Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Windows 7, Similar Items Shopper (https://www.trojaner-board.de/158705-windows-7-similar-items-shopper.html)

Czmartin 14.09.2014 17:56
Windows 7, Similar Items Shopper
 
Hallo zusammen!

Ich bitte um Eure Hilfe, denn seit ein paar Tagen verdirbt mir beim Browser Chrome ein immer wieder auftauchendes Fenster mit Werbung von "by Similar Items Shopper" den Spaß.

Es taucht immer wieder, auch bei Amazon, eBay und ähnlichen auf und reagiert auf meine Suchanfragen mit eigenen Vorschlägen für die von mir gesuchten Produkte.

Ich habe Bedenken, dass dieses "Kerlchen" mein Surfverhalten ausspioniert und an dubiose Datensammler weiterreicht.

Vielen Dank im Voraus.

Gruß
Czmartin

schrauber 14.09.2014 18:17
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Czmartin 14.09.2014 23:52

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by martin (administrator) on MARTIN-PC on 15-09-2014 00:50:10
Running from C:\Users\martin\Desktop
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(DATEV eG) E:\DATEV\PROGRAMM\B0001442\PSNTServ.exe
(Garmin Ltd or its subsidiaries) E:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7Debug\mdm.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(The Eraser Project) C:\Program Files\Eraser\Eraser.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe
(6 Wunderkinder GmbH) C:\Program Files (x86)\Wunderlist2\Wunderlist.exe
(Samsung) E:\Program Files (x86)\Samsung\Kies\Kies.exe
(Samsung Electronics) E:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe
(Garmin Ltd or its subsidiaries) E:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(TomTom) C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe
(Google Inc.) C:\Users\martin\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe
(Spotify Ltd) C:\Users\martin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(BitTorrent, Inc.) E:\Program Files (x86)\BitTorrent Sync\BTSync.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(Dropbox, Inc.) C:\Users\martin\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Intel® Corporation) C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe
(Samsung Electronics Co., Ltd.) E:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Windows\Samsung\PanelMgr\caller64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung SSD Magician\Samsung Magician.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(DATEV eG) E:\DATEV\PROGRAMM\Install\DvInesASDSvc.Exe
(Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6854800 2012-12-03] (Realtek Semiconductor)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [980920 2012-05-22] (The Eraser Project)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2201032 2014-04-02] (NVIDIA Corporation)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe [8886592 2014-08-27] ()
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [507016 2012-12-21] (MSI)
HKLM-x32\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\ssmmgr.exe [688128 2011-07-14] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KiesTrayAgent] => E:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-07-25] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-07-22] (Geek Software GmbH)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2117632 2014-07-06] (Dominik Reichl)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [DATEV Update-Monitor] => E:\DATEV\PROGRAMM\Install\DvInesASDMon.Exe [288352 2012-12-20] (DATEV eG)
HKU\.DEFAULT\...\Run: [GarminExpressTrayApp] => E:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-08-07] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-3954777559-4077233392-3260119320-1000\...\Run: [Wunderlist] => C:\Program Files (x86)\Wunderlist2\Wunderlist.exe [13021792 2013-12-02] (6 Wunderkinder GmbH)
HKU\S-1-5-21-3954777559-4077233392-3260119320-1000\...\Run: [KiesPreload] => E:\Program Files (x86)\Samsung\Kies\Kies.exe [1562264 2014-07-25] (Samsung)
HKU\S-1-5-21-3954777559-4077233392-3260119320-1000\...\Run: [KiesAirMessage] => E:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe [578560 2013-04-18] (Samsung Electronics)
HKU\S-1-5-21-3954777559-4077233392-3260119320-1000\...\Run: [] => E:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-07-25] (Samsung)
HKU\S-1-5-21-3954777559-4077233392-3260119320-1000\...\Run: [GarminExpressTrayApp] => E:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-08-07] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-3954777559-4077233392-3260119320-1000\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe [473464 2014-03-17] (TomTom)
HKU\S-1-5-21-3954777559-4077233392-3260119320-1000\...\Run: [Google+ Auto Backup] => C:\Users\martin\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3746120 2014-08-13] (Google Inc.)
HKU\S-1-5-21-3954777559-4077233392-3260119320-1000\...\Run: [Spotify Web Helper] => C:\Users\martin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-07-18] (Spotify Ltd)
HKU\S-1-5-21-3954777559-4077233392-3260119320-1000\...\Run: [BitTorrent Sync] => E:\Program Files (x86)\BitTorrent Sync\BTSync.exe [3021672 2014-08-14] (BitTorrent, Inc.)
HKU\S-1-5-21-3954777559-4077233392-3260119320-1000\...\Run: [Google Update] => C:\Users\martin\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-08-11] (Google Inc.)
HKU\S-1-5-21-3954777559-4077233392-3260119320-1000\...\Run: [GoogleChromeAutoLaunch_33136C53D324D8D10D01EBFAC47B942E] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [852808 2014-09-04] (Google Inc.)
HKU\S-1-5-21-3954777559-4077233392-3260119320-1000\...\MountPoints2: {68f4f373-a944-11e3-8c7c-d43d7e051965} - G:\AutoRun.exe
HKU\S-1-5-21-3954777559-4077233392-3260119320-1000\...\MountPoints2: {68f4f37b-a944-11e3-8c7c-d43d7e051965} - G:\AutoRun.exe
HKU\S-1-5-21-3954777559-4077233392-3260119320-1000\...\MountPoints2: {9f7dbb26-1b1f-11e3-a75f-d43d7e051965} - G:\DT4000_Launcher.exe
HKU\S-1-5-21-3954777559-4077233392-3260119320-1000\...\MountPoints2: {9f7dbb38-1b1f-11e3-a75f-d43d7e051965} - G:\DT4000_Launcher.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SkyUserDevmode-Update.lnk
ShortcutTarget: SkyUserDevmode-Update.lnk -> E:\DATEV\PROGRAMM\B0001401\UpdateDevmode.exe (DATEV eG)
Startup: C:\Users\martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\martin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk
ShortcutTarget: Samsung Magician.lnk -> C:\Windows\System32\schtasks.exe (Microsoft Corporation)
Startup: C:\Users\martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk
ShortcutTarget: Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
ShellIconOverlayIdentifiers: 0000BoxSyncFileLocked -> {1b9c95e1-ce36-3737-81c8-1ec9807f03c1} => C:\Windows\SYSTEM32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: 0000BoxSyncNotSynced -> {e22ccf16-2db6-3de8-9a2c-acb66b571b69} => C:\Windows\SYSTEM32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: 0000BoxSyncProblem -> {84878798-e5c4-3e6b-b7c4-b51c4ac4e7dc} => C:\Windows\SYSTEM32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: 0000BoxSyncSynced -> {01fcd170-7f0a-3b6a-b992-66a7a20289b5} => C:\Windows\SYSTEM32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: 4_AeroFSShellExtension -> {882108B4-26E6-4926-BC70-EA1D738D5DEB} => C:\Users\martin\AppData\Roaming\AeroFSExec\v_0.4.260\x64\AeroFSShellExt64.dll No File
ShellIconOverlayIdentifiers-x32: 4_AeroFSShellExtension -> {882108B4-26E6-4926-BC70-EA1D738D5DEB} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1C1E586F104FCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKCU - {00DDE4D0-3872-49d2-9F19-DA3048068A81} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=MMBROWSV
SearchScopes: HKCU - {84A4A40F-5CFC-46d7-924B-8CDA8A7B5551} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SPLEP1&pc=SPLH
SearchScopes: HKCU - {DE522381-14BD-44c0-9227-690A75288DF0} URL = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7256076927&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7256076927&q={searchTerms}
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> E:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  No File
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\syswow64\urlmon.dll (Microsoft Corporation)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\martin\AppData\Roaming\Mozilla\Firefox\Profiles\ijfhdwte.default
FF DefaultSearchEngine: Wikipedia (de)
FF SelectedSearchEngine: Wikipedia (de)
FF Homepage: https://www.google.de
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> e:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> E:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> E:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @TrendMicro.com/FFExtension -> E:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\martin\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\martin\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: YouTube Unblocker - C:\Users\martin\AppData\Roaming\Mozilla\Firefox\Profiles\ijfhdwte.default\Extensions\youtubeunblocker@unblocker.yt [2014-01-28]
FF Extension: ColorfulTabs - C:\Users\martin\AppData\Roaming\Mozilla\Firefox\Profiles\ijfhdwte.default\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2014-04-16]
FF Extension: mx3 - C:\Users\martin\AppData\Roaming\Mozilla\Firefox\Profiles\ijfhdwte.default\Extensions\{3d2ee42e-a6d9-4888-bd17-2148dc7928d7}.xpi [2014-05-19]
FF Extension: Adblock Plus - C:\Users\martin\AppData\Roaming\Mozilla\Firefox\Profiles\ijfhdwte.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-02-08]
FF Extension: DownThemAll! - C:\Users\martin\AppData\Roaming\Mozilla\Firefox\Profiles\ijfhdwte.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-08-25]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchKeyword: Default -> 1B183710621320858753DEC7F98C6277084C9249D67F3E190D0F221AA7E41B2C
CHR DefaultSearchURL: Default -> D56AC2BEBA02FA44A45116F54915458335E81EDCA40878484523461090765BAE
CHR Profile: C:\Users\martin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Duolingo) - C:\Users\martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2014-06-04]
CHR Extension: (Google Docs) - C:\Users\martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-03]
CHR Extension: (Google Drive) - C:\Users\martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-03]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-07]
CHR Extension: (YouTube) - C:\Users\martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-03]
CHR Extension: (Adblock Plus) - C:\Users\martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-06-23]
CHR Extension: (Google-Suche) - C:\Users\martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-03]
CHR Extension: (Black & white Thema) - C:\Users\martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmohofkmppcgglcmlccpbokkkefigipi [2014-06-03]
CHR Extension: (AdBlock) - C:\Users\martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-06-04]
CHR Extension: (RSS Live Links) - C:\Users\martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcamnijgggppihioleoenjmlnakejdph [2014-06-03]
CHR Extension: (Regen-Alarm) - C:\Users\martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\meaikaglpfemjncbioflellmppndgmok [2014-06-04]
CHR Extension: (Google Wallet) - C:\Users\martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-03]
CHR Extension: (Google Mail) - C:\Users\martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-03]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 DATEV Update-Service; E:\DATEV\PROGRAMM\INSTALL\DvInesASDSvc.Exe [158304 2012-12-20] (DATEV eG)
R2 DatevPrintService; E:\DATEV\PROGRAMM\B0001442\PSNTSERV.EXE [79872 2011-08-22] (DATEV eG) [File not signed]
R2 Garmin Core Update Service; E:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [438616 2014-08-07] (Garmin Ltd or its subsidiaries)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [149032 2012-08-16] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165144 2012-03-29] (Intel Corporation)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe [706864 2014-08-27] ()
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [144008 2012-12-21] (MSI)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1615192 2014-04-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [20541216 2014-04-02] (NVIDIA Corporation)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2012-06-22] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 BdfNdisf; c:\program files\lavasoft\ad-aware antivirus\firewall engine\1.6.0.0\drivers\bdfndisf6.sys [93160 2013-10-21] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfwfpf.sys [102992 2013-10-21] (BitDefender LLC)
S3 DxVGrb; C:\Windows\System32\drivers\DxVGrb.sys [222464 2012-06-22] (Dexetek )
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] () [File not signed]
R3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.0.56\gzflt.sys [150256 2014-04-22] (BitDefender LLC)
S3 HabuFltr; C:\Windows\System32\drivers\habu.sys [13696 2006-10-26] (Razer (Asia-Pacific) Pte Ltd)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [20968 2012-08-16] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [19944 2012-08-16] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46016 2012-08-16] ()
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-21] (NVIDIA Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2013-03-07] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [9584 2013-03-07] ()
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R2 SSPORT; C:\Windows\SysWOW64\Drivers\SSPORT.sys [11576 2009-10-23] (Samsung Electronics)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [389240 2014-04-22] (BitDefender S.R.L.)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-09-14] ()
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]
U0 dmboot; No ImagePath
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_cdcecm; system32\DRIVERS\ew_jucdcecm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 MSI_MSIBIOS_010507; \??\C:\Program Files (x86)\MSI\Live Update 5\msibios64_100507.sys [X]
S3 NTIOLib_1_0_4; \??\E:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
S3 SANDRA; \??\E:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP1a\WNt500x64\Sandra.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
U2 TMAgent; No ImagePath
U3 tmeevw; No ImagePath
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-15 00:50 - 2014-09-15 00:50 - 00028647 _____ () C:\Users\martin\Desktop\FRST.txt
2014-09-15 00:50 - 2014-09-15 00:50 - 00000000 ____D () C:\FRST
2014-09-15 00:49 - 2014-09-15 00:49 - 02105856 _____ (Farbar) C:\Users\martin\Desktop\FRST64.exe
2014-09-14 14:38 - 2014-09-14 18:33 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-09-14 14:35 - 2014-09-14 14:35 - 01373475 _____ () C:\Users\martin\Downloads\AdwCleaner_3.310.exe
2014-09-14 14:33 - 2014-09-14 14:33 - 00464381 ____N () C:\Users\martin\Downloads\SpyHunterKiller.exe
2014-09-13 12:13 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-13 12:13 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-13 12:13 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-13 12:13 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-13 12:13 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-13 12:13 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-13 12:13 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-13 12:13 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-13 12:13 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-13 12:13 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-13 12:13 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-13 12:13 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-13 12:13 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-13 12:13 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-13 12:13 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-13 12:13 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-13 12:13 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-13 12:13 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-13 12:13 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-13 12:13 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-13 12:13 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-13 12:13 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-13 12:13 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-13 12:13 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-13 12:13 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-13 12:13 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-13 12:13 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-13 12:13 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-13 12:13 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-13 12:13 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-13 12:13 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-13 12:13 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-13 12:13 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-13 12:13 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-13 12:13 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-13 12:13 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-13 12:13 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-13 12:13 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-13 12:13 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-13 12:13 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-13 12:13 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-13 12:13 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-13 12:13 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-13 12:13 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-13 12:13 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-13 12:13 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-13 12:13 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-13 12:13 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-13 12:13 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-13 12:13 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-13 12:13 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-13 12:13 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-13 12:13 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-13 12:13 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-13 12:13 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-13 12:13 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-13 12:07 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-13 12:07 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-13 03:09 - 2014-09-13 03:09 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-13 03:08 - 2014-09-13 03:08 - 00000785 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-13 03:08 - 2014-09-13 03:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-13 03:08 - 2014-09-13 03:08 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-13 03:08 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-13 03:08 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-13 03:08 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-13 03:07 - 2014-09-13 03:07 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\martin\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-09-12 00:47 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-12 00:47 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-12 00:47 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-12 00:47 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-12 00:47 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-12 00:47 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-12 00:47 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-12 00:47 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-12 00:47 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-12 00:47 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-12 00:47 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-01 11:41 - 2014-09-01 11:41 - 00056273 _____ () C:\Users\martin\Documents\Kolliumschlag 2012.xls
2014-09-01 11:23 - 2014-09-01 11:23 - 00055208 _____ () C:\Users\martin\Documents\Kolliumschlag 2013.xls
2014-08-31 12:12 - 2014-09-07 20:58 - 22478848 _____ () C:\Users\martin\Desktop\SyldorfOperational5.31.mdb
2014-08-29 19:08 - 2014-08-29 19:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2014-08-29 19:07 - 2014-08-29 19:07 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-08-27 20:31 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 20:31 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-27 20:31 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-26 20:03 - 2014-08-26 20:03 - 00000000 ____D () C:\Users\martin\AppData\Local\Doist_Ltd
2014-08-26 20:02 - 2014-08-26 20:02 - 00000000 ____D () C:\Users\martin\AppData\Local\Todoist
2014-08-26 19:58 - 2014-08-26 19:59 - 18161104 _____ (Doist Ltd. ) C:\Users\martin\Downloads\Todoist_for_Windows.exe
2014-08-23 03:15 - 2014-09-01 11:25 - 00054517 _____ () C:\Users\martin\Documents\Kolliumschlag 2014.xls
2014-08-17 16:12 - 2014-08-17 16:12 - 00261356 _____ () C:\Windows\msxml4-KB2758694-enu.LOG
2014-08-16 15:23 - 2014-08-16 15:23 - 00000000 ____D () C:\Users\martin\AppData\Local\SkyCom
2014-08-16 15:10 - 2014-08-16 15:10 - 00000786 _____ () C:\Users\martin\Desktop\Lohn-Archiv V.6.82.lnk
2014-08-16 15:04 - 2014-08-16 15:04 - 00000000 ____D () C:\ProgramData\SkyCom
2014-08-16 15:04 - 2011-02-25 14:01 - 00021848 _____ () C:\Windows\system32\skypdfmonpro.dll
2014-08-16 15:04 - 2011-02-25 14:01 - 00015704 _____ () C:\Windows\system32\skypdfmonuipro.dll
2014-08-16 15:03 - 2012-12-20 03:01 - 01261152 _____ (DATEV eG) C:\Windows\Update.Upd
2014-08-16 15:03 - 2012-12-20 03:01 - 00139360 _____ (DATEV eG) C:\Windows\system32\DvInesCredentialProviderX64.Dll
2014-08-16 14:59 - 2014-08-16 15:04 - 00000021 _____ () C:\Windows\DvInesKurusOleServer003.INI
2014-08-16 14:59 - 2012-04-26 07:41 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2014-08-16 14:59 - 2012-04-26 06:45 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2014-08-16 14:59 - 1999-11-30 22:40 - 00006416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LANACFG.EXE
2014-08-16 14:58 - 2014-08-16 14:58 - 00000000 ____D () C:\Users\martin\AppData\Local\DATEV
2014-08-16 14:57 - 2014-08-16 14:57 - 00000105 _____ () C:\Windows\dvinesinstalllocation001.INI
2014-08-16 14:55 - 2014-08-16 15:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DATEV
2014-08-16 14:55 - 2014-08-16 15:03 - 00000000 ____D () C:\Users\martin\AppData\Roaming\DVASSV
2014-08-16 14:55 - 2014-08-16 14:55 - 00000106 _____ () C:\Windows\Startup.INI
2014-08-16 14:55 - 2014-08-16 14:55 - 00000000 ____D () C:\ProgramData\Datev

