Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Win7/64bit: Rotbrow A-E nach Amazon-Mahnung, Windowsmeldung "Falsche Windows 7-Kopie"

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 09.11.2013, 11:57   #1
mpolasek
 
Win7/64bit: Rotbrow A-E nach Amazon-Mahnung, Windowsmeldung "Falsche Windows 7-Kopie" - Standard

Win7/64bit: Rotbrow A-E nach Amazon-Mahnung, Windowsmeldung "Falsche Windows 7-Kopie"



Ich bin leider auf ein "Amazon.de"-Mahnungsfile (...pdf.exe) hieingefallen. Nun erhalte ich immer wieder die Meldung "möglicherweise falsche Windows-Kopie", es wird die Seriennr. der Windows7 nicht authorisiert u. ä.
Ein Microsoft Security Essentials ergab "Rotbrow A, B, E". Die Fehlermeldungen haben auch nach Entfernen der angeführten Dateien nicht aufgehört. Zusätzlich stürzt Firefox sofort nach dem Starten ab. (Derzeit verwende ich Opera störungsfrei.)


1. Defogger Disable log:
Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 11:45 on 09/11/2013 (Martin)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
         
Die weiteren Logs Frst und GMER sind, der Größe wegen, ala Archiv angefügt.

Vielen Dank für die Hilfe im Voraus...!
Martin

Alt 09.11.2013, 12:03   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Win7/64bit: Rotbrow A-E nach Amazon-Mahnung, Windowsmeldung "Falsche Windows 7-Kopie" - Standard

Win7/64bit: Rotbrow A-E nach Amazon-Mahnung, Windowsmeldung "Falsche Windows 7-Kopie"



Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.


So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 09.11.2013, 12:15   #3
mpolasek
 
Win7/64bit: Rotbrow A-E nach Amazon-Mahnung, Windowsmeldung "Falsche Windows 7-Kopie" - Standard

Win7/64bit: Rotbrow A-E nach Amazon-Mahnung, Windowsmeldung "Falsche Windows 7-Kopie"



Das hatte ich zuerst, aber da alles zu groß war, bekam ich die Meldung "Als Anhang senden"...

Na gut - wie auch immer, hier zunächst
1. FRST:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-10-2013
Ran by Martin (administrator) on NEXOC-E712 on 09-11-2013 11:46:21
Running from C:\Users\Martin\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(SafeNet Inc.) C:\Windows\system32\hasplms.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Panasonic Corporation) C:\Windows\system32\p2csvc.exe
(Panasonic Corporation) C:\Windows\SysWOW64\p2csvc32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
() C:\Program Files (x86)\Hotkey\PowerBiosServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ElmüSoft) C:\Program Files (x86)\PTBSync\PTBSync.exe
(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
(SafeNet, Inc) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(WDC) C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
(X-Rite Inc.) C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(NVIDIA Corporation) C:\Windows\System32\nvraidservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(mychat) C:\Windows\BisonCam\BisonHK.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Bison Inc.) C:\Windows\BisonCam\DeLay.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
() C:\Program Files (x86)\Paragon Software\HFS+ for Windows   (read-only)\apmwinsrv.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIGYE.EXE
(Akamai Technologies, Inc.) C:\Users\Martin\AppData\Local\Akamai\netsession_win.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(KORG Inc.) C:\Program Files (x86)\KORG\KORG USB-MIDI Driver\EsHelper2.exe
(Akamai Technologies, Inc.) C:\Users\Martin\AppData\Local\Akamai\netsession_win.exe
(WDC) C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
(ElmüSoft) C:\Program Files (x86)\PTBSync\PTBSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
(Avid Technology, Inc.) C:\Program Files\Avid\Avid Media Composer\AvidBackgroundServicesManager.exe
() C:\Program Files (x86)\Hotkey\Hotkey.exe
() C:\Program Files (x86)\X-Rite\i1Profiler\i1ProfilerTray.exe
() C:\Program Files (x86)\Hotkey\LightShow.exe
(Panasonic Corporation) C:\Program Files\Panasonic P2\Drivers\App\p2inst_tasktray64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(mychat) c:\Windows\BisonCam\BisonHK.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Opera Software) C:\Program Files (x86)\Opera\opera.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Microsoft Corporation) C:\Windows\System32\slui.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1808680 2009-12-13] (Synaptics Incorporated)
HKLM\...\Run: [LchGKey] - C:\Program Files (x86)\Chicony\GameKeys\LchGKey.exe
HKLM\...\Run: [NVRaidService] - C:\Windows\System32\nvraidservice.exe [291872 2009-06-30] (NVIDIA Corporation)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-08-12] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [472984 2013-06-13] (Adobe Systems Incorporated)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8116256 2009-09-22] (Realtek Semiconductor)
HKLM\...\Run: [BisonHK] - C:\Windows\BisonCam\BisonHK.exe [77824 2008-03-25] (mychat)
HKLM\...\Run: [DeLay] - C:\Windows\BisonCam\DeLay.exe [53248 2008-03-11] (Bison Inc.)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384 2013-10-18] (NVIDIA Corporation)
HKLM\...\Run: [apmwinapp] - C:\Program Files (x86)\Paragon Software\HFS+ for Windows   (read-only)\apmwinsrv.exe [65552 2010-05-11] ()
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKCU\...\Run: [updateMgr] - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe AcPro7_0_0 -reboot 1
HKCU\...\Run: [Epson Stylus Photo PX720WD(Netzwerk)] - C:\Users\Martin\AppData\Local\Temp\E_SC79C.tmp [230 2012-04-22] ()
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Martin\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [AdobeBridge] - [x]
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [18642024 2013-02-28] (Skype Technologies S.A.)
HKCU\...\Run: [PC Suite Tray] - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia)
HKCU\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564016 2013-07-26] (Samsung)
HKCU\...\Run: [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKCU\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-07-26] (Samsung)
HKCU\...\Run: [Microsoft Svchost] - C:\Users\Martin\AppData\Roaming\yxIUHFgWYdks.exe [3141632 2013-11-05] (oRsvkDzwDF)
HKCU\...\CurrentVersion\Windows: [Load] C:\Users\Martin\LOCALS~1\Temp\msukqaz.bat <===== ATTENTION
MountPoints2: {8abf08ae-6c1d-11e1-b584-0022438c1534} - E:\.\Autorun.exe AUTORUN=1
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2012-03-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe [44128 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe_ID0ENQBO] - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe [378224 2008-08-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KORG USB-MIDI Driver] - C:\Program Files (x86)\KORG\KORG USB-MIDI Driver\EsHelper2.exe [393616 2011-03-30] (KORG Inc.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Blackmagic CheckVersion] - C:\Program Files (x86)\Blackmagic Design\Blackmagic Desktop Video\CheckVersion.exe
HKLM-x32\...\Run: [WD Drive Manager] - C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe [480768 2012-05-01] (WDC)
HKLM-x32\...\Run: [PTBSync] - C:\Program Files (x86)\PTBSync\PTBSync.exe [1582592 2013-03-05] (ElmüSoft)
HKLM-x32\...\Run: [WinampAgent] - "C:\Program Files (x86)\Winamp\winampa.exe"
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-09-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-07-26] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\postgres\...\Run: [updateMgr] - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe AcPro7_0_0 -reboot 1
HKU\postgres\...\Run: [Epson Stylus Photo PX720WD(Netzwerk)] - C:\Users\Martin\AppData\Local\Temp\E_SC79C.tmp [230 2012-04-22] ()
HKU\postgres\...\Run: [Akamai NetSession Interface] - C:\Users\Martin\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\postgres\...\Run: [AdobeBridge] - [x]
HKU\postgres\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [18642024 2013-02-28] (Skype Technologies S.A.)
Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.dosearches.com/?utm_source=b&utm_medium=mp3&utm_campaign=eXQ&utm_content=hp&from=mp3&uid=3219913727_67194_1065BFFA&ts=1383054004
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xB0A2518C181ACD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dosearches.com/?utm_source=b&utm_medium=mp3&utm_campaign=eXQ&utm_content=hp&from=mp3&uid=3219913727_67194_1065BFFA&ts=1383054004
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dosearches.com/?utm_source=b&utm_medium=mp3&utm_campaign=eXQ&utm_content=hp&from=mp3&uid=3219913727_67194_1065BFFA&ts=1383054004
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.dosearches.com/?utm_source=b&utm_medium=mp3&utm_campaign=eXQ&utm_content=hp&from=mp3&uid=3219913727_67194_1065BFFA&ts=1383054004
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dosearches.com/?utm_source=b&utm_medium=mp3&utm_campaign=eXQ&utm_content=hp&from=mp3&uid=3219913727_67194_1065BFFA&ts=1383054004
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.dosearches.com/?utm_source=b&utm_medium=mp3&utm_campaign=eXQ&utm_content=hp&from=mp3&uid=3219913727_67194_1065BFFA&ts=1383054004
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.dosearches.com/?utm_source=b&utm_medium=mp3&utm_campaign=eXQ&utm_content=sc&from=mp3&uid=3219913727_67194_1065BFFA&ts=1383054004
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.dosearches.com/web/?utm_source=b&utm_medium=mp3&utm_campaign=eXQ&utm_content=ds&from=mp3&uid=3219913727_67194_1065BFFA&ts=1383054005&type=default&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.dosearches.com/web/?utm_source=b&utm_medium=mp3&utm_campaign=eXQ&utm_content=ds&from=mp3&uid=3219913727_67194_1065BFFA&ts=1383054005&type=default&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.dosearches.com/web/?utm_source=b&utm_medium=mp3&utm_campaign=eXQ&utm_content=ds&from=mp3&uid=3219913727_67194_1065BFFA&ts=1383054005&type=default&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.dosearches.com/web/?utm_source=b&utm_medium=mp3&utm_campaign=eXQ&utm_content=ds&from=mp3&uid=3219913727_67194_1065BFFA&ts=1383054005&type=default&q={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=10650090F58E67F3&affID=121564&tsp=4970
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.dosearches.com/web/?utm_source=b&utm_medium=mp3&utm_campaign=eXQ&utm_content=ds&from=mp3&uid=3219913727_67194_1065BFFA&ts=1383054005&type=default&q={searchTerms}
SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredibar.com/mb161/?search={searchTerms}&loc=IB_DS&a=6R8vv3OXn7&i=26
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: DealPly Shopping - {9cf699ca-2174-4ed8-bec1-ba82095edce0} - C:\Program Files (x86)\DealPly\DealPlyIE.dll (DealPly)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM-x32 {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File
Tcpip\..\Interfaces\{9C0AED26-CE60-4B65-BEFF-45D3685EB637}: [NameServer]195.3.96.67,213.33.98.136

FireFox:
========
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\bfbe7mgi.default-1383684326173
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.dpliveupdate.com/DealPlyLive Update;version=3 - C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll (DealPly Technologies Ltd)
FF Plugin-x32: @tools.dpliveupdate.com/DealPlyLive Update;version=9 - C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll (DealPly Technologies Ltd)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\dosearches.xml
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (DealPly  Shopping) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnmnhkgiphcaeefbaooconkceehicfi\3.5.0.0_0
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx
CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx

==================== Services (Whitelisted) =================

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2012-03-06] (Adobe Systems)
S3 Adobe Version Cue CS4; C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [288112 2012-03-06] (Adobe Systems Incorporated)
S3 Avid DMF Service; C:\Program Files\Avid\Editor Transcode\Dynamic Media Files\DMFService.exe [661832 2013-08-27] (Avid Technology, Inc.)
S2 Avid Editor Broker; C:\Program Files\Avid\Editor Transcode\TranscodeService\AvidEditorMSE.exe [662344 2013-08-27] (Avid Technology, Inc.)
S2 Avid Editor Db Engine; C:\Program Files\Avid\Editor Transcode\TranscodeService\AvidEditorDbEngine.exe [661832 2013-08-27] (Avid Technology, Inc.)
S3 Avid Editor Transcode Service; C:\Program Files\Avid\Editor Transcode\TranscodeService\AvidEditorTranscode.exe [662344 2013-08-27] (Avid Technology, Inc.)
S2 Avid Editor Transcode Status; C:\Program Files\Avid\Editor Transcode\TranscodeService\rnc-central\AvidEditorTranscodeStatus.exe [297800 2013-08-27] (Avid Technology, Inc.)
S2 dealplylive; C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe [148000 2013-08-20] (DealPly Technologies Ltd)
S3 dealplylivem; C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe [148000 2013-08-20] (DealPly Technologies Ltd)
R2 hasplms; C:\Windows\system32\hasplms.exe [3750400 2009-12-16] (SafeNet Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-08-12] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-08-12] (Microsoft Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15122208 2013-10-18] (NVIDIA Corporation)
R2 p2csvc; C:\Windows\system32\p2csvc.exe [67072 2008-07-25] (Panasonic Corporation)
R2 p2csvc32; C:\Windows\SysWOW64\p2csvc32.exe [61440 2008-07-25] (Panasonic Corporation)
R2 PowerBiosServer; C:\Program Files (x86)\Hotkey\PowerBiosServer.exe [37784 2009-08-14] ()
R2 PTBSync; C:\Program Files (x86)\PTBSync\PTBSync.exe [1582592 2013-03-05] (ElmüSoft)
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP4\RpcAgentSrv.exe [71832 2009-06-15] (SiSoftware)
R2 SentinelKeysServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [376832 2013-01-09] (SafeNet, Inc.)
R2 SentinelProtectionServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [1259872 2013-01-09] (SafeNet, Inc)
R2 SentinelSecurityRuntime; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [293216 2013-01-09] (SafeNet, Inc.)
R2 WDBtnMgrSvc.exe; C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [119296 2012-05-01] (WDC)
R2 xrdd.exe; C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe [203600 2012-03-08] (X-Rite Inc.)
R2 PaceLicenseDServices; "C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe" -u https://activation.paceap.com/InitiateActivation [x]

