 fh=0000000000000000 vn="Variante von Win32/Kryptik.AWYM Trojaner" ac=I fn="D:\Usenext\wizard\Danny Avila - Delicious Housetunes Mayday Special\Danny_Avila_-_Delicious_Housetunes__Mayday_Special_(Hitradio_MSOne)-04-25-CABLE-2013-UME_INT.rar"
sh=F7EAA26375D35D1D3ACB3FC520D7CD1363EECD1E ft=0 fh=0000000000000000 vn="Win32/Toolbar.Conduit.A evtl. unerwünschte Anwendung" ac=I fn="D:\Usenext\wizard\Jennifer Rush Album Collection\Jennifer Rush Jennifer Rush\Jennifer Rush - Alben - 1984 - Jennifer Rush brothers-of-usenet.org - Informationen zum Thema brothers-of-usenet. Diese Website steht zum Verkauf! sponsored by www.Newsconnection.nl\Brothers\Brothers Bar Community Toolbar für Firefox.xpi"
sh=7D52AD23EC9F49564CF6A7F99A550AE10017344F ft=1 fh=2ff7c59f63c86a4e vn="Win32/MyPCBackup.C evtl. unerwünschte Anwendung" ac=I fn="D:\Users\sven\Downloads\IObit-Malware-Fighter-Setup.exe"
sh=DA38DF0E772229ADDF239B04185CAE486CE75990 ft=1 fh=31688d337dd00540 vn="Win32/InstallMonetizer.AF evtl. unerwünschte Anwendung" ac=I fn="D:\Users\sven\Downloads\MP3CutterSetup.exe"
sh=EAE2784C9115FE9CFA44A116B74E72C1BCCFA7F6 ft=1 fh=2e79e77116fe19c4 vn="Win32/DownWare.L evtl. unerwünschte Anwendung" ac=I fn="D:\Users\sven\Downloads\MyPhoneExplorer_1.8.5.exe"
sh=955DB52990DE2D71A7BA2B52C001A8810E0B1C34 ft=1 fh=52ea0ff07569d6d1 vn="Variante von Win32/ReImageRepair.C evtl. unerwünschte Anwendung" ac=I fn="D:\Users\sven\Downloads\ReimageRepair.exe"
sh=0BBE6B557F0D710AF7D1E12615BAB5696BFE1F2F ft=1 fh=7f5ebdd46cadd7d4 vn="Variante von Win32/Toolbar.Widgi.B evtl. unerwünschte Anwendung" ac=I fn="D:\Users\sven\Downloads\smart-defrag-setup.exe"
sh=E55DA6BAC6CA0E85E13D3FC2805B1C49D8045DD0 ft=1 fh=a341758a219db876 vn="Win32/Systweak.K evtl. unerwünschte Anwendung" ac=I fn="D:\Users\sven\Downloads\tall_23080144408003232.exe"
sh=E79CE0DA43C79F2A4E48A4F4A02905DE783FBD16 ft=1 fh=a9eb553813c219ce vn="NSIS/StartPage.CC Trojaner" ac=I fn="D:\Users\sven\Downloads\vlc-2.1.4-win64.exe"
sh=702E069AD7FE26F25122A3E7B58CE43A2088788D ft=1 fh=63e03a2239909e75 vn="Variante von Win32/Toolbar.SearchSuite.Z evtl. unerwünschte Anwendung" ac=I fn="D:\VON C\Downloads\iMeshV10.exe"
sh=84719368418BA2E346906042BF38F77DF55BEBB9 ft=1 fh=1a364c99d27798e6 vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="D:\VON C\Downloads\SoftonicDownloader_fuer_hamster-free-video-converter.exe"
sh=B5B2A05B5E37F948963ABB641D6CBF04B2EAC9D1 ft=1 fh=88c6eaa40a33fef3 vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="D:\VON C\Downloads\SoftonicDownloader_fuer_ratdvd.exe"
sh=E661227D021D228CB60786B68099240F76F1CBF7 ft=1 fh=f0c74b3c3191e1d9 vn="Variante von Win32/InstallCore.D evtl. unerwünschte Anwendung" ac=I fn="D:\VON C\Downloads\VideoToMp3Setup.exe"
sh=3EDA368653FDAA15D79193BDCCBD8B32893D8276 ft=0 fh=0000000000000000 vn="Variante von Win32/Kryptik.AWYM Trojaner" ac=I fn="H:\august 2014\wizard\Anton Mayday - Mindscapes 157 - Pure FM - SBD 03 0\Anton_Mayday-Mindscapes_157_(Pure_FM)-SBD-03-02-2013-B2RLiVE_INT.rar"
sh=A7CAF83E813ED0F4DB1ED6C6A570D60F1455C591 ft=0 fh=0000000000000000 vn="Variante von Win32/Kryptik.AWYM Trojaner" ac=I fn="H:\august 2014\wizard\Danny Avila - Delicious Housetunes Mayday Special\Danny_Avila_-_Delicious_Housetunes__Mayday_Special_(Hitradio_MSOne)-04-25-CABLE-2013-UME_INT.rar"
sh=F7EAA26375D35D1D3ACB3FC520D7CD1363EECD1E ft=0 fh=0000000000000000 vn="Win32/Toolbar.Conduit.A evtl. unerwünschte Anwendung" ac=I fn="H:\august 2014\wizard\Jennifer Rush Album Collection\Jennifer Rush Jennifer Rush\Jennifer Rush - Alben - 1984 - Jennifer Rush brothers-of-usenet.org - Informationen zum Thema brothers-of-usenet. Diese Website steht zum Verkauf! sponsored by www.Newsconnection.nl\Brothers\Brothers Bar Community Toolbar für Firefox.xpi"
sh=9D0899BD32A1ECE2488971B3EE191E0596419C6C ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="H:\SVEN-DVP2014\Backup Set 2014-08-23 162209\Backup Files 2014-08-23 162209\Backup files 4.zip"
sh=4D48B2C1A913E8D3813CDC18B93B6E720BDABB50 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="H:\SVEN-DVP2014\Backup Set 2014-09-21 190000\Backup Files 2014-09-21 190000\Backup files 4.zip"
sh=2FE5565BE4E2823FCC37A5AC0698A3585A005E0C ft=0 fh=0000000000000000 vn="Win32/VOPackage.BC evtl. unerwünschte Anwendung" ac=I fn="H:\SVEN-DVP2014\Backup Set 2014-09-21 190000\Backup Files 2014-10-13 000223\Backup files 1.zip"
sh=BE529977D8BA944F24F8E3B252A8FB886F2D4341 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="H:\SVEN-DVP2014\Backup Set 2014-09-21 190000\Backup Files 2014-10-13 000223\Backup files 3.zip"
sh=FEDF00400EC884923756EF9CA527B4E484D0D71E ft=0 fh=0000000000000000 vn="Win32/MyPCBackup.C evtl. unerwünschte Anwendung" ac=I fn="H:\SVEN-DVP2014\Backup Set 2014-09-21 190000\Backup Files 2014-11-16 232432\Backup files 3.zip"
sh=B7EE101EF535770AAD2EED8189EF3A4E4FA5D875 ft=0 fh=0000000000000000 vn="Win32/VOPackage.BC evtl. unerwünschte Anwendung" ac=I fn="H:\SVEN-DVP2014\Backup Set 2014-11-23 190000\Backup Files 2014-11-23 190000\Backup files 1.zip"
sh=AE29B8D59E255FE75AC39B2442E6EDCDD31B6CA9 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="H:\SVEN-DVP2014\Backup Set 2014-11-23 190000\Backup Files 2014-11-23 190000\Backup files 4.zip"
sh=EAE2784C9115FE9CFA44A116B74E72C1BCCFA7F6 ft=1 fh=2e79e77116fe19c4 vn="Win32/DownWare.L evtl. unerwünschte Anwendung" ac=I fn="H:\Users\sven\Downloads\MyPhoneExplorer_1.8.5.exe"
sh=955DB52990DE2D71A7BA2B52C001A8810E0B1C34 ft=1 fh=52ea0ff07569d6d1 vn="Variante von Win32/ReImageRepair.C evtl. unerwünschte Anwendung" ac=I fn="H:\Users\sven\Downloads\ReimageRepair.exe"
sh=0BBE6B557F0D710AF7D1E12615BAB5696BFE1F2F ft=1 fh=7f5ebdd46cadd7d4 vn="Variante von Win32/Toolbar.Widgi.B evtl. unerwünschte Anwendung" ac=I fn="H:\Users\sven\Downloads\smart-defrag-setup.exe"
sh=E79CE0DA43C79F2A4E48A4F4A02905DE783FBD16 ft=1 fh=a9eb553813c219ce vn="NSIS/StartPage.CC Trojaner" ac=I fn="H:\Users\sven\Downloads\vlc-2.1.4-win64.exe"
sh=8E4EC955F6C28B165055D27E754A96B27C43BBC4 ft=1 fh=4da786a23a4b2030 vn="Variante von Win32/KBM.A evtl. unerwünschte Anwendung" ac=I fn="H:\Von C juni 2014\Downloads\BestVideoDownloader.exe"
sh=D7574B086DB3208A13F7A25E70969D37BDDF1241 ft=1 fh=82e51bf06dc629de vn="MSIL/Solimba.L evtl. unerwünschte Anwendung" ac=I fn="H:\Von C juni 2014\Downloads\Windows Live Movie Maker.exe"



esults of screen317's Security Check version 0.99.91
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Adobe Flash Player 16.0.0.235
Mozilla Firefox (34.0.5)
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbam.exe
IObit IObit Malware Fighter IMFsrv.exe
Malwarebytes Anti-Malware mbamscheduler.exe
IObit IObit Malware Fighter IMF.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast afwServ.exe
AVAST Software Avast avastui.exe
AVAST Software Avast ng vbox\AvastVBoxSVC.exe
AVAST Software Avast ng ngservice.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive D:
````````````````````End of Log``````````````````````







FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-12-2014 01
Ran by sven (administrator) on SVEN-DVP2014 on 17-12-2014 10:31:35
Running from D:\Users\sven\Desktop
Loaded Profile: sven (Available profiles: sven)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) D:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
(NVIDIA Corporation) D:\Windows\System32\nvvsvc.exe
(Logitech Inc.) D:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) D:\Windows\System32\nvvsvc.exe
(AVAST Software) D:\Program Files\AVAST Software\Avast\AvastSvc.exe
(IObit) D:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(AVAST Software) D:\Program Files\AVAST Software\Avast\afwServ.exe
(Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(IObit) D:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe
(Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) D:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Razer Inc.) D:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe
(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) D:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) D:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(IObit) D:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(IObit) D:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe
(AVAST Software) D:\Program Files\AVAST Software\Avast\avastui.exe
(Razer Inc.) D:\Program Files (x86)\Razer\RzWizard\RzWizard.exe
(OpenOffice.org) D:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) D:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(IObit) D:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(Avast Software) D:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(AVAST Software) D:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Mozilla Corporation) D:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) D:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
(Adobe Systems, Inc.) D:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
(Microsoft Corporation) D:\Windows\splwow64.exe
(Microsoft Corporation) D:\Program Files\Internet Explorer\iexplore.exe
(Adblock) D:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => D:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => D:\Windows\system32\rundll32.exe D:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RtHDVCpl] => D:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-07-03] (Realtek Semiconductor)
HKLM-x32\...\Run: [AvastUI.exe] => D:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2014-12-12] (AVAST Software)
HKLM-x32\...\Run: [RzWizard] => D:\Program Files (x86)\Razer\RzWizard\RzWizard.exe [254464 2014-05-20] (Razer Inc.)