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-15 00:50 - 2014-09-15 00:50 - 00028647 _____ () C:\Users\martin\Desktop\FRST.txt
2014-09-15 00:50 - 2014-09-15 00:50 - 00000000 ____D () C:\FRST
2014-09-15 00:49 - 2014-09-15 00:49 - 02105856 _____ (Farbar) C:\Users\martin\Desktop\FRST64.exe
2014-09-15 00:49 - 2014-05-05 09:49 - 00000000 ____D () C:\Users\martin\Desktop\db_SYL
2014-09-15 00:48 - 2014-08-05 21:37 - 00000000 ____D () C:\Users\martin\AppData\Roaming\KeePass
2014-09-15 00:47 - 2014-04-24 01:46 - 00000000 ____D () C:\Users\martin\AppData\Roaming\BitTorrent Sync
2014-09-15 00:43 - 2014-06-18 10:38 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8ad0b60b04d1.job
2014-09-15 00:37 - 2013-02-08 03:40 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-15 00:22 - 2014-08-11 21:11 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3954777559-4077233392-3260119320-1000UA.job
2014-09-15 00:20 - 2013-02-08 03:21 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-14 23:35 - 2009-07-14 06:45 - 00021248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-14 23:35 - 2009-07-14 06:45 - 00021248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-14 23:30 - 2013-02-08 02:03 - 02008486 _____ () C:\Windows\WindowsUpdate.log
2014-09-14 21:22 - 2014-08-11 21:11 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3954777559-4077233392-3260119320-1000Core.job
2014-09-14 18:38 - 2013-02-10 13:58 - 00000000 ____D () C:\Users\martin\AppData\Roaming\Dropbox
2014-09-14 18:37 - 2014-06-18 10:38 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8ad0b3577370.job
2014-09-14 18:37 - 2013-02-08 03:40 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-14 18:33 - 2014-09-14 14:38 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-09-14 18:33 - 2014-06-03 00:09 - 00002269 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-09-14 18:33 - 2013-02-26 02:01 - 00034752 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2014-09-14 18:33 - 2013-02-08 02:43 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-14 18:33 - 2013-02-08 02:21 - 05216914 _____ () C:\Windows\PFRO.log
2014-09-14 18:33 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-14 18:33 - 2009-07-14 06:51 - 00100327 _____ () C:\Windows\setupact.log
2014-09-14 18:32 - 2014-04-29 23:04 - 00000000 ____D () C:\AdwCleaner
2014-09-14 14:42 - 2013-02-10 13:42 - 00000072 _____ () C:\Users\Public\LMDebug.log
2014-09-14 14:42 - 2013-02-08 02:03 - 00000000 ____D () C:\Users\martin
2014-09-14 14:35 - 2014-09-14 14:35 - 01373475 _____ () C:\Users\martin\Downloads\AdwCleaner_3.310.exe
2014-09-14 14:33 - 2014-09-14 14:33 - 00464381 ____N () C:\Users\martin\Downloads\SpyHunterKiller.exe
2014-09-13 15:27 - 2014-06-02 23:44 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-13 13:39 - 2013-12-10 21:58 - 00000000 ____D () C:\Windows\rescache
2014-09-13 12:13 - 2013-07-08 12:43 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-13 12:12 - 2013-08-14 22:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-13 12:12 - 2013-02-12 00:53 - 09493054 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-13 12:12 - 2013-02-08 20:02 - 00737918 _____ () C:\Windows\system32\perfh00C.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00732248 _____ () C:\Windows\system32\perfh010.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00716802 _____ () C:\Windows\system32\perfh019.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00706082 _____ () C:\Windows\system32\prfh0416.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00675956 _____ () C:\Windows\system32\perfh00E.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00661042 _____ () C:\Windows\system32\perfh005.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00599190 _____ () C:\Windows\system32\perfh008.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00486716 _____ () C:\Windows\system32\perfh014.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00473704 _____ () C:\Windows\system32\perfh00B.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00471216 _____ () C:\Windows\system32\perfh001.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00408980 _____ () C:\Windows\system32\perfh011.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00171540 _____ () C:\Windows\system32\perfc00E.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00151108 _____ () C:\Windows\system32\perfc019.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00149846 _____ () C:\Windows\system32\perfc00C.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00147922 _____ () C:\Windows\system32\prfc0416.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00147112 _____ () C:\Windows\system32\perfc010.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00141692 _____ () C:\Windows\system32\perfc005.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00122366 _____ () C:\Windows\system32\perfc011.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00111394 _____ () C:\Windows\system32\perfc008.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00101786 _____ () C:\Windows\system32\perfc00B.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00095670 _____ () C:\Windows\system32\perfc014.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00095038 _____ () C:\Windows\system32\perfc001.dat
2014-09-13 12:12 - 2009-07-14 19:58 - 00699700 _____ () C:\Windows\system32\perfh007.dat
2014-09-13 12:12 - 2009-07-14 19:58 - 00149840 _____ () C:\Windows\system32\perfc007.dat
2014-09-13 12:12 - 2009-07-14 07:13 - 09493054 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-13 12:08 - 2013-02-09 01:13 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-13 12:07 - 2014-04-27 23:36 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-13 03:17 - 2013-02-08 19:42 - 00000000 ____D () C:\Windows\sk-SK
2014-09-13 03:09 - 2014-09-13 03:09 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-13 03:08 - 2014-09-13 03:08 - 00000785 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-13 03:08 - 2014-09-13 03:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-13 03:08 - 2014-09-13 03:08 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-13 03:07 - 2014-09-13 03:07 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\martin\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-09-12 20:39 - 2014-06-03 21:04 - 00002139 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-09 22:20 - 2013-02-08 03:21 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-09 22:20 - 2013-02-08 03:21 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-09 22:20 - 2013-02-08 03:21 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-09 00:58 - 2014-05-05 09:49 - 00000000 ____D () C:\Users\martin\Desktop\db_TMP
2014-09-07 20:58 - 2014-08-31 12:12 - 22478848 _____ () C:\Users\martin\Desktop\SyldorfOperational5.31.mdb
2014-09-05 04:10 - 2014-09-12 00:47 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-05 04:05 - 2014-09-12 00:47 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-01 21:53 - 2013-08-27 21:45 - 00000000 ____D () C:\Users\martin\AppData\Local\CrashDumps
2014-09-01 21:53 - 2013-02-24 04:10 - 00000000 ____D () C:\Users\martin\AppData\Roaming\vlc
2014-09-01 21:52 - 2013-08-26 11:06 - 00000835 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-09-01 11:41 - 2014-09-01 11:41 - 00056273 _____ () C:\Users\martin\Documents\Kolliumschlag 2012.xls
2014-09-01 11:25 - 2014-08-23 03:15 - 00054517 _____ () C:\Users\martin\Documents\Kolliumschlag 2014.xls
2014-09-01 11:23 - 2014-09-01 11:23 - 00055208 _____ () C:\Users\martin\Documents\Kolliumschlag 2013.xls
2014-08-29 19:08 - 2014-08-29 19:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2014-08-29 19:07 - 2014-08-29 19:07 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-08-28 20:34 - 2009-07-14 06:45 - 00477648 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 21:09 - 2013-02-08 03:15 - 00000000 ____D () C:\Users\martin\AppData\Roaming\JOSM
2014-08-26 20:03 - 2014-08-26 20:03 - 00000000 ____D () C:\Users\martin\AppData\Local\Doist_Ltd
2014-08-26 20:02 - 2014-08-26 20:02 - 00000000 ____D () C:\Users\martin\AppData\Local\Todoist
2014-08-26 19:59 - 2014-08-26 19:58 - 18161104 _____ (Doist Ltd. ) C:\Users\martin\Downloads\Todoist_for_Windows.exe
2014-08-23 04:07 - 2014-08-27 20:31 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-27 20:31 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-27 20:31 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-19 20:05 - 2014-09-13 12:13 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-19 19:39 - 2014-09-13 12:13 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-19 01:25 - 2014-02-08 02:39 - 00000000 ____D () C:\Users\martin\AppData\Roaming\Spotify
2014-08-19 01:01 - 2014-09-13 12:13 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-19 00:29 - 2014-09-13 12:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-19 00:29 - 2014-09-13 12:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-19 00:26 - 2014-09-13 12:13 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-19 00:20 - 2014-09-13 12:13 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-19 00:19 - 2014-09-13 12:13 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-19 00:15 - 2014-09-13 12:13 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-19 00:15 - 2014-09-13 12:13 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-19 00:14 - 2014-09-13 12:13 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-19 00:14 - 2014-09-13 12:13 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-19 00:08 - 2014-09-13 12:13 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-19 00:08 - 2014-09-13 12:13 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-19 00:08 - 2014-09-13 12:13 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-19 00:05 - 2014-09-13 12:13 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-19 00:03 - 2014-09-13 12:13 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-19 00:03 - 2014-09-13 12:13 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-19 00:03 - 2014-09-13 12:13 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-18 23:57 - 2014-09-13 12:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-18 23:56 - 2014-09-13 12:13 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-18 23:51 - 2014-09-13 12:13 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-18 23:46 - 2014-09-13 12:13 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-18 23:45 - 2014-09-13 12:13 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-18 23:45 - 2014-09-13 12:13 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-18 23:44 - 2014-09-13 12:13 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-18 23:44 - 2014-09-13 12:13 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-18 23:42 - 2014-09-13 12:13 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-18 23:40 - 2014-09-13 12:13 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-18 23:39 - 2014-09-13 12:13 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-18 23:39 - 2014-09-13 12:13 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-18 23:39 - 2014-09-13 12:13 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-18 23:38 - 2014-09-13 12:13 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-18 23:37 - 2014-09-13 12:13 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-18 23:36 - 2014-09-13 12:13 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-18 23:35 - 2014-09-13 12:13 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-18 23:27 - 2014-09-13 12:13 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-18 23:25 - 2014-09-13 12:13 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-18 23:25 - 2014-09-13 12:13 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-18 23:23 - 2014-09-13 12:13 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-18 23:23 - 2014-09-13 12:13 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-18 23:22 - 2014-09-13 12:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-18 23:19 - 2014-09-13 12:13 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-18 23:17 - 2014-09-13 12:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-18 23:17 - 2014-09-13 12:13 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-18 23:16 - 2014-09-13 12:13 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-18 23:15 - 2014-09-13 12:13 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-18 23:15 - 2014-09-13 12:13 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-18 23:09 - 2014-09-13 12:13 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-18 23:08 - 2014-09-13 12:13 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-18 23:07 - 2014-09-13 12:13 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-18 22:55 - 2014-09-13 12:13 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-18 22:46 - 2014-09-13 12:13 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-18 22:38 - 2014-09-13 12:13 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-18 22:38 - 2014-09-13 12:13 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-18 22:36 - 2014-09-13 12:13 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-17 16:12 - 2014-08-17 16:12 - 00261356 _____ () C:\Windows\msxml4-KB2758694-enu.LOG
2014-08-16 15:23 - 2014-08-16 15:23 - 00000000 ____D () C:\Users\martin\AppData\Local\SkyCom
2014-08-16 15:10 - 2014-08-16 15:10 - 00000786 _____ () C:\Users\martin\Desktop\Lohn-Archiv V.6.82.lnk
2014-08-16 15:04 - 2014-08-16 15:04 - 00000000 ____D () C:\ProgramData\SkyCom
2014-08-16 15:04 - 2014-08-16 14:59 - 00000021 _____ () C:\Windows\DvInesKurusOleServer003.INI
2014-08-16 15:04 - 2014-08-16 14:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DATEV
2014-08-16 15:03 - 2014-08-16 14:55 - 00000000 ____D () C:\Users\martin\AppData\Roaming\DVASSV
2014-08-16 14:58 - 2014-08-16 14:58 - 00000000 ____D () C:\Users\martin\AppData\Local\DATEV
2014-08-16 14:58 - 2013-02-10 17:46 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-08-16 14:57 - 2014-08-16 14:57 - 00000105 _____ () C:\Windows\dvinesinstalllocation001.INI
2014-08-16 14:55 - 2014-08-16 14:55 - 00000106 _____ () C:\Windows\Startup.INI
2014-08-16 14:55 - 2014-08-16 14:55 - 00000000 ____D () C:\ProgramData\Datev

Some content of TEMP:
====================
C:\Users\martin\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpi7m7qn.dll
C:\Users\martin\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\martin\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\martin\AppData\Local\Temp\proxy_vole2698416163957520236.dll
C:\Users\martin\AppData\Local\Temp\Quarantine.exe
C:\Users\martin\AppData\Local\Temp\Samsung_Magician_Setup_v44.exe
C:\Users\martin\AppData\Local\Temp\SHSetup.exe
C:\Users\martin\AppData\Local\Temp\vlc-2.1.5-win64.exe
C:\Users\martin\AppData\Local\Temp\Wunderlist-Setup2.3.0.31.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-07 18:50