==================== Drivers (Whitelisted) ====================

R0 apmwin; C:\Windows\System32\DRIVERS\apmwin.sys [28176 2010-05-11] (Paragon Software Group)
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [29184 2009-08-13] (CSR, plc)
S2 cvintdrv; C:\Windows\SysWow64\Drivers\cvintdrv.sys [7140 2003-07-29] ()
R0 gpt_loader; C:\Windows\System32\DRIVERS\gpt_loader.sys [50192 2010-05-11] (Paragon Software Group)
S3 Hfsplus; C:\Windows\System32\DRIVERS\hfsplus.sys [102928 2010-05-11] (Paragon Software Group)
R2 HfsplusRec; C:\Windows\System32\DRIVERS\hfsplusrec.sys [13840 2010-05-11] (Paragon Software Group)
R0 johci; C:\Windows\System32\DRIVERS\johci.sys [20392 2009-12-13] (JMicron )
R3 mod7700; C:\Windows\System32\Drivers\dvb7700all.sys [956416 2012-03-04] (DiBcom)
R0 mounthlp; C:\Windows\System32\DRIVERS\mounthlp.sys [36368 2010-05-11] (Paragon Software Group)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)
R0 nvrd64; C:\Windows\System32\DRIVERS\nvrd64.sys [175648 2009-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-09-28] (NVIDIA Corporation)
S3 p2cache; C:\Windows\System32\DRIVERS\p2cache.sys [68096 2008-07-24] (Panasonic Corporation)
R0 p2cata; C:\Windows\System32\DRIVERS\p2cata.sys [56832 2008-07-24] (Panasonic Corporation)
S3 pfc; C:\Windows\SysWow64\drivers\pfc.sys [10368 2005-11-02] (Padus, Inc.)
R3 RTL8187Se; C:\Windows\System32\DRIVERS\RTL8187Se.sys [439296 2009-12-13] (Realtek Semiconductor Corporation                           )
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP4\WNt500x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)
R2 WinI2C-DDC; C:\Windows\system32\drivers\DDCDrv.sys [20832 2012-03-28] (Nicomsoft Ltd.)
R2 WinI2C-DDC; C:\Windows\SysWow64\drivers\DDCDrv.sys [10240 2012-03-28] (Nicomsoft Ltd.)
R2 WinRing0_1_2_0; C:\Windows\system32\Drivers\ptbring0.sys [14544 2013-03-05] (OpenLibSys.org)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-09 11:45 - 2013-11-09 11:45 - 00000474 _____ C:\Users\Martin\Downloads\defogger_disable.log
2013-11-09 11:45 - 2013-11-09 11:45 - 00000000 _____ C:\Users\Martin\defogger_reenable
2013-11-09 11:43 - 2013-11-09 11:43 - 00050477 _____ C:\Users\Martin\Downloads\Defogger.exe
2013-11-09 11:40 - 2013-11-09 11:41 - 00036993 _____ C:\Users\Martin\Downloads\Addition.txt
2013-11-06 21:40 - 2013-11-06 21:40 - 01957098 _____ (Farbar) C:\Users\Martin\Downloads\FRST64.exe
2013-11-06 21:40 - 2013-11-06 21:40 - 00000000 ____D C:\FRST
2013-11-06 21:02 - 2013-11-06 21:02 - 00907792 __RSH C:\Users\Martin\AppData\Roaming\689F8AC39767376A3A04C62476784
2013-11-06 21:02 - 2013-11-06 21:02 - 00302096 __RSH C:\Users\Martin\AppData\Roaming\689F8AC39767376AA8E8C5D761780
2013-11-06 21:02 - 2013-11-06 21:02 - 00268816 __RSH C:\Users\Martin\AppData\Roaming\689F8AC39767376A403A858061555
2013-11-06 19:49 - 2013-11-09 11:32 - 00001392 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-06 19:49 - 2013-11-09 11:32 - 00001392 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-06 19:49 - 2013-11-06 19:50 - 00000552 _____ C:\Windows\system32\spsys.log
2013-11-06 09:10 - 2013-11-06 09:10 - 00000000 ____D C:\Users\Martin\.android
2013-11-06 09:06 - 2013-11-06 09:06 - 00000000 ____D C:\Users\Martin\Downloads\CSM_Y1149-E50_Backup
2013-11-06 08:56 - 2013-11-06 09:03 - 185382983 _____ C:\Users\Martin\Downloads\CSM_Y1149-E50_Backup.zip
2013-11-05 21:51 - 2013-11-08 19:57 - 03033686 _____ C:\Users\Martin\AppData\Roaming\cached-microdescs
2013-11-05 21:45 - 2013-11-05 21:45 - 00000000 ____D C:\Users\Martin\Desktop\Alte Firefox-Daten
2013-11-05 21:42 - 2013-11-05 21:42 - 03141632 ____H (oRsvkDzwDF) C:\Users\Martin\AppData\Roaming\DfRMBcwXKQK.exe
2013-11-05 21:41 - 2013-11-05 21:38 - 03141632 ____H (oRsvkDzwDF) C:\Users\Martin\AppData\Roaming\xrSAQi.exe
2013-11-05 21:40 - 2013-11-05 21:42 - 00477265 _____ C:\Users\Martin\Desktop\lftp13.rar
2013-11-05 21:40 - 2013-11-05 21:42 - 00477265 _____ C:\Users\Martin\Desktop\Install.rar
2013-11-05 21:40 - 2013-11-05 21:38 - 03141632 ____H (oRsvkDzwDF) C:\Users\Martin\AppData\Roaming\SLsSXKQEZtFBwH.exe
2013-11-05 21:40 - 2013-11-05 21:38 - 03141632 ____H (oRsvkDzwDF) C:\Users\Martin\AppData\Roaming\RrSNesONMPa.exe
2013-11-05 21:40 - 2013-11-05 21:38 - 03141632 ____H (oRsvkDzwDF) C:\Users\Martin\AppData\Roaming\qLLrCpOPlzLTHu.exe
2013-11-05 21:40 - 2013-11-05 21:38 - 03141632 ____H (oRsvkDzwDF) C:\Users\Martin\AppData\Roaming\qfkwvGQ.exe
2013-11-05 21:40 - 2013-11-05 21:38 - 03141632 ____H (oRsvkDzwDF) C:\Users\Martin\AppData\Roaming\PzcaUDQ.exe
2013-11-05 21:40 - 2013-11-05 21:38 - 03141632 ____H (oRsvkDzwDF) C:\Users\Martin\AppData\Roaming\KdBolWxuRVXf.exe
2013-11-05 21:40 - 2013-11-05 21:38 - 03141632 ____H (oRsvkDzwDF) C:\Users\Martin\AppData\Roaming\eVhJcd.exe
2013-11-05 21:40 - 2013-11-05 21:38 - 03141632 ____H (oRsvkDzwDF) C:\Users\Martin\AppData\Roaming\cwvcRFRzOzBk.exe
2013-11-05 21:40 - 2013-11-05 21:38 - 03141632 ____H (oRsvkDzwDF) C:\Users\Martin\AppData\Roaming\BXAZpmJdRdPd.exe
2013-11-05 21:40 - 2013-11-05 21:38 - 03141632 ____H (oRsvkDzwDF) C:\Users\Martin\AppData\Roaming\bBLVQdb.exe
2013-11-05 21:39 - 2013-11-05 21:38 - 03141632 ____H (oRsvkDzwDF) C:\Users\Martin\AppData\Roaming\YbvnjzYxRisLT.exe
2013-11-05 21:39 - 2013-11-05 21:38 - 03141632 ____H (oRsvkDzwDF) C:\Users\Martin\AppData\Roaming\wqCuI.exe
2013-11-05 21:39 - 2013-11-05 21:38 - 03141632 ____H (oRsvkDzwDF) C:\Users\Martin\AppData\Roaming\TNosXW.exe
2013-11-05 21:39 - 2013-11-05 21:38 - 03141632 ____H (oRsvkDzwDF) C:\Users\Martin\AppData\Roaming\RjEty.exe
2013-11-05 21:39 - 2013-11-05 21:38 - 03141632 ____H (oRsvkDzwDF) C:\Users\Martin\AppData\Roaming\LsiZXuACAEK.exe
2013-11-05 21:39 - 2013-11-05 21:38 - 03141632 ____H (oRsvkDzwDF) C:\Users\Martin\AppData\Roaming\jMibT.exe
2013-11-05 21:39 - 2013-11-05 21:38 - 03141632 ____H (oRsvkDzwDF) C:\Users\Martin\AppData\Roaming\hMdUd.exe
2013-11-05 21:39 - 2013-11-05 21:38 - 03141632 ____H (oRsvkDzwDF) C:\Users\Martin\AppData\Roaming\hcMffauywJSi.exe
2013-11-05 21:39 - 2013-11-05 21:38 - 03141632 ____H (oRsvkDzwDF) C:\Users\Martin\AppData\Roaming\GWPLLii.exe
2013-11-05 21:39 - 2013-11-05 21:38 - 03141632 ____H (oRsvkDzwDF) C:\Users\Martin\AppData\Roaming\BIIQAFHaDlYRo.exe
2013-11-05 21:38 - 2013-11-05 21:38 - 03141632 ____H (oRsvkDzwDF) C:\Users\Martin\AppData\Roaming\qjGvUbCwoVRH.exe
2013-11-05 21:38 - 2013-11-05 21:38 - 03141632 ____H (oRsvkDzwDF) C:\Users\Martin\AppData\Roaming\ePJirfBcmMqDQX.exe
2013-11-05 21:22 - 2013-11-05 21:22 - 00330768 __RSH C:\Users\Martin\AppData\Roaming\689F8AC39767376A54E835B288245
2013-11-05 21:22 - 2013-11-05 21:22 - 00023568 __RSH C:\Users\Martin\AppData\Roaming\689F8AC39767376A7BFF896711527
2013-11-05 21:21 - 2013-11-09 11:08 - 00944731 _____ C:\Users\Martin\AppData\Roaming\cached-microdesc-consensus
2013-11-05 21:21 - 2013-11-09 11:08 - 00238412 _____ C:\Users\Martin\AppData\Roaming\cached-microdescs.new
2013-11-05 21:21 - 2013-11-09 11:04 - 00002825 _____ C:\Users\Martin\AppData\Roaming\state
2013-11-05 21:21 - 2013-11-06 21:02 - 00000000 _____ C:\Users\Martin\AppData\Roaming\lock
2013-11-05 21:21 - 2013-11-05 21:54 - 00000000 __SHD C:\Users\Martin\AppData\Roaming\70393355
2013-11-05 21:21 - 2013-11-05 21:21 - 03141632 ____H (oRsvkDzwDF) C:\Users\Martin\AppData\Roaming\yxIUHFgWYdks.exe
2013-11-05 21:21 - 2013-11-05 21:21 - 00018509 _____ C:\Users\Martin\AppData\Roaming\cached-certs
2013-11-05 21:21 - 2013-11-05 21:21 - 00000000 ____D C:\Users\Martin\AppData\Roaming\63699515
2013-11-04 11:19 - 2013-11-05 10:15 - 00000355 _____ C:\Users\Martin\Desktop\My Home is My Castle.txt
2013-11-02 08:32 - 2013-11-02 08:32 - 00000858 _____ C:\Users\Public\Desktop\Print CD.lnk
2013-10-30 09:24 - 2013-10-30 10:55 - 00000812 _____ C:\Users\Martin\Desktop\Der Tod - Wien heute.txt
2013-10-30 09:16 - 2013-10-30 01:35 - 352218306 _____ C:\Users\Martin\Desktop\der_tod_das_muss_ein_wiener_sein_DVCHDPRO-Desktop.m4v
2013-10-29 19:43 - 2013-10-29 19:47 - 100547994 _____ C:\Users\Martin\Downloads\PDZVX10 XDCAM VIEWER_v230.zip
2013-10-29 19:42 - 2013-10-29 19:42 - 07526147 _____ C:\Users\Martin\Downloads\PDZKMA233.zip
2013-10-29 14:43 - 2013-10-29 14:43 - 00003640 _____ C:\Windows\System32\Tasks\Escolade
2013-10-29 14:40 - 2013-10-29 14:44 - 00000000 ____D C:\ProgramData\eSafe
2013-10-29 14:38 - 2013-10-29 14:45 - 00000000 ____D C:\Users\Martin\AppData\Roaming\iPumper
2013-10-29 14:38 - 2013-10-29 14:38 - 05434312 _____ C:\Users\Martin\Downloads\xdcam_hd422_codec_Downloader.exe
2013-10-29 14:34 - 2013-10-29 14:33 - 00279656 _____ (Apple Inc.) C:\Users\Martin\Downloads\ProResDecoderSetup.exe
2013-10-29 10:21 - 2013-10-29 10:21 - 00000000 ____D C:\Users\Martin\Desktop\Pressefotos neu
2013-10-29 10:05 - 2013-10-29 10:05 - 00002039 _____ C:\Users\Martin\Desktop\Pressefotos - Legende.txt
2013-10-28 20:56 - 2013-10-23 11:30 - 30344480 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 22933792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 18199872 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 12572960 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-10-28 20:56 - 2013-10-23 11:30 - 11426568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 11374520 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 09524088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 09480328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 03131680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 03124512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433165.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433165.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 00696096 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 00655136 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 00560416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-10-28 20:50 - 2013-10-18 02:36 - 01063200 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2013-10-28 20:50 - 2013-10-18 02:36 - 00955168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2013-10-28 20:48 - 2013-09-28 00:01 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2013-10-28 20:48 - 2013-09-28 00:01 - 00028960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2013-10-28 20:16 - 2013-10-23 11:30 - 15855568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-10-28 20:16 - 2013-10-16 01:48 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433158.dll
2013-10-28 20:16 - 2013-10-16 01:48 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433158.dll
2013-10-27 16:41 - 2013-10-08 07:50 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-27 16:41 - 2013-10-08 07:46 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-27 16:41 - 2013-10-08 07:46 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-27 16:41 - 2013-10-08 07:46 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-27 16:40 - 2013-10-27 16:41 - 00004278 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-27 10:19 - 2013-10-27 10:39 - 00000000 ____D C:\Users\Public\Pressefotos
2013-10-27 09:41 - 2010-05-11 11:39 - 00050192 _____ (Paragon Software Group) C:\Windows\system32\Drivers\gpt_loader.sys
2013-10-27 09:41 - 2010-05-11 11:39 - 00036368 _____ (Paragon Software Group) C:\Windows\system32\Drivers\mounthlp.sys
2013-10-27 09:40 - 2013-10-27 09:40 - 00000000 ____D C:\Program Files (x86)\Paragon Software
2013-10-27 09:40 - 2010-05-11 11:39 - 00102928 _____ (Paragon Software Group) C:\Windows\system32\Drivers\hfsplus.sys
2013-10-27 09:40 - 2010-05-11 11:39 - 00028176 _____ (Paragon Software Group) C:\Windows\system32\Drivers\apmwin.sys
2013-10-27 09:40 - 2010-05-11 11:39 - 00013840 _____ (Paragon Software Group) C:\Windows\system32\Drivers\hfsplusrec.sys
2013-10-27 09:39 - 2013-10-27 09:39 - 02416640 _____ C:\Users\Martin\Downloads\Paragon-153-PEG_WinInstallx64_1.0.5_001.msi
2013-10-24 21:43 - 2013-10-24 21:43 - 00000000 ____D C:\Users\Martin\Downloads\tod
2013-10-24 21:40 - 2013-10-24 21:43 - 245266481 _____ C:\Users\Martin\Downloads\tod.zip
2013-10-23 03:02 - 2013-10-23 03:02 - 00589600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-10-21 20:26 - 2013-10-23 11:57 - 00799418 _____ C:\Users\Martin\Desktop\Der Tod, das muß ein Wiener sein! Einzeltitel.psd
2013-10-17 07:57 - 2012-12-13 16:19 - 216051490 _____ C:\Users\Martin\Desktop\P062_LogoOrthopaedie_Final_V3_1080_25p_13-12-2012.mov
2013-10-13 14:06 - 2013-10-23 16:08 - 00000000 ____D C:\Users\Public\Der Tod, das muß ein Wiener sein
2013-10-10 19:31 - 2013-09-04 13:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-10 19:31 - 2013-09-04 13:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-10 19:31 - 2013-09-04 13:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-10 19:31 - 2013-09-04 13:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-10 19:31 - 2013-09-04 13:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-10 19:31 - 2013-09-04 13:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-10-10 19:31 - 2013-09-04 13:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-10 07:59 - 2013-09-23 00:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-10 07:59 - 2013-09-23 00:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-10 07:59 - 2013-09-23 00:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-10 07:59 - 2013-09-23 00:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-10 07:59 - 2013-09-23 00:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-10 07:59 - 2013-09-23 00:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-10 07:59 - 2013-09-23 00:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-10 07:59 - 2013-09-23 00:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-10 07:59 - 2013-09-23 00:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-10 07:59 - 2013-09-23 00:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-10 07:59 - 2013-09-23 00:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-10 07:59 - 2013-09-23 00:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-10 07:59 - 2013-09-23 00:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-10 07:59 - 2013-09-22 23:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-10 07:59 - 2013-09-22 23:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-10 07:59 - 2013-09-22 23:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-10 07:59 - 2013-09-22 23:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-10 07:59 - 2013-09-22 23:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-10 07:59 - 2013-09-22 23:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-10 07:59 - 2013-09-22 23:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-10 07:59 - 2013-09-22 23:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-10 07:59 - 2013-09-22 23:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-10 07:59 - 2013-09-22 23:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-10 07:59 - 2013-09-22 23:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-10 07:59 - 2013-09-22 23:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-10 07:59 - 2013-09-22 23:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-10 07:59 - 2013-09-22 23:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-10 07:59 - 2013-09-21 04:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-10 07:59 - 2013-09-21 04:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-10 07:59 - 2013-09-21 03:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-10 07:59 - 2013-09-21 03:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-10-10 07:39 - 2013-09-14 02:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-10-10 07:39 - 2013-09-08 03:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-10 07:39 - 2013-09-08 03:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-10-10 07:39 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-10-10 07:39 - 2013-08-29 03:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-10-10 07:39 - 2013-08-29 03:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-10-10 07:39 - 2013-08-29 03:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-10-10 07:39 - 2013-08-29 03:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-10-10 07:39 - 2013-08-29 03:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-10-10 07:39 - 2013-08-29 02:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-10-10 07:39 - 2013-08-29 02:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-10-10 07:39 - 2013-08-29 02:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-10-10 07:39 - 2013-08-29 02:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-10-10 07:39 - 2013-08-29 02:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-10-10 07:39 - 2013-08-29 02:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-10-10 07:39 - 2013-08-29 02:29 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbser.sys
2013-10-10 07:39 - 2013-08-29 01:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-10-10 07:39 - 2013-08-29 01:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-10-10 07:39 - 2013-08-29 01:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-10-10 07:39 - 2013-08-29 01:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-10-10 07:39 - 2013-08-28 02:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-10 07:39 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 07:39 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 07:39 - 2013-07-12 11:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-10-10 07:39 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-10 07:39 - 2013-07-12 11:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2013-10-10 07:39 - 2013-07-04 13:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-10-10 07:39 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-10 07:39 - 2013-07-04 13:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-10-10 07:39 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-10-10 07:39 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-10-10 07:39 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-10 07:39 - 2013-07-04 11:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-10-10 07:39 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-10 07:39 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-10 07:39 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-10 07:39 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-10 07:39 - 2013-06-06 06:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-10-10 07:39 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-10 07:39 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-10 07:39 - 2013-06-06 05:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-10-10 07:39 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-10-10 07:39 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-10-10 07:39 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-10 07:39 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-10 07:39 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-10 07:36 - 2013-08-28 02:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-10-10 07:36 - 2013-08-01 13:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys

==================== One Month Modified Files and Folders =======

2013-11-09 11:45 - 2013-11-09 11:45 - 00000474 _____ C:\Users\Martin\Downloads\defogger_disable.log
2013-11-09 11:45 - 2013-11-09 11:45 - 00000000 _____ C:\Users\Martin\defogger_reenable
2013-11-09 11:45 - 2012-03-04 17:27 - 00000000 ____D C:\Users\Martin
2013-11-09 11:43 - 2013-11-09 11:43 - 00050477 _____ C:\Users\Martin\Downloads\Defogger.exe
2013-11-09 11:41 - 2013-11-09 11:40 - 00036993 _____ C:\Users\Martin\Downloads\Addition.txt
2013-11-09 11:41 - 2013-08-20 09:36 - 00000906 _____ C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job
2013-11-09 11:39 - 2012-04-10 19:00 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-09 11:36 - 2013-08-20 09:36 - 00000294 _____ C:\Windows\Tasks\Dealply.job
2013-11-09 11:32 - 2013-11-06 19:49 - 00001392 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-09 11:32 - 2013-11-06 19:49 - 00001392 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-09 11:14 - 2012-03-04 14:08 - 00000000 ____D C:\Users\Martin\Documents\LogIns
2013-11-09 11:08 - 2013-11-05 21:21 - 00944731 _____ C:\Users\Martin\AppData\Roaming\cached-microdesc-consensus
2013-11-09 11:08 - 2013-11-05 21:21 - 00238412 _____ C:\Users\Martin\AppData\Roaming\cached-microdescs.new
2013-11-09 11:04 - 2013-11-05 21:21 - 00002825 _____ C:\Users\Martin\AppData\Roaming\state
2013-11-09 10:53 - 2012-03-04 13:19 - 00000584 _____ C:\Users\Martin\Documents\PTBSync-AutoExport-Martin.ini
2013-11-09 10:41 - 2013-08-20 09:36 - 00000902 _____ C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job
2013-11-09 10:30 - 2012-03-04 13:19 - 00001546 _____ C:\Users\Martin\Documents\PTBSync-DesktopSetting-Martin.txt
2013-11-09 10:04 - 2012-03-04 17:22 - 01734904 _____ C:\Windows\WindowsUpdate.log
2013-11-09 09:54 - 2013-08-20 09:35 - 00000360 _____ C:\Windows\Tasks\AmiUpdXp.job
2013-11-09 09:54 - 2012-03-04 22:57 - 00000000 ____D C:\Users\Martin\AppData\Local\Adobe
2013-11-08 19:57 - 2013-11-05 21:51 - 03033686 _____ C:\Users\Martin\AppData\Roaming\cached-microdescs
2013-11-06 21:40 - 2013-11-06 21:40 - 01957098 _____ (Farbar) C:\Users\Martin\Downloads\FRST64.exe
2013-11-06 21:40 - 2013-11-06 21:40 - 00000000 ____D C:\FRST
2013-11-06 21:08 - 2012-11-12 21:22 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Skype
2013-11-06 21:02 - 2013-11-06 21:02 - 00907792 __RSH C:\Users\Martin\AppData\Roaming\689F8AC39767376A3A04C62476784
2013-11-06 21:02 - 2013-11-06 21:02 - 00302096 __RSH C:\Users\Martin\AppData\Roaming\689F8AC39767376AA8E8C5D761780
2013-11-06 21:02 - 2013-11-06 21:02 - 00268816 __RSH C:\Users\Martin\AppData\Roaming\689F8AC39767376A403A858061555
2013-11-06 21:02 - 2013-11-05 21:21 - 00000000 _____ C:\Users\Martin\AppData\Roaming\lock
2013-11-06 20:59 - 2009-07-14 05:51 - 00108933 _____ C:\Windows\setupact.log
2013-11-06 20:58 - 2012-03-04 17:53 - 00000000 ____D C:\ProgramData\NVIDIA
2013-11-06 20:58 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-06 19:50 - 2013-11-06 19:49 - 00000552 _____ C:\Windows\system32\spsys.log
2013-11-06 19:43 - 2012-03-04 17:52 - 00049694 _____ C:\Windows\PFRO.log
2013-11-06 19:41 - 2013-09-19 10:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-06 09:10 - 2013-11-06 09:10 - 00000000 ____D C:\Users\Martin\.android
2013-11-06 09:06 - 2013-11-06 09:06 - 00000000 ____D C:\Users\Martin\Downloads\CSM_Y1149-E50_Backup
2013-11-06 09:03 - 2013-11-06 08:56 - 185382983 _____ C:\Users\Martin\Downloads\CSM_Y1149-E50_Backup.zip
2013-11-06 08:54 - 2013-04-29 22:37 - 00000000 ____D C:\Program Files (x86)\Opera
2013-11-05 21:54 - 2013-11-05 21:21 - 00000000 __SHD C:\Users\Martin\AppData\Roaming\70393355
2013-11-05 21:45 - 2013-11-05 21:45 - 00000000 ____D C:\Users\Martin\Desktop\Alte Firefox-Daten
2013-11-05 21:42 - 2013-11-05 21:42 - 03141632 ____H (oRsvkDzwDF) C:\Users\Martin\AppData\Roaming\DfRMBcwXKQK.exe
2013-11-05 21:42 - 2013-11-05 21:40 - 00477265 _____ C:\Users\Martin\Desktop\lftp13.rar
2013-11-05 21:42 - 2013-11-05 21:40 - 00477265 _____ C:\Users\Martin\Desktop\Install.rar
2013-11-05 21:38 - 2013-11-05 21:41 - 03141632 ____H (oRsvkDzwDF) C:\Users\Martin\AppData\Roaming\xrSAQi.exe
2013-11-05 21:38 - 2013-11-05 21:40 - 03141632 ____H (oRsvkDzwDF) C:\Users\Martin\AppData\Roaming\SLsSXKQEZtFBwH.exe
2013-11-05 21:38 - 2013-11-05 21:40 - 03141632 ____H (oRsvkDzwDF) C:\Users\Martin\AppData\Roaming\RrSNesONMPa.exe
2013-11-05 21:38 - 2013-11-05 21:40 - 03141632 ____H (oRsvkDzwDF) C:\Users\Martin\AppData\Roaming\qLLrCpOPlzLTHu.exe
2013-11-05 21:38 - 2013-11-05 21:40 - 03141632 ____H (oRsvkDzwDF) C:\Users\Martin\AppData\Roaming\qfkwvGQ.exe
2013-11-05 21:38 - 2013-11-05 21:40 - 03141632 ____H (oRsvkDzwDF) C:\Users\Martin\AppData\Roaming\PzcaUDQ.exe
2013-11-05 21:38 - 2013-11-05 21:40 - 03141632 ____H (oRsvkDzwDF) C:\Users\Martin\AppData\Roaming\KdBolWxuRVXf.exe
2013-11-05 21:38 - 2013-11-05 21:40 - 03141632 ____H (oRsvkDzwDF) C:\Users\Martin\AppData\Roaming\eVhJcd.exe
2013-11-05 21:38 - 2013-11-05 21:40 - 03141632 ____H (oRsvkDzwDF) C:\Users\Martin\AppData\Roaming\cwvcRFRzOzBk.exe
2013-11-05 21:38 - 2013-11-05 21:40 - 03141632 ____H (oRsvkDzwDF) C:\Users\Martin\AppData\Roaming\BXAZpmJdRdPd.exe
2013-11-05 21:38 - 2013-11-05 21:40 - 03141632 ____H (oRsvkDzwDF) C:\Users\Martin\AppData\Roaming\bBLVQdb.exe
2013-11-05 21:38 - 2013-11-05 21:39 - 03141632 ____H (oRsvkDzwDF) C:\Users\Martin\AppData\Roaming\YbvnjzYxRisLT.exe
2013-11-05 21:38 - 2013-11-05 21:39 - 03141632 ____H (oRsvkDzwDF) C:\Users\Martin\AppData\Roaming\wqCuI.exe
2013-11-05 21:38 - 2013-11-05 21:39 - 03141632 ____H (oRsvkDzwDF) C:\Users\Martin\AppData\Roaming\TNosXW.exe
2013-11-05 21:38 - 2013-11-05 21:39 - 03141632 ____H (oRsvkDzwDF) C:\Users\Martin\AppData\Roaming\RjEty.exe
2013-11-05 21:38 - 2013-11-05 21:39 - 03141632 ____H (oRsvkDzwDF) C:\Users\Martin\AppData\Roaming\LsiZXuACAEK.exe
2013-11-05 21:38 - 2013-11-05 21:39 - 03141632 ____H (oRsvkDzwDF) C:\Users\Martin\AppData\Roaming\jMibT.exe
2013-11-05 21:38 - 2013-11-05 21:39 - 03141632 ____H (oRsvkDzwDF) C:\Users\Martin\AppData\Roaming\hMdUd.exe
2013-11-05 21:38 - 2013-11-05 21:39 - 03141632 ____H (oRsvkDzwDF) C:\Users\Martin\AppData\Roaming\hcMffauywJSi.exe
2013-11-05 21:38 - 2013-11-05 21:39 - 03141632 ____H (oRsvkDzwDF) C:\Users\Martin\AppData\Roaming\GWPLLii.exe
2013-11-05 21:38 - 2013-11-05 21:39 - 03141632 ____H (oRsvkDzwDF) C:\Users\Martin\AppData\Roaming\BIIQAFHaDlYRo.exe
2013-11-05 21:38 - 2013-11-05 21:38 - 03141632 ____H (oRsvkDzwDF) C:\Users\Martin\AppData\Roaming\qjGvUbCwoVRH.exe
2013-11-05 21:38 - 2013-11-05 21:38 - 03141632 ____H (oRsvkDzwDF) C:\Users\Martin\AppData\Roaming\ePJirfBcmMqDQX.exe
2013-11-05 21:38 - 2012-03-04 12:55 - 06582279 _____ (Ambrose) C:\Users\Martin\Desktop\XMediaRecode2268_setup.exe
2013-11-05 21:37 - 2012-03-04 12:55 - 10731527 _____ (Ambrose) C:\Users\Martin\Desktop\SetupDocumentsManager.exe
2013-11-05 21:37 - 2012-03-04 12:55 - 03072007 _____ (Ambrose) C:\Users\Martin\Desktop\Setup.exe
2013-11-05 21:37 - 2012-03-04 12:55 - 02101255 _____ (Ambrose) C:\Users\Martin\Desktop\WGAPluginInstall.exe
2013-11-05 21:36 - 2012-03-04 12:55 - 14651399 _____ (Ambrose) C:\Users\Martin\Desktop\mp3rocket.exe
2013-11-05 21:36 - 2012-03-04 12:55 - 07884807 _____ (Ambrose) C:\Users\Martin\Desktop\Openwave_v70_Simulator.exe
2013-11-05 21:36 - 2012-03-04 12:55 - 01843207 _____ (Ambrose) C:\Users\Martin\Desktop\pcs.exe
2013-11-05 21:35 - 2012-05-10 15:06 - 15994887 _____ (Ambrose) C:\Users\Martin\Desktop\HCFRSetup.exe
2013-11-05 21:34 - 2013-01-04 09:36 - 00000000 ____D C:\Users\Martin\Documents\Rechnungen 2013
2013-11-05 21:34 - 2012-10-07 10:24 - 01634311 _____ (Ambrose) C:\Users\Martin\Desktop\h264info.exe
2013-11-05 21:34 - 2012-05-03 04:21 - 02248711 _____ (Ambrose) C:\Users\Martin\Desktop\GPU-Z.0.6.2.exe
2013-11-05 21:34 - 2012-04-10 23:14 - 21942279 _____ (Ambrose) C:\Users\Martin\Desktop\DVDFab8175Qt.exe
2013-11-05 21:33 - 2012-03-04 12:54 - 05079047 _____ (Ambrose) C:\Users\Martin\Desktop\DVD2MP4.exe
2013-11-05 21:32 - 2012-03-04 12:54 - 22794247 _____ (Ambrose) C:\Users\Martin\Desktop\DivXInstaller721.exe
2013-11-05 21:31 - 2012-03-04 12:54 - 111759367 _____ (Ambrose) C:\Users\Martin\Desktop\DiscWizardSetup.de.exe
2013-11-05 21:26 - 2012-03-04 12:54 - 62115847 _____ (Ambrose) C:\Users\Martin\Desktop\AVSVideoConverter.exe
2013-11-05 21:22 - 2013-11-05 21:22 - 00330768 __RSH C:\Users\Martin\AppData\Roaming\689F8AC39767376A54E835B288245
2013-11-05 21:22 - 2013-11-05 21:22 - 00023568 __RSH C:\Users\Martin\AppData\Roaming\689F8AC39767376A7BFF896711527
2013-11-05 21:22 - 2012-05-15 10:32 - 02301959 _____ (Ambrose) C:\Users\Martin\Desktop\7z920.exe
2013-11-05 21:22 - 2012-03-04 12:53 - 09482247 _____ (Ambrose) C:\Users\Martin\Desktop\AvidCodecsLE_MSI_Install.exe
2013-11-05 21:21 - 2013-11-05 21:21 - 03141632 ____H (oRsvkDzwDF) C:\Users\Martin\AppData\Roaming\yxIUHFgWYdks.exe
2013-11-05 21:21 - 2013-11-05 21:21 - 00018509 _____ C:\Users\Martin\AppData\Roaming\cached-certs
2013-11-05 21:21 - 2013-11-05 21:21 - 00000000 ____D C:\Users\Martin\AppData\Roaming\63699515
2013-11-05 11:48 - 2012-03-04 14:08 - 00000000 ____D C:\Users\Martin\Documents\Honorarnoten
2013-11-05 10:15 - 2013-11-04 11:19 - 00000355 _____ C:\Users\Martin\Desktop\My Home is My Castle.txt
2013-11-02 22:14 - 2012-03-05 09:04 - 00000000 ____D C:\Users\Martin\AppData\Roaming\FileZilla
2013-11-02 09:39 - 2012-03-04 14:04 - 00000000 ____D C:\Users\Martin\Documents\Epson Print CD
2013-11-02 08:32 - 2013-11-02 08:32 - 00000858 _____ C:\Users\Public\Desktop\Print CD.lnk
2013-11-02 08:32 - 2012-03-08 11:53 - 00000000 ____D C:\Program Files (x86)\Epson Software
2013-11-02 08:32 - 2012-03-04 17:35 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-11-01 21:26 - 2012-03-04 13:23 - 00000000 ____D C:\Users\Martin\Documents\CD- und Video-Etiketten