HKLM-x32\...\Run: [IObit Malware Fighter] => D:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [1802048 2014-10-13] (IObit)
HKU\S-1-5-21-1088142728-589118971-3801686269-1001\...\Run: [Advanced SystemCare 8] => D:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2426144 2014-11-25] (IObit)
Startup: D:\Users\sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> D:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => D:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1088142728-589118971-3801686269-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1088142728-589118971-3801686269-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - D:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1088142728-589118971-3801686269-1001 -> DefaultScope {B54C0AB0-47A7-4668-981D-61E6F46E85C9} URL = hxxp://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=internet-tab&tpc=internet&ptl=std&classification=internet-tab_internet_std&q={searchTerms}&br=ie10-toi
SearchScopes: HKU\S-1-5-21-1088142728-589118971-3801686269-1001 -> {268F4782-82F0-4FDD-A280-41401C8866C8} URL = hxxp://rover.ebay.com/rover/1/707-1403-27640-2/4?mpre=hxxp://search.ebay.de/search/search.dll?shortcut=4&query={searchTerms}
SearchScopes: HKU\S-1-5-21-1088142728-589118971-3801686269-1001 -> {2A72D499-19BC-4C6B-8B33-2EF95EF19C86} URL = hxxp://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&tag=interactivemesuche-21&index=blended&linkCode=ur2&camp=1638&creative=6742
SearchScopes: HKU\S-1-5-21-1088142728-589118971-3801686269-1001 -> {B54C0AB0-47A7-4668-981D-61E6F46E85C9} URL = hxxp://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=internet-tab&tpc=internet&ptl=std&classification=internet-tab_internet_std&q={searchTerms}&br=ie10-toi
SearchScopes: HKU\S-1-5-21-1088142728-589118971-3801686269-1001 -> {F07A64E4-2727-4408-A746-BA89B9FCC220} URL = hxxp://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=wiki-tab&tpc=internet&ptl=std&classification=wiki-tab_internet_std&q={searchTerms}&br=ie10-toi
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> D:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Ads Removal -> {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -> D:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll (Adblock)
Tcpip\Parameters: [DhcpNameServer] 82.212.62.62 78.42.43.62 192.168.1.1

FireFox:
========
FF ProfilePath: D:\Users\sven\AppData\Roaming\Mozilla\Firefox\Profiles\60jjrv1t.default-1418420050602
FF SelectedSearchEngine: DuckDuckGo
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> D:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @videolan.org/vlc,version=2.1.4 -> D:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> D:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> D:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - D:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - D:\Program Files\AVAST Software\Avast\WebRep\FF [2014-06-14]
FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [Not Found]

Chrome:
=======
CHR Profile: D:\Users\sven\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - D:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-28]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService8; D:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit)
R2 avast! Antivirus; D:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-28] (AVAST Software)
R2 avast! Firewall; D:\Program Files\AVAST Software\Avast\afwServ.exe [104416 2014-11-28] (AVAST Software)
R3 AvastVBoxSvc; D:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-11-28] (Avast Software)
R2 IMFservice; D:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [344896 2014-09-30] (IObit)
S2 LiveUpdateSvc; D:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2631456 2014-11-26] (IObit)
R2 MBAMScheduler; D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 NvNetworkService; D:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617696 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; D:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21007192 2014-04-30] (NVIDIA Corporation)
R2 RzWizardService; D:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe [367616 2014-05-20] (Razer Inc.) [File not signed]
S2 SpyHunter 4 Service; No ImagePath

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; D:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 aswHwid; D:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-28] ()
R1 aswKbd; D:\Windows\system32\drivers\aswKbd.sys [28184 2014-11-28] (AVAST Software)
R2 aswMonFlt; D:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-28] (AVAST Software)
R0 aswNdisFlt; D:\Windows\System32\DRIVERS\aswNdisFlt.sys [449936 2014-11-28] (AVAST Software)
R1 aswRdr; D:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-28] (AVAST Software)
R0 aswRvrt; D:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-28] ()
R1 aswSnx; D:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-28] (AVAST Software)
R1 aswSP; D:\Windows\system32\drivers\aswSP.sys [436624 2014-11-28] (AVAST Software)
R2 aswStm; D:\Windows\system32\drivers\aswStm.sys [116728 2014-11-28] (AVAST Software)
R0 aswVmm; D:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-28] ()
S3 esgiguard; No ImagePath
S3 EsgScanner; D:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2014-12-12] ()
R3 FileMonitor; D:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
R3 MBAMProtector; D:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; D:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-17] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; D:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R3 NvStreamKms; D:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18776 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; D:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 RegFilter; D:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2013-11-19] (IObit.com)
R0 SmartDefragDriver; D:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
R3 UrlFilter; D:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-11-19] (IObit.com)
U4 VBoxAswDrv; D:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-11-28] (Avast Software)
S3 catchme; \??\D:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-17 10:26 - 2014-12-17 10:26 - 00852490 _____ () D:\Users\sven\Desktop\SecurityCheck.exe
2014-12-16 17:11 - 2014-12-16 17:11 - 02347384 _____ (ESET) D:\Users\sven\Downloads\esetsmartinstaller_deu.exe
2014-12-15 13:38 - 2014-12-15 13:38 - 00016501 _____ () D:\Users\sven\Desktop\Addition.txt
2014-12-15 13:37 - 2014-12-17 10:31 - 00013630 _____ () D:\Users\sven\Desktop\FRST.txt
2014-12-15 13:37 - 2014-12-15 13:37 - 00000000 ____D () D:\Users\sven\Desktop\FRST-OlderVersion
2014-12-15 13:33 - 2014-12-15 13:33 - 00000760 _____ () D:\Users\sven\Desktop\JRT.txt
2014-12-15 13:25 - 2014-12-15 13:25 - 01707646 _____ (Thisisu) D:\Users\sven\Desktop\JRT.exe
2014-12-15 00:42 - 2014-12-15 00:45 - 00000000 ____D () D:\AdwCleaner
2014-12-15 00:40 - 2014-12-15 00:40 - 02166272 _____ () D:\Users\sven\Desktop\AdwCleaner_4.105.exe
2014-12-15 00:39 - 2014-12-15 00:39 - 00002172 _____ () D:\Users\sven\Desktop\mbam.txt
2014-12-15 00:16 - 2014-12-17 07:50 - 00129752 _____ (Malwarebytes Corporation) D:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-15 00:15 - 2014-12-15 00:15 - 00001111 _____ () D:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-15 00:15 - 2014-12-15 00:15 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-15 00:15 - 2014-12-15 00:15 - 00000000 ____D () D:\ProgramData\Malwarebytes
2014-12-15 00:15 - 2014-12-15 00:15 - 00000000 ____D () D:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-15 00:15 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) D:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-15 00:15 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) D:\Windows\system32\Drivers\mwac.sys
2014-12-15 00:15 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) D:\Windows\system32\Drivers\mbam.sys
2014-12-15 00:13 - 2014-12-15 00:13 - 20447072 _____ (Malwarebytes Corporation ) D:\Users\sven\Downloads\mbam-setup-2.0.4.1028.exe
2014-12-13 21:10 - 2014-12-13 21:10 - 00025195 _____ () D:\ComboFix.txt
2014-12-13 20:58 - 2011-06-26 01:45 - 00256000 _____ () D:\Windows\PEV.exe
2014-12-13 20:58 - 2010-11-07 12:20 - 00208896 _____ () D:\Windows\MBR.exe
2014-12-13 20:58 - 2009-04-19 23:56 - 00060416 _____ (NirSoft) D:\Windows\NIRCMD.exe
2014-12-13 20:58 - 2000-08-30 19:00 - 00518144 _____ (SteelWerX) D:\Windows\SWREG.exe
2014-12-13 20:58 - 2000-08-30 19:00 - 00406528 _____ (SteelWerX) D:\Windows\SWSC.exe
2014-12-13 20:58 - 2000-08-30 19:00 - 00098816 _____ () D:\Windows\sed.exe
2014-12-13 20:58 - 2000-08-30 19:00 - 00080412 _____ () D:\Windows\grep.exe
2014-12-13 20:58 - 2000-08-30 19:00 - 00068096 _____ () D:\Windows\zip.exe
2014-12-13 20:57 - 2014-12-13 20:57 - 05600944 _____ (Swearware) D:\Users\sven\Downloads\ComboFix(1).exe
2014-12-13 00:51 - 2014-12-13 06:54 - 00035368 _____ () D:\Users\sven\Downloads\Addition.txt
2014-12-13 00:50 - 2014-12-17 10:31 - 00000000 ____D () D:\FRST
2014-12-13 00:50 - 2014-12-13 06:54 - 00044574 _____ () D:\Users\sven\Downloads\FRST.txt
2014-12-13 00:49 - 2014-12-15 13:37 - 02119168 _____ (Farbar) D:\Users\sven\Desktop\FRST64.exe
2014-12-12 17:13 - 2014-12-13 21:10 - 00000000 ____D () D:\Qoobox
2014-12-12 17:07 - 2014-12-17 00:14 - 00001680 _____ () D:\Windows\setupact.log
2014-12-12 17:07 - 2014-12-12 17:07 - 00000000 _____ () D:\Windows\setuperr.log
2014-12-12 17:06 - 2014-12-17 00:14 - 00003754 _____ () D:\Windows\PFRO.log
2014-12-12 17:03 - 2014-12-13 21:09 - 00000000 ____D () D:\Windows\erdnt
2014-12-12 17:02 - 2014-12-13 20:57 - 05600944 ____R (Swearware) D:\Users\sven\Desktop\ComboFix.exe
2014-12-12 16:34 - 2014-12-12 16:34 - 00000000 ____D () D:\Users\sven\Desktop\Alte Firefox-Daten
2014-12-12 15:10 - 2014-12-12 15:10 - 00022704 _____ () D:\Windows\system32\Drivers\EsgScanner.sys
2014-12-12 15:10 - 2014-12-12 15:10 - 00003330 _____ () D:\Windows\System32\Tasks\SpyHunter4Startup
2014-12-12 15:10 - 2014-12-12 15:10 - 00000000 ____D () D:\Users\sven\AppData\Roaming\Enigma Software Group
2014-12-12 15:10 - 2014-12-12 15:10 - 00000000 ____D () D:\sh4ldr
2014-12-12 15:10 - 2014-12-12 15:10 - 00000000 ____D () D:\Program Files\Enigma Software Group
2014-12-12 15:10 - 2014-12-12 15:10 - 00000000 _____ () D:\autoexec.bat
2014-12-12 15:09 - 2014-12-12 15:09 - 03044736 _____ (Enigma Software Group USA, LLC.) D:\Users\sven\Downloads\SpyHunter-Installer.exe
2014-12-12 15:02 - 2014-12-12 15:02 - 00001168 _____ () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-12 15:02 - 2014-12-12 15:02 - 00001156 _____ () D:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-12-12 15:02 - 2014-12-12 15:02 - 00000000 ____D () D:\Program Files (x86)\Mozilla Maintenance Service
2014-12-12 15:02 - 2014-12-12 15:02 - 00000000 ____D () D:\Program Files (x86)\Mozilla Firefox
2014-12-12 15:01 - 2014-12-12 15:01 - 00244264 _____ () D:\Users\sven\Downloads\Firefox Setup Stub 34.0.5.exe
2014-12-12 14:54 - 2014-12-15 13:28 - 00000000 ____D () D:\Windows\ERUNT
2014-12-12 14:54 - 2014-12-12 14:59 - 00002458 _____ () D:\DelFix.txt
2014-12-12 14:47 - 2014-12-12 14:47 - 00709564 _____ () D:\Users\sven\Downloads\delfix_10.8.exe
2014-12-12 14:42 - 2014-12-12 14:42 - 00000000 ____D () D:\Program Files (x86)\AGEIA Technologies
2014-12-12 14:38 - 2014-12-12 14:38 - 00197408 _____ (NVIDIA Corporation) D:\Windows\system32\Drivers\nvhda64v.sys
2014-12-12 14:38 - 2014-12-12 14:38 - 00031520 _____ (NVIDIA Corporation) D:\Windows\system32\nvhdap64.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 31890064 _____ (NVIDIA Corporation) D:\Windows\system32\nvoglv64.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 24555840 _____ (NVIDIA Corporation) D:\Windows\SysWOW64\nvoglv32.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 20968040 _____ (NVIDIA Corporation) D:\Windows\system32\nvwgf2umx.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 20922696 _____ (NVIDIA Corporation) D:\Windows\system32\nvcompiler.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 19966856 _____ (NVIDIA Corporation) D:\Windows\system32\nvd3dumx.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 18499648 _____ (NVIDIA Corporation) D:\Windows\SysWOW64\nvwgf2um.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 17260864 _____ (NVIDIA Corporation) D:\Windows\SysWOW64\nvcompiler.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 16886168 _____ (NVIDIA Corporation) D:\Windows\SysWOW64\nvd3dum.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 14029400 _____ (NVIDIA Corporation) D:\Windows\system32\nvopencl.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 13942368 _____ (NVIDIA Corporation) D:\Windows\system32\nvcuda.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 13190288 _____ (NVIDIA Corporation) D:\Windows\system32\Drivers\nvlddmkm.sys