==================== End Of Log ============================
--- --- ---

Czmartin 14.09.2014 23:53
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by martin at 2014-09-15 00:50:33
Running from C:\Users\martin\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Ad-Aware Antivirus (Enabled - Up to date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AS: Ad-Aware Antivirus (Enabled - Up to date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 3.3.0.29126 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Active@ KillDisk 7.5 (HKLM-x32\...\{3F36F1F6-D55E-4C60-A9DD-809FED24CED7}_is1) (Version: 7.5 - LSoft Technologies Inc)
Ad-Aware Antivirus (HKLM\...\{E39A80AE-0CC0-43EE-AB6B-BE11DC4F969F}_AdAwareUpdater) (Version: 11.3.6321.0 - Lavasoft)
AdAwareInstaller (Version: 11.3.6321.0 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.3.6321.0 - Lavasoft) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.2090 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.7.0.2090 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
AntimalwareEngine (Version: 3.0.0.56 - Lavasoft) Hidden
AntispamEngine (Version: 2.4.2158.0 - Lavasoft) Hidden
Assassin's Creed(R) III v1.03 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.03 - Ubisoft)
AVS Video Editor 6 (HKLM-x32\...\AVS Video Editor_is1) (Version: 6.3.2.234 - Online Media Technologies Ltd.)
AVS Video Recorder 2.5 (HKLM-x32\...\AVS Video Recorder_is1) (Version: 2.5.3.83 - Online Media Technologies Ltd.)
Bitcoin (HKCU\...\Bitcoin) (Version: 0.8.5 - Bitcoin project)
BitTorrent Sync (HKLM-x32\...\BitTorrent Sync) (Version: 1.3.94 - )
BlueGriffon version 1.6.1 (HKLM-x32\...\{A9015334-10BE-4D64-A776-203336EFE806}_is1) (Version: 1.6.1 - Disruptive Innovations SAS)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Conexant Polaris Unused CIR Function (HKLM\...\Uninstaller512a19d1257) (Version: 1.0.0.0 - Conexant Systems)
Conexant Polaris Unused CIR Function (HKLM\...\VID_1D19&PID_6109&MI_00) (Version: 1.0.0.0 - Conexant Systems)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 9.0.0.3815a - CyberLink Corp.)
CyberLink PowerDirector (Version: 9.0.0.3815a - CyberLink Corp.) Hidden
DATEV Installation V.3.1 (HKLM-x32\...\DATEVB00000482.0) (Version:  - )
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{650DE870-ECA3-4E63-8D77-778512BE5D4C}) (Version:  - Microsoft)
DFL2010 ConfigDB (HKLM-x32\...\{B305A97D-E41F-4CA5-889D-E312F8D167D8}) (Version: 4.18.4066.0 - DATEV eG)
DFL2010 Microkernel (HKLM-x32\...\{6007A8A9-231B-44B9-961F-639428E6C3B8}) (Version: 4.18.4066.0 - DATEV eG)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.27 - Dropbox, Inc.)
EasyViewer (HKLM-x32\...\InstallShield_{EECD7B96-1416-4D3A-B12D-0D2512120C36}) (Version: 1.3.0.9 - MSI)
EasyViewer (x32 Version: 1.3.0.9 - MSI) Hidden
Elevated Installer (x32 Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) Hidden
Eraser 6.0.10.2620 (HKLM\...\{6E5159B4-A519-41EF-80EF-AD58371515DF}) (Version: 6.0.2620 - The Eraser Project)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Evernote v. 5.1.1 (HKLM-x32\...\{19ABCFE2-7EED-11E3-B98A-00163E98E7D6}) (Version: 5.1.1.2334 - Evernote Corp.)
EVGA Precision X 3.0.3 (HKLM-x32\...\PrecisionX) (Version: 3.0.3 - EVGA Corporation)
FirewallEngine (Version: 1.6.0.0 - Lavasoft) Hidden
Flashtool (HKLM-x32\...\Flashtool) (Version: 0.9.13.0 - Androxyde)
FreeFileSync 6.6 (HKLM-x32\...\FreeFileSync) (Version: 6.6 - Zenju)
Freemake Video Converter Version 4.1.3 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.3 - Ellora Assets Corporation)
Garmin BaseCamp (HKLM-x32\...\{F487FEEC-AE9F-4E68-82F2-300F49A8C435}) (Version: 4.2.2 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin (HKLM-x32\...\{647BB978-2876-487B-9B0E-FDB73F0EA4A2}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{237D687E-9E50-4A30-B810-262764CC491B}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{b43ffffb-1adc-4bcb-b277-7844ebff94da}) (Version: 3.2.17.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin MapSource (HKLM-x32\...\{AFBAB9A0-DDE8-49AE-8C17-A01B61BEE64B}) (Version: 6.16.3 - Garmin Ltd or its subsidiaries)
Garmin POI Loader (HKLM-x32\...\{3213ED5E-7BBE-4613-BE69-8B1E4FE520DD}) (Version: 2.7.3 - Garmin Ltd or its subsidiaries)
Garmin Training Center (HKLM-x32\...\{7D542452-84EB-47C0-97BA-735C523AB555}) (Version: 3.6.5 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google+ Auto Backup (HKCU\...\Google+ Auto Backup) (Version: 1.0.26.151 - Google, Inc.)
Hawken (HKCU\...\Hawken) (Version:  - Meteor Entertainment)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.10.1464 - Intel Corporation)
Intel(R) Smart Connect Technology 3.0 x64 (HKLM\...\{01C324B7-3744-4EC0-9C4F-40BCCDD47CFB}) (Version: 3.0.41.1571 - Intel)
Intel® Trusted Connect Service Client (Version: 1.23.943.1 - Intel Corporation) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
JDownloader 2 (HKLM-x32\...\0630-0716-3135-7887) (Version: 2 - AppWork GmbH)
KeePass Password Safe 2.27 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.27 - Dominik Reichl)
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.8 - Thibaut Lauziere)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MeinPlatz (HKLM\...\MeinPlatz) (Version:  - )
Microsoft .NET Framework 4.5.1 (ARA) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (CSY) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (ELL) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (FIN) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (FRA) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HUN) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (ITA) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Italiano) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1040) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (JPN) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (NOR) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Português do Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (PTB) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (RUS) (Version: 4.5.50938 - Корпорация Майкрософт) Hidden
Microsoft .NET Framework 4.5.1 (suomi) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1035) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Ελληνικά) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1032) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Русский) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1049) (Version: 4.5.50938 - Корпорация Майкрософт)
Microsoft .NET Framework 4.5.1 (العربية) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1025) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (日本語) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1041) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1, norsk språkpakke (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1044) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET-keretrendszer 4.5.1 (magyar) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1038) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft XML Parser (x32 Version: 8.70.1104.04 - Microsoft Corporation) Hidden
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.1.177.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 2.1.177.0 - Microsoft Corporation) Hidden
MiniTool Partition Wizard Home Edition 7.8 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyDriveConnect 3.3.0.1502 (HKLM-x32\...\MyDriveConnect) (Version: 3.3.0.1502 - TomTom)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version:  - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.1 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 334.89 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 334.89 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0 - NVIDIA Corporation)
NVIDIA Grafiktreiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 334.89 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.151.1095 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 12.4.55 (Version: 12.4.55 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3489 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 334.89 (Version: 334.89 - NVIDIA Corporation) Hidden
NVIDIA Update 12.4.55 (Version: 12.4.55 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 12.4.55 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.22 (Version: 1.2.22 - NVIDIA Corporation) Hidden
O&O SafeErase Professional (HKLM\...\{243176DB-549F-418F-AE20-731DCF0EA42D}) (Version: 7.0.201 - O&O Software GmbH)
OnlineThreatsEngine (Version: 2.2.3.0 - Lavasoft) Hidden
PDF24 Creator 5.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PENTAX Digital Camera Utility 4 (HKLM-x32\...\{433B30F1-3B10-4DDD-8975-C891C56BF992}) (Version: 4.4.0 - PENTAX RICOH IMAGING COMPANY, LTD.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.53.216.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6793 - Realtek Semiconductor Corp.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.4.0 - Samsung Electronics)
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 1.8.323 - NVIDIA Corporation) Hidden
Sony Mobile Update Service (HKLM-x32\...\Update Service) (Version: 2.13.14.201312091927 - Sony Mobile Communications AB)
Spotify (HKCU\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB)
Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.016 - MSI)
System Requirements Lab for Intel (HKLM-x32\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC)
TeamingGenie (HKLM-x32\...\{AF9B9CCF-D1B4-44B4-A030-BFCF5686AA5E}_is1) (Version: 1.0.1.3 - MSI)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.28223 - TeamViewer)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Trainingstagebuch Uploader (HKLM-x32\...\Uploader.6A755FBD4A9495E76557F9D696C5965FE7FBEA15.1) (Version: 1.7 - UNKNOWN)
Trainingstagebuch Uploader (x32 Version: 1.7 - UNKNOWN) Hidden
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2889836) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9179FC17-97A8-4D98-9E09-05720AF5D44E}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 2.1 - Ubisoft)
Video Grabber (HKLM\...\Uninstaller512a19d5176) (Version: 1.0.0.0 - Conexant Systems)
Video Grabber (HKLM\...\VID_1D19&PID_6109&MI_01) (Version: 1.0.0.0 - Conexant Systems)
VideoGenie (HKLM-x32\...\{FC54FD8D-789C-406D-BB88-F7C4421B7E83}_is1) (Version: 1.0.0.12 - MSI)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Wartung Samsung SCX-4623FW Series (HKLM-x32\...\Samsung SCX-4623FW Series) (Version:  - Samsung Electronics Co., Ltd.)
WebFilteringEngine (Version: 2.2.1.0 - Lavasoft) Hidden
Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Winki (HKLM-x32\...\{81CF5153-38CF-41e2-AC3C-3D477C987D96}_is1) (Version: 3.2.123 - MSI)
WinSCP 5.5.3 (HKLM-x32\...\winscp3_is1) (Version: 5.5.3 - Martin Prikryl)
Wunderlist (HKCU\...\f4d33ae8dc11fa61) (Version: 2.0.6.13 - 6 Wunderkinder GmbH)
Wunderlist (HKLM-x32\...\{1ca68332-4ba1-4943-9010-eaa1aa45b492}) (Version: 2.3.0.31 - 6 Wunderkinder GmbH)
Wunderlist (x32 Version: 2.3.0.31 - 6 Wunderkinder GmbH) Hidden
Xming 6.9.0.31 (HKLM-x32\...\Xming_is1) (Version: 6.9.0.31 - Colin Harrison)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3954777559-4077233392-3260119320-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\martin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3954777559-4077233392-3260119320-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\martin\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3954777559-4077233392-3260119320-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\martin\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3954777559-4077233392-3260119320-1000_Classes\CLSID\{F817C393-A76E-435E-B6B1-485844BC9C2E}\InprocServer32 -> C:\Windows\SYSTEM32\shdocvw.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3954777559-4077233392-3260119320-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\martin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3954777559-4077233392-3260119320-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\martin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3954777559-4077233392-3260119320-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\martin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3954777559-4077233392-3260119320-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\martin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3954777559-4077233392-3260119320-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\martin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3954777559-4077233392-3260119320-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\martin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3954777559-4077233392-3260119320-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\martin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3954777559-4077233392-3260119320-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\martin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {121E5950-09E6-44C9-BAF9-A48FD4E44CC2} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung SSD Magician\Samsung Magician.exe [2014-05-19] (Samsung Electronics.)
Task: {1343B45F-9C31-4A57-BB1F-5CDD8E11E802} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-01-29] (Microsoft)
Task: {153CD950-349A-4AD4-9C48-4301257792EB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-08] (Google Inc.)
Task: {1A54EE4A-9CF2-4EAB-9328-81E86824AD57} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {321D7F74-1F21-4D1C-A7F4-30781BA4FD89} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {43F1D73F-A0BA-416B-A3D1-528719BD4B49} - System32\Tasks\GarminUpdaterTask => E:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-08-07] ()
Task: {5AAC0D93-ECBE-4FEF-BA8C-A4D056848844} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {7157A30F-6C31-497D-AD45-8D90E9FCACC5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3954777559-4077233392-3260119320-1000Core => C:\Users\martin\AppData\Local\Google\Update\GoogleUpdate.exe [2014-08-11] (Google Inc.)
Task: {8CC2FA7F-5386-4182-9187-F2D6DB3F61FD} - System32\Tasks\GoogleUpdateTaskMachineCore1cf8ad0b3577370 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-08] (Google Inc.)
Task: {A329AAF2-02B3-4226-9FB6-4DB26711B87F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-09] (Adobe Systems Incorporated)
Task: {ACA42325-40DA-4B38-BEA7-6EB814FCD8BA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3954777559-4077233392-3260119320-1000UA => C:\Users\martin\AppData\Local\Google\Update\GoogleUpdate.exe [2014-08-11] (Google Inc.)
Task: {AFCE26A6-8953-4558-B74A-7B4A8AFE8A87} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {B436B604-9C9D-44E7-B113-2026A8BF7613} - System32\Tasks\GoogleUpdateTaskMachineUA1cf8ad0b60b04d1 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-08] (Google Inc.)
Task: {E0A16CFF-D8B4-44A3-9236-E554984F0AAA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-08] (Google Inc.)
Task: {FD4929A2-4998-46A0-8034-9A061AB11477} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8ad0b3577370.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8ad0b60b04d1.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3954777559-4077233392-3260119320-1000Core.job => C:\Users\martin\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3954777559-4077233392-3260119320-1000UA.job => C:\Users\martin\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-08-16 15:04 - 2011-02-25 14:01 - 00021848 _____ () C:\Windows\System32\skypdfmonpro.dll
2013-02-10 13:41 - 2009-10-29 00:34 - 00027648 _____ () C:\Windows\System32\sso4ml6.dll
2013-02-10 13:41 - 2010-02-12 01:25 - 00750080 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\sso4mdu.dll
2013-02-08 02:42 - 2014-02-08 19:42 - 00117024 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-08-16 21:36 - 2012-08-16 21:36 - 00149032 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2012-08-16 21:36 - 2012-08-16 21:36 - 00058920 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2014-08-27 12:32 - 2014-08-27 12:32 - 00706864 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe
2014-08-27 12:53 - 2014-08-27 12:53 - 00103768 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_thread-vc100-mt-1_55.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 00024408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_system-vc100-mt-1_55.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 00033624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_chrono-vc100-mt-1_55.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 00055648 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_date_time-vc100-mt-1_55.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 00123744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_filesystem-vc100-mt-1_55.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 11947856 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareServiceKernel.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 03396400 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\RCF.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 00788824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_regex-vc100-mt-1_55.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00734536 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareActivation.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 02167640 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareApplicationUpdater.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00813896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareGamingMode.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00098624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareReset.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 00120128 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTime.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00943960 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareDefinitionsUpdater.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00869224 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareDefinitionsUpdaterScheduler.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 01105224 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareIgnoreList.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00247624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareQuarantine.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00988504 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAntiMalwareEngine.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00212824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAntiRootkitEngine.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 01172816 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareScannerHistory.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 01277248 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareScanner.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 00035160 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_timer-vc100-mt-1_55.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00975192 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareScannerScheduler.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 01109336 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareRealTimeProtection.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00229200 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareIncompatibles.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00891720 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAntiSpam.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00843088 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAntiPhishing.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 03090768 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareParentalControl.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 02624848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareWebProtection.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 01067344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareEmailProtection.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 01290584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareNetworkProtection.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 01004352 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwarePromo.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00343880 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareFeedback.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 02787160 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareThreatWorkAlliance.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 01238848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwarePinCode.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 01004864 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareNotice.dll
2014-08-27 12:52 - 2014-08-27 12:52 - 00928072 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAvcEngine.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 00154944 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\SecurityCenter.dll
2014-06-03 00:09 - 2013-07-17 17:09 - 00156936 _____ () C:\Windows\system32\bdfwcore.dll
2014-04-22 17:29 - 2014-07-07 13:17 - 00766976 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.3.0\definitions\loc1\ashttpbr.mdl
2014-04-22 17:29 - 2014-07-07 13:17 - 00556032 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.3.0\definitions\loc1\ashttpdsp.mdl
2014-04-22 17:29 - 2014-07-07 13:17 - 02575360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.3.0\definitions\loc1\ashttpph.mdl
2014-04-22 17:29 - 2014-07-07 13:17 - 01306112 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.3.0\definitions\loc1\ashttprbl.mdl
2013-02-24 15:52 - 2012-06-22 10:31 - 00386344 ____R () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-08-27 12:53 - 2014-08-27 12:53 - 08886592 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe
2014-08-27 12:53 - 2014-08-27 12:53 - 00500056 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_locale-vc100-mt-1_55.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 02101568 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\HtmlFramework.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 00066872 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\DllStorage.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 00832848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTrayDefaultSkin.dll
2014-08-27 12:53 - 2014-08-27 12:53 - 00811328 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\Localization.dll
2014-09-13 12:47 - 2014-09-13 12:47 - 01672704 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\ReactiveUI\2fbaa58ede6f8c417e5e3e67f1d55a8c\ReactiveUI.ni.dll
2014-06-16 03:18 - 2014-06-16 03:18 - 00035328 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Wunderkinde6f42a4a9#\a03d5c47c984346008ba13e9c563a958\Wunderkinder.Wunderlist.Data.Realtime.ni.dll
2014-06-16 03:18 - 2014-06-16 03:18 - 00529408 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Akavache.Portable\b1e3a440491d3e92a6e969fc4bbf1e85\Akavache.Portable.ni.dll
2014-06-16 03:18 - 2014-06-16 03:18 - 00050176 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Wunderkinded9c6edae#\cbfdefb9fa17cd72c7f6dc58e6ad53dd\Wunderkinder.Wunderlist.Presentation.ni.dll
2014-06-16 03:18 - 2014-06-16 03:18 - 00910336 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\AutoMapper\26f8d37c719a62bfb151ae71a71f06a7\AutoMapper.ni.dll
2013-10-01 13:33 - 2013-10-01 13:33 - 00028160 _____ () C:\Program Files (x86)\Wunderlist2\AutoMapper.Net4.dll
2013-02-10 13:45 - 2011-07-14 13:49 - 00688128 _____ () C:\Windows\Samsung\PanelMgr\SSMMgr.exe
2010-11-29 16:04 - 2010-11-29 16:04 - 00403968 _____ () C:\Program Files\Intel\TurboBoost\de\SignalIslandUi.resources.dll
2009-10-28 00:00 - 2009-10-28 00:00 - 00306688 _____ () C:\Windows\Samsung\PanelMgr\caller64.exe
2013-02-08 02:20 - 2012-03-29 07:18 - 01198872 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-03-17 12:59 - 2014-03-17 12:59 - 00026488 _____ () C:\Program Files (x86)\MyDrive Connect\DeviceDetection.dll
2014-03-17 12:58 - 2014-03-17 12:58 - 00082808 _____ () C:\Program Files (x86)\MyDrive Connect\TomTomSupporterBase.dll
2014-03-17 12:58 - 2014-03-17 12:58 - 00357752 _____ () C:\Program Files (x86)\MyDrive Connect\TomTomSupporterProxy.dll
2014-08-13 00:29 - 2014-08-13 00:29 - 03219456 _____ () C:\Users\martin\AppData\Local\Programs\Google\Google+ Auto Backup\gpuploader_i18n.dll
2014-09-14 18:38 - 2014-09-14 18:38 - 00043008 _____ () c:\users\martin\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpi7m7qn.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\martin\AppData\Roaming\Dropbox\bin\libcef.dll
2013-12-20 13:14 - 2013-12-20 13:14 - 00433664 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
2013-12-20 13:14 - 2013-12-20 13:14 - 00315392 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
2014-09-12 20:39 - 2014-09-04 05:01 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libglesv2.dll
2014-09-12 20:39 - 2014-09-04 05:01 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libegl.dll
2013-12-10 20:01 - 2014-05-06 11:24 - 00013824 _____ () C:\Program Files (x86)\Samsung SSD Magician\SAMSUNG_SSD.dll
2013-12-10 20:01 - 2014-05-19 20:20 - 00103424 _____ () C:\Program Files (x86)\Samsung SSD Magician\PAL.dll
2013-12-10 20:01 - 2014-05-19 20:20 - 00039424 _____ () C:\Program Files (x86)\Samsung SSD Magician\SATA.dll
2013-12-10 20:01 - 2014-05-19 20:19 - 00038400 _____ () C:\Program Files (x86)\Samsung SSD Magician\SAT.dll
2013-12-10 20:01 - 2014-05-19 20:20 - 00031232 _____ () C:\Program Files (x86)\Samsung SSD Magician\SMINI.dll
2013-12-10 20:01 - 2014-05-19 20:19 - 00029696 _____ () C:\Program Files (x86)\Samsung SSD Magician\SAS.dll
2014-09-12 20:39 - 2014-09-04 05:01 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll
2014-09-12 20:39 - 2014-09-04 05:01 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll
2014-09-12 20:39 - 2014-09-04 05:01 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/14/2014 01:16:56 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/13/2014 00:43:24 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/11/2014 07:45:44 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/10/2014 09:04:55 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/09/2014 02:47:49 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/08/2014 01:05:27 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/07/2014 06:50:42 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/01/2014 09:53:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000018e5d
ID des fehlerhaften Prozesses: 0x1dc8
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3

Error: (08/31/2014 01:31:02 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/29/2014 07:29:53 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (09/14/2014 11:04:49 PM) (Source: BROWSER) (EventID: 8032) (User: )
Description: Das Einlesen der Sicherungsliste durch den Suchdienst schlug auf Transport "\Device\NetBT_Tcpip_{F487A24D-9BF2-46FE-A631-2A22E17D43E3}" zu oft fehl.
Der Sicherungssuchdienst wird beendet.