2013-10-31 23:41 - 2012-03-05 16:22 - 00000000 ____D C:\Users\Public\Documents\Avid Media Composer
2013-10-31 00:02 - 2012-03-19 09:43 - 00012292 ____H C:\Users\Public\.DS_Store
2013-10-30 10:55 - 2013-10-30 09:24 - 00000812 _____ C:\Users\Martin\Desktop\Der Tod - Wien heute.txt
2013-10-30 01:35 - 2013-10-30 09:16 - 352218306 _____ C:\Users\Martin\Desktop\der_tod_das_muss_ein_wiener_sein_DVCHDPRO-Desktop.m4v
2013-10-29 19:47 - 2013-10-29 19:43 - 100547994 _____ C:\Users\Martin\Downloads\PDZVX10 XDCAM VIEWER_v230.zip
2013-10-29 19:42 - 2013-10-29 19:42 - 07526147 _____ C:\Users\Martin\Downloads\PDZKMA233.zip
2013-10-29 15:39 - 2012-03-04 12:59 - 00000000 ____D C:\Users\Martin\Desktop\Install
2013-10-29 14:45 - 2013-10-29 14:38 - 00000000 ____D C:\Users\Martin\AppData\Roaming\iPumper
2013-10-29 14:44 - 2013-10-29 14:40 - 00000000 ____D C:\ProgramData\eSafe
2013-10-29 14:43 - 2013-10-29 14:43 - 00003640 _____ C:\Windows\System32\Tasks\Escolade
2013-10-29 14:40 - 2013-01-18 06:07 - 00001759 _____ C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-10-29 14:38 - 2013-10-29 14:38 - 05434312 _____ C:\Users\Martin\Downloads\xdcam_hd422_codec_Downloader.exe
2013-10-29 14:33 - 2013-10-29 14:34 - 00279656 _____ (Apple Inc.) C:\Users\Martin\Downloads\ProResDecoderSetup.exe
2013-10-29 10:44 - 2011-09-09 06:16 - 00000000 ___HD C:\Users\Martin\AppData\Local\xnWURx8Skku
2013-10-29 10:21 - 2013-10-29 10:21 - 00000000 ____D C:\Users\Martin\Desktop\Pressefotos neu
2013-10-29 10:05 - 2013-10-29 10:05 - 00002039 _____ C:\Users\Martin\Desktop\Pressefotos - Legende.txt
2013-10-28 21:01 - 2012-03-04 17:34 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-10-28 20:50 - 2012-03-04 19:57 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-10-28 20:50 - 2012-03-04 17:35 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-10-27 16:41 - 2013-10-27 16:40 - 00004278 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-27 16:41 - 2013-09-11 20:28 - 00000000 ____D C:\ProgramData\Oracle
2013-10-27 16:41 - 2012-03-13 19:46 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-27 10:39 - 2013-10-27 10:19 - 00000000 ____D C:\Users\Public\Pressefotos
2013-10-27 09:40 - 2013-10-27 09:40 - 00000000 ____D C:\Program Files (x86)\Paragon Software
2013-10-27 09:39 - 2013-10-27 09:39 - 02416640 _____ C:\Users\Martin\Downloads\Paragon-153-PEG_WinInstallx64_1.0.5_001.msi
2013-10-24 21:43 - 2013-10-24 21:43 - 00000000 ____D C:\Users\Martin\Downloads\tod
2013-10-24 21:43 - 2013-10-24 21:40 - 245266481 _____ C:\Users\Martin\Downloads\tod.zip
2013-10-23 16:08 - 2013-10-13 14:06 - 00000000 ____D C:\Users\Public\Der Tod, das muß ein Wiener sein
2013-10-23 12:08 - 2012-09-18 15:40 - 00001456 _____ C:\Users\Martin\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2013-10-23 11:57 - 2013-10-21 20:26 - 00799418 _____ C:\Users\Martin\Desktop\Der Tod, das muß ein Wiener sein! Einzeltitel.psd
2013-10-23 11:30 - 2013-10-28 20:56 - 30344480 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 22933792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 18199872 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 12572960 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-10-23 11:30 - 2013-10-28 20:56 - 11426568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 11374520 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 09524088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 09480328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 03131680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 03124512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433165.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433165.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 00696096 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 00655136 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 00560416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-10-23 11:30 - 2013-10-28 20:16 - 15855568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-10-23 11:30 - 2013-05-23 23:15 - 15212336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-10-23 11:30 - 2012-09-14 06:16 - 02695200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-10-23 11:30 - 2012-03-04 19:56 - 18286416 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-10-23 11:30 - 2012-03-04 19:56 - 03067560 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-10-23 11:30 - 2012-03-04 19:56 - 00023287 _____ C:\Windows\system32\nvinfo.pb
2013-10-23 09:20 - 2012-04-14 11:13 - 06669600 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-10-23 09:20 - 2012-04-14 11:13 - 03489568 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-10-23 09:20 - 2012-04-14 11:13 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2013-10-23 09:20 - 2012-04-14 11:13 - 00922912 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-10-23 09:20 - 2012-04-14 11:13 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-10-23 09:20 - 2012-04-14 11:13 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-10-23 03:02 - 2013-10-23 03:02 - 00589600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-10-18 02:36 - 2013-10-28 20:50 - 01063200 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2013-10-18 02:36 - 2013-10-28 20:50 - 00955168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2013-10-17 07:48 - 2012-03-12 09:57 - 00000216 _____ C:\Users\Martin\AppData\Roaming\default.rss
2013-10-16 18:45 - 2013-08-13 15:07 - 00004467 _____ C:\Users\Martin\Desktop\Der Tod, das muß... Legende.txt
2013-10-16 01:48 - 2013-10-28 20:16 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433158.dll
2013-10-16 01:48 - 2013-10-28 20:16 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433158.dll
2013-10-10 19:34 - 2012-03-04 19:32 - 00001912 _____ C:\Windows\epplauncher.mif
2013-10-10 19:33 - 2012-03-04 19:31 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-10-10 19:33 - 2012-03-04 19:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-10-10 19:03 - 2013-06-13 19:42 - 00000000 ____D C:\Windows\rescache
2013-10-10 18:23 - 2009-07-14 05:45 - 09887320 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-10 18:19 - 2012-05-08 21:05 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-10 18:19 - 2012-05-08 21:05 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-10 08:01 - 2009-07-14 03:34 - 00000523 _____ C:\Windows\win.ini
2013-10-10 07:55 - 2012-03-04 19:31 - 01591306 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-10-10 07:51 - 2013-07-24 08:39 - 00000000 ____D C:\Windows\system32\MRT
2013-10-10 07:47 - 2012-03-04 18:35 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Some content of TEMP:
====================
C:\Users\Martin\AppData\Local\Temp\70393355.exe
C:\Users\Martin\AppData\Local\Temp\AAMHelper.exe
C:\Users\Martin\AppData\Local\Temp\AdobeApplicationManager.exe
C:\Users\Martin\AppData\Local\Temp\AskSLib.dll
C:\Users\Martin\AppData\Local\Temp\COMAP.EXE
C:\Users\Martin\AppData\Local\Temp\Creative Cloud Helper.exe
C:\Users\Martin\AppData\Local\Temp\CreativeCloudSet-Up.exe
C:\Users\Martin\AppData\Local\Temp\devcon.exe
C:\Users\Martin\AppData\Local\Temp\DE_de_Avery_AW31.exe
C:\Users\Martin\AppData\Local\Temp\DriverInstallerUtility.exe
C:\Users\Martin\AppData\Local\Temp\final.exe
C:\Users\Martin\AppData\Local\Temp\FP_AX_MSI_INSTALLER.exe
C:\Users\Martin\AppData\Local\Temp\FP_PL_MSI_INSTALLER.exe
C:\Users\Martin\AppData\Local\Temp\htmlayout.dll
C:\Users\Martin\AppData\Local\Temp\ICReinstall_VideoConverterSetup.exe
C:\Users\Martin\AppData\Local\Temp\incredibar_installer.exe
C:\Users\Martin\AppData\Local\Temp\iv_uninstall.exe
C:\Users\Martin\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
C:\Users\Martin\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\Martin\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\Martin\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Martin\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Martin\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Martin\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Martin\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
C:\Users\Martin\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\Martin\AppData\Local\Temp\MouseKeyboardCenterx64_1031.exe
C:\Users\Martin\AppData\Local\Temp\MyBabylonTB_google_20120807.exe
C:\Users\Martin\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Martin\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Martin\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Martin\AppData\Local\Temp\nvSCPAPISvr.exe
C:\Users\Martin\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Martin\AppData\Local\Temp\nvStereoApiI64.dll
C:\Users\Martin\AppData\Local\Temp\nvStInst.exe
C:\Users\Martin\AppData\Local\Temp\OptimizerPro.exe
C:\Users\Martin\AppData\Local\Temp\sam__2268_il2369263.exe
C:\Users\Martin\AppData\Local\Temp\sdanircmdc.exe
C:\Users\Martin\AppData\Local\Temp\setup.exe
C:\Users\Martin\AppData\Local\Temp\setup__3635.exe
C:\Users\Martin\AppData\Local\Temp\SmartToolsRegCheck.dll
C:\Users\Martin\AppData\Local\Temp\tmp161C.exe
C:\Users\Martin\AppData\Local\Temp\tmp3B74.exe
C:\Users\Martin\AppData\Local\Temp\tmpC797.exe
C:\Users\Martin\AppData\Local\Temp\tmpE42E.exe
C:\Users\Martin\AppData\Local\Temp\uninst1.exe
C:\Users\Martin\AppData\Local\Temp\Uninstaller.exe
C:\Users\Martin\AppData\Local\Temp\UninstallerGer.dll
C:\Users\Martin\AppData\Local\Temp\UninstManager.dll
C:\Users\Martin\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\Martin\AppData\Local\Temp\WtgDriverInstallX.dll
C:\Users\Martin\AppData\Local\Temp\_isA61E.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-31 11:35