2014-12-12 14:34 - 2014-12-12 14:34 - 11395672 _____ (NVIDIA Corporation) D:\Windows\SysWOW64\nvopencl.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 11333848 _____ (NVIDIA Corporation) D:\Windows\SysWOW64\nvcuda.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 04289856 _____ (NVIDIA Corporation) D:\Windows\system32\nvcuvid.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 04009672 _____ (NVIDIA Corporation) D:\Windows\SysWOW64\nvcuvid.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 01876296 _____ (NVIDIA Corporation) D:\Windows\system32\nvdispco6434448.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 01539272 _____ (NVIDIA Corporation) D:\Windows\system32\nvdispgenco6434448.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 00962376 _____ (NVIDIA Corporation) D:\Windows\system32\NvIFR64.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 00931984 _____ (NVIDIA Corporation) D:\Windows\system32\NvFBC64.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 00921928 _____ (NVIDIA Corporation) D:\Windows\SysWOW64\NvIFR.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 00895176 _____ (NVIDIA Corporation) D:\Windows\SysWOW64\NvFBC.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 00870112 _____ (NVIDIA Corporation) D:\Windows\SysWOW64\nvumdshim.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 00352016 _____ (NVIDIA Corporation) D:\Windows\system32\nvoglshim64.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 00303600 _____ (NVIDIA Corporation) D:\Windows\SysWOW64\nvoglshim32.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 00174856 _____ (NVIDIA Corporation) D:\Windows\system32\nvinitx.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 00156840 _____ (NVIDIA Corporation) D:\Windows\SysWOW64\nvinit.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 00027024 _____ () D:\Windows\system32\nvinfo.pb
2014-12-12 14:30 - 2014-12-15 00:08 - 00002860 _____ () D:\Windows\System32\Tasks\Driver Booster SkipUAC (SYSTEM)
2014-12-12 14:30 - 2014-12-12 14:42 - 00002083 _____ () D:\Users\Public\Desktop\Driver Booster 2.lnk
2014-12-12 14:30 - 2014-12-12 14:30 - 00003170 _____ () D:\Windows\System32\Tasks\SmartDefrag3_Update
2014-12-12 14:30 - 2014-12-12 14:30 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
2014-12-12 08:40 - 2014-12-12 08:40 - 00014096 _____ () D:\Users\sven\Documents\Rezepteinreichung.odt
2014-12-12 08:27 - 2014-12-12 08:27 - 00000000 ____D () D:\Windows\system32\appraiser
2014-12-12 06:53 - 2014-10-17 21:05 - 04121600 _____ (Microsoft Corporation) D:\Windows\system32\mf.dll
2014-12-12 06:53 - 2014-10-17 20:33 - 03209728 _____ (Microsoft Corporation) D:\Windows\SysWOW64\mf.dll
2014-12-12 05:57 - 2014-11-26 20:43 - 00389296 _____ (Microsoft Corporation) D:\Windows\system32\iedkcs32.dll
2014-12-12 05:57 - 2014-11-26 20:10 - 00342200 _____ (Microsoft Corporation) D:\Windows\SysWOW64\iedkcs32.dll
2014-12-12 05:57 - 2014-11-21 22:13 - 25059840 _____ (Microsoft Corporation) D:\Windows\system32\mshtml.dll
2014-12-12 05:57 - 2014-11-21 22:06 - 02724864 _____ (Microsoft Corporation) D:\Windows\system32\mshtml.tlb
2014-12-12 05:57 - 2014-11-21 22:06 - 00004096 _____ (Microsoft Corporation) D:\Windows\system32\ieetwcollectorres.dll
2014-12-12 05:57 - 2014-11-21 21:50 - 00580096 _____ (Microsoft Corporation) D:\Windows\system32\vbscript.dll
2014-12-12 05:57 - 2014-11-21 21:50 - 00066560 _____ (Microsoft Corporation) D:\Windows\system32\iesetup.dll
2014-12-12 05:57 - 2014-11-21 21:49 - 02885120 _____ (Microsoft Corporation) D:\Windows\system32\iertutil.dll
2014-12-12 05:57 - 2014-11-21 21:49 - 00048640 _____ (Microsoft Corporation) D:\Windows\system32\ieetwproxystub.dll
2014-12-12 05:57 - 2014-11-21 21:48 - 00088064 _____ (Microsoft Corporation) D:\Windows\system32\MshtmlDac.dll
2014-12-12 05:57 - 2014-11-21 21:41 - 00054784 _____ (Microsoft Corporation) D:\Windows\system32\jsproxy.dll
2014-12-12 05:57 - 2014-11-21 21:40 - 00034304 _____ (Microsoft Corporation) D:\Windows\system32\iernonce.dll
2014-12-12 05:57 - 2014-11-21 21:37 - 00633856 _____ (Microsoft Corporation) D:\Windows\system32\ieui.dll
2014-12-12 05:57 - 2014-11-21 21:35 - 00144384 _____ (Microsoft Corporation) D:\Windows\system32\ieUnatt.exe
2014-12-12 05:57 - 2014-11-21 21:35 - 00114688 _____ (Microsoft Corporation) D:\Windows\system32\ieetwcollector.exe
2014-12-12 05:57 - 2014-11-21 21:34 - 06039552 _____ (Microsoft Corporation) D:\Windows\system32\jscript9.dll
2014-12-12 05:57 - 2014-11-21 21:34 - 00814080 _____ (Microsoft Corporation) D:\Windows\system32\jscript9diag.dll
2014-12-12 05:57 - 2014-11-21 21:26 - 00968704 _____ (Microsoft Corporation) D:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-12 05:57 - 2014-11-21 21:22 - 19749376 _____ (Microsoft Corporation) D:\Windows\SysWOW64\mshtml.dll
2014-12-12 05:57 - 2014-11-21 21:22 - 00490496 _____ (Microsoft Corporation) D:\Windows\system32\dxtmsft.dll
2014-12-12 05:57 - 2014-11-21 21:20 - 02724864 _____ (Microsoft Corporation) D:\Windows\SysWOW64\mshtml.tlb
2014-12-12 05:57 - 2014-11-21 21:14 - 00077824 _____ (Microsoft Corporation) D:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-12 05:57 - 2014-11-21 21:09 - 00199680 _____ (Microsoft Corporation) D:\Windows\system32\msrating.dll
2014-12-12 05:57 - 2014-11-21 21:08 - 00092160 _____ (Microsoft Corporation) D:\Windows\system32\mshtmled.dll
2014-12-12 05:57 - 2014-11-21 21:07 - 00501248 _____ (Microsoft Corporation) D:\Windows\SysWOW64\vbscript.dll
2014-12-12 05:57 - 2014-11-21 21:07 - 00062464 _____ (Microsoft Corporation) D:\Windows\SysWOW64\iesetup.dll
2014-12-12 05:57 - 2014-11-21 21:06 - 00047616 _____ (Microsoft Corporation) D:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-12 05:57 - 2014-11-21 21:05 - 00316928 _____ (Microsoft Corporation) D:\Windows\system32\dxtrans.dll
2014-12-12 05:57 - 2014-11-21 21:05 - 00064000 _____ (Microsoft Corporation) D:\Windows\SysWOW64\MshtmlDac.dll
2014-12-12 05:57 - 2014-11-21 21:01 - 02277888 _____ (Microsoft Corporation) D:\Windows\SysWOW64\iertutil.dll
2014-12-12 05:57 - 2014-11-21 20:59 - 00047104 _____ (Microsoft Corporation) D:\Windows\SysWOW64\jsproxy.dll
2014-12-12 05:57 - 2014-11-21 20:58 - 00030720 _____ (Microsoft Corporation) D:\Windows\SysWOW64\iernonce.dll
2014-12-12 05:57 - 2014-11-21 20:56 - 00478208 _____ (Microsoft Corporation) D:\Windows\SysWOW64\ieui.dll
2014-12-12 05:57 - 2014-11-21 20:55 - 00115712 _____ (Microsoft Corporation) D:\Windows\SysWOW64\ieUnatt.exe
2014-12-12 05:57 - 2014-11-21 20:54 - 00620032 _____ (Microsoft Corporation) D:\Windows\SysWOW64\jscript9diag.dll
2014-12-12 05:57 - 2014-11-21 20:49 - 00800768 _____ (Microsoft Corporation) D:\Windows\system32\msfeeds.dll
2014-12-12 05:57 - 2014-11-21 20:49 - 00718848 _____ (Microsoft Corporation) D:\Windows\system32\ie4uinit.exe
2014-12-12 05:57 - 2014-11-21 20:47 - 01359360 _____ (Microsoft Corporation) D:\Windows\system32\mshtmlmedia.dll
2014-12-12 05:57 - 2014-11-21 20:46 - 02125312 _____ (Microsoft Corporation) D:\Windows\system32\inetcpl.cpl
2014-12-12 05:57 - 2014-11-21 20:45 - 00418304 _____ (Microsoft Corporation) D:\Windows\SysWOW64\dxtmsft.dll
2014-12-12 05:57 - 2014-11-21 20:43 - 14412800 _____ (Microsoft Corporation) D:\Windows\system32\ieframe.dll
2014-12-12 05:57 - 2014-11-21 20:40 - 00060416 _____ (Microsoft Corporation) D:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-12 05:57 - 2014-11-21 20:36 - 00168960 _____ (Microsoft Corporation) D:\Windows\SysWOW64\msrating.dll
2014-12-12 05:57 - 2014-11-21 20:35 - 00076288 _____ (Microsoft Corporation) D:\Windows\SysWOW64\mshtmled.dll
2014-12-12 05:57 - 2014-11-21 20:33 - 00285696 _____ (Microsoft Corporation) D:\Windows\SysWOW64\dxtrans.dll
2014-12-12 05:57 - 2014-11-21 20:29 - 04299264 _____ (Microsoft Corporation) D:\Windows\SysWOW64\jscript9.dll
2014-12-12 05:57 - 2014-11-21 20:28 - 02358272 _____ (Microsoft Corporation) D:\Windows\system32\wininet.dll
2014-12-12 05:57 - 2014-11-21 20:23 - 00688640 _____ (Microsoft Corporation) D:\Windows\SysWOW64\msfeeds.dll
2014-12-12 05:57 - 2014-11-21 20:22 - 02052096 _____ (Microsoft Corporation) D:\Windows\SysWOW64\inetcpl.cpl
2014-12-12 05:57 - 2014-11-21 20:21 - 01155072 _____ (Microsoft Corporation) D:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-12 05:57 - 2014-11-21 20:15 - 01548288 _____ (Microsoft Corporation) D:\Windows\system32\urlmon.dll
2014-12-12 05:57 - 2014-11-21 20:13 - 12836864 _____ (Microsoft Corporation) D:\Windows\SysWOW64\ieframe.dll
2014-12-12 05:57 - 2014-11-21 20:03 - 00800768 _____ (Microsoft Corporation) D:\Windows\system32\ieapfltr.dll
2014-12-12 05:57 - 2014-11-21 20:00 - 01888256 _____ (Microsoft Corporation) D:\Windows\SysWOW64\wininet.dll
2014-12-12 05:57 - 2014-11-21 19:56 - 01307136 _____ (Microsoft Corporation) D:\Windows\SysWOW64\urlmon.dll
2014-12-12 05:57 - 2014-11-21 19:54 - 00710144 _____ (Microsoft Corporation) D:\Windows\SysWOW64\ieapfltr.dll
2014-12-12 05:56 - 2014-12-03 21:50 - 00830976 _____ (Microsoft Corporation) D:\Windows\system32\appraiser.dll
2014-12-12 05:56 - 2014-12-03 21:50 - 00741376 _____ (Microsoft Corporation) D:\Windows\system32\invagent.dll
2014-12-12 05:56 - 2014-12-03 21:50 - 00413184 _____ (Microsoft Corporation) D:\Windows\system32\generaltel.dll
2014-12-12 05:56 - 2014-12-03 21:50 - 00396800 _____ (Microsoft Corporation) D:\Windows\system32\devinv.dll
2014-12-12 05:56 - 2014-12-03 21:50 - 00227328 _____ (Microsoft Corporation) D:\Windows\system32\aepdu.dll
2014-12-12 05:56 - 2014-12-03 21:50 - 00192000 _____ (Microsoft Corporation) D:\Windows\system32\aepic.dll
2014-12-12 05:56 - 2014-12-03 21:44 - 01083392 _____ (Microsoft Corporation) D:\Windows\system32\aeinv.dll
2014-12-12 05:56 - 2014-12-01 18:28 - 01232040 _____ (Microsoft Corporation) D:\Windows\system32\aitstatic.exe
2014-12-12 05:56 - 2014-11-10 22:09 - 01424384 _____ (Microsoft Corporation) D:\Windows\system32\WindowsCodecs.dll
2014-12-12 05:56 - 2014-11-10 21:44 - 01230336 _____ (Microsoft Corporation) D:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-12 05:56 - 2014-11-10 20:46 - 00119296 _____ (Microsoft Corporation) D:\Windows\system32\Drivers\tdx.sys
2014-12-12 05:56 - 2014-10-29 21:03 - 00165888 _____ (Microsoft Corporation) D:\Windows\system32\charmap.exe
2014-12-12 05:56 - 2014-10-29 20:45 - 00155136 _____ (Microsoft Corporation) D:\Windows\SysWOW64\charmap.exe
2014-12-12 05:56 - 2014-10-02 21:12 - 02020352 _____ (Microsoft Corporation) D:\Windows\system32\WsmSvc.dll
2014-12-12 05:56 - 2014-10-02 21:12 - 00346624 _____ (Microsoft Corporation) D:\Windows\system32\WSManMigrationPlugin.dll
2014-12-12 05:56 - 2014-10-02 21:12 - 00310272 _____ (Microsoft Corporation) D:\Windows\system32\WsmWmiPl.dll
2014-12-12 05:56 - 2014-10-02 21:12 - 00181248 _____ (Microsoft Corporation) D:\Windows\system32\WsmAuto.dll
2014-12-12 05:56 - 2014-10-02 21:11 - 00266240 _____ (Microsoft Corporation) D:\Windows\system32\WSManHTTPConfig.exe
2014-12-12 05:56 - 2014-10-02 20:45 - 01177088 _____ (Microsoft Corporation) D:\Windows\SysWOW64\WsmSvc.dll
2014-12-12 05:56 - 2014-10-02 20:45 - 00248832 _____ (Microsoft Corporation) D:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-12 05:56 - 2014-10-02 20:45 - 00214016 _____ (Microsoft Corporation) D:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-12 05:56 - 2014-10-02 20:45 - 00145920 _____ (Microsoft Corporation) D:\Windows\SysWOW64\WsmAuto.dll
2014-12-12 05:56 - 2014-10-02 20:44 - 00198656 _____ (Microsoft Corporation) D:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-12 05:55 - 2014-11-07 22:16 - 00002048 _____ (Microsoft Corporation) D:\Windows\system32\tzres.dll
2014-12-12 05:55 - 2014-11-07 21:45 - 00002048 _____ (Microsoft Corporation) D:\Windows\SysWOW64\tzres.dll
2014-12-11 13:33 - 2014-12-11 13:33 - 00002972 _____ () D:\Windows\System32\Tasks\{F6CEB399-2EBA-4EC6-A99A-05BF97ACE2A4}
2014-12-11 13:33 - 2014-12-11 13:33 - 00002972 _____ () D:\Windows\System32\Tasks\{824FFD76-5AB6-4642-B263-A1120F55CCD9}
2014-12-02 10:44 - 2014-12-02 10:44 - 00292516 _____ () D:\Users\sven\Desktop\Mozilla Firefox-Startseite.xht
2014-12-02 10:44 - 2014-12-02 10:44 - 00000000 ____D () D:\Users\sven\Desktop\Mozilla Firefox-Startseite-Dateien
2014-11-29 15:10 - 2014-11-29 15:10 - 36282808 _____ () D:\Users\sven\Downloads\Firefox Setup 33.1.1.exe
2014-11-28 21:52 - 2014-11-28 21:52 - 00000247 _____ () D:\Windows\system32\2014-11-29-02-52-40.017-aswFe.exe-5416.log