Error: (09/14/2014 06:33:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/14/2014 02:38:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/14/2014 02:38:13 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎14.‎09.‎2014 um 14:37:05 unerwartet heruntergefahren.

Error: (09/13/2014 00:30:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/11/2014 06:46:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/10/2014 08:36:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/09/2014 02:56:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/09/2014 02:56:46 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎09.‎09.‎2014 um 02:54:52 unerwartet heruntergefahren.

Error: (09/09/2014 02:51:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2


Microsoft Office Sessions:
=========================
Error: (09/14/2014 01:16:56 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (09/13/2014 00:43:24 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (09/11/2014 07:45:44 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (09/10/2014 09:04:55 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (09/09/2014 02:47:49 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (09/08/2014 01:05:27 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (09/07/2014 06:50:42 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (09/01/2014 09:53:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.1.7601.18247521eaf24c00000050000000000018e5d1dc801cfc61e5d61b8d1C:\Program Files\VideoLAN\VLC\vlc.exeC:\Windows\SYSTEM32\ntdll.dll9e093fc6-3211-11e4-8e74-d43d7e051965

Error: (08/31/2014 01:31:02 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (08/29/2014 07:29:53 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe


CodeIntegrity Errors:
===================================
  Date: 2013-11-03 16:37:08.628
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\#Festplatten Recovery\testdisk-6.14\HDD Patrick\f0366688_avwsc.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-03 16:37:08.159
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\#Festplatten Recovery\testdisk-6.14\HDD Patrick\f0366688_avwsc.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-03 16:37:07.622
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\#Festplatten Recovery\testdisk-6.14\HDD Patrick\f0366688_avwsc.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-03 16:37:07.072
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\#Festplatten Recovery\testdisk-6.14\HDD Patrick\f0366688_avwsc.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-03 16:37:06.515
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\#Festplatten Recovery\testdisk-6.14\HDD Patrick\f0366688_avwsc.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-03 16:37:05.973
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\#Festplatten Recovery\testdisk-6.14\HDD Patrick\f0366688_avwsc.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-03 16:37:05.456
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\#Festplatten Recovery\testdisk-6.14\HDD Patrick\f0366688_avwsc.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-03 16:37:04.951
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\#Festplatten Recovery\testdisk-6.14\HDD Patrick\f0366688_avwsc.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-03 16:37:04.094
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\#Festplatten Recovery\testdisk-6.14\HDD Patrick\f0366688_avwsc.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-03 15:09:47.799
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\#Festplatten Recovery\testdisk-6.14\recup_dir.1\f10636760_tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Percentage of memory in use: 42%
Total physical RAM: 8143.52 MB
Available physical RAM: 4702.48 MB
Total Pagefile: 8341.7 MB
Available Pagefile: 4898.79 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (SDD1) (Fixed) (Total:111.69 GB) (Free:7.99 GB) NTFS
Drive e: (HDD2) (Fixed) (Total:931.51 GB) (Free:463.69 GB) NTFS
Drive f: (HDD3) (Fixed) (Total:931.39 GB) (Free:465.81 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 3C0BC7D9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 46B00643)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

schrauber 15.09.2014 18:46
hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Czmartin 16.09.2014 19:20
Hi,

vielen Dank für Eure Hilfe!

Beim Ausführen von Combofix gab es keine Fehlermeldungen.
Anbei die Combofix.txt:

Code:
ComboFix 14-09-16.01 - martin 16.09.2014  20:10:50.1.4 - x64
Microsoft Windows 7 Ultimate  6.1.7601.1.1252.49.1031.18.8144.4546 [GMT 2:00]
ausgeführt von:: c:\users\martin\Desktop\ComboFix.exe
AV: Ad-Aware Antivirus *Disabled/Outdated* {D87B6541-12A1-DAEA-0033-9B8057AAB996}
FW: Ad-Aware Firewall *Disabled* {E040E464-58CE-DBB2-2B6C-32B5A979FEED}
SP: Ad-Aware Antivirus *Disabled/Outdated* {631A84A5-349B-D564-3A83-A0F22C2DF32B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\1401746437.bdinstall.bin
c:\programdata\1401746858.bdinstall.bin
c:\programdata\1401746859.bdinstall.bin
.
.
(((((((((((((((((((((((  Dateien erstellt von 2014-08-16 bis 2014-09-16  ))))))))))))))))))))))))))))))
.
.
2014-09-16 18:14 . 2014-09-16 18:14        --------        d-----w-        c:\users\Default\AppData\Local\temp
2014-09-14 22:50 . 2014-09-14 22:50        --------        d-----w-        C:\FRST
2014-09-14 12:38 . 2014-09-16 17:07        94656        ----a-w-        c:\windows\system32\WPRO_41_2001woem.tmp
2014-09-13 10:07 . 2014-06-27 02:08        2777088        ----a-w-        c:\windows\system32\msmpeg2vdec.dll
2014-09-13 10:07 . 2014-06-27 01:45        2285056        ----a-w-        c:\windows\SysWow64\msmpeg2vdec.dll
2014-09-13 02:22 . 2014-08-21 03:43        11319192        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{825B094E-3D74-46A2-9BD6-A15E100EFDBF}\mpengine.dll
2014-09-13 01:09 . 2014-09-13 01:09        122584        ----a-w-        c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-09-13 01:08 . 2014-09-13 01:08        --------        d-----w-        c:\programdata\Malwarebytes
2014-09-13 01:08 . 2014-05-12 05:26        63704        ----a-w-        c:\windows\system32\drivers\mwac.sys
2014-09-13 01:08 . 2014-05-12 05:26        91352        ----a-w-        c:\windows\system32\drivers\mbamchameleon.sys
2014-09-13 01:08 . 2014-05-12 05:25        25816        ----a-w-        c:\windows\system32\drivers\mbam.sys
2014-09-11 22:47 . 2014-08-01 11:53        1031168        ----a-w-        c:\windows\system32\TSWorkspace.dll
2014-09-11 22:47 . 2014-08-01 11:35        793600        ----a-w-        c:\windows\SysWow64\TSWorkspace.dll
2014-09-11 22:47 . 2014-07-07 02:06        728064        ----a-w-        c:\windows\system32\kerberos.dll
2014-09-11 22:47 . 2014-07-07 02:06        1460736        ----a-w-        c:\windows\system32\lsasrv.dll
2014-09-11 22:47 . 2014-07-07 01:40        22016        ----a-w-        c:\windows\SysWow64\secur32.dll
2014-09-11 22:47 . 2014-07-07 01:40        550912        ----a-w-        c:\windows\SysWow64\kerberos.dll
2014-09-11 22:47 . 2014-07-07 01:39        96768        ----a-w-        c:\windows\SysWow64\sspicli.dll
2014-09-11 22:47 . 2014-09-05 02:10        578048        ----a-w-        c:\windows\system32\aepdu.dll
2014-09-11 22:47 . 2014-09-05 02:05        424448        ----a-w-        c:\windows\system32\aeinv.dll
2014-09-11 22:47 . 2014-06-24 03:29        2565120        ----a-w-        c:\windows\system32\d3d10warp.dll
2014-09-11 22:47 . 2014-06-24 02:59        1987584        ----a-w-        c:\windows\SysWow64\d3d10warp.dll
2014-08-29 17:07 . 2014-08-29 17:07        --------        d-----w-        c:\program files\Common Files\Lavasoft
2014-08-27 18:31 . 2014-08-23 02:07        404480        ----a-w-        c:\windows\system32\gdi32.dll
2014-08-27 18:31 . 2014-08-23 01:45        311808        ----a-w-        c:\windows\SysWow64\gdi32.dll
2014-08-27 18:31 . 2014-08-23 00:59        3163648        ----a-w-        c:\windows\system32\win32k.sys
2014-08-26 18:03 . 2014-08-26 18:03        --------        d-----w-        c:\users\martin\AppData\Local\Doist_Ltd
2014-08-26 18:02 . 2014-08-26 18:02        --------        d-----w-        c:\users\martin\AppData\Local\Todoist
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-09-16 17:07 . 2013-02-26 00:01        34752        ----a-w-        c:\windows\system32\drivers\WPRO_41_2001.sys
2014-09-13 10:08 . 2013-02-08 23:13        101694776        ----a-w-        c:\windows\system32\MRT.exe
2014-09-09 20:20 . 2013-02-08 01:21        71344        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-09 20:20 . 2013-02-08 01:21        701104        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2014-08-12 23:00 . 2014-08-12 23:00        4575232        ----a-w-        c:\windows\SysWow64\GPhotos.scr
2014-08-05 19:53 . 2014-08-05 19:53        98216        ----a-w-        c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-08-05 07:20 . 2013-02-08 01:43        270496        ------w-        c:\windows\system32\MpSigStub.exe
2014-07-25 00:35 . 2014-07-25 00:35        875688        ----a-w-        c:\windows\SysWow64\msvcr120_clr0400.dll
2014-07-24 21:47 . 2014-07-24 21:47        869544        ----a-w-        c:\windows\system32\msvcr120_clr0400.dll
2014-07-16 03:23 . 2014-08-15 00:33        2048        ----a-w-        c:\windows\system32\tzres.dll
2014-07-16 02:46 . 2014-08-15 00:33        2048        ----a-w-        c:\windows\SysWow64\tzres.dll
2014-07-14 02:02 . 2014-08-15 00:32        1216000        ----a-w-        c:\windows\system32\rpcrt4.dll
2014-07-14 01:40 . 2014-08-15 00:32        664064        ----a-w-        c:\windows\SysWow64\rpcrt4.dll
2014-07-09 02:03 . 2014-08-15 00:33        7168        ----a-w-        c:\windows\system32\KBDYAK.DLL
2014-07-09 02:03 . 2014-08-15 00:33        7168        ----a-w-        c:\windows\system32\KBDTAT.DLL
2014-07-09 02:03 . 2014-08-15 00:33        7168        ----a-w-        c:\windows\system32\KBDRU1.DLL
2014-07-09 02:03 . 2014-08-15 00:33        6656        ----a-w-        c:\windows\system32\KBDRU.DLL
2014-07-09 02:03 . 2014-08-15 00:33        7168        ----a-w-        c:\windows\system32\KBDBASH.DLL
2014-07-09 01:31 . 2014-08-15 00:33        7168        ----a-w-        c:\windows\SysWow64\KBDYAK.DLL
2014-07-09 01:31 . 2014-08-15 00:33        6656        ----a-w-        c:\windows\SysWow64\KBDBASH.DLL
2014-06-30 22:24 . 2014-08-15 02:02        8856        ----a-w-        c:\windows\system32\icardres.dll
2014-06-30 22:14 . 2014-08-15 02:02        8856        ----a-w-        c:\windows\SysWow64\icardres.dll
2014-06-25 02:05 . 2014-08-15 00:33        14175744        ----a-w-        c:\windows\system32\shell32.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04        131480        ----a-w-        c:\users\martin\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04        131480        ----a-w-        c:\users\martin\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04        131480        ----a-w-        c:\users\martin\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Wunderlist"="c:\program files (x86)\Wunderlist2\Wunderlist.exe" [2013-12-02 13021792]
"KiesPreload"="e:\program files (x86)\Samsung\Kies\Kies.exe" [2014-07-25 1562264]
"KiesAirMessage"="e:\program files (x86)\Samsung\Kies\KiesAirMessage.exe" [2013-04-18 578560]
"GarminExpressTrayApp"="e:\program files (x86)\Garmin\Express Tray\ExpressTray.exe" [2014-08-07 688984]
"MyDriveConnect.exe"="c:\program files (x86)\MyDrive Connect\MyDriveConnect.exe" [2014-03-17 473464]
"Google+ Auto Backup"="c:\users\martin\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" [2014-08-12 3746120]
"Spotify Web Helper"="c:\users\martin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-07-18 1178168]
"BitTorrent Sync"="e:\program files (x86)\BitTorrent Sync\BTSync.exe" [2014-08-14 3021672]
"GoogleChromeAutoLaunch_33136C53D324D8D10D01EBFAC47B942E"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2014-09-04 852808]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Super-Charger"="c:\program files (x86)\MSI\Super-Charger\Super-Charger.exe" [2012-12-21 507016]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\ssmmgr.exe" [2011-07-14 688128]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"KiesTrayAgent"="e:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2014-07-25 311616]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe" [2013-07-22 162856]
"KeePass 2 PreLoad"="c:\program files (x86)\KeePass Password Safe 2\KeePass.exe" [2014-07-06 2117632]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-07-25 256896]
"DATEV Update-Monitor"="e:\datev\PROGRAMM\Install\DvInesASDMon.Exe" [2012-12-20 288352]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"GarminExpressTrayApp"="e:\program files (x86)\Garmin\Express Tray\ExpressTray.exe" [2014-08-07 688984]
.
c:\users\martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\martin\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-7-30 36414496]
EvernoteClipper.lnk - c:\program files (x86)\Evernote\Evernote\EvernoteClipper.exe [2014-1-16 1103712]
Samsung Magician.lnk - c:\windows\system32\schtasks.exe  /run /tn SamsungMagician [2013-2-9 285696]
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk - c:\program files\Intel\TurboBoost\SignalIslandUi.exe [2010-11-29 204288]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
iSCTsysTray.lnk - c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe [2012-8-16 316416]
SkyUserDevmode-Update.lnk - e:\datev\PROGRAMM\B0001401\UpdateDevmode.exe [2011-7-29 27744]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 DxVGrb;DxVGrb;c:\windows\system32\drivers\DxVGrb.sys;c:\windows\SYSNATIVE\drivers\DxVGrb.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\SysWOW64\FsUsbExDisk.SYS;c:\windows\SysWOW64\FsUsbExDisk.SYS [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_cdcecm;huawei_cdcecm;c:\windows\system32\DRIVERS\ew_jucdcecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcecm.sys [x]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juextctrl.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;c:\program files (x86)\MSI\Live Update 5\msibios64_100507.sys;c:\program files (x86)\MSI\Live Update 5\msibios64_100507.sys [x]
R3 MSICDSetup;MSICDSetup;d:\cdriver64.sys;d:\CDriver64.sys [x]
R3 NTIOLib_1_0_4;NTIOLib_1_0_4;e:\program files (x86)\MSI\Live Update 5\NTIOLib_X64.sys;e:\program files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [x]
R3 NTIOLib_1_0_C;NTIOLib_1_0_C;d:\ntiolib_x64.sys;d:\NTIOLib_X64.sys [x]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys;c:\windows\SYSNATIVE\pwdrvio.sys [x]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys;c:\windows\SYSNATIVE\pwdspio.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys;c:\windows\SYSNATIVE\DRIVERS\RtTeam60.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\lavasoft\ad-aware antivirus\firewall engine\1.6.0.0\drivers\bdfndisf6.sys;c:\program files\lavasoft\ad-aware antivirus\firewall engine\1.6.0.0\drivers\bdfndisf6.sys [x]
S1 bdfwfpf;bdfwfpf;c:\program files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfwfpf.sys;c:\program files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfwfpf.sys [x]
S2 DatevPrintService;DATEV Druckservice;e:\datev\PROGRAMM\B0001442\PSNTSERV.EXE;e:\datev\PROGRAMM\B0001442\PSNTSERV.EXE [x]
S2 Garmin Core Update Service;Garmin Core Update Service;e:\program files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe;e:\program files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 ISCTAgent;ISCT Always Updated Agent;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 LavasoftAdAwareService11;Ad-Aware Service 11;c:\program files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe;c:\program files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe [x]
S2 MSI_SuperCharger;MSI_SuperCharger;c:\program files (x86)\MSI\Super-Charger\ChargeService.exe;c:\program files (x86)\MSI\Super-Charger\ChargeService.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);c:\program files\CyberLink\Shared files\RichVideo64.exe;c:\program files\CyberLink\Shared files\RichVideo64.exe [x]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys;c:\windows\SYSNATIVE\DRIVERS\RtNdPt60.sys [x]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys;c:\windows\SYSNATIVE\Drivers\SSPORT.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 DATEV Update-Service;DATEV Update-Service;e:\datev\PROGRAMM\INSTALL\DvInesASDSvc.Exe;e:\datev\PROGRAMM\INSTALL\DvInesASDSvc.Exe [x]
S3 gzflt;gzflt;c:\program files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.0.56\gzflt.sys;c:\program files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.0.56\gzflt.sys [x]
S3 ikbevent;Intel Upper keyboard Class Filter Driver;c:\windows\system32\DRIVERS\ikbevent.sys;c:\windows\SYSNATIVE\DRIVERS\ikbevent.sys [x]
S3 imsevent;Intel Upper Mouse Class Filter Driver;c:\windows\system32\DRIVERS\imsevent.sys;c:\windows\SYSNATIVE\DRIVERS\imsevent.sys [x]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD64.sys;c:\windows\SYSNATIVE\DRIVERS\ISCTD64.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 NTIOLib_1_0_3;NTIOLib_1_0_3;c:\program files (x86)\MSI\Super-Charger\NTIOLib_X64.sys;c:\program files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
S3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001);c:\windows\system32\drivers\WPRO_41_2001.sys;c:\windows\SYSNATIVE\drivers\WPRO_41_2001.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-09-12 18:37        1096520        ----a-w-        c:\program files (x86)\Google\Chrome\Application\37.0.2062.120\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-09-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-08 20:20]
.
2014-09-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-08 01:40]
.
2014-09-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cf8ad0b3577370.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-08 01:40]
.
2014-09-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-08 01:40]
.
2014-09-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA1cf8ad0b60b04d1.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-08 01:40]
.
2014-09-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3954777559-4077233392-3260119320-1000Core.job
- c:\users\martin\AppData\Local\Google\Update\GoogleUpdate.exe [2014-08-11 19:11]
.
2014-09-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3954777559-4077233392-3260119320-1000UA.job
- c:\users\martin\AppData\Local\Google\Update\GoogleUpdate.exe [2014-08-11 19:11]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0000BoxSyncFileLocked]
@="{1b9c95e1-ce36-3737-81c8-1ec9807f03c1}"
[HKEY_CLASSES_ROOT\CLSID\{1b9c95e1-ce36-3737-81c8-1ec9807f03c1}]
2010-11-05 01:57        444752        ----a-w-        c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0000BoxSyncNotSynced]
@="{e22ccf16-2db6-3de8-9a2c-acb66b571b69}"
[HKEY_CLASSES_ROOT\CLSID\{e22ccf16-2db6-3de8-9a2c-acb66b571b69}]
2010-11-05 01:57        444752        ----a-w-        c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0000BoxSyncProblem]
@="{84878798-e5c4-3e6b-b7c4-b51c4ac4e7dc}"
[HKEY_CLASSES_ROOT\CLSID\{84878798-e5c4-3e6b-b7c4-b51c4ac4e7dc}]
2010-11-05 01:57        444752        ----a-w-        c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0000BoxSyncSynced]
@="{01fcd170-7f0a-3b6a-b992-66a7a20289b5}"
[HKEY_CLASSES_ROOT\CLSID\{01fcd170-7f0a-3b6a-b992-66a7a20289b5}]
2010-11-05 01:57        444752        ----a-w-        c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04        164760        ----a-w-        c:\users\martin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04        164760        ----a-w-        c:\users\martin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04        164760        ----a-w-        c:\users\martin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04        164760        ----a-w-        c:\users\martin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-12-03 6854800]
"IntelTBRunOnce"="wscript.exe" [2013-10-12 168960]
"Eraser"="c:\progra~1\Eraser\Eraser.exe" [2012-05-22 980920]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-04-02 1225920]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-04-02 2201032]
"AdAwareTray"="c:\program files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe" [2014-08-27 8886592]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://www.google.de
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: An OneNote s&enden - e:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Auswahl speichern - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
IE: Bild ausschneiden - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
IE: Diese Seite ausschneiden - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
IE: Nach Microsoft &Excel exportieren - c:\progra~2\MICROS~1\Office10\EXCEL.EXE/3000
IE: Nach Microsoft E&xcel exportieren - e:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Neue Notiz - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
IE: URL notieren - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\martin\AppData\Roaming\Mozilla\Firefox\Profiles\ijfhdwte.default\
FF - prefs.js: browser.search.selectedEngine - Wikipedia (de)
FF - prefs.js: browser.startup.homepage - hxxps://www.google.de
FF - prefs.js: network.proxy.type - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
ShellIconOverlayIdentifiers-{882108B4-26E6-4926-BC70-EA1D738D5DEB} - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
ShellIconOverlayIdentifiers-{882108B4-26E6-4926-BC70-EA1D738D5DEB} - c:\users\martin\AppData\Roaming\AeroFSExec\v_0.4.260\x64\AeroFSShellExt64.dll
.
.
"ImagePath"="\"c:\program files\CyberLink\Shared files\RichVideo64.exe\"\00Z
[\]^_À\00\00À\00\00\00\00HIJKLMNO\00\00\00\00\00\00\00\00\03\00\00\00|}~À\00\00À\00\00\00\00p\00\00\00\00\00\00\00\00‘’“"
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_152_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_152_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_152_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_152_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_152.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_152.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_152.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_152.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OOSE07.00.00.01PRO"="FCEE259240AD293E30BB4F188526966DC9C9AAB36354B03F530A367A58F5925EDAB2AF19BA130DA2EFC874A79BCD2FFC6C3C34A1FD471E6A94126BE05A0F3EFA019FBA2AF0A9AA69DDD4034EF2217EC0F214D85871A46D9186A0404AA740ABBD0418C2EE0B9C26467BF84DB5AFD10D3BEC45E09F00472BAAE5221142C02D8BAAED9ED9546378F6F0407339C9A9F43976DC64A6851E70BA2FE1264F18D7DF67D0395DA3880A2EE9FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA9C6AECB7A5D1407A6A0AC4980AC79339DB7CE019D40AA5CA6171C11EC38DE3DCFB07C22DC12C087409E21DAE47AB76B2966FB76B50379C24251F091C18364BF2190798490A7292109E829F88B8694E83C3131C65F7E5E69E1187FA66570099900C964B1A844DCC100D4D231EEB9DE6E446A25C1588EEFBD51EB7B41127363747FC326900ED1B96A49141DA1D6DCDFBF19B40F5B6B7782E6B47AF5CA30EC6FFBB6DAC89D6A6D87EC0B52AEF950E946F510254F1926B34C64B7E7283CEFF20BB23EDFFD6A2EEBECEF72ABCF802A92A07A0946E515D7ED6884874A6B2642CE796EB61518190B52766FAD32EC8EF939671062967A7E170753EC54AC3FAB5DFD6458C2B31164F9DB94B8F169971117F4F0C781075595BB14F197D50FC5033C31D56F0868031635F69BEE75CA04091E927D894F7EE5B2645D08CFC3E246F99BCFBD84B1D1AE90BBC54409F4448B0D6F902C13B8563D3FF0DEC136DC912CECFEF16EBDEE047647D01E2AD130352BC42E2284722D5D11B9874AAD41E17385502B669F15F08764427B8CCEE7E9F3836E42B06E0DA2D5BBB491833CB71A59852CABADEC57EED8239E074E17BDEAC9595A59D4B71911743B553B22C5B74D85849B4DFCD628A467830B82D5491CFCF2966F63611123756431D7F47384B1CA2FFA4CA4BD3E7BCF18794D414A931BF1A0C6A59457110A50C26388F6F8166AE3818882840F6C9B33421B3D5B8505AA9BF61B8BE26F318326A1BBCAB6667DF9EC9BF19689C18D279531A547A996930ED211E9C08D15CD15FE8849937424A0CD41109B72115AAF0FC025786BCC4016DB737A2A7A13682A1CE870BB6F2F4FC9A63DE61296BC92459805D319BD28F74A7DDB34F904B63A69C7F3C76AFA2C37299943990415F35928DFB4632D6662E8503370341AB98396951CB4EECF68F560CE8FB818C215605012CF257002A2E672AA9099E16F0C42B41CEFC3BD08FE5985B144874647D26FCA23AB320C8742E4A5C4F8411D81018686CF71BE7E5719E611ADC91D79AB9D53D3DD08B9B851A94FC9692B59B3FE32A0AE649D44EC2124F324FE836B7D2FD70329A9511EEE16505DD8C834536C384CAC84F3C9F9BDF02299934A2BE711B3F939BB5442481B34448982F7F5A7"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-09-16  20:15:40
ComboFix-quarantined-files.txt  2014-09-16 18:15
.
Vor Suchlauf: 9.093.914.624 Bytes frei
Nach Suchlauf: 9.800.843.264 Bytes frei
.
- - End Of File - - 96C812CD5FD086E2737974BDF17AB48F
A36C5E4F47E84449FF07ED3517B43A31