==================== End Of Log ============================
         
--- --- ---


2. Addition.txt:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-10-2013
Ran by Martin at 2013-11-09 11:49:02
Running from C:\Users\Martin\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

3CXPhone (x32 Version: 4.0.26523.0)
7-Zip 9.20 (x32)
Acrobat.com (x32 Version: 0.0.0)
Acrobat.com (x32 Version: 1.2.443)
Adobe Acrobat 9 Pro - English, Français, Deutsch (x32 Version: 9.5.5)
Adobe Acrobat 9.5.5 - CPSID_83708 (x32)
Adobe Acrobat XI Pro (x32 Version: 11.0)
Adobe After Effects CS4 Third Party Content (x32 Version: 9)
Adobe AIR (x32 Version: 3.8.0.1280)
Adobe Anchor Service CS4 (x32 Version: 2.0)
Adobe Asset Services CS4 (x32 Version: 4)
Adobe Audition 2.0 (x32 Version: 2.0)
Adobe Bridge 1.0 (x32 Version: 1.0.1.1)
Adobe Bridge CS4 (x32 Version: 3)
Adobe CMaps CS4 (x32 Version: 2.0)
Adobe Color EU Recommended Settings CS4 (x32 Version: 2.0)
Adobe Color JA Extra Settings CS4 (x32 Version: 2.0)
Adobe Color NA Extra Settings CS4 (x32 Version: 2.0)
Adobe Common File Installer (x32 Version: 1.00.002)
Adobe Creative Cloud (x32 Version: 2.1.2.232)
Adobe Creative Suite 4 Master Collection (x32 Version: 4.0)
Adobe Creative Suite 6 Production Premium (x32 Version: 6)
Adobe CS4 American English Speech Analysis Models (x32 Version: 1)
Adobe CSI CS4 (x32 Version: 1)
Adobe CSI CS4 x64 (Version: 1)
Adobe Default Language CS4 (x32 Version: 2.0)
Adobe Dreamweaver CS6 (x32 Version: 12.0.3)
Adobe Drive CS4 (x32 Version: 1)
Adobe Drive CS4 x64 (Version: 1)
Adobe Dynamiclink Support (x32 Version: 1)
Adobe Edge Animate (x32 Version: 1.5)
Adobe Encore CS4 Codecs (x32 Version: 4)
Adobe Exchange Panel (x32 Version: 1)
Adobe ExtendScript Toolkit CS4 (x32 Version: 3.0.0)
Adobe Extension Manager CS4 (x32 Version: 2.0)
Adobe Fireworks CS4 (x32 Version: 10.0)
Adobe Fireworks CS6 (x32 Version: 12.0.1)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Flash Professional CS6 (x32 Version: 12.0)
Adobe Fonts All (x32 Version: 2.0)
Adobe Help Center 2.0 (x32 Version: 2.0.0)
Adobe Help Manager (x32 Version: 4.0.244)
Adobe Illustrator CS6 (x32 Version: 16.0)
Adobe InDesign CS4 (x32 Version: 6.0)
Adobe InDesign CS4 Application Feature Set Files (Roman) (x32 Version: 6.0)
Adobe InDesign CS4 Common Base Files (x32 Version: 6.0)
Adobe InDesign CS4 Icon Handler (x32 Version: 6.0)
Adobe InDesign CS4 Icon Handler x64 (Version: 6.0)
Adobe InDesign CS6 (x32 Version: 8.0)
Adobe Linguistics CS4 (x32 Version: 4.0.0)
Adobe Media Encoder CS4 Exporter (x32 Version: 1.0)
Adobe Media Encoder CS4 Importer (x32 Version: 1.0)
Adobe Media Player (x32 Version: 1.8)
Adobe Muse (x32 Version: 2.0)
Adobe Muse (x32 Version: 2.3.50)
Adobe Output Module (x32 Version: 2.0)
Adobe PDF Library Files CS4 (x32 Version: 9.0)
Adobe Photoshop CS6 (x32 Version: 13.0)
Adobe Premiere Pro CS4 Third Party Content (x32 Version: 4)
Adobe Premiere Pro CS6 (x32 Version: 6.0)
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05)
Adobe Search for Help (x32 Version: 1.0)
Adobe Service Manager Extension (x32 Version: 1.0)
Adobe Setup (x32 Version: 2.0)
Adobe SGM CS4 (x32 Version: 3.0)
Adobe SING CS4 (x32 Version: 2.0)
Adobe Soundbooth CS4 (x32 Version: 2)
Adobe Soundbooth CS4 Codecs (x32 Version: 2)
Adobe SVG Viewer 3.0 (x32 Version:  3.0)
Adobe Touch App Plugins (x32 Version: 1.0)
Adobe Type Support CS4 (x32 Version: 9.0)
Adobe Update Manager CS4 (x32 Version: 6.0.0)
Adobe Version Cue CS4 Server (x32 Version: 4.0)
Adobe Widget Browser (x32 Version: 2.0 Build 348)
Adobe Widget Browser (x32 Version: 2.0.348)
Adobe WinSoft Linguistics Plugin (x32 Version: 1.1)
Adobe XMP Panels CS4 (x32 Version: 2.0)
Adobe® Content Viewer (x32 Version: 3.3.0)
AdobeColorCommonSetCMYK (x32 Version: 2.0)
AdobeColorCommonSetRGB (x32 Version: 2.0)
Advertising Center (x32 Version: 0.0.0.2)
Akamai NetSession Interface (HKCU)
Any Video Converter 5.0.5 (x32)
Apple Application Support (x32 Version: 2.3)
Apple Software Update (x32 Version: 2.1.3.127)
Avery Wizard 3.1 (x32 Version: 3.1.8)
Avid AMA Plug-in for MXF (x32 Version: 1.7.2.5330)
Avid AMA Plug-in for Panasonic P2 (x32 Version: 2.6.0.5505)
Avid Codecs LE (x32 Version: 2.3.7)
Avid Editor Transcode (Version: 3.0.5)
Avid License Control (x32 Version: 3.0.1)
Avid Media Composer (Version: 7.0.2)
AVS Update Manager 1.0 (x32)
AVS Video Converter 8 (x32)
AVS4YOU Software Navigator 1.4 (x32)
BisonCam (x32 Version: 6.96.710.05.1)
Bitrate Viewer 2.3 (x32 Version: 2.3)
bl (x32 Version: 1.0.0)
Bonjour (Version: 3.0.0.10)
Compatibility Pack für 2007 Office System (x32 Version: 12.0.6612.1000)
Connect (x32 Version: 1.0.0.1)
CPUID CPU-Z 1.66.1
Dealply (HKCU)
DealPly (remove only) (x32 Version: 4.8.7.3)
DesignPro 5 (x32 Version: 5.5.708)
DiffDaff Version 1.0 (x32)
DolbyFiles (x32 Version: 2.0)
DVD Decrypter (Remove Only) (x32)
DVD Shrink 3.2 (x32)
DVDFab 8.1.7.5 (07/04/2012) Qt (x32)
DVD-lab PRO 2.31 (Production Stable) (x32)
Epson Print CD (x32 Version: 2.20.00)
EPSON PX720WD Series Printer Uninstall
EPSON Scan (x32)
EpsonNet Print (x32 Version: 2.5.00)
EpsonNet Setup 3.3 (x32 Version: 3.3b)
FileZilla Client 3.7.3 (x32 Version: 3.7.3)
Flash Builder (x32 Version: 4.6.1)
Free YouTube Download version 3.2.9.725 (x32 Version: 3.2.9.725)
FreeOCR 3.0 (Version: 3.0)
FTPRush 2.1.8 (x32 Version: 2.1.8)
GeForce Experience NvStream Client Components (Version: 1.6.28)
Google Update Helper (x32 Version: 1.3.23.0)
HCFR (x32)
Hotkey 3.0037 (x32 Version: 3.00.37)
i1Profiler (x32)
iCloud (Version: 3.0.2.163)
ImagXpress (x32 Version: 7.0.74.0)
ImgBurn (x32 Version: 2.5.8.0)
ITECIR (x32 Version: 1.00.0000)
iZotope Insight (x32 Version: 1.02)
Java 7 Update 45 (x32 Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.8)
JMicron 1394 Filter Driver (x32 Version: 1.00.04.00)
JMicron JMB38X Flash Media Controller (x32 Version: 1.0.32.1)
KORG USB-MIDI Driver Tools for Windows (x32 Version: 1.13.0601)
kuler (x32 Version: 2.0)
LeechFTP  (x32)
License Support (x32 Version: 1.1.1.1524)
MainConcept Reference DShow Add-On (x32 Version: 2.2.0.0)
MainConcept Reference v2 (x32 Version: 2.2.0.0)
MediaInfo 0.7.60 (Version: 0.7.60)
Menu Templates - Starter Kit (x32 Version: 9.6.0.0)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1)
Microsoft Office Professional Edition 2003 (x32 Version: 11.0.8173.0)
Microsoft Security Client (Version: 4.3.0219.0)
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 4.3.219.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000)
Microsoft-Maus- und Tastatur-Center (Version: 2.2.173.0)
Movie Templates - Starter Kit (x32 Version: 9.6.0.0)
MSVC90_x64 (Version: 1.0.1.2)
MSVC90_x86 (x32 Version: 1.0.1.2)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MyFreeCodec (HKCU)
Nero 9 (x32)
Nero BurnRights (x32 Version: 3.4.13.100)
Nero ControlCenter (x32 Version: 9.0.0.1)
Nero CoverDesigner (x32 Version: 1.0.0.0)
Nero Disc Copy Gadget (x32 Version: 2.4.43.0)
Nero DiscSpeed (x32 Version: 5.4.13.100)
Nero DriveSpeed (x32 Version: 4.4.12.100)
Nero InfoTool (x32 Version: 6.4.12.100)
Nero Installer (x32 Version: 4.4.9.0)
Nero PhotoSnap (x32 Version: 2.4.29.0)
Nero Recode (x32 Version: 4.4.40.0)
Nero Rescue Agent (x32 Version: 2.4.14.100)
Nero ShowTime (x32 Version: 5.4.27.100)
Nero StartSmart (x32 Version: 9.4.40.100)
Nero Vision (x32 Version: 6.4.19.100)
Nero WaveEditor (x32 Version: 5.4.39.0)
NeroBurningROM (x32 Version: 1.0.0.0)
NeroExpress (x32 Version: 1.0.0.0)
neroxml (x32 Version: 1.0.0)
NewBlue Titler Pro for Windows (Version: 1.0)
Nokia Connectivity Cable Driver (x32 Version: 7.1.78.0)
Nokia PC Suite (x32 Version: 7.1.180.94)
NVIDIA 3D Vision Treiber 331.65 (Version: 331.65)
NVIDIA CUDA Toolkit v4.0 (64 bit) (Version: 4.00.1500.0000)
NVIDIA Drivers (Version: 1.5)
NVIDIA GeForce Experience 1.7 (Version: 1.7)
NVIDIA Grafiktreiber 331.65 (Version: 331.65)
NVIDIA Install Application (Version: 2.1002.140.952)
NVIDIA LED Visualizer 1.0 (Version: 1.0)
NVIDIA PhysX (x32 Version: 9.13.0725)
NVIDIA PhysX-Systemsoftware 9.13.0725 (Version: 9.13.0725)
NVIDIA ShadowPlay 9.3.16 (Version: 9.3.16)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3165)
NVIDIA Systemsteuerung 331.65 (Version: 331.65)
NVIDIA Update 9.3.16 (Version: 9.3.16)
NVIDIA Update Components (Version: 9.3.16)
NVIDIA Virtual Audio 1.2.9 (Version: 1.2.9)
One Clip Ingest Software (x32 Version: 1.00.0000)
Opera 12.16 (x32 Version: 12.16.1860)
P2PlugIn (Version: 1.0.1.0)
PACE License Support Win64 (Version: 2.0.0.0256)
Panasonic Drive Mount Converter (x32 Version: 1.00.0007)
Panasonic P2 AVC-Intra Decoder Component (x32 Version: 1.0.0)
Panasonic P2 Drivers (Version: 2.21.0000)
Panasonic P2 Viewer Plus (x32 Version: 1.0.7)
Paragon HFS+ for Windows™ (read-only) (Version: 1.00)
PC Connectivity Solution (x32 Version: 12.0.27.0)
PDF Settings CS4 (x32 Version: 9.0)
PDF Settings CS6 (x32 Version: 11.0)
ph (x32 Version: 1.0.0)
Photoshop Camera Raw (x32 Version: 5.0)
PreSonus Studio One 2 x64 (Version: 2.0.6.18491)
PTBSync (Atomuhr Synchronisation & Terminkalender) (x32 Version: 5.7b)
QuickTime (x32 Version: 7.74.80.86)
QuickTime MPEG2 (x32 Version: 7.60.92.0)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.5943)
REALTEK Wireless LAN Driver (x32 Version: 1.00.0118)
Safari (x32 Version: 5.34.57.2)
Samsung Kies (x32 Version: 2.6.0.13064_2)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.27.0)
SDFormatter (x32 Version: 4.0.0)
Sentinel Protection Installer 7.6.6 (x32 Version: 7.6.6)
SES Driver (Version: 1.0.0)
SHIELD Streaming (Version: 1.6.34)
SiSoftware Sandra Lite 2013.SP4 (Version: 19.50.2013.7)
Skype Click to Call (x32 Version: 6.3.11079)
Skype™ 6.3 (x32 Version: 6.3.105)
SmartTools Publishing · Mail-Assistent für Outlook (HKCU Version: v2.50)
Software Version Updater (x32 Version: 1.1.3.8)
SoundTrax (x32 Version: 4.4.39.0)
Suite Shared Configuration CS4 (x32 Version: 1.0)
SUPER © v2013.build.57+Recorder (2013/07/13) Version v2013.buil (x32 Version: v2013.build.57+Recorder)
Synaptics Pointing Device Driver (Version: 13.2.3.0)
Tracktion 3.0.4.8 (x32)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3)
Visual C++ 64-bit Redistributables (Version: 1.1.0.0929)
Visual C++ 64-bit Redistributables (Version: 1.1.1.1524)
Visual C++ 64-bit Redistributables (x32 Version: 1.1.0.0929)
Visual C++ 64-bit Redistributables (x32 Version: 1.1.1.1524)
Visual C++ Redistributables (x32 Version: 1.1.0.0929)
Visual C++ Redistributables (x32 Version: 1.1.1.1524)
WD Drive Manager (x64) (Version: 2.116)
WD WinDLG (x32 Version: 1.0.0)
Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM  (01/19/2011 1.0.0009.0) (Version: 01/19/2011 1.0.0009.0)
Windows-Treiberpaket - Nokia Modem  (02/25/2011 4.7) (Version: 02/25/2011 4.7)
Windows-Treiberpaket - Nokia Modem  (02/25/2011 7.01.0.9) (Version: 02/25/2011 7.01.0.9)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (Version: 05/31/2012 7.1.2.0)
Windows-Treiberpaket - YUAN (mod7700) Media  (05/22/2009 2.3.3.31) (Version: 05/22/2009 2.3.3.31)
WinRAR (x32)
XMedia Recode Version 3.1.2.8 (x32 Version: 3.1.2.8)
X-Rite Device Services Manager (x32 Version: 2.2.37)