2014-11-28 21:52 - 2014-11-28 21:52 - 00000197 _____ () D:\Windows\system32\2014-11-29-02-52-28.057-AvastVBoxSVC.exe-5176.log
2014-11-28 12:36 - 2014-11-28 12:36 - 00000247 _____ () D:\Windows\system32\2014-11-28-17-36-45.018-aswFe.exe-3212.log
2014-11-28 12:36 - 2014-11-28 12:36 - 00000197 _____ () D:\Windows\system32\2014-11-28-17-36-39.077-AvastVBoxSVC.exe-3512.log
2014-11-28 12:29 - 2014-11-28 12:29 - 00000000 ____D () D:\Windows\SysWOW64\vbox
2014-11-28 12:29 - 2014-11-28 12:29 - 00000000 ____D () D:\Windows\system32\vbox
2014-11-28 07:20 - 2014-11-28 07:20 - 00001999 _____ () D:\Users\Public\Desktop\Avast SafeZone.lnk
2014-11-28 07:20 - 2014-11-28 07:20 - 00001939 _____ () D:\Users\Public\Desktop\Avast Internet Security.lnk
2014-11-28 07:20 - 2014-11-28 07:20 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-11-28 07:19 - 2014-11-28 07:19 - 00364512 _____ (AVAST Software) D:\Windows\system32\aswBoot.exe
2014-11-28 07:19 - 2014-11-28 07:19 - 00043152 _____ (AVAST Software) D:\Windows\avastSS.scr
2014-11-28 07:18 - 2014-11-28 07:18 - 00449936 _____ (AVAST Software) D:\Windows\system32\Drivers\aswNdisFlt.sys
2014-11-19 02:51 - 2014-11-10 22:08 - 00728064 _____ (Microsoft Corporation) D:\Windows\system32\kerberos.dll
2014-11-19 02:51 - 2014-11-10 22:08 - 00241152 _____ (Microsoft Corporation) D:\Windows\system32\pku2u.dll
2014-11-19 02:51 - 2014-11-10 21:44 - 00550912 _____ (Microsoft Corporation) D:\Windows\SysWOW64\kerberos.dll
2014-11-19 02:51 - 2014-11-10 21:44 - 00186880 _____ (Microsoft Corporation) D:\Windows\SysWOW64\pku2u.dll
2014-11-18 00:02 - 2014-11-18 00:02 - 00000000 ____D () D:\Users\sven\AppData\Local\Google

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-17 09:48 - 2014-06-15 16:11 - 00000884 _____ () D:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-17 04:59 - 2014-06-14 08:32 - 01892436 _____ () D:\Windows\WindowsUpdate.log
2014-12-17 00:23 - 2009-07-13 23:45 - 00022464 ____H () D:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-17 00:23 - 2009-07-13 23:45 - 00022464 ____H () D:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-17 00:14 - 2009-07-14 00:08 - 00000006 ____H () D:\Windows\Tasks\SA.DAT
2014-12-16 12:02 - 2014-06-15 14:22 - 00000000 ____D () D:\ProgramData\Adobe
2014-12-16 11:37 - 2014-06-14 15:30 - 00004182 _____ () D:\Windows\System32\Tasks\avast! Emergency Update
2014-12-16 00:18 - 2014-06-14 15:34 - 00000000 ____D () D:\Users\sven\AppData\Roaming\UseNeXT
2014-12-16 00:05 - 2010-12-19 05:03 - 00000000 ____D () D:\Usenext
2014-12-15 23:52 - 2014-06-15 19:32 - 00000000 ____D () D:\Users\sven\AppData\Roaming\vlc
2014-12-15 07:16 - 2014-07-03 17:04 - 00000000 ____D () D:\ProgramData\ProductData
2014-12-15 00:39 - 2014-10-09 18:47 - 00000000 ____D () D:\Users\sven\AppData\Roaming\Imminent
2014-12-15 00:03 - 2014-11-10 13:23 - 00002118 _____ () D:\Users\Public\Desktop\Advanced SystemCare 8.lnk
2014-12-13 21:08 - 2009-07-13 21:34 - 00000215 _____ () D:\Windows\system.ini
2014-12-13 21:04 - 2014-07-15 05:04 - 00000000 ____D () D:\ProgramData\TEMP
2014-12-13 08:16 - 2009-07-13 22:20 - 00000000 ____D () D:\Windows\rescache
2014-12-12 15:10 - 2014-06-14 14:52 - 00000000 ____D () D:\Users\sven
2014-12-12 14:42 - 2014-06-14 15:08 - 00000000 ____D () D:\Program Files (x86)\NVIDIA Corporation
2014-12-12 14:41 - 2014-06-15 16:11 - 00701616 _____ (Adobe Systems Incorporated) D:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-12 14:41 - 2014-06-15 16:11 - 00071344 _____ (Adobe Systems Incorporated) D:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-12 14:41 - 2014-06-15 16:11 - 00003822 _____ () D:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-12 14:38 - 2014-06-27 21:07 - 01538880 _____ (NVIDIA Corporation) D:\Windows\system32\nvhdagenco6420103.dll
2014-12-12 14:37 - 2014-06-14 15:09 - 00000000 ____D () D:\ProgramData\NVIDIA
2014-12-12 14:34 - 2013-02-25 23:32 - 03237528 _____ (NVIDIA Corporation) D:\Windows\system32\nvapi64.dll
2014-12-12 14:34 - 2013-02-25 23:32 - 02849224 _____ (NVIDIA Corporation) D:\Windows\SysWOW64\nvapi.dll
2014-12-12 14:34 - 2013-02-25 23:32 - 00987008 _____ (NVIDIA Corporation) D:\Windows\system32\nvumdshimx.dll
2014-12-12 14:30 - 2014-07-06 01:46 - 00001107 _____ () D:\Users\Public\Desktop\Smart Defrag 3.lnk
2014-12-12 14:30 - 2014-07-06 01:46 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 3
2014-12-12 14:30 - 2014-07-03 17:03 - 00000000 ____D () D:\Program Files (x86)\IObit
2014-12-12 14:22 - 2014-11-10 13:23 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8
2014-12-12 08:27 - 2014-06-16 16:19 - 00000000 ___SD () D:\Windows\system32\CompatTel
2014-12-12 08:27 - 2009-07-13 22:20 - 00000000 ____D () D:\Windows\PolicyDefinitions
2014-12-12 08:27 - 2009-07-13 22:20 - 00000000 ____D () D:\Windows\AppCompat
2014-12-12 06:56 - 2014-06-14 17:55 - 00000000 ____D () D:\Windows\system32\MRT
2014-12-12 06:54 - 2014-06-14 17:55 - 112710672 _____ (Microsoft Corporation) D:\Windows\system32\MRT.exe
2014-12-09 11:35 - 2014-06-15 16:11 - 00000000 ____D () D:\Users\sven\AppData\Roaming\Adobe
2014-12-08 14:11 - 2014-06-20 07:20 - 00000000 ____D () D:\Users\sven\Desktop\OpenOffice.org 3.4.1 (de) Installation Files
2014-12-06 14:46 - 2009-08-06 16:30 - 00699092 _____ () D:\Windows\system32\perfh007.dat
2014-12-06 14:46 - 2009-08-06 16:30 - 00149232 _____ () D:\Windows\system32\perfc007.dat
2014-12-06 14:46 - 2009-07-14 00:13 - 01619284 _____ () D:\Windows\system32\PerfStringBackup.INI
2014-12-02 12:18 - 2014-05-25 15:42 - 00000000 ____D () D:\Users\sven\Desktop\2014.05.19 - Reichardsroth
2014-12-02 12:18 - 2014-05-25 15:41 - 00000000 ____D () D:\Users\sven\Desktop\2014.05.20 - Reichardsroth - Geb. Sven - Tierpark Bad Mergentheim - Abendessen Rothenburg
2014-11-29 08:26 - 2014-11-01 14:26 - 00000000 ____D () D:\Users\sven\Desktop\volti
2014-11-28 07:19 - 2014-06-14 15:30 - 01050432 _____ (AVAST Software) D:\Windows\system32\Drivers\aswsnx.sys
2014-11-28 07:19 - 2014-06-14 15:30 - 00436624 _____ (AVAST Software) D:\Windows\system32\Drivers\aswsp.sys
2014-11-28 07:19 - 2014-06-14 15:30 - 00267632 _____ () D:\Windows\system32\Drivers\aswVmm.sys
2014-11-28 07:19 - 2014-06-14 15:30 - 00116728 _____ (AVAST Software) D:\Windows\system32\Drivers\aswstm.sys
2014-11-28 07:19 - 2014-06-14 15:30 - 00093568 _____ (AVAST Software) D:\Windows\system32\Drivers\aswRdr2.sys
2014-11-28 07:19 - 2014-06-14 15:30 - 00083280 _____ (AVAST Software) D:\Windows\system32\Drivers\aswMonFlt.sys
2014-11-28 07:19 - 2014-06-14 15:30 - 00065776 _____ () D:\Windows\system32\Drivers\aswRvrt.sys
2014-11-28 07:19 - 2014-06-14 15:30 - 00029208 _____ () D:\Windows\system32\Drivers\aswHwid.sys
2014-11-28 07:19 - 2014-06-14 15:30 - 00028184 _____ (AVAST Software) D:\Windows\system32\Drivers\aswKbd.sys
2014-11-24 14:04 - 2014-06-14 15:11 - 00275080 ____N (Microsoft Corporation) D:\Windows\system32\MpSigStub.exe
2014-11-23 19:38 - 2014-11-05 17:15 - 00000000 ____D () D:\Users\sven\Desktop\Pixum
2014-11-20 16:22 - 2014-06-14 15:31 - 00001866 _____ () D:\Users\sven\Desktop\UseNeXT by Tangysoft.lnk
2014-11-20 16:22 - 2014-06-14 15:31 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT
2014-11-20 16:22 - 2014-06-14 15:31 - 00000000 ____D () D:\Program Files (x86)\UseNeXT

Some content of TEMP:
====================
D:\Users\sven\AppData\Local\Temp\Quarantine.exe
D:\Users\sven\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

D:\Windows\System32\winlogon.exe => File is digitally signed
D:\Windows\System32\wininit.exe => File is digitally signed
D:\Windows\SysWOW64\wininit.exe => File is digitally signed
D:\Windows\explorer.exe => File is digitally signed
D:\Windows\SysWOW64\explorer.exe => File is digitally signed
D:\Windows\System32\svchost.exe => File is digitally signed
D:\Windows\SysWOW64\svchost.exe => File is digitally signed
D:\Windows\System32\services.exe => File is digitally signed
D:\Windows\System32\User32.dll => File is digitally signed
D:\Windows\SysWOW64\User32.dll => File is digitally signed
D:\Windows\System32\userinit.exe => File is digitally signed
D:\Windows\SysWOW64\userinit.exe => File is digitally signed
D:\Windows\System32\rpcss.dll => File is digitally signed
D:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-15 07:59

==================== End Of Log ============================
--- --- ---





so hoffe das alles da ist Gosses DANKE !

schrauber 17.12.2014 21:06
ESET Funde von Hand löschen, der meiste Kram ist in deinen Downloads.

Bestehen neben dem roblem mit der Uhr noch andere Probleme? CMOS Batterie mal erneuert?

dvpietsch 18.12.2014 06:40
Ok dann lösche ich mal die Datein und schau nach der Batterie glaube auch das es daran liegt mit der Uhr!

ich habe wirklich ein Problem hatte gestern dann einen Blue Screen !!

Hier mal ein BlueScreenView!

121714-44928-01.dmp 17.12.2014 15:02:43 APC_INDEX_MISMATCH 0x00000001 00000000`7786168a 00000000`00000000 00000000`ffffffff fffff880`07da6ca0 ntoskrnl.exe ntoskrnl.exe+75bc0 NT Kernel & System Microsoft® Windows® Operating System Microsoft Corporation 6.1.7601.18526 (win7sp1_gdr.140706-1506) x64 ntoskrnl.exe+75bc0 D:\Windows\Minidump\121714-44928-01.dmp 8 15 7601 288.144 17.12.2014 23:40:21

So alles von Hand gelöscht soweit so gut aber das DuckDuckgo hab ich leider immer noch !
:heulen:

schrauber 18.12.2014 21:06
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
HKU\S-1-5-21-1088142728-589118971-3801686269-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
Tcpip\Parameters: [DhcpNameServer] 82.212.62.62 78.42.43.62 192.168.1.1
FF SelectedSearchEngine: DuckDuckGo
FF Homepage: about:home

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.


dvpietsch 18.12.2014 21:10
ok hier bitte schön echt ein hammer aufwand muss ich sagen aber du scheinst zu wissen was du da machst !

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-12-2014
Ran by sven at 2014-12-18 15:09:08 Run:1
Running from D:\Users\sven\Desktop
Loaded Profile: sven (Available profiles: sven)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKU\S-1-5-21-1088142728-589118971-3801686269-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
Tcpip\Parameters: [DhcpNameServer] 82.212.62.62 78.42.43.62 192.168.1.1
FF SelectedSearchEngine: DuckDuckGo
FF Homepage: about:home

*****************

"HKU\S-1-5-21-1088142728-589118971-3801686269-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer => value deleted successfully.
Firefox SelectedSearchEngine deleted successfully.
Firefox homepage deleted successfully.

schrauber 19.12.2014 19:39
Bestehen aktuell noch Probleme?

dvpietsch 21.12.2014 08:20
keine Probleme ausser immer noch duckduckgo !

und schon wieder Bluescreen das hatte ich voeher leider gar nicht !

122114-38220-01.dmp 21.12.2014 02:11:27 APC_INDEX_MISMATCH 0x00000001 00000000`770c168a 00000000`00000000 00000000`ffffffff fffff880`093bfca0 ntoskrnl.exe ntoskrnl.exe+75bc0 NT Kernel & System Microsoft® Windows® Operating System Microsoft Corporation 6.1.7601.18526 (win7sp1_gdr.140706-1506) x64 ntoskrnl.exe+75bc0 D:\Windows\Minidump\122114-38220-01.dmp 8 15 7601 287.624 21.12.2014 02:17:03

schrauber 21.12.2014 23:30
Wo kommt DuckDuckGo aktuell noch?
Poste bitte ein frisches FRST Log, ebenso Haken setzen bei Addition und scannen.

dvpietsch 22.12.2014 07:39
es kommt noch bei Firefox vor!FRST Additions Logfile:
[CODE]Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-12-2014 01
Ran by sven at 2014-12-22 01:35:05
Running from D:\Users\sven\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Disabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.0.3 - IObit)
Avast Internet Security (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version: - )
DirectX Buster 2.1 Beta 4 (HKLM-x32\...\DirectX Buster) (Version: 2.1 Beta 4 - Dominik Schindler)
DirectX deinstallieren (HKLM-x32\...\DirectX) (Version: - )
DirectX Version Checker (HKLM-x32\...\{6122970E-5575-4155-8408-FD624B3F7C4F}_is1) (Version: - directxupdate.com)
Driver Booster 2 (HKLM-x32\...\Driver Booster_is1) (Version: 2.0 - IObit)
Free YouTube Download version 3.2.46.923 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.46.923 - DVDVideoSoft Ltd.)
IObit Malware Fighter (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 2.5 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.1.5.24 - IObit)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
NVIDIA 3D Vision Controller-Treiber 320.18 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 320.18 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0.1 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.1500.0 - SAMSUNG Electronics Co., Ltd.)
SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) Hidden
Smart Defrag 3 (HKLM-x32\...\Smart Defrag 3_is1) (Version: 3.3 - IObit)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version: - Tangysoft Ltd.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
X-Wave MP3 Cutter Joiner 1.1 (HKLM-x32\...\X-Wave MP3 Cutter Joiner) (Version: - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

12-12-2014 14:58:41 Ende der Bereinigung
13-12-2014 07:55:52 Windows Update
13-12-2014 23:06:37 Windows Update
14-12-2014 03:00:20 Windows Update
14-12-2014 14:50:24 Windows Update
15-12-2014 00:15:30 Windows-Sicherung
15-12-2014 01:18:26 Windows Update
15-12-2014 08:32:15 Windows Update
16-12-2014 01:05:23 Windows Update
17-12-2014 03:00:43 Windows Update
18-12-2014 03:00:20 Windows Update
18-12-2014 15:18:04 Windows Update
19-12-2014 03:00:20 Windows Update
19-12-2014 08:00:57 Windows Update
20-12-2014 05:32:19 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2014-12-13 21:07 - 00000027 ____A D:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1781553B-D325-499F-9FDB-700C9476275F} - System32\Tasks\avast! Emergency Update => D:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-28] (AVAST Software)
Task: {285FBC35-B9B7-46BA-92BE-9BEFC5F04619} - System32\Tasks\{824FFD76-5AB6-4642-B263-A1120F55CCD9} => Firefox.exe
Task: {2BCE6754-493C-48FD-B2AC-4ADC401ACF5F} - System32\Tasks\SpyHunter4Startup => D:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe
Task: {7C605630-6B3B-4AFE-BEEE-BD5B9F46CE3A} - System32\Tasks\Driver Booster SkipUAC (SYSTEM) => D:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-12-09] (IObit)
Task: {7F9C0EED-1E60-4C65-849A-9F24DA242BAB} - System32\Tasks\ASC8_SkipUac_sven => D:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [2014-11-26] (IObit)
Task: {9B859D46-F51B-4C4C-B83F-697E2B705411} - System32\Tasks\Uninstaller_SkipUac_Administrator => D:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-11-04] (IObit)
Task: {9DA97BEE-3D04-4BA2-8AC2-B96C335FFFA4} - System32\Tasks\Driver Booster SkipUAC (sven) => D:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-12-09] (IObit)
Task: {A1EF7D17-59A5-4571-AA69-15DC23D0931A} - System32\Tasks\{F6CEB399-2EBA-4EC6-A99A-05BF97ACE2A4} => Firefox.exe
Task: {A83054AE-6786-4278-81BB-76138F0E4C4B} - System32\Tasks\Adobe Flash Player Updater => D:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-12] (Adobe Systems Incorporated)
Task: {C36D8B82-62AA-4D86-84B8-709C733B0157} - System32\Tasks\SmartDefrag3_Update => D:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe [2014-07-23] (IObit)
Task: {D5BA52AB-878B-41CC-9D13-8C6B1CE986EB} - System32\Tasks\Uninstaller_SkipUac_sven => D:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-11-04] (IObit)
Task: {E08185C6-F991-4952-974B-1A831DB73133} - System32\Tasks\ASC8_PerformanceMonitor => D:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe [2014-11-26] (IObit)
Task: {ECBE98A5-15D3-47CE-8D86-555B8594C508} - System32\Tasks\{6412C0DF-1E8B-426D-AED6-F8DA7567113B} => pcalua.exe -a "D:\Program Files (x86)\X-Wave MP3 Cutter Joiner\uninstall.exe"
Task: D:\Windows\Tasks\Adobe Flash Player Updater.job => D:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2014-06-14 15:08 - 2014-10-16 09:11 - 00116880 _____ () D:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-11-28 07:18 - 2014-11-28 07:18 - 00388208 _____ () D:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2014-11-28 07:18 - 2014-11-28 07:18 - 05851328 _____ () D:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2014-11-10 13:23 - 2013-10-25 12:08 - 00517408 _____ () D:\Program Files (x86)\IObit\Advanced SystemCare 8\sqlite3.dll
2014-12-21 11:19 - 2014-12-21 11:19 - 02908160 _____ () D:\Program Files\AVAST Software\Avast\defs\14122101\algo.dll
2014-11-28 07:18 - 2014-11-28 07:18 - 04495336 _____ () D:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2014-11-10 13:23 - 2013-01-15 18:48 - 00348992 _____ () D:\Program Files (x86)\IObit\Advanced SystemCare 8\madExcept_.bpl
2014-11-10 13:23 - 2013-01-15 18:48 - 00183616 _____ () D:\Program Files (x86)\IObit\Advanced SystemCare 8\madBasic_.bpl
2014-11-10 13:23 - 2013-01-15 18:48 - 00051008 _____ () D:\Program Files (x86)\IObit\Advanced SystemCare 8\madDisAsm_.bpl
2014-11-10 13:23 - 2014-10-16 10:26 - 00622880 _____ () D:\Program Files (x86)\IObit\Advanced SystemCare 8\ProductStatistics.dll
2014-11-10 13:23 - 2013-01-15 18:47 - 00893248 _____ () D:\Program Files (x86)\IObit\Advanced SystemCare 8\webres.dll
2012-08-10 15:51 - 2012-08-10 15:51 - 00985088 _____ () D:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2014-11-28 07:19 - 2014-11-28 07:19 - 38562088 _____ () D:\Program Files\AVAST Software\Avast\libcef.dll
2014-07-06 01:46 - 2013-01-15 18:48 - 00348992 _____ () D:\Program Files (x86)\IObit\IObit Malware Fighter\madExcept_.bpl
2014-07-06 01:46 - 2013-01-15 18:48 - 00183616 _____ () D:\Program Files (x86)\IObit\IObit Malware Fighter\madBasic_.bpl
2014-07-06 01:46 - 2013-01-15 18:48 - 00051008 _____ () D:\Program Files (x86)\IObit\IObit Malware Fighter\madDisAsm_.bpl
2014-07-06 01:46 - 2013-12-12 18:46 - 08001344 _____ () D:\Program Files (x86)\IObit\IObit Malware Fighter\WebUI.dll
2014-07-06 01:46 - 2013-05-16 19:26 - 00182080 _____ () D:\Program Files (x86)\IObit\IObit Malware Fighter\unrar.dll
2014-07-06 01:46 - 2013-10-16 22:17 - 00185168 _____ () D:\Program Files (x86)\IObit\IObit Malware Fighter\libcurl-4.dll
2014-07-06 01:46 - 2013-05-16 19:26 - 00145216 _____ () D:\Program Files (x86)\IObit\IObit Malware Fighter\zlibwapi.dll
2014-07-03 17:04 - 2013-01-15 18:48 - 00348992 _____ () D:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2014-07-03 17:04 - 2013-01-15 18:48 - 00183616 _____ () D:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2014-07-03 17:04 - 2013-01-15 18:48 - 00051008 _____ () D:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2014-12-12 15:02 - 2014-11-26 11:40 - 03758192 _____ () D:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-1088142728-589118971-3801686269-500 - Administrator - Disabled)
Gast (S-1-5-21-1088142728-589118971-3801686269-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1088142728-589118971-3801686269-1002 - Limited - Enabled)
sven (S-1-5-21-1088142728-589118971-3801686269-1001 - Administrator - Enabled) => D:\Users\sven

==================== Faulty Device Manager Devices =============

Name: Serieller ATA-Controller
Description: Serieller ATA-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/21/2014 02:50:40 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Die Schnittstelle ist unbekannt

Error: (12/21/2014 02:50:40 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Das Handle ist ungültig

Error: (12/21/2014 03:47:30 AM) (Source: D:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: D:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (12/20/2014 03:10:56 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Das Handle ist ungültig

Error: (12/20/2014 03:10:56 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Das Handle ist ungültig

Error: (12/20/2014 03:09:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000004e4e4
ID des fehlerhaften Prozesses: 0x608
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3

Error: (12/20/2014 05:33:03 AM) (Source: IMFservice) (EventID: 0) (User: )
Description: Das Handle ist ungültig

Error: (12/20/2014 02:38:03 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (12/20/2014 02:38:03 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (12/20/2014 02:38:03 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]


System errors:
=============
Error: (12/22/2014 01:28:03 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Type" aufgrund folgenden Fehlers fehlgeschlagen:
%%5

Error: (12/22/2014 01:27:04 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SpyHunter 4 Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3

Error: (12/21/2014 02:41:58 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Type" aufgrund folgenden Fehlers fehlgeschlagen:
%%5

Error: (12/21/2014 02:41:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SpyHunter 4 Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3

Error: (12/21/2014 11:19:33 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Type" aufgrund folgenden Fehlers fehlgeschlagen:
%%5

Error: (12/21/2014 11:19:19 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Razer Wizard Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (12/21/2014 11:19:19 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Razer Wizard Service erreicht.

Error: (12/21/2014 11:18:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SpyHunter 4 Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3

Error: (12/21/2014 02:17:39 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Type" aufgrund folgenden Fehlers fehlgeschlagen:
%%5

Error: (12/21/2014 02:17:29 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
hfmigvc


Microsoft Office Sessions:
=========================
Error: (12/21/2014 02:50:40 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Die Schnittstelle ist unbekannt

Error: (12/21/2014 02:50:40 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Das Handle ist ungültig

Error: (12/21/2014 03:47:30 AM) (Source: D:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: D:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (12/20/2014 03:10:56 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Das Handle ist ungültig

Error: (12/20/2014 03:10:56 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Das Handle ist ungültig

Error: (12/20/2014 03:09:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.1.7601.18247521eaf24c0000005000000000004e4e460801d01c8fc75d340cD:\Program Files\VideoLAN\VLC\vlc.exeD:\Windows\SYSTEM32\ntdll.dll16771bda-8884-11e4-9bea-a4badbff13aa

Error: (12/20/2014 05:33:03 AM) (Source: IMFservice) (EventID: 0) (User: )
Description: Das Handle ist ungültig

Error: (12/20/2014 02:38:03 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (12/20/2014 02:38:03 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (12/20/2014 02:38:03 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]


CodeIntegrity Errors:
===================================
Date: 2014-12-13 21:06:40.052
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2014-12-13 21:06:39.989
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2014-07-06 19:30:05.438
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22379_none_b5bfb7f5e210be96\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-07-06 19:30:05.228
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22379_none_b5bfb7f5e210be96\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-07-06 19:30:04.978
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22379_none_b5bfb7f5e210be96\appid.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-07-06 19:30:04.768
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22379_none_b5bfb7f5e210be96\appid.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-07-06 19:19:44.266
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22379_none_c014624816718091\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-07-06 19:19:44.054
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22379_none_c014624816718091\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz
Percentage of memory in use: 54%
Total physical RAM: 4086.93 MB
Available physical RAM: 1839.66 MB
Total Pagefile: 8172.03 MB
Available Pagefile: 5285.49 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:271.35 GB) (Free:266.65 GB) NTFS
Drive d: (DATAPART1) (Fixed) (Total:931.51 GB) (Free:117.74 GB) NTFS
Drive g: (RECOVERY) (Fixed) (Total:8.03 GB) (Free:2.88 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive h: (Elements) (Fixed) (Total:1863.01 GB) (Free:585.68 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 000CE27C)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End Of Log ============================





FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-12-2014 01
Ran by sven (administrator) on SVEN-DVP2014 on 22-12-2014 01:33:04
Running from D:\Users\sven\Desktop
Loaded Profile: sven (Available profiles: sven)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) D:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
(NVIDIA Corporation) D:\Windows\System32\nvvsvc.exe
(Logitech Inc.) D:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AVAST Software) D:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) D:\Windows\System32\nvvsvc.exe
(IObit) D:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(AVAST Software) D:\Program Files\AVAST Software\Avast\afwServ.exe
(IObit) D:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe
(Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(NVIDIA Corporation) D:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) D:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(IObit) D:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe
(OpenOffice.org) D:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) D:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(AVAST Software) D:\Program Files\AVAST Software\Avast\avastui.exe
(Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) D:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Razer Inc.) D:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe
(IObit) D:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Avast Software) D:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(NVIDIA Corporation) D:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(AVAST Software) D:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(IObit) D:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Mozilla Corporation) D:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) D:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) D:\Windows\SysWOW64\wbem\WMIC.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => D:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => D:\Windows\system32\rundll32.exe D:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RtHDVCpl] => D:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-07-03] (Realtek Semiconductor)
HKLM-x32\...\Run: [AvastUI.exe] => D:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2014-12-12] (AVAST Software)
HKLM-x32\...\Run: [RzWizard] => D:\Program Files (x86)\Razer\RzWizard\RzWizard.exe [254464 2014-05-20] (Razer Inc.)