schrauber 17.09.2014 18:45
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

Czmartin 17.09.2014 23:19
Servus schrauber,

anbei die angeforderten Logdateien:

mbam.txt:
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 17.09.2014
Suchlauf-Zeit: 23:47:52
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.09.17.09
Rootkit Datenbank: v2014.09.15.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: martin

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 339969
Verstrichene Zeit: 6 Min, 17 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 2
PUP.Optional.Superfish.A, C:\Users\martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, , [18a57b734932c670f295f12c7390b24e],
PUP.Optional.Superfish.A, C:\Users\martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, , [803dfbf34932dc5a107722fb09fa6799],

Physische Sektoren: 0
(No malicious items detected)


(end)
AdwCleaner.txt:
Code:
# AdwCleaner v3.310 - Bericht erstellt am 18/09/2014 um 00:01:49
# Aktualisiert 12/09/2014 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzername : martin - MARTIN-PC
# Gestartet von : C:\Users\martin\Desktop\AdwCleaner_3.310.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gelöscht : C:\Users\martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Datei Gelöscht : C:\Users\martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\adawarebp

***** [ Browser ] *****

-\\ Internet Explorer v0.0.0.0


-\\ Mozilla Firefox v29.0.1 (de)

[ Datei : C:\Users\martin\AppData\Roaming\Mozilla\Firefox\Profiles\ijfhdwte.default\prefs.js ]


-\\ Google Chrome v37.0.2062.120

[ Datei : C:\Users\martin\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}

*************************

AdwCleaner[R0].txt - [3709 octets] - [29/04/2014 23:04:40]
AdwCleaner[R1].txt - [1008 octets] - [29/04/2014 23:14:46]
AdwCleaner[R2].txt - [1718 octets] - [14/09/2014 18:30:32]
AdwCleaner[R3].txt - [1597 octets] - [18/09/2014 00:00:50]
AdwCleaner[S0].txt - [3620 octets] - [29/04/2014 23:07:07]
AdwCleaner[S1].txt - [1747 octets] - [14/09/2014 18:32:16]
AdwCleaner[S2].txt - [1587 octets] - [18/09/2014 00:01:49]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1647 octets] ##########
JRT.txt:
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.5 (09.16.2014:1)
OS: Windows 7 Ultimate x64
Ran by martin on 18.09.2014 at  0:06:04,06
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\adawarebp