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0230CE8F-7427-47E5-AA04-7C25AE490EBA} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-20] (Microsoft Corporation)
Task: {05562A6F-6ED2-4573-8F61-420403D356D3} - System32\Tasks\AmiUpdXp => C:\Users\Martin\AppData\Local\SwvUpdater\Updater.exe [2013-08-20] (Amonetize  ltd.)
Task: {1AFFE7F4-421F-45FF-9E0C-16B4EC0568E6} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {2FDDDECD-0A81-46C4-A3F1-834FDD66FDE8} - System32\Tasks\DealPlyLiveUpdateTaskMachineCore => C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe [2013-08-20] (DealPly Technologies Ltd)
Task: {4D074A5C-ED20-4793-B329-C4F269B76CF7} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\MouseKeyboardCenter.exe [2013-05-13] (Microsoft)
Task: {53AB2211-23DA-44F8-A51E-0457A8F4857F} - System32\Tasks\Dealply => C:\Users\Martin\AppData\Roaming\Dealply\UpdateProc\UpdateTask.exe [2013-04-12] ()
Task: {57E573F9-8E13-4111-8FE2-84867E478604} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {62D0C0F1-9323-44BD-9626-CA4541B30BC7} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {64725695-1049-40A5-8EA6-304053997C29} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => C:\Program Files\Microsoft Device Center\devicecenter.exe
Task: {664F5D30-1DC5-44C9-90B9-3A10462555B7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7F0B5BB6-A5D8-4D00-B157-0FFF0672879F} - System32\Tasks\DealPlyUpdate => C:\Program
Task: {908966B5-72F3-4CFE-9C74-51A3AFBF36AA} - System32\Tasks\DealPlyLiveUpdateTaskMachineUA => C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe [2013-08-20] (DealPly Technologies Ltd)
Task: {91F1E2DF-EEC3-4937-B8A3-6322E6F35BCD} - System32\Tasks\X-Rite\X-RiteDeviceServicesSoftwareUpdate => C:\Program
Task: {9BFF35EA-81E3-46D0-8091-2BC38796EFA8} - System32\Tasks\AdobeAAMUpdater-1.0-Nexoc-E712-Martin => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2013-06-13] (Adobe Systems Incorporated)
Task: {EC3FADE3-25CE-48B0-9BB4-7471C62D9C21} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {F5E3D16D-AA1A-4158-B81A-AC379CAAC38F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09] (Adobe Systems Incorporated)
Task: {FF70BC1A-0FA8-4C31-AC40-51320DBBFDBC} - System32\Tasks\Escolade => C:\Users\Martin\AppData\Roaming\iPumper\Updater.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\Martin\AppData\Local\SwvUpdater\Updater.exe
Task: C:\Windows\Tasks\Dealply.job => C:\Users\Martin\AppData\Roaming\Dealply\UPDATE~1\UPDATE~1.EXE
Task: C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe
Task: C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe

==================== Loaded Modules (whitelisted) =============

2013-08-30 09:01 - 2013-08-30 09:01 - 03358064 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2012-04-13 10:56 - 2009-12-12 14:12 - 00052224 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2013-09-06 10:21 - 2013-09-06 10:21 - 32132608 _____ () C:\Program Files\Avid\Avid Media Composer\il.dll
2013-09-06 10:21 - 2013-09-06 10:21 - 06370816 _____ () C:\Program Files\Avid\Avid Media Composer\ml.dll
2013-09-06 10:21 - 2013-09-06 10:21 - 04568064 _____ () C:\Program Files\Avid\Avid Media Composer\ilgpu.dll
2013-09-06 10:22 - 2013-09-06 10:22 - 00473600 _____ () C:\Program Files\Avid\Avid Media Composer\mt.dll
2012-03-08 11:25 - 2012-03-08 11:25 - 01615696 _____ () C:\Program Files (x86)\X-Rite\Devices\rm200\GoldenEye.dll
2012-03-08 11:25 - 2012-03-08 11:25 - 02639696 _____ () C:\Program Files (x86)\X-Rite\Devices\colormunki\colormunki.dll
2012-11-12 22:07 - 2008-03-25 15:44 - 00028672 _____ () C:\Windows\BisonCam\KBHookDLL.dll
2012-06-26 12:11 - 2012-06-26 12:11 - 02302040 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtCore4.dll
2012-06-26 12:11 - 2012-06-26 12:11 - 08197208 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtGui4.dll
2012-06-26 12:11 - 2012-06-26 12:11 - 00345688 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtXml4.dll
2012-06-26 12:10 - 2012-06-26 12:10 - 00202328 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll
2012-06-26 12:10 - 2012-06-26 12:10 - 00027736 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll
2012-06-26 12:11 - 2012-06-26 12:11 - 00282200 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtSvg4.dll
2013-05-17 15:41 - 2009-02-27 16:39 - 00019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.deu
2013-09-03 14:25 - 2013-09-03 14:25 - 32726528 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll
2013-08-07 20:25 - 2013-08-07 20:25 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2013-03-13 12:42 - 2013-03-13 13:42 - 00071568 _____ () C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\zlib1.dll
2009-06-06 13:50 - 2009-06-06 13:50 - 00019968 _____ () C:\Program Files (x86)\Hotkey\Audiodll.dll
2012-05-10 15:17 - 2012-03-27 23:14 - 44090368 _____ () C:\Program Files (x86)\X-Rite\i1Profiler\Prism.dll
2012-05-10 15:17 - 2012-03-28 01:17 - 03449344 _____ () C:\Program Files (x86)\X-Rite\i1Profiler\CxF2_VC90MD_2.1.dll
2012-05-10 15:17 - 2012-03-28 01:17 - 00898560 _____ () C:\Program Files (x86)\X-Rite\i1Profiler\libxml2.dll
2012-05-10 15:17 - 2012-03-28 01:17 - 00073728 _____ () C:\Program Files (x86)\X-Rite\i1Profiler\zlib1.dll
2012-05-10 15:17 - 2012-03-28 01:17 - 07982592 _____ () C:\Program Files (x86)\X-Rite\i1Profiler\QtGui4.dll
2012-05-10 15:17 - 2012-03-28 01:17 - 02147328 _____ () C:\Program Files (x86)\X-Rite\i1Profiler\QtCore4.dll
2013-08-30 09:00 - 2013-08-30 09:00 - 00381808 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CCInvokeAAM.dll
2013-05-17 15:41 - 2013-05-08 01:57 - 02666496 _____ () C:\Program Files (x86)\Adobe\Acrobat 9.0\PDFMaker\Common\AdobePDFMakerX.dll
2013-05-17 15:41 - 2009-02-27 16:40 - 01421312 _____ () C:\Program Files (x86)\Adobe\Acrobat 9.0\PDFMaker\Common\AdobePDFMakerX.DEU
2013-04-29 22:37 - 2013-11-06 08:54 - 00835584 _____ () C:\Program Files (x86)\Opera\gstreamer\gstreamer.dll
2013-04-29 22:37 - 2013-11-06 08:54 - 00093696 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioconvert.dll
2013-04-29 22:37 - 2013-11-06 08:54 - 00094208 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioresample.dll
2013-04-29 22:37 - 2013-11-06 08:54 - 00057344 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstautodetect.dll
2013-04-29 22:37 - 2013-11-06 08:54 - 00096256 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstcoreplugins.dll
2013-04-29 22:37 - 2013-11-06 08:54 - 00062976 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstdecodebin2.dll
2013-04-29 22:37 - 2013-11-06 08:54 - 00067072 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstdirectsound.dll
2013-04-29 22:37 - 2013-11-06 08:54 - 00158208 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstffmpegcolorspace.dll
2013-04-29 22:37 - 2013-11-06 08:54 - 00312832 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstoggdec.dll
2013-04-29 22:37 - 2013-11-06 08:54 - 00038912 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstwaveform.dll
2013-04-29 22:37 - 2013-11-06 08:54 - 00073728 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstwavparse.dll
2013-04-29 22:37 - 2013-11-06 08:54 - 00101888 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstwebmdec.dll
2013-10-09 21:45 - 2013-10-09 21:45 - 16233864 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Microsoft:8Z7WGiPuSYuxn6tHufBb
AlternateDataStreams: C:\ProgramData\Microsoft:afb2gtnEoP2hdz886KFnYaHX
AlternateDataStreams: C:\ProgramData\Microsoft:ml9taiNhEFn5q2tRn0ndHtTu
AlternateDataStreams: C:\ProgramData\Microsoft:OFf0XQtiDJXhV9iKxKOhoQBE3YGv
AlternateDataStreams: C:\Users\Martin\Cookies:E5EyevmztKUx9YL6FX57CQNG2
AlternateDataStreams: C:\Users\Martin\Cookies:MHiZXv4suTQnWq1jTGR
AlternateDataStreams: C:\Users\Martin\Desktop\Uni Klagenfurt 2012:AFP_AFPINFO
AlternateDataStreams: C:\Users\Martin\AppData\Local\5kfj674QJb:6kDOy8XKfo8GBUmk7HbP
AlternateDataStreams: C:\Users\Martin\AppData\Local\xnWURx8Skku:wgMFxBHXeRop5Jc2Wj3D
AlternateDataStreams: C:\Users\Martin\Documents\SpanHofreitschuleBluRay:Mac_Metadata
AlternateDataStreams: C:\Users\Martin\Documents\SpanHofreitschuleBluRay.ncor:Mac_Metadata

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/08/2013 07:51:32 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (11/06/2013 09:04:39 PM) (Source: Software Protection Platform Service) (User: )
Description: Der Authentizitätsstatus ist auf nicht-authentisch (0x00000000) gesetzt für die Anwendungs-ID 55c92734-d682-4d71-983e-d6ec3f16059f.

Error: (11/06/2013 09:04:11 PM) (Source: Software Protection Platform Service) (User: )
Description: Fehler bei der Installation des Kaufnachweises. 0xC004F015
Teil-Pkey=QVBQ4
ACID=9ab82e0c-ffc9-4107-baa1-c65a8bd3ccc3
Genauer Fehler[?]

Error: (11/06/2013 09:03:19 PM) (Source: Software Protection Platform Service) (User: )
Description: Fehler bei der Installation des Kaufnachweises. 0xC004F015
Teil-Pkey=QVBQ4
ACID=9ab82e0c-ffc9-4107-baa1-c65a8bd3ccc3
Genauer Fehler[?]

Error: (11/06/2013 08:45:49 PM) (Source: Software Protection Platform Service) (User: )
Description: Der Authentizitätsstatus ist auf nicht-authentisch (0x00000000) gesetzt für die Anwendungs-ID 55c92734-d682-4d71-983e-d6ec3f16059f.

Error: (11/06/2013 08:41:28 PM) (Source: Software Protection Platform Service) (User: )
Description: Der Authentizitätsstatus ist auf nicht-authentisch (0x00000000) gesetzt für die Anwendungs-ID 55c92734-d682-4d71-983e-d6ec3f16059f.

Error: (11/06/2013 03:34:24 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (11/05/2013 09:37:42 PM) (Source: Application Hang) (User: )
Description: Programm firefox.exe, Version 24.0.0.5001 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 23fc

Startzeit: 01ceda66b40cb4b0

Endzeit: 136

Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID: 18e60e91-465a-11e3-be44-ee7dd465c47d

Error: (11/05/2013 09:17:54 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1123

Error: (11/05/2013 09:17:54 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1123


System errors:
=============
Error: (11/09/2013 10:04:07 AM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

	Neue Signaturversion: 

	Vorherige Signaturversion: 1.161.1554.0

	Aktualisierungsquelle: %NT-AUTORITÄT59

	Aktualisierungsphase: 4.3.0219.00

	Quellpfad: 4.3.0219.01

	Signaturtyp: %NT-AUTORITÄT602

	Aktualisierungstyp: %NT-AUTORITÄT604

	Benutzer: NT-AUTORITÄT\SYSTEM

	Aktuelle Modulversion: %NT-AUTORITÄT605

	Vorherige Modulversion: %NT-AUTORITÄT606

	Fehlercode: %NT-AUTORITÄT607

	Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (11/08/2013 07:37:55 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

	Neue Signaturversion: 

	Vorherige Signaturversion: 1.161.1554.0

	Aktualisierungsquelle: %NT-AUTORITÄT59

	Aktualisierungsphase: 4.3.0219.00

	Quellpfad: 4.3.0219.01

	Signaturtyp: %NT-AUTORITÄT602

	Aktualisierungstyp: %NT-AUTORITÄT604

	Benutzer: NT-AUTORITÄT\SYSTEM

	Aktuelle Modulversion: %NT-AUTORITÄT605

	Vorherige Modulversion: %NT-AUTORITÄT606

	Fehlercode: %NT-AUTORITÄT607

	Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (11/08/2013 07:28:28 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (11/08/2013 07:28:27 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (11/08/2013 07:28:17 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (11/08/2013 07:28:16 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (11/06/2013 10:39:23 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.