HKLM-x32\...\Run: [IObit Malware Fighter] => D:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [1802048 2014-10-13] (IObit)
HKU\S-1-5-21-1088142728-589118971-3801686269-1001\...\Run: [Advanced SystemCare 8] => D:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2426144 2014-11-25] (IObit)
Startup: D:\Users\sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> D:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => D:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1088142728-589118971-3801686269-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - D:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1088142728-589118971-3801686269-1001 -> DefaultScope {B54C0AB0-47A7-4668-981D-61E6F46E85C9} URL = hxxp://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=internet-tab&tpc=internet&ptl=std&classification=internet-tab_internet_std&q={searchTerms}&br=ie10-toi
SearchScopes: HKU\S-1-5-21-1088142728-589118971-3801686269-1001 -> {268F4782-82F0-4FDD-A280-41401C8866C8} URL = hxxp://rover.ebay.com/rover/1/707-1403-27640-2/4?mpre=hxxp://search.ebay.de/search/search.dll?shortcut=4&query={searchTerms}
SearchScopes: HKU\S-1-5-21-1088142728-589118971-3801686269-1001 -> {2A72D499-19BC-4C6B-8B33-2EF95EF19C86} URL = hxxp://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&tag=interactivemesuche-21&index=blended&linkCode=ur2&camp=1638&creative=6742
SearchScopes: HKU\S-1-5-21-1088142728-589118971-3801686269-1001 -> {B54C0AB0-47A7-4668-981D-61E6F46E85C9} URL = hxxp://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=internet-tab&tpc=internet&ptl=std&classification=internet-tab_internet_std&q={searchTerms}&br=ie10-toi
SearchScopes: HKU\S-1-5-21-1088142728-589118971-3801686269-1001 -> {F07A64E4-2727-4408-A746-BA89B9FCC220} URL = hxxp://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=wiki-tab&tpc=internet&ptl=std&classification=wiki-tab_internet_std&q={searchTerms}&br=ie10-toi
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> D:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> D:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Ads Removal -> {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -> D:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll (Adblock)
Tcpip\Parameters: [DhcpNameServer] 82.212.62.62 78.42.43.62 192.168.1.1

FireFox:
========
FF ProfilePath: D:\Users\sven\AppData\Roaming\Mozilla\Firefox\Profiles\60jjrv1t.default-1418420050602
FF Plugin: @adobe.com/FlashPlayer -> D:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @videolan.org/vlc,version=2.1.4 -> D:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> D:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> D:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - D:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - D:\Program Files\AVAST Software\Avast\WebRep\FF [2014-06-14]
FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [Not Found]

Chrome:
=======
CHR Profile: D:\Users\sven\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - D:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-28]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService8; D:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit)
R2 avast! Antivirus; D:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-28] (AVAST Software)
R2 avast! Firewall; D:\Program Files\AVAST Software\Avast\afwServ.exe [104416 2014-11-28] (AVAST Software)
R3 AvastVBoxSvc; D:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-11-28] (Avast Software)
R2 IMFservice; D:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [344896 2014-09-30] (IObit)
S2 LiveUpdateSvc; D:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2631456 2014-11-26] (IObit)
R2 MBAMScheduler; D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 NvNetworkService; D:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617696 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; D:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21007192 2014-04-30] (NVIDIA Corporation)
R2 RzWizardService; D:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe [367616 2014-05-20] (Razer Inc.) [File not signed]
S2 SpyHunter 4 Service; No ImagePath

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; D:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 aswHwid; D:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-28] ()
R1 aswKbd; D:\Windows\system32\drivers\aswKbd.sys [28184 2014-11-28] (AVAST Software)
R2 aswMonFlt; D:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-28] (AVAST Software)
R0 aswNdisFlt; D:\Windows\System32\DRIVERS\aswNdisFlt.sys [449936 2014-11-28] (AVAST Software)
R1 aswRdr; D:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-28] (AVAST Software)
R0 aswRvrt; D:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-28] ()
R1 aswSnx; D:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-28] (AVAST Software)
R1 aswSP; D:\Windows\system32\drivers\aswSP.sys [436624 2014-11-28] (AVAST Software)
R2 aswStm; D:\Windows\system32\drivers\aswStm.sys [116728 2014-11-28] (AVAST Software)
R0 aswVmm; D:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-28] ()
S3 esgiguard; No ImagePath
S3 EsgScanner; D:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2014-12-12] ()
R3 FileMonitor; D:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
R3 MBAMProtector; D:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; D:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-22] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; D:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R3 NvStreamKms; D:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18776 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; D:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 RegFilter; D:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2013-11-19] (IObit.com)
R0 SmartDefragDriver; D:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
R3 UrlFilter; D:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-11-19] (IObit.com)
U4 VBoxAswDrv; D:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-11-28] (Avast Software)
S3 catchme; \??\D:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-22 01:30 - 2014-12-22 01:30 - 17528608 _____ (IObit) D:\Users\sven\Downloads\iobituninstaller.exe
2014-12-21 02:16 - 2014-12-21 02:17 - 00287624 _____ () D:\Windows\Minidump\122114-38220-01.dmp
2014-12-19 00:57 - 2014-12-22 01:27 - 00001512 _____ () D:\Windows\setupact.log
2014-12-19 00:57 - 2014-12-21 11:18 - 00002792 _____ () D:\Windows\PFRO.log
2014-12-19 00:57 - 2014-12-19 00:57 - 00000000 _____ () D:\Windows\setuperr.log
2014-12-17 23:53 - 2014-12-13 00:09 - 00144384 _____ (Microsoft Corporation) D:\Windows\system32\ieUnatt.exe
2014-12-17 23:53 - 2014-12-12 22:33 - 00115712 _____ (Microsoft Corporation) D:\Windows\SysWOW64\ieUnatt.exe
2014-12-17 23:39 - 2014-12-21 02:16 - 488106446 _____ () D:\Windows\MEMORY.DMP
2014-12-17 23:39 - 2014-12-17 23:40 - 00288144 _____ () D:\Windows\Minidump\121714-44928-01.dmp
2014-12-17 10:26 - 2014-12-17 10:26 - 00852490 _____ () D:\Users\sven\Desktop\SecurityCheck.exe
2014-12-16 17:11 - 2014-12-16 17:11 - 02347384 _____ (ESET) D:\Users\sven\Downloads\esetsmartinstaller_deu.exe
2014-12-15 13:38 - 2014-12-15 13:38 - 00016501 _____ () D:\Users\sven\Desktop\Addition.txt
2014-12-15 13:37 - 2014-12-22 01:34 - 00013087 _____ () D:\Users\sven\Desktop\FRST.txt
2014-12-15 13:37 - 2014-12-22 01:32 - 00000000 ____D () D:\Users\sven\Desktop\FRST-OlderVersion
2014-12-15 13:33 - 2014-12-15 13:33 - 00000760 _____ () D:\Users\sven\Desktop\JRT.txt
2014-12-15 13:25 - 2014-12-15 13:25 - 01707646 _____ (Thisisu) D:\Users\sven\Desktop\JRT.exe
2014-12-15 00:42 - 2014-12-15 00:45 - 00000000 ____D () D:\AdwCleaner
2014-12-15 00:40 - 2014-12-15 00:40 - 02166272 _____ () D:\Users\sven\Desktop\AdwCleaner_4.105.exe
2014-12-15 00:39 - 2014-12-15 00:39 - 00002172 _____ () D:\Users\sven\Desktop\mbam.txt
2014-12-15 00:16 - 2014-12-22 01:28 - 00129752 _____ (Malwarebytes Corporation) D:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-15 00:15 - 2014-12-15 00:15 - 00001111 _____ () D:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-15 00:15 - 2014-12-15 00:15 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-15 00:15 - 2014-12-15 00:15 - 00000000 ____D () D:\ProgramData\Malwarebytes
2014-12-15 00:15 - 2014-12-15 00:15 - 00000000 ____D () D:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-15 00:15 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) D:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-15 00:15 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) D:\Windows\system32\Drivers\mwac.sys
2014-12-15 00:15 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) D:\Windows\system32\Drivers\mbam.sys
2014-12-15 00:13 - 2014-12-15 00:13 - 20447072 _____ (Malwarebytes Corporation ) D:\Users\sven\Downloads\mbam-setup-2.0.4.1028.exe
2014-12-13 21:10 - 2014-12-13 21:10 - 00025195 _____ () D:\ComboFix.txt
2014-12-13 20:58 - 2011-06-26 01:45 - 00256000 _____ () D:\Windows\PEV.exe
2014-12-13 20:58 - 2010-11-07 12:20 - 00208896 _____ () D:\Windows\MBR.exe
2014-12-13 20:58 - 2009-04-19 23:56 - 00060416 _____ (NirSoft) D:\Windows\NIRCMD.exe
2014-12-13 20:58 - 2000-08-30 19:00 - 00518144 _____ (SteelWerX) D:\Windows\SWREG.exe
2014-12-13 20:58 - 2000-08-30 19:00 - 00406528 _____ (SteelWerX) D:\Windows\SWSC.exe
2014-12-13 20:58 - 2000-08-30 19:00 - 00098816 _____ () D:\Windows\sed.exe
2014-12-13 20:58 - 2000-08-30 19:00 - 00080412 _____ () D:\Windows\grep.exe
2014-12-13 20:58 - 2000-08-30 19:00 - 00068096 _____ () D:\Windows\zip.exe
2014-12-13 20:57 - 2014-12-13 20:57 - 05600944 _____ (Swearware) D:\Users\sven\Downloads\ComboFix(1).exe
2014-12-13 00:51 - 2014-12-13 06:54 - 00035368 _____ () D:\Users\sven\Downloads\Addition.txt
2014-12-13 00:50 - 2014-12-22 01:33 - 00000000 ____D () D:\FRST
2014-12-13 00:50 - 2014-12-13 06:54 - 00044574 _____ () D:\Users\sven\Downloads\FRST.txt
2014-12-13 00:49 - 2014-12-22 01:32 - 02122240 _____ (Farbar) D:\Users\sven\Desktop\FRST64.exe
2014-12-12 17:13 - 2014-12-13 21:10 - 00000000 ____D () D:\Qoobox
2014-12-12 17:03 - 2014-12-13 21:09 - 00000000 ____D () D:\Windows\erdnt
2014-12-12 17:02 - 2014-12-13 20:57 - 05600944 ____R (Swearware) D:\Users\sven\Desktop\ComboFix.exe
2014-12-12 16:34 - 2014-12-12 16:34 - 00000000 ____D () D:\Users\sven\Desktop\Alte Firefox-Daten
2014-12-12 15:10 - 2014-12-12 15:10 - 00022704 _____ () D:\Windows\system32\Drivers\EsgScanner.sys
2014-12-12 15:10 - 2014-12-12 15:10 - 00003330 _____ () D:\Windows\System32\Tasks\SpyHunter4Startup
2014-12-12 15:10 - 2014-12-12 15:10 - 00000000 ____D () D:\Users\sven\AppData\Roaming\Enigma Software Group
2014-12-12 15:10 - 2014-12-12 15:10 - 00000000 ____D () D:\sh4ldr
2014-12-12 15:10 - 2014-12-12 15:10 - 00000000 ____D () D:\Program Files\Enigma Software Group
2014-12-12 15:10 - 2014-12-12 15:10 - 00000000 _____ () D:\autoexec.bat
2014-12-12 15:09 - 2014-12-12 15:09 - 03044736 _____ (Enigma Software Group USA, LLC.) D:\Users\sven\Downloads\SpyHunter-Installer.exe
2014-12-12 15:02 - 2014-12-12 15:02 - 00001168 _____ () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-12 15:02 - 2014-12-12 15:02 - 00001156 _____ () D:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-12-12 15:02 - 2014-12-12 15:02 - 00000000 ____D () D:\Program Files (x86)\Mozilla Maintenance Service
2014-12-12 15:02 - 2014-12-12 15:02 - 00000000 ____D () D:\Program Files (x86)\Mozilla Firefox
2014-12-12 15:01 - 2014-12-12 15:01 - 00244264 _____ () D:\Users\sven\Downloads\Firefox Setup Stub 34.0.5.exe
2014-12-12 14:54 - 2014-12-15 13:28 - 00000000 ____D () D:\Windows\ERUNT
2014-12-12 14:54 - 2014-12-12 14:59 - 00002458 _____ () D:\DelFix.txt
2014-12-12 14:47 - 2014-12-12 14:47 - 00709564 _____ () D:\Users\sven\Downloads\delfix_10.8.exe
2014-12-12 14:42 - 2014-12-12 14:42 - 00000000 ____D () D:\Program Files (x86)\AGEIA Technologies
2014-12-12 14:38 - 2014-12-12 14:38 - 00197408 _____ (NVIDIA Corporation) D:\Windows\system32\Drivers\nvhda64v.sys