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"



~~~ FireFox

Emptied folder: C:\Users\martin\AppData\Roaming\mozilla\firefox\profiles\ijfhdwte.default\minidumps [38 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 18.09.2014 at  0:08:55,38
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
und zum Schluss ein neuer FRST-Log:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by martin (administrator) on MARTIN-PC on 18-09-2014 00:12:34
Running from C:\Users\martin\Desktop
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(DATEV eG) E:\DATEV\PROGRAMM\B0001442\PSNTServ.exe
(Garmin Ltd or its subsidiaries) E:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7Debug\mdm.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(The Eraser Project) C:\Program Files\Eraser\Eraser.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe
(6 Wunderkinder GmbH) C:\Program Files (x86)\Wunderlist2\Wunderlist.exe
(Samsung) E:\Program Files (x86)\Samsung\Kies\Kies.exe
(Samsung Electronics) E:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe
(Garmin Ltd or its subsidiaries) E:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(TomTom) C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe
(Google Inc.) C:\Users\martin\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe
(Spotify Ltd) C:\Users\martin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(BitTorrent, Inc.) E:\Program Files (x86)\BitTorrent Sync\BTSync.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Samsung Electronics Co., Ltd.) E:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
() C:\Windows\Samsung\PanelMgr\caller64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Users\martin\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel® Corporation) C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung SSD Magician\Samsung Magician.exe
(DATEV eG) E:\DATEV\PROGRAMM\Install\DvInesASDSvc.Exe
(Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6854800 2012-12-03] (Realtek Semiconductor)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [980920 2012-05-22] (The Eraser Project)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2201032 2014-04-02] (NVIDIA Corporation)
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe [8886592 2014-08-27] ()
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [507016 2012-12-21] (MSI)
HKLM-x32\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\ssmmgr.exe [688128 2011-07-14] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KiesTrayAgent] => E:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-07-25] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-07-22] (Geek Software GmbH)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2117632 2014-07-06] (Dominik Reichl)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [DATEV Update-Monitor] => E:\DATEV\PROGRAMM\Install\DvInesASDMon.Exe [288352 2012-12-20] (DATEV eG)
HKU\.DEFAULT\...\Run: [GarminExpressTrayApp] => E:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-08-07] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-3954777559-4077233392-3260119320-1000\...\Run: [Wunderlist] => C:\Program Files (x86)\Wunderlist2\Wunderlist.exe [13021792 2013-12-02] (6 Wunderkinder GmbH)
HKU\S-1-5-21-3954777559-4077233392-3260119320-1000\...\Run: [KiesPreload] => E:\Program Files (x86)\Samsung\Kies\Kies.exe [1562264 2014-07-25] (Samsung)
HKU\S-1-5-21-3954777559-4077233392-3260119320-1000\...\Run: [KiesAirMessage] => E:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe [578560 2013-04-18] (Samsung Electronics)
HKU\S-1-5-21-3954777559-4077233392-3260119320-1000\...\Run: [GarminExpressTrayApp] => E:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-08-07] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-3954777559-4077233392-3260119320-1000\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe [1792376 2014-08-22] (TomTom)
HKU\S-1-5-21-3954777559-4077233392-3260119320-1000\...\Run: [Google+ Auto Backup] => C:\Users\martin\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3746120 2014-08-13] (Google Inc.)
HKU\S-1-5-21-3954777559-4077233392-3260119320-1000\...\Run: [Spotify Web Helper] => C:\Users\martin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-07-18] (Spotify Ltd)
HKU\S-1-5-21-3954777559-4077233392-3260119320-1000\...\Run: [BitTorrent Sync] => E:\Program Files (x86)\BitTorrent Sync\BTSync.exe [3021672 2014-08-14] (BitTorrent, Inc.)
HKU\S-1-5-21-3954777559-4077233392-3260119320-1000\...\Run: [GoogleChromeAutoLaunch_33136C53D324D8D10D01EBFAC47B942E] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [852808 2014-09-04] (Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SkyUserDevmode-Update.lnk
ShortcutTarget: SkyUserDevmode-Update.lnk -> E:\DATEV\PROGRAMM\B0001401\UpdateDevmode.exe (DATEV eG)
Startup: C:\Users\martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\martin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk
ShortcutTarget: Samsung Magician.lnk -> C:\Windows\System32\schtasks.exe (Microsoft Corporation)
Startup: C:\Users\martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk
ShortcutTarget: Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
ShellIconOverlayIdentifiers: 0000BoxSyncFileLocked -> {1b9c95e1-ce36-3737-81c8-1ec9807f03c1} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: 0000BoxSyncNotSynced -> {e22ccf16-2db6-3de8-9a2c-acb66b571b69} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: 0000BoxSyncProblem -> {84878798-e5c4-3e6b-b7c4-b51c4ac4e7dc} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: 0000BoxSyncSynced -> {01fcd170-7f0a-3b6a-b992-66a7a20289b5} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: 4_AeroFSShellExtension -> {882108B4-26E6-4926-BC70-EA1D738D5DEB} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1C1E586F104FCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {00DDE4D0-3872-49d2-9F19-DA3048068A81} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=MMBROWSV
SearchScopes: HKCU - {84A4A40F-5CFC-46d7-924B-8CDA8A7B5551} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SPLEP1&pc=SPLH
SearchScopes: HKCU - {DE522381-14BD-44c0-9227-690A75288DF0} URL = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7256076927&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7256076927&q={searchTerms}
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> E:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  No File
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\syswow64\urlmon.dll (Microsoft Corporation)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\martin\AppData\Roaming\Mozilla\Firefox\Profiles\ijfhdwte.default
FF DefaultSearchEngine: Wikipedia (de)
FF SelectedSearchEngine: Wikipedia (de)
FF Homepage: https://www.google.de
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> e:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> E:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> E:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @TrendMicro.com/FFExtension -> E:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\martin\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\martin\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: YouTube Unblocker - C:\Users\martin\AppData\Roaming\Mozilla\Firefox\Profiles\ijfhdwte.default\Extensions\youtubeunblocker@unblocker.yt [2014-01-28]
FF Extension: ColorfulTabs - C:\Users\martin\AppData\Roaming\Mozilla\Firefox\Profiles\ijfhdwte.default\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2014-04-16]
FF Extension: mx3 - C:\Users\martin\AppData\Roaming\Mozilla\Firefox\Profiles\ijfhdwte.default\Extensions\{3d2ee42e-a6d9-4888-bd17-2148dc7928d7}.xpi [2014-05-19]
FF Extension: Adblock Plus - C:\Users\martin\AppData\Roaming\Mozilla\Firefox\Profiles\ijfhdwte.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-02-08]
FF Extension: DownThemAll! - C:\Users\martin\AppData\Roaming\Mozilla\Firefox\Profiles\ijfhdwte.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-08-25]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchKeyword: Default -> 1B183710621320858753DEC7F98C6277084C9249D67F3E190D0F221AA7E41B2C
CHR DefaultSearchURL: Default -> D56AC2BEBA02FA44A45116F54915458335E81EDCA40878484523461090765BAE
CHR Profile: C:\Users\martin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Duolingo) - C:\Users\martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2014-06-04]
CHR Extension: (Google Docs) - C:\Users\martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-03]
CHR Extension: (Google Drive) - C:\Users\martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-03]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-07]
CHR Extension: (YouTube) - C:\Users\martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-03]
CHR Extension: (Adblock Plus) - C:\Users\martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-06-23]
CHR Extension: (Google-Suche) - C:\Users\martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-03]
CHR Extension: (Black & white Thema) - C:\Users\martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmohofkmppcgglcmlccpbokkkefigipi [2014-06-03]
CHR Extension: (AdBlock) - C:\Users\martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-06-04]
CHR Extension: (RSS Live Links) - C:\Users\martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcamnijgggppihioleoenjmlnakejdph [2014-06-03]
CHR Extension: (Regen-Alarm) - C:\Users\martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\meaikaglpfemjncbioflellmppndgmok [2014-06-04]
CHR Extension: (Google Wallet) - C:\Users\martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-03]
CHR Extension: (Google Mail) - C:\Users\martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-03]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 DATEV Update-Service; E:\DATEV\PROGRAMM\INSTALL\DvInesASDSvc.Exe [158304 2012-12-20] (DATEV eG)
R2 DatevPrintService; E:\DATEV\PROGRAMM\B0001442\PSNTSERV.EXE [79872 2011-08-22] (DATEV eG) [File not signed]
R2 Garmin Core Update Service; E:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [438616 2014-08-07] (Garmin Ltd or its subsidiaries)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [149032 2012-08-16] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165144 2012-03-29] (Intel Corporation)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe [706864 2014-08-27] ()
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [144008 2012-12-21] (MSI)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1615192 2014-04-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [20541216 2014-04-02] (NVIDIA Corporation)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2012-06-22] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 BdfNdisf; c:\program files\lavasoft\ad-aware antivirus\firewall engine\1.6.0.0\drivers\bdfndisf6.sys [93160 2013-10-21] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfwfpf.sys [102992 2013-10-21] (BitDefender LLC)
S3 DxVGrb; C:\Windows\System32\drivers\DxVGrb.sys [222464 2012-06-22] (Dexetek )
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] () [File not signed]
R3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.0.56\gzflt.sys [150256 2014-04-22] (BitDefender LLC)
S3 HabuFltr; C:\Windows\System32\drivers\habu.sys [13696 2006-10-26] (Razer (Asia-Pacific) Pte Ltd)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [20968 2012-08-16] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [19944 2012-08-16] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46016 2012-08-16] ()
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-21] (NVIDIA Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2013-03-07] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [9584 2013-03-07] ()
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R2 SSPORT; C:\Windows\SysWOW64\Drivers\SSPORT.sys [11576 2009-10-23] (Samsung Electronics)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [389240 2014-04-22] (BitDefender S.R.L.)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-09-18] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]
U0 dmboot; No ImagePath
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_cdcecm; system32\DRIVERS\ew_jucdcecm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 MSI_MSIBIOS_010507; \??\C:\Program Files (x86)\MSI\Live Update 5\msibios64_100507.sys [X]
S3 NTIOLib_1_0_4; \??\E:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
S3 SANDRA; \??\E:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP1a\WNt500x64\Sandra.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
U2 TMAgent; No ImagePath
U3 tmeevw; No ImagePath
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-18 00:12 - 2014-09-18 00:12 - 00027394 _____ () C:\Users\martin\Desktop\FRST.txt
2014-09-18 00:08 - 2014-09-18 00:08 - 00001058 _____ () C:\Users\martin\Desktop\JRT.txt
2014-09-18 00:05 - 2014-09-18 00:05 - 00000000 ____D () C:\Windows\ERUNT
2014-09-18 00:04 - 2014-09-18 00:04 - 00001727 _____ () C:\Users\martin\Desktop\AdwCleaner[S2].txt
2014-09-17 23:55 - 2014-09-17 23:55 - 00001498 _____ () C:\Users\martin\Desktop\mbam.txt
2014-09-17 23:46 - 2014-09-17 23:46 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-17 23:44 - 2014-09-17 23:44 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\martin\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-17 23:44 - 2014-09-17 23:44 - 01373475 _____ () C:\Users\martin\Desktop\AdwCleaner_3.310.exe
2014-09-17 23:44 - 2014-09-17 23:44 - 01016035 _____ (Thisisu) C:\Users\martin\Desktop\JRT.exe
2014-09-16 21:35 - 2014-09-10 20:42 - 06816184 _____ (TomTom International B.V.) C:\Users\martin\Downloads\InstallMyDriveConnect_3_3_0_1756.exe
2014-09-16 21:32 - 2014-09-18 00:10 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-09-16 21:23 - 2014-09-16 21:23 - 01040816 _____ () C:\Users\martin\Downloads\PANDAIS15.exe
2014-09-16 20:15 - 2014-09-16 20:15 - 00033263 _____ () C:\ComboFix.txt
2014-09-16 20:09 - 2014-09-16 20:15 - 00000000 ____D () C:\Qoobox
2014-09-16 20:09 - 2014-09-16 20:14 - 00000000 ____D () C:\Windows\erdnt
2014-09-16 20:09 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-09-16 20:09 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-09-16 20:09 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-09-16 20:09 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-09-16 20:09 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-09-16 20:09 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-09-16 20:09 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-09-16 20:09 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-09-16 20:06 - 2014-09-16 20:07 - 05579386 ____R (Swearware) C:\Users\martin\Desktop\ComboFix.exe
2014-09-15 00:50 - 2014-09-18 00:12 - 00000000 ____D () C:\FRST
2014-09-15 00:49 - 2014-09-15 00:49 - 02105856 _____ (Farbar) C:\Users\martin\Desktop\FRST64.exe
2014-09-14 14:33 - 2014-09-14 14:33 - 00464381 ____N () C:\Users\martin\Downloads\SpyHunterKiller.exe
2014-09-13 12:13 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-13 12:13 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-13 12:13 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-13 12:13 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-13 12:13 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-13 12:13 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-13 12:13 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-13 12:13 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-13 12:13 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-13 12:13 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-13 12:13 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-13 12:13 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-13 12:13 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-13 12:13 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-13 12:13 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-13 12:13 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-13 12:13 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-13 12:13 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-13 12:13 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-13 12:13 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-13 12:13 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-13 12:13 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-13 12:13 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-13 12:13 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-13 12:13 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-13 12:13 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-13 12:13 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-13 12:13 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-13 12:13 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-13 12:13 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-13 12:13 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-13 12:13 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-13 12:13 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-13 12:13 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-13 12:13 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-13 12:13 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-13 12:13 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-13 12:13 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-13 12:13 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-13 12:13 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-13 12:13 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-13 12:13 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-13 12:13 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-13 12:13 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-13 12:13 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-13 12:13 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-13 12:13 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-13 12:13 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-13 12:13 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-13 12:13 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-13 12:13 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-13 12:13 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-13 12:13 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-13 12:13 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-13 12:13 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-13 12:13 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-13 12:07 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-13 12:07 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-13 03:09 - 2014-09-17 23:47 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-13 03:08 - 2014-09-17 23:46 - 00001070 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-13 03:08 - 2014-09-17 23:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-13 03:08 - 2014-09-13 03:08 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-13 03:08 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-13 03:08 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-13 03:08 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-13 03:07 - 2014-09-13 03:07 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\martin\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-09-12 00:47 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-12 00:47 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-12 00:47 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-12 00:47 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-12 00:47 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-12 00:47 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-12 00:47 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-12 00:47 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-12 00:47 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-12 00:47 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-12 00:47 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-01 11:41 - 2014-09-01 11:41 - 00056273 _____ () C:\Users\martin\Documents\Kolliumschlag 2012.xls
2014-09-01 11:23 - 2014-09-01 11:23 - 00055208 _____ () C:\Users\martin\Documents\Kolliumschlag 2013.xls
2014-08-31 12:12 - 2014-09-07 20:58 - 22478848 _____ () C:\Users\martin\Desktop\SyldorfOperational5.31.mdb
2014-08-29 19:08 - 2014-08-29 19:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2014-08-29 19:07 - 2014-08-29 19:07 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-08-27 20:31 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 20:31 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-27 20:31 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-26 20:03 - 2014-08-26 20:03 - 00000000 ____D () C:\Users\martin\AppData\Local\Doist_Ltd
2014-08-26 20:02 - 2014-08-26 20:02 - 00000000 ____D () C:\Users\martin\AppData\Local\Todoist
2014-08-26 19:58 - 2014-08-26 19:59 - 18161104 _____ (Doist Ltd. ) C:\Users\martin\Downloads\Todoist_for_Windows.exe
2014-08-23 03:15 - 2014-09-01 11:25 - 00054517 _____ () C:\Users\martin\Documents\Kolliumschlag 2014.xls

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-18 00:12 - 2014-09-18 00:12 - 00027394 _____ () C:\Users\martin\Desktop\FRST.txt
2014-09-18 00:12 - 2014-09-15 00:50 - 00000000 ____D () C:\FRST
2014-09-18 00:11 - 2014-06-18 10:38 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8ad0b3577370.job
2014-09-18 00:11 - 2014-06-03 00:09 - 00002269 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-09-18 00:11 - 2014-04-24 01:46 - 00000000 ____D () C:\Users\martin\AppData\Roaming\BitTorrent Sync
2014-09-18 00:11 - 2013-02-10 13:58 - 00000000 ____D () C:\Users\martin\AppData\Roaming\Dropbox
2014-09-18 00:10 - 2014-09-16 21:32 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-09-18 00:10 - 2013-02-26 02:01 - 00034752 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2014-09-18 00:10 - 2013-02-08 03:40 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-18 00:10 - 2013-02-08 02:43 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-18 00:10 - 2013-02-08 02:21 - 05220878 _____ () C:\Windows\PFRO.log
2014-09-18 00:10 - 2013-02-08 02:03 - 01092815 _____ () C:\Windows\WindowsUpdate.log
2014-09-18 00:10 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-18 00:10 - 2009-07-14 06:51 - 00101503 _____ () C:\Windows\setupact.log
2014-09-18 00:09 - 2009-07-14 06:45 - 00021248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-18 00:09 - 2009-07-14 06:45 - 00021248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-18 00:08 - 2014-09-18 00:08 - 00001058 _____ () C:\Users\martin\Desktop\JRT.txt
2014-09-18 00:05 - 2014-09-18 00:05 - 00000000 ____D () C:\Windows\ERUNT
2014-09-18 00:04 - 2014-09-18 00:04 - 00001727 _____ () C:\Users\martin\Desktop\AdwCleaner[S2].txt
2014-09-18 00:02 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-18 00:01 - 2014-04-29 23:04 - 00000000 ____D () C:\AdwCleaner
2014-09-17 23:56 - 2013-02-08 19:43 - 00000000 ____D () C:\Windows\ar-SA
2014-09-17 23:55 - 2014-09-17 23:55 - 00001498 _____ () C:\Users\martin\Desktop\mbam.txt
2014-09-17 23:47 - 2014-09-13 03:09 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-17 23:46 - 2014-09-17 23:46 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-17 23:46 - 2014-09-13 03:08 - 00001070 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-17 23:46 - 2014-09-13 03:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-17 23:44 - 2014-09-17 23:44 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\martin\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-17 23:44 - 2014-09-17 23:44 - 01373475 _____ () C:\Users\martin\Desktop\AdwCleaner_3.310.exe
2014-09-17 23:44 - 2014-09-17 23:44 - 01016035 _____ (Thisisu) C:\Users\martin\Desktop\JRT.exe
2014-09-17 23:43 - 2014-06-18 10:38 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8ad0b60b04d1.job
2014-09-17 23:37 - 2013-02-08 03:40 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-17 23:22 - 2014-08-11 21:11 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3954777559-4077233392-3260119320-1000UA.job
2014-09-17 23:20 - 2013-02-08 03:21 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-17 21:22 - 2014-08-11 21:11 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3954777559-4077233392-3260119320-1000Core.job
2014-09-16 21:36 - 2013-12-25 23:03 - 00000000 ____D () C:\Program Files (x86)\MyDrive Connect
2014-09-16 21:23 - 2014-09-16 21:23 - 01040816 _____ () C:\Users\martin\Downloads\PANDAIS15.exe
2014-09-16 20:16 - 2013-02-11 17:38 - 00000000 ____D () C:\Users\martin\AppData\Local\Apps\2.0
2014-09-16 20:15 - 2014-09-16 20:15 - 00033263 _____ () C:\ComboFix.txt
2014-09-16 20:15 - 2014-09-16 20:09 - 00000000 ____D () C:\Qoobox
2014-09-16 20:15 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-09-16 20:14 - 2014-09-16 20:09 - 00000000 ____D () C:\Windows\erdnt
2014-09-16 20:14 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-09-16 20:07 - 2014-09-16 20:06 - 05579386 ____R (Swearware) C:\Users\martin\Desktop\ComboFix.exe
2014-09-15 17:11 - 2013-02-08 02:03 - 00000000 ____D () C:\Users\martin
2014-09-15 17:10 - 2013-02-10 13:42 - 00000072 _____ () C:\Users\Public\LMDebug.log
2014-09-15 00:49 - 2014-09-15 00:49 - 02105856 _____ (Farbar) C:\Users\martin\Desktop\FRST64.exe
2014-09-15 00:49 - 2014-05-05 09:49 - 00000000 ____D () C:\Users\martin\Desktop\db_SYL
2014-09-15 00:48 - 2014-08-05 21:37 - 00000000 ____D () C:\Users\martin\AppData\Roaming\KeePass
2014-09-14 14:33 - 2014-09-14 14:33 - 00464381 ____N () C:\Users\martin\Downloads\SpyHunterKiller.exe
2014-09-13 15:27 - 2014-06-02 23:44 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-13 13:39 - 2013-12-10 21:58 - 00000000 ____D () C:\Windows\rescache
2014-09-13 12:13 - 2013-07-08 12:43 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-13 12:12 - 2013-08-14 22:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-13 12:12 - 2013-02-12 00:53 - 09493054 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-13 12:12 - 2013-02-08 20:02 - 00737918 _____ () C:\Windows\system32\perfh00C.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00732248 _____ () C:\Windows\system32\perfh010.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00716802 _____ () C:\Windows\system32\perfh019.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00706082 _____ () C:\Windows\system32\prfh0416.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00675956 _____ () C:\Windows\system32\perfh00E.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00661042 _____ () C:\Windows\system32\perfh005.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00599190 _____ () C:\Windows\system32\perfh008.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00486716 _____ () C:\Windows\system32\perfh014.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00473704 _____ () C:\Windows\system32\perfh00B.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00471216 _____ () C:\Windows\system32\perfh001.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00408980 _____ () C:\Windows\system32\perfh011.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00171540 _____ () C:\Windows\system32\perfc00E.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00151108 _____ () C:\Windows\system32\perfc019.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00149846 _____ () C:\Windows\system32\perfc00C.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00147922 _____ () C:\Windows\system32\prfc0416.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00147112 _____ () C:\Windows\system32\perfc010.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00141692 _____ () C:\Windows\system32\perfc005.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00122366 _____ () C:\Windows\system32\perfc011.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00111394 _____ () C:\Windows\system32\perfc008.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00101786 _____ () C:\Windows\system32\perfc00B.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00095670 _____ () C:\Windows\system32\perfc014.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00095038 _____ () C:\Windows\system32\perfc001.dat
2014-09-13 12:12 - 2009-07-14 19:58 - 00699700 _____ () C:\Windows\system32\perfh007.dat
2014-09-13 12:12 - 2009-07-14 19:58 - 00149840 _____ () C:\Windows\system32\perfc007.dat
2014-09-13 12:12 - 2009-07-14 07:13 - 09493054 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-13 12:08 - 2013-02-09 01:13 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-13 12:07 - 2014-04-27 23:36 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-13 03:17 - 2013-02-08 19:42 - 00000000 ____D () C:\Windows\sk-SK
2014-09-13 03:08 - 2014-09-13 03:08 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-13 03:07 - 2014-09-13 03:07 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\martin\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-09-12 20:39 - 2014-06-03 21:04 - 00002139 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-10 20:42 - 2014-09-16 21:35 - 06816184 _____ (TomTom International B.V.) C:\Users\martin\Downloads\InstallMyDriveConnect_3_3_0_1756.exe
2014-09-09 22:20 - 2013-02-08 03:21 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-09 22:20 - 2013-02-08 03:21 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-09 22:20 - 2013-02-08 03:21 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-09 00:58 - 2014-05-05 09:49 - 00000000 ____D () C:\Users\martin\Desktop\db_TMP
2014-09-07 20:58 - 2014-08-31 12:12 - 22478848 _____ () C:\Users\martin\Desktop\SyldorfOperational5.31.mdb
2014-09-05 04:10 - 2014-09-12 00:47 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-05 04:05 - 2014-09-12 00:47 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-01 21:53 - 2013-08-27 21:45 - 00000000 ____D () C:\Users\martin\AppData\Local\CrashDumps
2014-09-01 21:53 - 2013-02-24 04:10 - 00000000 ____D () C:\Users\martin\AppData\Roaming\vlc
2014-09-01 21:52 - 2013-08-26 11:06 - 00000835 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-09-01 11:41 - 2014-09-01 11:41 - 00056273 _____ () C:\Users\martin\Documents\Kolliumschlag 2012.xls
2014-09-01 11:25 - 2014-08-23 03:15 - 00054517 _____ () C:\Users\martin\Documents\Kolliumschlag 2014.xls
2014-09-01 11:23 - 2014-09-01 11:23 - 00055208 _____ () C:\Users\martin\Documents\Kolliumschlag 2013.xls
2014-08-29 19:08 - 2014-08-29 19:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2014-08-29 19:07 - 2014-08-29 19:07 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-08-28 20:34 - 2009-07-14 06:45 - 00477648 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 21:09 - 2013-02-08 03:15 - 00000000 ____D () C:\Users\martin\AppData\Roaming\JOSM
2014-08-26 20:03 - 2014-08-26 20:03 - 00000000 ____D () C:\Users\martin\AppData\Local\Doist_Ltd
2014-08-26 20:02 - 2014-08-26 20:02 - 00000000 ____D () C:\Users\martin\AppData\Local\Todoist
2014-08-26 19:59 - 2014-08-26 19:58 - 18161104 _____ (Doist Ltd. ) C:\Users\martin\Downloads\Todoist_for_Windows.exe
2014-08-25 06:53 - 2013-02-08 03:43 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-23 04:07 - 2014-08-27 20:31 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-27 20:31 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-27 20:31 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-19 20:05 - 2014-09-13 12:13 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-19 19:39 - 2014-09-13 12:13 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-19 01:25 - 2014-02-08 02:39 - 00000000 ____D () C:\Users\martin\AppData\Roaming\Spotify
2014-08-19 01:01 - 2014-09-13 12:13 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-19 00:29 - 2014-09-13 12:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-19 00:29 - 2014-09-13 12:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-19 00:26 - 2014-09-13 12:13 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-19 00:20 - 2014-09-13 12:13 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-19 00:19 - 2014-09-13 12:13 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-19 00:15 - 2014-09-13 12:13 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-19 00:15 - 2014-09-13 12:13 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-19 00:14 - 2014-09-13 12:13 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-19 00:14 - 2014-09-13 12:13 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-19 00:08 - 2014-09-13 12:13 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-19 00:08 - 2014-09-13 12:13 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-19 00:08 - 2014-09-13 12:13 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-19 00:05 - 2014-09-13 12:13 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-19 00:03 - 2014-09-13 12:13 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-19 00:03 - 2014-09-13 12:13 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-19 00:03 - 2014-09-13 12:13 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

Some content of TEMP:
====================
C:\Users\martin\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpajjzfw.dll
C:\Users\martin\AppData\Local\Temp\proxy_vole4201429277378200019.dll
C:\Users\martin\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-16 00:23

==================== End Of Log ============================
--- --- ---


LG
Czmartin

schrauber 18.09.2014 13:59

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

Czmartin 20.09.2014 22:38
Servus schrauber,

anbei das Logfile vom ESET Online Scanner:
Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=78ca292e2d04a740874dc3ae06b2c98b
# engine=20235
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-09-20 12:25:05
# local_time=2014-09-20 02:25:05 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 97376 162802555 0 0
# scanned=1143589
# found=9
# cleaned=9
# scan_time=5333
sh=53708CCF2410434187CA268A7A724A3992C0FC65 ft=1 fh=a6207637a02e9db4 vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe.vir"
sh=D30BAC56E88EDAEF64D8813330D1FB24921088FA ft=1 fh=5da947440ba8911d vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\SPTool.dll.vir"
sh=4539C49EE54EF49172ADAA38B553E38FDF347C80 ft=1 fh=ab01c90ebcba11aa vn="Win32/Conduit.SearchProtect.Q evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\uninstall.exe.vir"
sh=1E3BA56AFE7F70CA844E8330E38FD662A4B41790 ft=1 fh=9c60344bfd510269 vn="Variante von Win32/Conduit.SearchProtect.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe.vir"
sh=33093FCFDCE7C07DD5886ECC4DA42672E5314B09 ft=1 fh=d3cea830025d3e5f vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32.dll.vir"
sh=3D6705DAB5126B0393B6FF5C26484B0899A3D125 ft=1 fh=51586fa0d05d1c4e vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll.vir"
sh=DE134CEDD3AE537C91B6196D66BFCB0FD7DFE550 ft=1 fh=a9eb9770e77ea827 vn="Variante von Win64/Conduit.SearchProtect.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll.vir"
sh=856E28D7768BB8C0CD7F1E4355A810D8DB55F6B0 ft=1 fh=1f4105694a25c3d7 vn="Variante von Win32/Conduit.SearchProtect.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe.vir"
sh=DBFD50BC66C05FDD8567AFBE3CD5ABD5379B39A4 ft=1 fh=3fd46775d7ab2547 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="E:\Downloads\OpenCandy Cleanup Tool - CHIP-Downloader.exe"
Logfile vom SecurityCheck:
Code:
Results of screen317's Security Check version 0.99.87 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
Ad-Aware Antivirus 
 Antivirus out of date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
 Java 7 Update 67 
 Adobe Flash Player 15.0.0.152 
 Adobe Reader XI 
 Mozilla Firefox 29.0.1 Firefox out of Date! 
 Mozilla Thunderbird (24.6.0)
 Google Chrome 37.0.2062.103 
 Google Chrome 37.0.2062.120 
````````Process Check: objlist.exe by Laurent```````` 
 Lavasoft Ad-Aware Antivirus Ad-Aware Antivirus 11.3.6321.0\AdAwareService.exe
 Lavasoft Ad-Aware Antivirus Ad-Aware Antivirus 11.3.6321.0\AdAwareTray.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````
und das neue FRST Log:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by martin (administrator) on MARTIN-PC on 20-09-2014 23:27:50
Running from C:\Users\martin\Desktop
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(DATEV eG) E:\DATEV\PROGRAMM\B0001442\PSNTServ.exe
(Garmin Ltd or its subsidiaries) E:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7Debug\mdm.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(The Eraser Project) C:\Program Files\Eraser\Eraser.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe
(6 Wunderkinder GmbH) C:\Program Files (x86)\Wunderlist2\Wunderlist.exe
(Samsung) E:\Program Files (x86)\Samsung\Kies\Kies.exe
(Samsung Electronics) E:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe
(Garmin Ltd or its subsidiaries) E:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(TomTom) C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe
(Google Inc.) C:\Users\martin\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(BitTorrent, Inc.) E:\Program Files (x86)\BitTorrent Sync\BTSync.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Samsung Electronics Co., Ltd.) E:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Intel® Corporation) C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
() C:\Windows\Samsung\PanelMgr\caller64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung SSD Magician\Samsung Magician.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(DATEV eG) E:\DATEV\PROGRAMM\Install\DvInesASDSvc.Exe
(Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Dropbox, Inc.) C:\Users\martin\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\mspaint.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6854800 2012-12-03] (Realtek Semiconductor)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [980920 2012-05-22] (The Eraser Project)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2201032 2014-04-02] (NVIDIA Corporation)
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe [8886592 2014-08-27] ()
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [507016 2012-12-21] (MSI)
HKLM-x32\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\ssmmgr.exe [688128 2011-07-14] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KiesTrayAgent] => E:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-07-25] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-07-22] (Geek Software GmbH)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2117632 2014-07-06] (Dominik Reichl)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [DATEV Update-Monitor] => E:\DATEV\PROGRAMM\Install\DvInesASDMon.Exe [288352 2012-12-20] (DATEV eG)
HKU\.DEFAULT\...\Run: [GarminExpressTrayApp] => E:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-08-07] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-3954777559-4077233392-3260119320-1000\...\Run: [Wunderlist] => C:\Program Files (x86)\Wunderlist2\Wunderlist.exe [13021792 2013-12-02] (6 Wunderkinder GmbH)
HKU\S-1-5-21-3954777559-4077233392-3260119320-1000\...\Run: [KiesPreload] => E:\Program Files (x86)\Samsung\Kies\Kies.exe [1562264 2014-07-25] (Samsung)
HKU\S-1-5-21-3954777559-4077233392-3260119320-1000\...\Run: [KiesAirMessage] => E:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe [578560 2013-04-18] (Samsung Electronics)
HKU\S-1-5-21-3954777559-4077233392-3260119320-1000\...\Run: [GarminExpressTrayApp] => E:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-08-07] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-3954777559-4077233392-3260119320-1000\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe [1792376 2014-08-22] (TomTom)
HKU\S-1-5-21-3954777559-4077233392-3260119320-1000\...\Run: [Google+ Auto Backup] => C:\Users\martin\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3746120 2014-08-13] (Google Inc.)
HKU\S-1-5-21-3954777559-4077233392-3260119320-1000\...\Run: [Spotify Web Helper] => C:\Users\martin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752 2014-09-18] (Spotify Ltd)
HKU\S-1-5-21-3954777559-4077233392-3260119320-1000\...\Run: [BitTorrent Sync] => E:\Program Files (x86)\BitTorrent Sync\BTSync.exe [3021672 2014-08-14] (BitTorrent, Inc.)
HKU\S-1-5-21-3954777559-4077233392-3260119320-1000\...\Run: [GoogleChromeAutoLaunch_33136C53D324D8D10D01EBFAC47B942E] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [852808 2014-09-04] (Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SkyUserDevmode-Update.lnk
ShortcutTarget: SkyUserDevmode-Update.lnk -> E:\DATEV\PROGRAMM\B0001401\UpdateDevmode.exe (DATEV eG)
Startup: C:\Users\martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\martin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk
ShortcutTarget: Samsung Magician.lnk -> C:\Windows\System32\schtasks.exe (Microsoft Corporation)
Startup: C:\Users\martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk
ShortcutTarget: Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
ShellIconOverlayIdentifiers: 0000BoxSyncFileLocked -> {1b9c95e1-ce36-3737-81c8-1ec9807f03c1} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: 0000BoxSyncNotSynced -> {e22ccf16-2db6-3de8-9a2c-acb66b571b69} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: 0000BoxSyncProblem -> {84878798-e5c4-3e6b-b7c4-b51c4ac4e7dc} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: 0000BoxSyncSynced -> {01fcd170-7f0a-3b6a-b992-66a7a20289b5} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: 4_AeroFSShellExtension -> {882108B4-26E6-4926-BC70-EA1D738D5DEB} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1C1E586F104FCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {00DDE4D0-3872-49d2-9F19-DA3048068A81} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=MMBROWSV
SearchScopes: HKCU - {84A4A40F-5CFC-46d7-924B-8CDA8A7B5551} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SPLEP1&pc=SPLH
SearchScopes: HKCU - {DE522381-14BD-44c0-9227-690A75288DF0} URL = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7256076927&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7256076927&q={searchTerms}
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> E:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  No File
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\syswow64\urlmon.dll (Microsoft Corporation)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\martin\AppData\Roaming\Mozilla\Firefox\Profiles\ijfhdwte.default
FF DefaultSearchEngine: Wikipedia (de)
FF SelectedSearchEngine: Wikipedia (de)
FF Homepage: https://www.google.de
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> e:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> E:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> E:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @TrendMicro.com/FFExtension -> E:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\martin\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\martin\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: YouTube Unblocker - C:\Users\martin\AppData\Roaming\Mozilla\Firefox\Profiles\ijfhdwte.default\Extensions\youtubeunblocker@unblocker.yt [2014-01-28]
FF Extension: ColorfulTabs - C:\Users\martin\AppData\Roaming\Mozilla\Firefox\Profiles\ijfhdwte.default\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2014-04-16]
FF Extension: mx3 - C:\Users\martin\AppData\Roaming\Mozilla\Firefox\Profiles\ijfhdwte.default\Extensions\{3d2ee42e-a6d9-4888-bd17-2148dc7928d7}.xpi [2014-05-19]
FF Extension: Adblock Plus - C:\Users\martin\AppData\Roaming\Mozilla\Firefox\Profiles\ijfhdwte.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-02-08]
FF Extension: DownThemAll! - C:\Users\martin\AppData\Roaming\Mozilla\Firefox\Profiles\ijfhdwte.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-08-25]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchKeyword: Default -> 1B183710621320858753DEC7F98C6277084C9249D67F3E190D0F221AA7E41B2C
CHR DefaultSearchURL: Default -> D56AC2BEBA02FA44A45116F54915458335E81EDCA40878484523461090765BAE
CHR Profile: C:\Users\martin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Duolingo) - C:\Users\martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2014-06-04]
CHR Extension: (Google Docs) - C:\Users\martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-03]
CHR Extension: (Google Drive) - C:\Users\martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-03]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-07]
CHR Extension: (YouTube) - C:\Users\martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-03]
CHR Extension: (Adblock Plus) - C:\Users\martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-06-23]
CHR Extension: (Google-Suche) - C:\Users\martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-03]
CHR Extension: (Black & white Thema) - C:\Users\martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmohofkmppcgglcmlccpbokkkefigipi [2014-06-03]
CHR Extension: (AdBlock) - C:\Users\martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-06-04]
CHR Extension: (RSS Live Links) - C:\Users\martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcamnijgggppihioleoenjmlnakejdph [2014-06-03]
CHR Extension: (Regen-Alarm) - C:\Users\martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\meaikaglpfemjncbioflellmppndgmok [2014-06-04]
CHR Extension: (Google Wallet) - C:\Users\martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-03]
CHR Extension: (Google Mail) - C:\Users\martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-03]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 DATEV Update-Service; E:\DATEV\PROGRAMM\INSTALL\DvInesASDSvc.Exe [158304 2012-12-20] (DATEV eG)
R2 DatevPrintService; E:\DATEV\PROGRAMM\B0001442\PSNTSERV.EXE [79872 2011-08-22] (DATEV eG) [File not signed]
R2 Garmin Core Update Service; E:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [438616 2014-08-07] (Garmin Ltd or its subsidiaries)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [149032 2012-08-16] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165144 2012-03-29] (Intel Corporation)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe [706864 2014-08-27] ()
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [144008 2012-12-21] (MSI)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1615192 2014-04-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [20541216 2014-04-02] (NVIDIA Corporation)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2012-06-22] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 BdfNdisf; c:\program files\lavasoft\ad-aware antivirus\firewall engine\1.6.0.0\drivers\bdfndisf6.sys [93160 2013-10-21] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfwfpf.sys [102992 2013-10-21] (BitDefender LLC)
S3 DxVGrb; C:\Windows\System32\drivers\DxVGrb.sys [222464 2012-06-22] (Dexetek )
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] () [File not signed]
R3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.0.56\gzflt.sys [150256 2014-04-22] (BitDefender LLC)
S3 HabuFltr; C:\Windows\System32\drivers\habu.sys [13696 2006-10-26] (Razer (Asia-Pacific) Pte Ltd)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [20968 2012-08-16] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [19944 2012-08-16] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46016 2012-08-16] ()
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-21] (NVIDIA Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2013-03-07] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [9584 2013-03-07] ()
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R2 SSPORT; C:\Windows\SysWOW64\Drivers\SSPORT.sys [11576 2009-10-23] (Samsung Electronics)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [389240 2014-04-22] (BitDefender S.R.L.)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-09-18] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]
U0 dmboot; No ImagePath
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_cdcecm; system32\DRIVERS\ew_jucdcecm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 MSI_MSIBIOS_010507; \??\C:\Program Files (x86)\MSI\Live Update 5\msibios64_100507.sys [X]
S3 NTIOLib_1_0_4; \??\E:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
S3 SANDRA; \??\E:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP1a\WNt500x64\Sandra.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
U2 TMAgent; No ImagePath
U3 tmeevw; No ImagePath
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-20 00:54 - 2014-09-20 00:54 - 02347384 _____ (ESET) C:\Users\martin\Downloads\esetsmartinstaller_deu.exe
2014-09-20 00:42 - 2014-09-20 00:42 - 00854417 _____ () C:\Users\martin\Desktop\SecurityCheck.exe
2014-09-18 21:19 - 2014-09-18 21:19 - 02347384 _____ (ESET) C:\Users\martin\Desktop\esetsmartinstaller_deu.exe
2014-09-18 00:12 - 2014-09-20 23:27 - 00027432 _____ () C:\Users\martin\Desktop\FRST.txt
2014-09-18 00:08 - 2014-09-18 00:08 - 00001058 _____ () C:\Users\martin\Desktop\JRT.txt
2014-09-18 00:05 - 2014-09-18 00:05 - 00000000 ____D () C:\Windows\ERUNT
2014-09-18 00:04 - 2014-09-18 00:04 - 00001727 _____ () C:\Users\martin\Desktop\AdwCleaner[S2].txt
2014-09-17 23:55 - 2014-09-17 23:55 - 00001498 _____ () C:\Users\martin\Desktop\mbam.txt
2014-09-17 23:46 - 2014-09-17 23:46 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-17 23:44 - 2014-09-17 23:44 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\martin\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-17 23:44 - 2014-09-17 23:44 - 01373475 _____ () C:\Users\martin\Desktop\AdwCleaner_3.310.exe
2014-09-17 23:44 - 2014-09-17 23:44 - 01016035 _____ (Thisisu) C:\Users\martin\Desktop\JRT.exe
2014-09-16 21:35 - 2014-09-10 20:42 - 06816184 _____ (TomTom International B.V.) C:\Users\martin\Downloads\InstallMyDriveConnect_3_3_0_1756.exe
2014-09-16 21:32 - 2014-09-18 20:52 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-09-16 21:23 - 2014-09-16 21:23 - 01040816 _____ () C:\Users\martin\Downloads\PANDAIS15.exe
2014-09-16 20:15 - 2014-09-16 20:15 - 00033263 _____ () C:\ComboFix.txt
2014-09-16 20:09 - 2014-09-16 20:15 - 00000000 ____D () C:\Qoobox
2014-09-16 20:09 - 2014-09-16 20:14 - 00000000 ____D () C:\Windows\erdnt
2014-09-16 20:09 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-09-16 20:09 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-09-16 20:09 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-09-16 20:09 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-09-16 20:09 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-09-16 20:09 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-09-16 20:09 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-09-16 20:09 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-09-16 20:06 - 2014-09-16 20:07 - 05579386 ____R (Swearware) C:\Users\martin\Desktop\ComboFix.exe
2014-09-15 00:50 - 2014-09-20 23:27 - 00000000 ____D () C:\FRST
2014-09-15 00:49 - 2014-09-15 00:49 - 02105856 _____ (Farbar) C:\Users\martin\Desktop\FRST64.exe
2014-09-14 14:33 - 2014-09-14 14:33 - 00464381 ____N () C:\Users\martin\Downloads\SpyHunterKiller.exe
2014-09-13 12:13 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-13 12:13 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-13 12:13 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-13 12:13 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-13 12:13 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-13 12:13 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-13 12:13 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-13 12:13 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-13 12:13 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-13 12:13 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-13 12:13 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-13 12:13 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-13 12:13 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-13 12:13 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-13 12:13 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-13 12:13 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-13 12:13 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-13 12:13 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-13 12:13 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-13 12:13 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-13 12:13 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-13 12:13 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-13 12:13 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-13 12:13 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-13 12:13 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-13 12:13 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-13 12:13 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-13 12:13 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-13 12:13 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-13 12:13 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-13 12:13 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-13 12:13 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-13 12:13 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-13 12:13 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-13 12:13 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-13 12:13 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-13 12:13 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-13 12:13 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-13 12:13 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-13 12:13 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-13 12:13 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-13 12:13 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-13 12:13 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-13 12:13 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-13 12:13 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-13 12:13 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-13 12:13 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-13 12:13 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-13 12:13 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-13 12:13 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-13 12:13 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-13 12:13 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-13 12:13 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-13 12:13 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-13 12:13 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-13 12:13 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-13 12:07 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-13 12:07 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-13 03:09 - 2014-09-17 23:47 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-13 03:08 - 2014-09-17 23:46 - 00001070 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-13 03:08 - 2014-09-17 23:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-13 03:08 - 2014-09-13 03:08 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-13 03:08 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-13 03:08 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-13 03:08 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-13 03:07 - 2014-09-13 03:07 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\martin\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-09-12 00:47 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-12 00:47 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-12 00:47 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-12 00:47 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-12 00:47 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-12 00:47 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-12 00:47 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-12 00:47 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-12 00:47 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-12 00:47 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-12 00:47 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-01 11:41 - 2014-09-01 11:41 - 00056273 _____ () C:\Users\martin\Documents\Kolliumschlag 2012.xls
2014-09-01 11:23 - 2014-09-01 11:23 - 00055208 _____ () C:\Users\martin\Documents\Kolliumschlag 2013.xls
2014-08-31 12:12 - 2014-09-07 20:58 - 22478848 _____ () C:\Users\martin\Desktop\SyldorfOperational5.31.mdb
2014-08-29 19:08 - 2014-08-29 19:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2014-08-29 19:07 - 2014-08-29 19:07 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-08-27 20:31 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 20:31 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-27 20:31 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-26 20:03 - 2014-08-26 20:03 - 00000000 ____D () C:\Users\martin\AppData\Local\Doist_Ltd
2014-08-26 20:02 - 2014-08-26 20:02 - 00000000 ____D () C:\Users\martin\AppData\Local\Todoist
2014-08-26 19:58 - 2014-08-26 19:59 - 18161104 _____ (Doist Ltd. ) C:\Users\martin\Downloads\Todoist_for_Windows.exe
2014-08-23 03:15 - 2014-09-01 11:25 - 00054517 _____ () C:\Users\martin\Documents\Kolliumschlag 2014.xls