Error: (11/06/2013 08:59:59 PM) (Source: Microsoft-Windows-WHEA-Logger) (User: NT-AUTORITÄT)
Description: Schwerwiegender Hardwarefehler.

Gemeldet von Komponente: Prozessorkern
Fehlerquelle: 3
Fehlertyp: 10
Prozessor-ID: 1

Die Detailansicht dieses Eintrags beinhaltet weitere Informationen.

Error: (11/06/2013 08:59:59 PM) (Source: Microsoft-Windows-WHEA-Logger) (User: NT-AUTORITÄT)
Description: Schwerwiegender Hardwarefehler.

Gemeldet von Komponente: Prozessorkern
Fehlerquelle: 3
Fehlertyp: 10
Prozessor-ID: 0

Die Detailansicht dieses Eintrags beinhaltet weitere Informationen.

Error: (11/06/2013 08:59:59 PM) (Source: Microsoft-Windows-WHEA-Logger) (User: NT-AUTORITÄT)
Description: Schwerwiegender Hardwarefehler.

Gemeldet von Komponente: Prozessorkern
Fehlerquelle: 3
Fehlertyp: 10
Prozessor-ID: 0

Die Detailansicht dieses Eintrags beinhaltet weitere Informationen.


Microsoft Office Sessions:
=========================
Error: (11/08/2013 07:51:32 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\Nokia\Nokia PC Suite 7\TIS_Windows7PIM.dll

Error: (11/06/2013 09:04:39 PM) (Source: Software Protection Platform Service)(User: )
Description: 0x0000000055c92734-d682-4d71-983e-d6ec3f16059f

Error: (11/06/2013 09:04:11 PM) (Source: Software Protection Platform Service)(User: )
Description: 0xC004F015QVBQ49ab82e0c-ffc9-4107-baa1-c65a8bd3ccc3?

Error: (11/06/2013 09:03:19 PM) (Source: Software Protection Platform Service)(User: )
Description: 0xC004F015QVBQ49ab82e0c-ffc9-4107-baa1-c65a8bd3ccc3?

Error: (11/06/2013 08:45:49 PM) (Source: Software Protection Platform Service)(User: )
Description: 0x0000000055c92734-d682-4d71-983e-d6ec3f16059f

Error: (11/06/2013 08:41:28 PM) (Source: Software Protection Platform Service)(User: )
Description: 0x0000000055c92734-d682-4d71-983e-d6ec3f16059f

Error: (11/06/2013 03:34:24 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\Nokia\Nokia PC Suite 7\TIS_Windows7PIM.dll

Error: (11/05/2013 09:37:42 PM) (Source: Application Hang)(User: )
Description: firefox.exe24.0.0.500123fc01ceda66b40cb4b0136C:\Program Files (x86)\Mozilla Firefox\firefox.exe18e60e91-465a-11e3-be44-ee7dd465c47d

Error: (11/05/2013 09:17:54 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1123

Error: (11/05/2013 09:17:54 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1123


CodeIntegrity Errors:
===================================
  Date: 2013-11-06 07:35:13.274
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\C-LAUFWERK 040312\Windows\System32\fveapibase.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-06 07:35:13.046
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\C-LAUFWERK 040312\Windows\System32\fveapibase.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-06 07:35:12.828
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\C-LAUFWERK 040312\Windows\System32\fveapibase.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-06 07:35:12.605
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\C-LAUFWERK 040312\Windows\System32\fveapibase.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-06 07:29:40.528
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\C-LAUFWERK 040312\Windows\System32\drivers\appid.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-06 07:29:40.317
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\C-LAUFWERK 040312\Windows\System32\drivers\appid.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-06 07:29:40.079
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\C-LAUFWERK 040312\Windows\System32\drivers\appid.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-06 07:29:39.865
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\C-LAUFWERK 040312\Windows\System32\drivers\appid.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-06 05:19:03.660
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\backups\1111693933\091212\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.1.7600.16385_none_34b0fc0c53728e43\fveapibase.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-06 05:19:03.431
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\backups\1111693933\091212\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.1.7600.16385_none_34b0fc0c53728e43\fveapibase.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 40%
Total physical RAM: 8190.35 MB
Available physical RAM: 4879.17 MB
Total Pagefile: 16378.88 MB
Available Pagefile: 12641.98 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive a: (Martin 2) (Fixed) (Total:931.42 GB) (Free:2.44 GB) NTFS
Drive c: (Martin) (Fixed) (Total:298.09 GB) (Free:7.8 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 8C059331)
Partition 1: (Active) - (Size=298 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 835B6220)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
Gmer folgt sogleich. m.
__________________

Alt 09.11.2013, 12:16   #4
mpolasek
 
Win7/64bit: Rotbrow A-E nach Amazon-Mahnung, Windowsmeldung "Falsche Windows 7-Kopie" - Standard

Win7/64bit: Rotbrow A-E nach Amazon-Mahnung, Windowsmeldung "Falsche Windows 7-Kopie"



... und hier
3. Gmer:
Code:
ATTFilter
GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-11-09 12:06:51
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\00000074 ST932042 rev.SD13 298,09GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\Martin\AppData\Local\Temp\pwlyraog.sys


---- Kernel code sections - GMER 2.1 ----

INITKDBG  C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528                                                                                 fffff800031af000 34 bytes [80, 41, 79, 07, 80, FA, FF, ...]
INITKDBG  C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 563                                                                                 fffff800031af023 28 bytes [29, 00, 00, 00, 00, 51, 4C, ...]

---- User code sections - GMER 2.1 ----

.text     C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe[2984] C:\Windows\syswow64\kernel32.dll!CreateThread                    0000000076fb3475 5 bytes JMP 00000001023dcb98
.text     C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe[3304] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                              0000000075111465 2 bytes [11, 75]
.text     C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe[3304] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                             00000000751114bb 2 bytes [11, 75]
.text     ...                                                                                                                                                * 2
.text     C:\Windows\BisonCam\BisonHK.exe[2604] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                      0000000075111465 2 bytes [11, 75]
.text     C:\Windows\BisonCam\BisonHK.exe[2604] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                     00000000751114bb 2 bytes [11, 75]
.text     ...                                                                                                                                                * 2
.text     C:\Windows\BisonCam\DeLay.exe[4604] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                        0000000075111465 2 bytes [11, 75]
.text     C:\Windows\BisonCam\DeLay.exe[4604] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                       00000000751114bb 2 bytes [11, 75]
.text     ...                                                                                                                                                * 2
.text     C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe[4608] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69              0000000075111465 2 bytes [11, 75]
.text     C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe[4608] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155             00000000751114bb 2 bytes [11, 75]
.text     ...                                                                                                                                                * 2
.text     C:\Users\Martin\AppData\Local\Akamai\netsession_win.exe[4512] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                              0000000075111465 2 bytes [11, 75]
.text     C:\Users\Martin\AppData\Local\Akamai\netsession_win.exe[4512] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                             00000000751114bb 2 bytes [11, 75]
.text     ...                                                                                                                                                * 2
.text     C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe[2600] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                            0000000075111465 2 bytes [11, 75]
.text     C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe[2600] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                           00000000751114bb 2 bytes [11, 75]
.text     ...                                                                                                                                                * 2
.text     C:\Program Files (x86)\Samsung\Kies\Kies.exe[908] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                          0000000075111465 2 bytes [11, 75]
.text     C:\Program Files (x86)\Samsung\Kies\Kies.exe[908] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                         00000000751114bb 2 bytes [11, 75]
.text     ...                                                                                                                                                * 2
.text     C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[4708] C:\Windows\SysWOW64\ntdll.dll!DbgBreakPoint                         000000007767000c 1 byte [C3]
.text     C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[4708] C:\Windows\SysWOW64\ntdll.dll!DbgUiRemoteBreakin                    00000000776ff8ea 5 bytes JMP 00000001776ad5c1
.text     C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[4708] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69             0000000075111465 2 bytes [11, 75]
.text     C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[4708] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155            00000000751114bb 2 bytes [11, 75]
.text     ...                                                                                                                                                * 2
.text     C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe[3852] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                        0000000075111465 2 bytes [11, 75]
.text     C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe[3852] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                       00000000751114bb 2 bytes [11, 75]
.text     ...                                                                                                                                                * 2
.text     C:\Program Files (x86)\KORG\KORG USB-MIDI Driver\EsHelper2.exe[3876] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                       0000000075111465 2 bytes [11, 75]
.text     C:\Program Files (x86)\KORG\KORG USB-MIDI Driver\EsHelper2.exe[3876] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                      00000000751114bb 2 bytes [11, 75]
.text     ...                                                                                                                                                * 2
.text     C:\Users\Martin\AppData\Local\Akamai\netsession_win.exe[1648] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                              0000000075111465 2 bytes [11, 75]
.text     C:\Users\Martin\AppData\Local\Akamai\netsession_win.exe[1648] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                             00000000751114bb 2 bytes [11, 75]
.text     ...                                                                                                                                                * 2
.text     C:\Program Files (x86)\PTBSync\PTBSync.exe[4412] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                           0000000075111465 2 bytes [11, 75]
.text     C:\Program Files (x86)\PTBSync\PTBSync.exe[4412] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                          00000000751114bb 2 bytes [11, 75]
.text     ...                                                                                                                                                * 2
.text     C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe[1452] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69             0000000075111465 2 bytes [11, 75]
.text     C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe[1452] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155            00000000751114bb 2 bytes [11, 75]
.text     ...                                                                                                                                                * 2
.text     C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[3144] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                0000000075111465 2 bytes [11, 75]
.text     C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[3144] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                               00000000751114bb 2 bytes [11, 75]
.text     ...                                                                                                                                                * 2
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[684] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                      0000000075111465 2 bytes [11, 75]
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[684] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                     00000000751114bb 2 bytes [11, 75]
.text     ...                                                                                                                                                * 2
.text     C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe[3548] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69   0000000075111465 2 bytes [11, 75]
.text     C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe[3548] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155  00000000751114bb 2 bytes [11, 75]
.text     ...                                                                                                                                                * 2
.text     C:\Program Files (x86)\Hotkey\Hotkey.exe[5248] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                             0000000075111465 2 bytes [11, 75]
.text     C:\Program Files (x86)\Hotkey\Hotkey.exe[5248] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                            00000000751114bb 2 bytes [11, 75]
.text     ...                                                                                                                                                * 2
.text     C:\Program Files (x86)\X-Rite\i1Profiler\i1ProfilerTray.exe[5316] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                          0000000075111465 2 bytes [11, 75]
.text     C:\Program Files (x86)\X-Rite\i1Profiler\i1ProfilerTray.exe[5316] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                         00000000751114bb 2 bytes [11, 75]
.text     ...                                                                                                                                                * 2
.text     C:\Program Files (x86)\Hotkey\LightShow.exe[5352] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                          0000000075111465 2 bytes [11, 75]
.text     C:\Program Files (x86)\Hotkey\LightShow.exe[5352] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                         00000000751114bb 2 bytes [11, 75]
.text     ...                                                                                                                                                * 2
.text     c:\Windows\BisonCam\BisonHK.exe[6412] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                      0000000075111465 2 bytes [11, 75]
.text     c:\Windows\BisonCam\BisonHK.exe[6412] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                     00000000751114bb 2 bytes [11, 75]
.text     ...                                                                                                                                                * 2
.text     C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe[3148] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69              0000000075111465 2 bytes [11, 75]
.text     C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe[3148] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155             00000000751114bb 2 bytes [11, 75]
.text     ...                                                                                                                                                * 2
.text     C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe[2856] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69           0000000075111465 2 bytes [11, 75]
.text     C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe[2856] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155          00000000751114bb 2 bytes [11, 75]
.text     ...                                                                                                                                                * 2
.text     C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE[6996] C:\Windows\syswow64\ole32.dll!OleLoadFromStream                                 0000000076236143 5 bytes JMP 00000001589c44c3
.text     C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE[6996] C:\Windows\syswow64\OLEAUT32.dll!SysFreeString                                  0000000076ce3e59 5 bytes JMP 0000000158765685
.text     C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE[6996] C:\Windows\syswow64\OLEAUT32.dll!VariantClear                                   0000000076ce3eae 5 bytes JMP 0000000158767fde
.text     C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE[6996] C:\Windows\syswow64\OLEAUT32.dll!SysAllocStringByteLen                          0000000076ce4731 5 bytes JMP 00000001587680e0
.text     C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE[6996] C:\Windows\syswow64\OLEAUT32.dll!VariantChangeType                              0000000076ce5dee 5 bytes JMP 000000015877b87d
.text     C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE[6996] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                         0000000075111465 2 bytes [11, 75]
.text     C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE[6996] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                        00000000751114bb 2 bytes [11, 75]
.text     ...                                                                                                                                                * 2
?         C:\Windows\system32\mssprxy.dll [6996] entry point in ".rdata" section                                                                             000000006f3571e6
.text     C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE[7392] C:\Windows\syswow64\ole32.dll!OleLoadFromStream                                 0000000076236143 5 bytes JMP 00000001589c44c3
.text     C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE[7392] C:\Windows\syswow64\OLEAUT32.dll!SysFreeString                                  0000000076ce3e59 5 bytes JMP 0000000158765685
.text     C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE[7392] C:\Windows\syswow64\OLEAUT32.dll!VariantClear                                   0000000076ce3eae 5 bytes JMP 0000000158767fde
.text     C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE[7392] C:\Windows\syswow64\OLEAUT32.dll!SysAllocStringByteLen                          0000000076ce4731 5 bytes JMP 00000001587680e0
.text     C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE[7392] C:\Windows\syswow64\OLEAUT32.dll!VariantChangeType                              0000000076ce5dee 5 bytes JMP 000000015877b87d
.text     C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE[7392] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                         0000000075111465 2 bytes [11, 75]
.text     C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE[7392] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                        00000000751114bb 2 bytes [11, 75]
.text     ...                                                                                                                                                * 2