2014-12-12 14:38 - 2014-12-12 14:38 - 00031520 _____ (NVIDIA Corporation) D:\Windows\system32\nvhdap64.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 31890064 _____ (NVIDIA Corporation) D:\Windows\system32\nvoglv64.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 24555840 _____ (NVIDIA Corporation) D:\Windows\SysWOW64\nvoglv32.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 20968040 _____ (NVIDIA Corporation) D:\Windows\system32\nvwgf2umx.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 20922696 _____ (NVIDIA Corporation) D:\Windows\system32\nvcompiler.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 19966856 _____ (NVIDIA Corporation) D:\Windows\system32\nvd3dumx.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 18499648 _____ (NVIDIA Corporation) D:\Windows\SysWOW64\nvwgf2um.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 17260864 _____ (NVIDIA Corporation) D:\Windows\SysWOW64\nvcompiler.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 16886168 _____ (NVIDIA Corporation) D:\Windows\SysWOW64\nvd3dum.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 14029400 _____ (NVIDIA Corporation) D:\Windows\system32\nvopencl.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 13942368 _____ (NVIDIA Corporation) D:\Windows\system32\nvcuda.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 13190288 _____ (NVIDIA Corporation) D:\Windows\system32\Drivers\nvlddmkm.sys
2014-12-12 14:34 - 2014-12-12 14:34 - 11395672 _____ (NVIDIA Corporation) D:\Windows\SysWOW64\nvopencl.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 11333848 _____ (NVIDIA Corporation) D:\Windows\SysWOW64\nvcuda.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 04289856 _____ (NVIDIA Corporation) D:\Windows\system32\nvcuvid.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 04009672 _____ (NVIDIA Corporation) D:\Windows\SysWOW64\nvcuvid.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 01876296 _____ (NVIDIA Corporation) D:\Windows\system32\nvdispco6434448.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 01539272 _____ (NVIDIA Corporation) D:\Windows\system32\nvdispgenco6434448.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 00962376 _____ (NVIDIA Corporation) D:\Windows\system32\NvIFR64.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 00931984 _____ (NVIDIA Corporation) D:\Windows\system32\NvFBC64.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 00921928 _____ (NVIDIA Corporation) D:\Windows\SysWOW64\NvIFR.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 00895176 _____ (NVIDIA Corporation) D:\Windows\SysWOW64\NvFBC.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 00870112 _____ (NVIDIA Corporation) D:\Windows\SysWOW64\nvumdshim.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 00352016 _____ (NVIDIA Corporation) D:\Windows\system32\nvoglshim64.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 00303600 _____ (NVIDIA Corporation) D:\Windows\SysWOW64\nvoglshim32.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 00174856 _____ (NVIDIA Corporation) D:\Windows\system32\nvinitx.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 00156840 _____ (NVIDIA Corporation) D:\Windows\SysWOW64\nvinit.dll
2014-12-12 14:34 - 2014-12-12 14:34 - 00027024 _____ () D:\Windows\system32\nvinfo.pb
2014-12-12 14:30 - 2014-12-15 00:08 - 00002860 _____ () D:\Windows\System32\Tasks\Driver Booster SkipUAC (SYSTEM)
2014-12-12 14:30 - 2014-12-12 14:42 - 00002083 _____ () D:\Users\Public\Desktop\Driver Booster 2.lnk
2014-12-12 14:30 - 2014-12-12 14:30 - 00003170 _____ () D:\Windows\System32\Tasks\SmartDefrag3_Update
2014-12-12 14:30 - 2014-12-12 14:30 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
2014-12-12 08:40 - 2014-12-12 08:40 - 00014096 _____ () D:\Users\sven\Documents\Rezepteinreichung.odt
2014-12-12 08:27 - 2014-12-12 08:27 - 00000000 ____D () D:\Windows\system32\appraiser
2014-12-12 06:53 - 2014-10-17 21:05 - 04121600 _____ (Microsoft Corporation) D:\Windows\system32\mf.dll
2014-12-12 06:53 - 2014-10-17 20:33 - 03209728 _____ (Microsoft Corporation) D:\Windows\SysWOW64\mf.dll
2014-12-12 05:57 - 2014-11-26 20:43 - 00389296 _____ (Microsoft Corporation) D:\Windows\system32\iedkcs32.dll
2014-12-12 05:57 - 2014-11-26 20:10 - 00342200 _____ (Microsoft Corporation) D:\Windows\SysWOW64\iedkcs32.dll
2014-12-12 05:57 - 2014-11-21 22:13 - 25059840 _____ (Microsoft Corporation) D:\Windows\system32\mshtml.dll
2014-12-12 05:57 - 2014-11-21 22:06 - 02724864 _____ (Microsoft Corporation) D:\Windows\system32\mshtml.tlb
2014-12-12 05:57 - 2014-11-21 22:06 - 00004096 _____ (Microsoft Corporation) D:\Windows\system32\ieetwcollectorres.dll
2014-12-12 05:57 - 2014-11-21 21:50 - 00580096 _____ (Microsoft Corporation) D:\Windows\system32\vbscript.dll
2014-12-12 05:57 - 2014-11-21 21:50 - 00066560 _____ (Microsoft Corporation) D:\Windows\system32\iesetup.dll
2014-12-12 05:57 - 2014-11-21 21:49 - 02885120 _____ (Microsoft Corporation) D:\Windows\system32\iertutil.dll
2014-12-12 05:57 - 2014-11-21 21:49 - 00048640 _____ (Microsoft Corporation) D:\Windows\system32\ieetwproxystub.dll
2014-12-12 05:57 - 2014-11-21 21:48 - 00088064 _____ (Microsoft Corporation) D:\Windows\system32\MshtmlDac.dll
2014-12-12 05:57 - 2014-11-21 21:41 - 00054784 _____ (Microsoft Corporation) D:\Windows\system32\jsproxy.dll
2014-12-12 05:57 - 2014-11-21 21:40 - 00034304 _____ (Microsoft Corporation) D:\Windows\system32\iernonce.dll
2014-12-12 05:57 - 2014-11-21 21:37 - 00633856 _____ (Microsoft Corporation) D:\Windows\system32\ieui.dll
2014-12-12 05:57 - 2014-11-21 21:35 - 00114688 _____ (Microsoft Corporation) D:\Windows\system32\ieetwcollector.exe
2014-12-12 05:57 - 2014-11-21 21:34 - 06039552 _____ (Microsoft Corporation) D:\Windows\system32\jscript9.dll
2014-12-12 05:57 - 2014-11-21 21:34 - 00814080 _____ (Microsoft Corporation) D:\Windows\system32\jscript9diag.dll
2014-12-12 05:57 - 2014-11-21 21:26 - 00968704 _____ (Microsoft Corporation) D:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-12 05:57 - 2014-11-21 21:22 - 19749376 _____ (Microsoft Corporation) D:\Windows\SysWOW64\mshtml.dll
2014-12-12 05:57 - 2014-11-21 21:22 - 00490496 _____ (Microsoft Corporation) D:\Windows\system32\dxtmsft.dll
2014-12-12 05:57 - 2014-11-21 21:20 - 02724864 _____ (Microsoft Corporation) D:\Windows\SysWOW64\mshtml.tlb
2014-12-12 05:57 - 2014-11-21 21:14 - 00077824 _____ (Microsoft Corporation) D:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-12 05:57 - 2014-11-21 21:09 - 00199680 _____ (Microsoft Corporation) D:\Windows\system32\msrating.dll
2014-12-12 05:57 - 2014-11-21 21:08 - 00092160 _____ (Microsoft Corporation) D:\Windows\system32\mshtmled.dll
2014-12-12 05:57 - 2014-11-21 21:07 - 00501248 _____ (Microsoft Corporation) D:\Windows\SysWOW64\vbscript.dll
2014-12-12 05:57 - 2014-11-21 21:07 - 00062464 _____ (Microsoft Corporation) D:\Windows\SysWOW64\iesetup.dll
2014-12-12 05:57 - 2014-11-21 21:06 - 00047616 _____ (Microsoft Corporation) D:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-12 05:57 - 2014-11-21 21:05 - 00316928 _____ (Microsoft Corporation) D:\Windows\system32\dxtrans.dll
2014-12-12 05:57 - 2014-11-21 21:05 - 00064000 _____ (Microsoft Corporation) D:\Windows\SysWOW64\MshtmlDac.dll
2014-12-12 05:57 - 2014-11-21 21:01 - 02277888 _____ (Microsoft Corporation) D:\Windows\SysWOW64\iertutil.dll
2014-12-12 05:57 - 2014-11-21 20:59 - 00047104 _____ (Microsoft Corporation) D:\Windows\SysWOW64\jsproxy.dll
2014-12-12 05:57 - 2014-11-21 20:58 - 00030720 _____ (Microsoft Corporation) D:\Windows\SysWOW64\iernonce.dll
2014-12-12 05:57 - 2014-11-21 20:56 - 00478208 _____ (Microsoft Corporation) D:\Windows\SysWOW64\ieui.dll
2014-12-12 05:57 - 2014-11-21 20:54 - 00620032 _____ (Microsoft Corporation) D:\Windows\SysWOW64\jscript9diag.dll
2014-12-12 05:57 - 2014-11-21 20:49 - 00800768 _____ (Microsoft Corporation) D:\Windows\system32\msfeeds.dll
2014-12-12 05:57 - 2014-11-21 20:49 - 00718848 _____ (Microsoft Corporation) D:\Windows\system32\ie4uinit.exe
2014-12-12 05:57 - 2014-11-21 20:47 - 01359360 _____ (Microsoft Corporation) D:\Windows\system32\mshtmlmedia.dll
2014-12-12 05:57 - 2014-11-21 20:46 - 02125312 _____ (Microsoft Corporation) D:\Windows\system32\inetcpl.cpl
2014-12-12 05:57 - 2014-11-21 20:45 - 00418304 _____ (Microsoft Corporation) D:\Windows\SysWOW64\dxtmsft.dll
2014-12-12 05:57 - 2014-11-21 20:43 - 14412800 _____ (Microsoft Corporation) D:\Windows\system32\ieframe.dll
2014-12-12 05:57 - 2014-11-21 20:40 - 00060416 _____ (Microsoft Corporation) D:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-12 05:57 - 2014-11-21 20:36 - 00168960 _____ (Microsoft Corporation) D:\Windows\SysWOW64\msrating.dll
2014-12-12 05:57 - 2014-11-21 20:35 - 00076288 _____ (Microsoft Corporation) D:\Windows\SysWOW64\mshtmled.dll
2014-12-12 05:57 - 2014-11-21 20:33 - 00285696 _____ (Microsoft Corporation) D:\Windows\SysWOW64\dxtrans.dll
2014-12-12 05:57 - 2014-11-21 20:29 - 04299264 _____ (Microsoft Corporation) D:\Windows\SysWOW64\jscript9.dll
2014-12-12 05:57 - 2014-11-21 20:28 - 02358272 _____ (Microsoft Corporation) D:\Windows\system32\wininet.dll
2014-12-12 05:57 - 2014-11-21 20:23 - 00688640 _____ (Microsoft Corporation) D:\Windows\SysWOW64\msfeeds.dll
2014-12-12 05:57 - 2014-11-21 20:22 - 02052096 _____ (Microsoft Corporation) D:\Windows\SysWOW64\inetcpl.cpl
2014-12-12 05:57 - 2014-11-21 20:21 - 01155072 _____ (Microsoft Corporation) D:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-12 05:57 - 2014-11-21 20:15 - 01548288 _____ (Microsoft Corporation) D:\Windows\system32\urlmon.dll
2014-12-12 05:57 - 2014-11-21 20:13 - 12836864 _____ (Microsoft Corporation) D:\Windows\SysWOW64\ieframe.dll
2014-12-12 05:57 - 2014-11-21 20:03 - 00800768 _____ (Microsoft Corporation) D:\Windows\system32\ieapfltr.dll
2014-12-12 05:57 - 2014-11-21 20:00 - 01888256 _____ (Microsoft Corporation) D:\Windows\SysWOW64\wininet.dll
2014-12-12 05:57 - 2014-11-21 19:56 - 01307136 _____ (Microsoft Corporation) D:\Windows\SysWOW64\urlmon.dll
2014-12-12 05:57 - 2014-11-21 19:54 - 00710144 _____ (Microsoft Corporation) D:\Windows\SysWOW64\ieapfltr.dll
2014-12-12 05:56 - 2014-12-03 21:50 - 00830976 _____ (Microsoft Corporation) D:\Windows\system32\appraiser.dll
2014-12-12 05:56 - 2014-12-03 21:50 - 00741376 _____ (Microsoft Corporation) D:\Windows\system32\invagent.dll
2014-12-12 05:56 - 2014-12-03 21:50 - 00413184 _____ (Microsoft Corporation) D:\Windows\system32\generaltel.dll
2014-12-12 05:56 - 2014-12-03 21:50 - 00396800 _____ (Microsoft Corporation) D:\Windows\system32\devinv.dll
2014-12-12 05:56 - 2014-12-03 21:50 - 00227328 _____ (Microsoft Corporation) D:\Windows\system32\aepdu.dll
2014-12-12 05:56 - 2014-12-03 21:50 - 00192000 _____ (Microsoft Corporation) D:\Windows\system32\aepic.dll
2014-12-12 05:56 - 2014-12-03 21:44 - 01083392 _____ (Microsoft Corporation) D:\Windows\system32\aeinv.dll
2014-12-12 05:56 - 2014-12-01 18:28 - 01232040 _____ (Microsoft Corporation) D:\Windows\system32\aitstatic.exe
2014-12-12 05:56 - 2014-11-10 22:09 - 01424384 _____ (Microsoft Corporation) D:\Windows\system32\WindowsCodecs.dll
2014-12-12 05:56 - 2014-11-10 21:44 - 01230336 _____ (Microsoft Corporation) D:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-12 05:56 - 2014-11-10 20:46 - 00119296 _____ (Microsoft Corporation) D:\Windows\system32\Drivers\tdx.sys
2014-12-12 05:56 - 2014-10-29 21:03 - 00165888 _____ (Microsoft Corporation) D:\Windows\system32\charmap.exe
2014-12-12 05:56 - 2014-10-29 20:45 - 00155136 _____ (Microsoft Corporation) D:\Windows\SysWOW64\charmap.exe
2014-12-12 05:56 - 2014-10-02 21:12 - 02020352 _____ (Microsoft Corporation) D:\Windows\system32\WsmSvc.dll
2014-12-12 05:56 - 2014-10-02 21:12 - 00346624 _____ (Microsoft Corporation) D:\Windows\system32\WSManMigrationPlugin.dll
2014-12-12 05:56 - 2014-10-02 21:12 - 00310272 _____ (Microsoft Corporation) D:\Windows\system32\WsmWmiPl.dll
2014-12-12 05:56 - 2014-10-02 21:12 - 00181248 _____ (Microsoft Corporation) D:\Windows\system32\WsmAuto.dll
2014-12-12 05:56 - 2014-10-02 21:11 - 00266240 _____ (Microsoft Corporation) D:\Windows\system32\WSManHTTPConfig.exe
2014-12-12 05:56 - 2014-10-02 20:45 - 01177088 _____ (Microsoft Corporation) D:\Windows\SysWOW64\WsmSvc.dll
2014-12-12 05:56 - 2014-10-02 20:45 - 00248832 _____ (Microsoft Corporation) D:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-12 05:56 - 2014-10-02 20:45 - 00214016 _____ (Microsoft Corporation) D:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-12 05:56 - 2014-10-02 20:45 - 00145920 _____ (Microsoft Corporation) D:\Windows\SysWOW64\WsmAuto.dll