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-20 23:28 - 2014-09-18 00:12 - 00027432 _____ () C:\Users\martin\Desktop\FRST.txt
2014-09-20 23:27 - 2014-09-15 00:50 - 00000000 ____D () C:\FRST
2014-09-20 23:23 - 2014-08-11 21:11 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3954777559-4077233392-3260119320-1000UA.job
2014-09-20 23:23 - 2014-04-24 01:46 - 00000000 ____D () C:\Users\martin\AppData\Roaming\BitTorrent Sync
2014-09-20 23:20 - 2013-02-08 03:21 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-20 22:43 - 2014-06-18 10:38 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8ad0b60b04d1.job
2014-09-20 22:38 - 2013-02-08 03:40 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-20 21:22 - 2014-08-11 21:11 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3954777559-4077233392-3260119320-1000Core.job
2014-09-20 10:43 - 2014-06-18 10:38 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8ad0b3577370.job
2014-09-20 03:37 - 2013-02-08 03:40 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-20 02:57 - 2013-02-08 02:03 - 01212455 _____ () C:\Windows\WindowsUpdate.log
2014-09-20 00:54 - 2014-09-20 00:54 - 02347384 _____ (ESET) C:\Users\martin\Downloads\esetsmartinstaller_deu.exe
2014-09-20 00:42 - 2014-09-20 00:42 - 00854417 _____ () C:\Users\martin\Desktop\SecurityCheck.exe
2014-09-18 23:43 - 2013-08-27 21:45 - 00000000 ____D () C:\Users\martin\AppData\Local\CrashDumps
2014-09-18 23:22 - 2014-02-08 02:39 - 00000000 ____D () C:\Users\martin\AppData\Roaming\Spotify
2014-09-18 22:22 - 2014-02-08 02:40 - 00000000 ____D () C:\Users\martin\AppData\Local\Spotify
2014-09-18 21:19 - 2014-09-18 21:19 - 02347384 _____ (ESET) C:\Users\martin\Desktop\esetsmartinstaller_deu.exe
2014-09-18 20:59 - 2009-07-14 06:45 - 00021248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-18 20:59 - 2009-07-14 06:45 - 00021248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-18 20:55 - 2013-02-10 13:58 - 00000000 ____D () C:\Users\martin\AppData\Roaming\Dropbox
2014-09-18 20:54 - 2013-02-10 13:59 - 00000000 ____D () C:\Users\martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-09-18 20:53 - 2014-06-03 00:09 - 00002269 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-09-18 20:52 - 2014-09-16 21:32 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-09-18 20:52 - 2013-02-26 02:01 - 00034752 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2014-09-18 20:52 - 2013-02-08 02:43 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-18 20:52 - 2013-02-08 02:21 - 05221542 _____ () C:\Windows\PFRO.log
2014-09-18 20:52 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-18 20:52 - 2009-07-14 06:51 - 00101839 _____ () C:\Windows\setupact.log
2014-09-18 00:22 - 2013-02-11 18:17 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-18 00:08 - 2014-09-18 00:08 - 00001058 _____ () C:\Users\martin\Desktop\JRT.txt
2014-09-18 00:05 - 2014-09-18 00:05 - 00000000 ____D () C:\Windows\ERUNT
2014-09-18 00:04 - 2014-09-18 00:04 - 00001727 _____ () C:\Users\martin\Desktop\AdwCleaner[S2].txt
2014-09-18 00:02 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-18 00:01 - 2014-04-29 23:04 - 00000000 ____D () C:\AdwCleaner
2014-09-17 23:56 - 2013-02-08 19:43 - 00000000 ____D () C:\Windows\ar-SA
2014-09-17 23:55 - 2014-09-17 23:55 - 00001498 _____ () C:\Users\martin\Desktop\mbam.txt
2014-09-17 23:47 - 2014-09-13 03:09 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-17 23:46 - 2014-09-17 23:46 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-17 23:46 - 2014-09-13 03:08 - 00001070 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-17 23:46 - 2014-09-13 03:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-17 23:44 - 2014-09-17 23:44 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\martin\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-17 23:44 - 2014-09-17 23:44 - 01373475 _____ () C:\Users\martin\Desktop\AdwCleaner_3.310.exe
2014-09-17 23:44 - 2014-09-17 23:44 - 01016035 _____ (Thisisu) C:\Users\martin\Desktop\JRT.exe
2014-09-16 21:36 - 2013-12-25 23:03 - 00000000 ____D () C:\Program Files (x86)\MyDrive Connect
2014-09-16 21:23 - 2014-09-16 21:23 - 01040816 _____ () C:\Users\martin\Downloads\PANDAIS15.exe
2014-09-16 20:16 - 2013-02-11 17:38 - 00000000 ____D () C:\Users\martin\AppData\Local\Apps\2.0
2014-09-16 20:15 - 2014-09-16 20:15 - 00033263 _____ () C:\ComboFix.txt
2014-09-16 20:15 - 2014-09-16 20:09 - 00000000 ____D () C:\Qoobox
2014-09-16 20:15 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-09-16 20:14 - 2014-09-16 20:09 - 00000000 ____D () C:\Windows\erdnt
2014-09-16 20:14 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-09-16 20:07 - 2014-09-16 20:06 - 05579386 ____R (Swearware) C:\Users\martin\Desktop\ComboFix.exe
2014-09-15 17:11 - 2013-02-08 02:03 - 00000000 ____D () C:\Users\martin
2014-09-15 17:10 - 2013-02-10 13:42 - 00000072 _____ () C:\Users\Public\LMDebug.log
2014-09-15 00:49 - 2014-09-15 00:49 - 02105856 _____ (Farbar) C:\Users\martin\Desktop\FRST64.exe
2014-09-15 00:49 - 2014-05-05 09:49 - 00000000 ____D () C:\Users\martin\Desktop\db_SYL
2014-09-15 00:48 - 2014-08-05 21:37 - 00000000 ____D () C:\Users\martin\AppData\Roaming\KeePass
2014-09-14 14:33 - 2014-09-14 14:33 - 00464381 ____N () C:\Users\martin\Downloads\SpyHunterKiller.exe
2014-09-13 15:27 - 2014-06-02 23:44 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-13 13:39 - 2013-12-10 21:58 - 00000000 ____D () C:\Windows\rescache
2014-09-13 12:13 - 2013-07-08 12:43 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-13 12:12 - 2013-08-14 22:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-13 12:12 - 2013-02-12 00:53 - 09493054 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-13 12:12 - 2013-02-08 20:02 - 00737918 _____ () C:\Windows\system32\perfh00C.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00732248 _____ () C:\Windows\system32\perfh010.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00716802 _____ () C:\Windows\system32\perfh019.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00706082 _____ () C:\Windows\system32\prfh0416.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00675956 _____ () C:\Windows\system32\perfh00E.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00661042 _____ () C:\Windows\system32\perfh005.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00599190 _____ () C:\Windows\system32\perfh008.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00486716 _____ () C:\Windows\system32\perfh014.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00473704 _____ () C:\Windows\system32\perfh00B.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00471216 _____ () C:\Windows\system32\perfh001.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00408980 _____ () C:\Windows\system32\perfh011.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00171540 _____ () C:\Windows\system32\perfc00E.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00151108 _____ () C:\Windows\system32\perfc019.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00149846 _____ () C:\Windows\system32\perfc00C.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00147922 _____ () C:\Windows\system32\prfc0416.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00147112 _____ () C:\Windows\system32\perfc010.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00141692 _____ () C:\Windows\system32\perfc005.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00122366 _____ () C:\Windows\system32\perfc011.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00111394 _____ () C:\Windows\system32\perfc008.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00101786 _____ () C:\Windows\system32\perfc00B.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00095670 _____ () C:\Windows\system32\perfc014.dat
2014-09-13 12:12 - 2013-02-08 20:02 - 00095038 _____ () C:\Windows\system32\perfc001.dat
2014-09-13 12:12 - 2009-07-14 19:58 - 00699700 _____ () C:\Windows\system32\perfh007.dat
2014-09-13 12:12 - 2009-07-14 19:58 - 00149840 _____ () C:\Windows\system32\perfc007.dat
2014-09-13 12:12 - 2009-07-14 07:13 - 09493054 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-13 12:08 - 2013-02-09 01:13 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-13 12:07 - 2014-04-27 23:36 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-13 03:17 - 2013-02-08 19:42 - 00000000 ____D () C:\Windows\sk-SK
2014-09-13 03:08 - 2014-09-13 03:08 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-13 03:07 - 2014-09-13 03:07 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\martin\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-09-12 20:39 - 2014-06-03 21:04 - 00002139 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-10 20:42 - 2014-09-16 21:35 - 06816184 _____ (TomTom International B.V.) C:\Users\martin\Downloads\InstallMyDriveConnect_3_3_0_1756.exe
2014-09-09 22:20 - 2013-02-08 03:21 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-09 22:20 - 2013-02-08 03:21 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-09 22:20 - 2013-02-08 03:21 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-09 00:58 - 2014-05-05 09:49 - 00000000 ____D () C:\Users\martin\Desktop\db_TMP
2014-09-07 20:58 - 2014-08-31 12:12 - 22478848 _____ () C:\Users\martin\Desktop\SyldorfOperational5.31.mdb
2014-09-05 04:10 - 2014-09-12 00:47 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-05 04:05 - 2014-09-12 00:47 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-01 21:53 - 2013-02-24 04:10 - 00000000 ____D () C:\Users\martin\AppData\Roaming\vlc
2014-09-01 21:52 - 2013-08-26 11:06 - 00000835 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-09-01 11:41 - 2014-09-01 11:41 - 00056273 _____ () C:\Users\martin\Documents\Kolliumschlag 2012.xls
2014-09-01 11:25 - 2014-08-23 03:15 - 00054517 _____ () C:\Users\martin\Documents\Kolliumschlag 2014.xls
2014-09-01 11:23 - 2014-09-01 11:23 - 00055208 _____ () C:\Users\martin\Documents\Kolliumschlag 2013.xls
2014-08-29 19:08 - 2014-08-29 19:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2014-08-29 19:07 - 2014-08-29 19:07 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-08-28 20:34 - 2009-07-14 06:45 - 00477648 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 21:09 - 2013-02-08 03:15 - 00000000 ____D () C:\Users\martin\AppData\Roaming\JOSM
2014-08-26 20:03 - 2014-08-26 20:03 - 00000000 ____D () C:\Users\martin\AppData\Local\Doist_Ltd
2014-08-26 20:02 - 2014-08-26 20:02 - 00000000 ____D () C:\Users\martin\AppData\Local\Todoist
2014-08-26 19:59 - 2014-08-26 19:58 - 18161104 _____ (Doist Ltd. ) C:\Users\martin\Downloads\Todoist_for_Windows.exe
2014-08-25 06:53 - 2013-02-08 03:43 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-23 04:07 - 2014-08-27 20:31 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-27 20:31 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-27 20:31 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

Some content of TEMP:
====================
C:\Users\martin\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpt_wze9.dll
C:\Users\martin\AppData\Local\Temp\proxy_vole4201429277378200019.dll
C:\Users\martin\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-16 00:23

==================== End Of Log ============================
--- --- ---


leider erscheint der "by Similar Items Shopper" sogar auf Eurer Homepage just in dem Moment in dem ich diesen Post erstellt habe. Siehe Screenshot: http://s7.directupload.net/images/140920/q37lakwg.png

schrauber 21.09.2014 10:06
Revo Uninstaller - Download - Filepony
damit Chrome deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.

Dann:
https://support.google.com/chrome/answer/3296214?hl=de



Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop.
Schließe nun alle offenen Programme und trenne Dich von dem Internet.
Doppelklick auf die TFC.exe und drücke auf Start.
Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen.

Czmartin 27.09.2014 20:52
Servus,

habe Deine Anweisungen befolgt und Chrome mittels Revo Uninstaller entfernt. Im Zuge dessen bin ich auf Firefox umgestiegen, da ich diesen Browser auf den anderen Computern, die ich noch nutze, auch verwende.

Bisher scheinen die Maßnahmen geholfen zu haben, der Plagegeist scheint verschwunden zu sein.

Gleichzeitig bin ich auch auf den 360 Total Security Virenscanner umgestiegen und hoffe es ist jetzt Ruhe.

Viel Dank für Deine Hilfe!

Gruß
Czmartin

schrauber 28.09.2014 13:32
Zitat:
Gleichzeitig bin ich auch auf den 360 Total Security Virenscanner umgestiegen und hoffe es ist jetzt Ruhe.
Naja, da gibt es bessere. Instaliere auf jeden Fall noch Adblock plus oder Adblock Edge für FF.


Fertig :)

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun :)

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

Czmartin 01.10.2014 22:16
Hi,

vielen Dank für Deine Hilfe, habe alle Punkte befolgt und die entsprechende Software und die Addons ausgeführt bzw. installiert.

Windows Updates sind obligatorisch, ABP auch, Secunia kannte ich bisher nicht, die Software fand aber nur 2 veraltete Programme bei mir.
MalwareBytes Anti Malware fand 0 Einträge.

Ich habe keine weiteren Fragen bis auf diese hier:

Welchen Virenscanner für WIN 7 64 würdest Du empfehlen?

Gruß
Czmartin

schrauber 02.10.2014 17:06
Ich empfehle immer Emsisoft :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 17:56 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131