2014-12-12 05:56 - 2014-10-02 20:44 - 00198656 _____ (Microsoft Corporation) D:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-12 05:55 - 2014-11-07 22:16 - 00002048 _____ (Microsoft Corporation) D:\Windows\system32\tzres.dll
2014-12-12 05:55 - 2014-11-07 21:45 - 00002048 _____ (Microsoft Corporation) D:\Windows\SysWOW64\tzres.dll
2014-12-11 13:33 - 2014-12-11 13:33 - 00002972 _____ () D:\Windows\System32\Tasks\{F6CEB399-2EBA-4EC6-A99A-05BF97ACE2A4}
2014-12-11 13:33 - 2014-12-11 13:33 - 00002972 _____ () D:\Windows\System32\Tasks\{824FFD76-5AB6-4642-B263-A1120F55CCD9}
2014-12-02 10:44 - 2014-12-02 10:44 - 00292516 _____ () D:\Users\sven\Desktop\Mozilla Firefox-Startseite.xht
2014-12-02 10:44 - 2014-12-02 10:44 - 00000000 ____D () D:\Users\sven\Desktop\Mozilla Firefox-Startseite-Dateien
2014-11-29 15:10 - 2014-11-29 15:10 - 36282808 _____ () D:\Users\sven\Downloads\Firefox Setup 33.1.1.exe
2014-11-28 21:52 - 2014-11-28 21:52 - 00000247 _____ () D:\Windows\system32\2014-11-29-02-52-40.017-aswFe.exe-5416.log
2014-11-28 21:52 - 2014-11-28 21:52 - 00000197 _____ () D:\Windows\system32\2014-11-29-02-52-28.057-AvastVBoxSVC.exe-5176.log
2014-11-28 12:36 - 2014-11-28 12:36 - 00000247 _____ () D:\Windows\system32\2014-11-28-17-36-45.018-aswFe.exe-3212.log
2014-11-28 12:36 - 2014-11-28 12:36 - 00000197 _____ () D:\Windows\system32\2014-11-28-17-36-39.077-AvastVBoxSVC.exe-3512.log
2014-11-28 12:29 - 2014-11-28 12:29 - 00000000 ____D () D:\Windows\SysWOW64\vbox
2014-11-28 12:29 - 2014-11-28 12:29 - 00000000 ____D () D:\Windows\system32\vbox
2014-11-28 07:20 - 2014-11-28 07:20 - 00001999 _____ () D:\Users\Public\Desktop\Avast SafeZone.lnk
2014-11-28 07:20 - 2014-11-28 07:20 - 00001939 _____ () D:\Users\Public\Desktop\Avast Internet Security.lnk
2014-11-28 07:20 - 2014-11-28 07:20 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-11-28 07:19 - 2014-11-28 07:19 - 00364512 _____ (AVAST Software) D:\Windows\system32\aswBoot.exe
2014-11-28 07:19 - 2014-11-28 07:19 - 00043152 _____ (AVAST Software) D:\Windows\avastSS.scr
2014-11-28 07:18 - 2014-11-28 07:18 - 00449936 _____ (AVAST Software) D:\Windows\system32\Drivers\aswNdisFlt.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-22 01:34 - 2014-06-14 08:32 - 01062900 _____ () D:\Windows\WindowsUpdate.log
2014-12-22 01:27 - 2009-07-14 00:08 - 00000006 ____H () D:\Windows\Tasks\SA.DAT
2014-12-21 14:50 - 2014-06-14 15:34 - 00000000 ____D () D:\Users\sven\AppData\Roaming\UseNeXT
2014-12-21 14:48 - 2014-06-15 16:11 - 00000884 _____ () D:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-21 14:48 - 2009-07-13 23:45 - 00022464 ____H () D:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-21 14:48 - 2009-07-13 23:45 - 00022464 ____H () D:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-21 14:43 - 2010-12-19 05:03 - 00000000 ____D () D:\Usenext
2014-12-21 14:41 - 2014-06-14 15:30 - 00004182 _____ () D:\Windows\System32\Tasks\avast! Emergency Update
2014-12-21 11:34 - 2014-08-24 11:09 - 00011949 _____ () D:\Users\sven\Documents\urlaub.odt
2014-12-21 11:18 - 2009-07-13 22:20 - 00000000 ____D () D:\Windows\SchCache
2014-12-21 02:16 - 2014-11-10 13:23 - 00002118 _____ () D:\Users\Public\Desktop\Advanced SystemCare 8.lnk
2014-12-21 02:16 - 2014-06-16 11:08 - 00000000 ____D () D:\Windows\Minidump
2014-12-21 02:11 - 2014-06-15 19:32 - 00000000 ____D () D:\Users\sven\AppData\Roaming\vlc
2014-12-18 00:35 - 2009-07-14 00:08 - 00032632 _____ () D:\Windows\Tasks\SCHEDLGU.TXT
2014-12-16 12:02 - 2014-06-15 14:22 - 00000000 ____D () D:\ProgramData\Adobe
2014-12-15 07:16 - 2014-07-03 17:04 - 00000000 ____D () D:\ProgramData\ProductData
2014-12-15 00:39 - 2014-10-09 18:47 - 00000000 ____D () D:\Users\sven\AppData\Roaming\Imminent
2014-12-13 21:08 - 2009-07-13 21:34 - 00000215 _____ () D:\Windows\system.ini
2014-12-13 21:04 - 2014-07-15 05:04 - 00000000 ____D () D:\ProgramData\TEMP
2014-12-13 08:16 - 2009-07-13 22:20 - 00000000 ____D () D:\Windows\rescache
2014-12-12 15:10 - 2014-06-14 14:52 - 00000000 ____D () D:\Users\sven
2014-12-12 14:42 - 2014-06-14 15:08 - 00000000 ____D () D:\Program Files (x86)\NVIDIA Corporation
2014-12-12 14:41 - 2014-06-15 16:11 - 00701616 _____ (Adobe Systems Incorporated) D:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-12 14:41 - 2014-06-15 16:11 - 00071344 _____ (Adobe Systems Incorporated) D:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-12 14:41 - 2014-06-15 16:11 - 00003822 _____ () D:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-12 14:38 - 2014-06-27 21:07 - 01538880 _____ (NVIDIA Corporation) D:\Windows\system32\nvhdagenco6420103.dll
2014-12-12 14:37 - 2014-06-14 15:09 - 00000000 ____D () D:\ProgramData\NVIDIA
2014-12-12 14:34 - 2013-02-25 23:32 - 03237528 _____ (NVIDIA Corporation) D:\Windows\system32\nvapi64.dll
2014-12-12 14:34 - 2013-02-25 23:32 - 02849224 _____ (NVIDIA Corporation) D:\Windows\SysWOW64\nvapi.dll
2014-12-12 14:34 - 2013-02-25 23:32 - 00987008 _____ (NVIDIA Corporation) D:\Windows\system32\nvumdshimx.dll
2014-12-12 14:30 - 2014-07-06 01:46 - 00001107 _____ () D:\Users\Public\Desktop\Smart Defrag 3.lnk
2014-12-12 14:30 - 2014-07-06 01:46 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 3
2014-12-12 14:30 - 2014-07-03 17:03 - 00000000 ____D () D:\Program Files (x86)\IObit
2014-12-12 14:22 - 2014-11-10 13:23 - 00000000 ____D () D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8
2014-12-12 08:27 - 2014-06-16 16:19 - 00000000 ___SD () D:\Windows\system32\CompatTel
2014-12-12 08:27 - 2009-07-13 22:20 - 00000000 ____D () D:\Windows\PolicyDefinitions
2014-12-12 08:27 - 2009-07-13 22:20 - 00000000 ____D () D:\Windows\AppCompat
2014-12-12 06:56 - 2014-06-14 17:55 - 00000000 ____D () D:\Windows\system32\MRT
2014-12-12 06:54 - 2014-06-14 17:55 - 112710672 _____ (Microsoft Corporation) D:\Windows\system32\MRT.exe
2014-12-09 11:35 - 2014-06-15 16:11 - 00000000 ____D () D:\Users\sven\AppData\Roaming\Adobe
2014-12-08 14:11 - 2014-06-20 07:20 - 00000000 ____D () D:\Users\sven\Desktop\OpenOffice.org 3.4.1 (de) Installation Files
2014-12-06 14:46 - 2009-08-06 16:30 - 00699092 _____ () D:\Windows\system32\perfh007.dat
2014-12-06 14:46 - 2009-08-06 16:30 - 00149232 _____ () D:\Windows\system32\perfc007.dat
2014-12-06 14:46 - 2009-07-14 00:13 - 01619284 _____ () D:\Windows\system32\PerfStringBackup.INI
2014-12-02 12:18 - 2014-05-25 15:42 - 00000000 ____D () D:\Users\sven\Desktop\2014.05.19 - Reichardsroth
2014-12-02 12:18 - 2014-05-25 15:41 - 00000000 ____D () D:\Users\sven\Desktop\2014.05.20 - Reichardsroth - Geb. Sven - Tierpark Bad Mergentheim - Abendessen Rothenburg
2014-11-29 08:26 - 2014-11-01 14:26 - 00000000 ____D () D:\Users\sven\Desktop\volti
2014-11-28 07:19 - 2014-06-14 15:30 - 01050432 _____ (AVAST Software) D:\Windows\system32\Drivers\aswsnx.sys
2014-11-28 07:19 - 2014-06-14 15:30 - 00436624 _____ (AVAST Software) D:\Windows\system32\Drivers\aswsp.sys
2014-11-28 07:19 - 2014-06-14 15:30 - 00267632 _____ () D:\Windows\system32\Drivers\aswVmm.sys
2014-11-28 07:19 - 2014-06-14 15:30 - 00116728 _____ (AVAST Software) D:\Windows\system32\Drivers\aswstm.sys
2014-11-28 07:19 - 2014-06-14 15:30 - 00093568 _____ (AVAST Software) D:\Windows\system32\Drivers\aswRdr2.sys
2014-11-28 07:19 - 2014-06-14 15:30 - 00083280 _____ (AVAST Software) D:\Windows\system32\Drivers\aswMonFlt.sys
2014-11-28 07:19 - 2014-06-14 15:30 - 00065776 _____ () D:\Windows\system32\Drivers\aswRvrt.sys
2014-11-28 07:19 - 2014-06-14 15:30 - 00029208 _____ () D:\Windows\system32\Drivers\aswHwid.sys
2014-11-28 07:19 - 2014-06-14 15:30 - 00028184 _____ (AVAST Software) D:\Windows\system32\Drivers\aswKbd.sys
2014-11-24 14:04 - 2014-06-14 15:11 - 00275080 ____N (Microsoft Corporation) D:\Windows\system32\MpSigStub.exe
2014-11-23 19:38 - 2014-11-05 17:15 - 00000000 ____D () D:\Users\sven\Desktop\Pixum

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

D:\Windows\System32\winlogon.exe => File is digitally signed
D:\Windows\System32\wininit.exe => File is digitally signed
D:\Windows\SysWOW64\wininit.exe => File is digitally signed
D:\Windows\explorer.exe => File is digitally signed
D:\Windows\SysWOW64\explorer.exe => File is digitally signed
D:\Windows\System32\svchost.exe => File is digitally signed
D:\Windows\SysWOW64\svchost.exe => File is digitally signed
D:\Windows\System32\services.exe => File is digitally signed
D:\Windows\System32\User32.dll => File is digitally signed
D:\Windows\SysWOW64\User32.dll => File is digitally signed
D:\Windows\System32\userinit.exe => File is digitally signed
D:\Windows\SysWOW64\userinit.exe => File is digitally signed
D:\Windows\System32\rpcss.dll => File is digitally signed
D:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-15 07:59

==================== End Of Log ============================
--- --- ---

--- --- ---

schrauber 22.12.2014 20:45
Revo Uninstaller - Download - Filepony
damit Firefox deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.

Dann:
https://support.mozilla.org/de/kb/fi...einfach-loesen




Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
Task: {A1EF7D17-59A5-4571-AA69-15DC23D0931A} - System32\Tasks\{F6CEB399-2EBA-4EC6-A99A-05BF97ACE2A4} => Firefox.exe
Task: {285FBC35-B9B7-46BA-92BE-9BEFC5F04619} - System32\Tasks\{824FFD76-5AB6-4642-B263-A1120F55CCD9} => Firefox.exe
FF Plugin: @adobe.com/FlashPlayer -> D:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [Not Found]
S2 SpyHunter 4 Service; No ImagePath

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.


dvpietsch 23.12.2014 06:02
Geht leider nicht wenn ich frst64.exe ausführe kommt diese Fehlermeldung!

LINE9878

(File"D:\Users\Sven\Desktop\FRST64.exe")

Error:Error expression

schrauber 23.12.2014 20:56
FRST löschen und neu laden :)

dvpietsch 24.12.2014 10:24
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 23-12-2014
Ran by sven at 2014-12-24 04:23:00 Run:5
Running from D:\Users\sven\Desktop
Loaded Profile: sven (Available profiles: sven)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Task: {A1EF7D17-59A5-4571-AA69-15DC23D0931A} - System32\Tasks\{F6CEB399-2EBA-4EC6-A99A-05BF97ACE2A4} => Firefox.exe
Task: {285FBC35-B9B7-46BA-92BE-9BEFC5F04619} - System32\Tasks\{824FFD76-5AB6-4642-B263-A1120F55CCD9} => Firefox.exe
FF Plugin: @adobe.com/FlashPlayer -> D:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [Not Found]
S2 SpyHunter 4 Service; No ImagePath
*****************

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A1EF7D17-59A5-4571-AA69-15DC23D0931A} => Key not found.
D:\Windows\System32\Tasks\{F6CEB399-2EBA-4EC6-A99A-05BF97ACE2A4} not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F6CEB399-2EBA-4EC6-A99A-05BF97ACE2A4} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{285FBC35-B9B7-46BA-92BE-9BEFC5F04619} => Key not found.
D:\Windows\System32\Tasks\{824FFD76-5AB6-4642-B263-A1120F55CCD9} not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{824FFD76-5AB6-4642-B263-A1120F55CCD9} => Key not found.
HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer => Key not found.
"D:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll" => not found.
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => Key not found.
C:\Program Files (x86)\IObit Apps Toolbar\FF not found.
SpyHunter 4 Service => Service not found.

==== End of Fixlog 04:23:01 ====

schrauber 24.12.2014 22:22
Bestehen noch Probleme mit dem System?

dvpietsch 28.12.2014 17:07
JA immer wenn ich jetzt das Programm Malwarebytes öffne kommt die Fehlermeldung

Microsoft Visual C ++ Runtime 00289x01849

Test Version geht noch 12std daran kann es ja nicht liegen

schrauber 29.12.2014 08:24
MBAM neu installieren.

dvpietsch 29.12.2014 11:17
ok deinstallieren geht aber sobald ich es wieder installieren will kommt die Fehlermeldung wieder !

schrauber 29.12.2014 20:14
Deinstalliere mal

Zitat:
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Und mach dann Windows Updates.

dvpietsch 01.01.2015 12:26
so scheint jetzt zu gehen! frohes Neues DAnke !!!

schrauber 01.01.2015 12:35
Fertig :)

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun :)

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

dvpietsch 03.01.2015 18:03
ja danke ist wohl alles im reinen Danke für deine Hilfe und Zeit!!!

schrauber 03.01.2015 19:17
Gern Geschehen :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 11:20 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131