---- Threads - GMER 2.1 ----

Thread    C:\Windows\system32\taskhost.exe [1708:6188]                                                                                                       0000000007fd6fcc
Thread    C:\Windows\system32\taskeng.exe [1148:6308]                                                                                                        0000000000296fcc
Thread    C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [1500:6792]                                                                        0000000002196fcc
Thread    C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1536:6800]                                                                         00000000020e6fcc
Thread    C:\Windows\System32\rundll32.exe [4012:6100]                                                                                                       00000000020e6fcc
Thread    C:\Windows\system32\Dwm.exe [4756:6004]                                                                                                            00000000038a6fcc
Thread    C:\Windows\Explorer.EXE [4776:2516]                                                                                                                0000000003278b44
Thread    C:\Windows\Explorer.EXE [4776:3952]                                                                                                                0000000003276014
Thread    C:\Windows\Explorer.EXE [4776:6632]                                                                                                                000000000327ae68
Thread    C:\Windows\Explorer.EXE [4776:6636]                                                                                                                0000000003272308
Thread    C:\Windows\Explorer.EXE [4776:6640]                                                                                                                00000000032787e0
Thread    C:\Program Files\Microsoft Security Client\msseces.exe [3556:4372]                                                                                 0000000000176fcc
Thread    C:\Program Files\Windows Sidebar\sidebar.exe [4260:6300]                                                                                           0000000003e16fcc
Thread    C:\Program Files\Windows Media Player\wmpnetwk.exe [4928:5100]                                                                                     000007fefb882a7c
Thread    C:\Program Files\Windows Media Player\wmpnetwk.exe [4928:4668]                                                                                     000007fee9abd618
Thread    C:\Windows\system32\conhost.exe [6436:6588]                                                                                                        00000000025e6fcc
Thread    C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe [3148:5516]                                                                0000000001046289
Thread    C:\Windows\system32\wbem\unsecapp.exe [6784:7036]                                                                                                  0000000000326fcc
Thread    C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE [6996:8160]                                                                           0000000006476289
Thread    C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE [7392:7444]                                                                           00000000053e6289
Thread    C:\Windows\splwow64.exe [4400:7308]                                                                                                                0000000001e46fcc
Thread    C:\Windows\System32\slui.exe [4388:8396]                                                                                                           0000000001bd6fcc
Thread    C:\Windows\explorer.exe [6192:9064]                                                                                                                0000000007456fcc
Thread    C:\Windows\explorer.exe [5856:7324]                                                                                                                0000000007df6fcc
Thread    C:\Windows\explorer.exe [3668:6500]                                                                                                                0000000006b56fcc

---- Registry - GMER 2.1 ----

Reg       HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0010609702a0                                                                        
Reg       HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0010609702a0@001c9a6c5106                                                           0x8C 0x1A 0x50 0xB1 ...
Reg       HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0010609702a0@000704ce3771                                                           0xC8 0x6A 0x0F 0x70 ...
Reg       HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0010609702a0 (not active ControlSet)                                                    
Reg       HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0010609702a0@001c9a6c5106                                                               0x8C 0x1A 0x50 0xB1 ...
Reg       HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0010609702a0@000704ce3771                                                               0xC8 0x6A 0x0F 0x70 ...

---- EOF - GMER 2.1 ----
         

Alt 10.11.2013, 06:01   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Win7/64bit: Rotbrow A-E nach Amazon-Mahnung, Windowsmeldung "Falsche Windows 7-Kopie" - Standard

Win7/64bit: Rotbrow A-E nach Amazon-Mahnung, Windowsmeldung "Falsche Windows 7-Kopie"



Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 10.11.2013, 17:57   #6
mpolasek
 
Win7/64bit: Rotbrow A-E nach Amazon-Mahnung, Windowsmeldung "Falsche Windows 7-Kopie" - Standard

Win7/64bit: Rotbrow A-E nach Amazon-Mahnung, Windowsmeldung "Falsche Windows 7-Kopie"



Hallo schrauber,

vielen Dank mal fürs Erste. habe den Combofix-Scan durchgeführt. (Weiterhin tritt die Meldung "möglicherweise gefälschte Windows-Kopie" mit Forderung nach Eingabe des Produkt-key auf.) Hier nun ComboFix.txt:

Code:
ATTFilter
Combofix Logfile:
Code:
ATTFilter
ComboFix 13-11-07.01 - Martin 10.11.2013   9:46.1.2 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.43.1031.18.8190.5254 [GMT 1:00]
ausgeführt von:: c:\users\Martin\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\DealPly
c:\program files (x86)\DealPly\DealPly.crx
c:\program files (x86)\DealPly\DealPly.xpi
c:\program files (x86)\DealPly\DealPlyIE.dll
c:\program files (x86)\DealPly\DealPlyIE64.dll
c:\program files (x86)\DealPly\DealPlyUpdate.exe
c:\program files (x86)\DealPly\DealPlyUpdateRun.exe
c:\program files (x86)\DealPly\DealPlyUpdateVer.exe
c:\program files (x86)\DealPly\icon.ico
c:\program files (x86)\DealPly\uninst.exe
c:\users\Martin\AppData\Roaming\63699515
c:\users\Martin\AppData\Roaming\689F8AC39767376A403A858017361
c:\users\Martin\AppData\Roaming\689F8AC39767376A54E835B288245
c:\users\Martin\AppData\Roaming\689F8AC39767376A7BFF896711527
c:\users\Martin\AppData\Roaming\689F8AC39767376AA8E8C5D744921
c:\users\Martin\AppData\Roaming\70393355
c:\users\Martin\AppData\Roaming\70393355\70393355.exe
c:\users\Martin\AppData\Roaming\bBLVQdb.exe
c:\users\Martin\AppData\Roaming\BIIQAFHaDlYRo.exe
c:\users\Martin\AppData\Roaming\BXAZpmJdRdPd.exe
c:\users\Martin\AppData\Roaming\cached-certs
c:\users\Martin\AppData\Roaming\cached-microdesc-consensus
c:\users\Martin\AppData\Roaming\cached-microdescs
c:\users\Martin\AppData\Roaming\cached-microdescs.new
c:\users\Martin\AppData\Roaming\cwvcRFRzOzBk.exe
c:\users\Martin\AppData\Roaming\DfRMBcwXKQK.exe
c:\users\Martin\AppData\Roaming\ePJirfBcmMqDQX.exe
c:\users\Martin\AppData\Roaming\eVhJcd.exe
c:\users\Martin\AppData\Roaming\GWPLLii.exe
c:\users\Martin\AppData\Roaming\hcMffauywJSi.exe
c:\users\Martin\AppData\Roaming\hMdUd.exe
c:\users\Martin\AppData\Roaming\jMibT.exe
c:\users\Martin\AppData\Roaming\KdBolWxuRVXf.exe
c:\users\Martin\AppData\Roaming\LsiZXuACAEK.exe
c:\users\Martin\AppData\Roaming\PzcaUDQ.exe
c:\users\Martin\AppData\Roaming\qfkwvGQ.exe
c:\users\Martin\AppData\Roaming\qjGvUbCwoVRH.exe
c:\users\Martin\AppData\Roaming\qLLrCpOPlzLTHu.exe
c:\users\Martin\AppData\Roaming\RjEty.exe
c:\users\Martin\AppData\Roaming\RrSNesONMPa.exe
c:\users\Martin\AppData\Roaming\SLsSXKQEZtFBwH.exe
c:\users\Martin\AppData\Roaming\TNosXW.exe
c:\users\Martin\AppData\Roaming\wqCuI.exe
c:\users\Martin\AppData\Roaming\xrSAQi.exe
c:\users\Martin\AppData\Roaming\YbvnjzYxRisLT.exe
c:\users\Martin\AppData\Roaming\yxIUHFgWYdks.exe
c:\users\Martin\Desktop\Setup.exe
c:\users\Martin\Documents\~WRL0104.tmp
c:\users\Martin\Documents\~WRL0501.tmp
c:\users\Martin\Documents\~WRL1310.tmp
c:\users\Martin\Documents\~WRL1484.tmp
c:\users\Martin\Documents\~WRL1486.tmp
c:\users\Martin\Documents\~WRL1678.tmp
c:\users\Martin\Documents\~WRL1981.tmp
c:\users\Martin\Documents\~WRL2284.tmp
c:\users\Martin\Documents\~WRL2692.tmp
c:\windows\Installer\{0427308A-76E7-4D9C-BAA2-0156215CB191}\EditorSvcMgr.CC044E7F_6970_4832_89FC_E9116CEDE7D4.exe
c:\windows\jestertb.dll
c:\windows\SysWow64\err.log
c:\windows\SysWow64\osMAx.ocx
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-10-10 bis 2013-11-10  ))))))))))))))))))))))))))))))
.
.
2013-11-10 09:04 . 2013-11-10 09:04	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2013-11-10 09:04 . 2013-11-10 09:04	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-11-10 09:04 . 2013-11-10 09:04	--------	d-----w-	c:\users\postgres\AppData\Local\temp
2013-11-10 00:04 . 2013-11-10 00:04	75888	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F6BA1F67-44F7-435D-B452-984EAC90EEC2}\offreg.dll
2013-11-10 00:04 . 2013-11-10 00:04	46768	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F6BA1F67-44F7-435D-B452-984EAC90EEC2}\MpKsl6acc2800.sys
2013-11-06 20:40 . 2013-11-06 20:40	--------	d-----w-	C:\FRST
2013-11-06 19:45 . 2013-10-14 07:12	10280728	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F6BA1F67-44F7-435D-B452-984EAC90EEC2}\mpengine.dll
2013-11-06 08:21 . 2013-10-18 07:09	965000	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7BCB698D-5BAF-4376-A76D-C8C80DF5C3F8}\gapaengine.dll
2013-11-06 08:21 . 2013-10-14 07:12	10280728	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-11-06 08:10 . 2013-11-06 08:10	--------	d-----w-	c:\users\Martin\.android
2013-10-29 13:40 . 2013-10-29 13:44	--------	d-----w-	c:\programdata\eSafe
2013-10-29 13:38 . 2013-10-29 13:45	--------	d-----w-	c:\users\Martin\AppData\Roaming\iPumper
2013-10-28 19:50 . 2013-10-18 01:36	1063200	----a-w-	c:\windows\system32\nvspcap64.dll
2013-10-28 19:50 . 2013-10-18 01:36	955168	----a-w-	c:\windows\SysWow64\nvspcap.dll
2013-10-28 19:48 . 2013-09-27 23:01	39200	----a-w-	c:\windows\system32\drivers\nvvad64v.sys
2013-10-28 19:48 . 2013-09-27 23:01	28960	----a-w-	c:\windows\SysWow64\nvaudcap32v.dll
2013-10-28 19:16 . 2013-10-23 10:30	15855568	----a-w-	c:\windows\SysWow64\nvwgf2um.dll
2013-10-28 19:16 . 2013-10-16 00:48	1884448	----a-w-	c:\windows\system32\nvdispco6433158.dll
2013-10-28 19:16 . 2013-10-16 00:48	1511712	----a-w-	c:\windows\system32\nvdispgenco6433158.dll
2013-10-27 15:41 . 2013-10-08 06:50	96168	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-27 09:19 . 2013-10-27 09:39	--------	d-----w-	c:\users\Public\Pressefotos
2013-10-27 08:41 . 2010-05-11 10:39	50192	----a-w-	c:\windows\system32\drivers\gpt_loader.sys
2013-10-27 08:41 . 2010-05-11 10:39	36368	----a-w-	c:\windows\system32\drivers\mounthlp.sys
2013-10-27 08:40 . 2010-05-11 10:39	28176	----a-w-	c:\windows\system32\drivers\apmwin.sys
2013-10-27 08:40 . 2010-05-11 10:39	13840	----a-w-	c:\windows\system32\drivers\hfsplusrec.sys
2013-10-27 08:40 . 2010-05-11 10:39	102928	----a-w-	c:\windows\system32\drivers\hfsplus.sys
2013-10-27 08:40 . 2013-10-27 08:40	--------	d-----w-	c:\program files (x86)\Paragon Software
2013-10-23 02:02 . 2013-10-23 02:02	589600	----a-w-	c:\windows\SysWow64\nvStreaming.exe
2013-10-13 13:06 . 2013-10-23 15:08	--------	d-----w-	c:\users\Public\Der Tod, das muß ein Wiener sein
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-23 10:30 . 2013-05-23 22:15	15212336	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2013-10-23 10:30 . 2012-09-14 05:16	2695200	----a-w-	c:\windows\SysWow64\nvapi.dll
2013-10-23 10:30 . 2012-03-04 18:56	18286416	----a-w-	c:\windows\system32\nvwgf2umx.dll
2013-10-23 10:30 . 2012-03-04 18:56	3067560	----a-w-	c:\windows\system32\nvapi64.dll
2013-10-23 08:20 . 2012-04-14 10:13	6669600	----a-w-	c:\windows\system32\nvcpl.dll
2013-10-23 08:20 . 2012-04-14 10:13	3489568	----a-w-	c:\windows\system32\nvsvc64.dll
2013-10-23 08:20 . 2012-04-14 10:13	922912	----a-w-	c:\windows\system32\nvvsvc.exe
2013-10-23 08:20 . 2012-04-14 10:13	63776	----a-w-	c:\windows\system32\nvshext.dll
2013-10-23 08:20 . 2012-04-14 10:13	2559776	----a-w-	c:\windows\system32\nvsvcr.dll
2013-10-23 08:20 . 2012-04-14 10:13	219424	----a-w-	c:\windows\system32\nvmctray.dll
2013-10-18 07:09 . 2012-06-12 16:00	965000	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-10-10 06:47 . 2012-03-04 17:35	80541720	----a-w-	c:\windows\system32\MRT.exe
2013-10-09 20:45 . 2012-04-10 18:00	692616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-10-09 20:45 . 2012-03-04 18:42	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-09 20:45 . 2013-10-09 20:45	17813896	----a-w-	c:\windows\SysWow64\FlashPlayerInstaller.exe
2013-09-27 23:01 . 2013-07-31 07:31	29984	----a-w-	c:\windows\system32\nvaudcap64v.dll
2013-09-22 23:28 . 2013-10-10 06:59	1767936	----a-w-	c:\windows\SysWow64\wininet.dll
2013-09-22 23:27 . 2013-10-10 06:59	2876928	----a-w-	c:\windows\SysWow64\jscript9.dll
2013-09-22 23:27 . 2013-10-10 06:59	61440	----a-w-	c:\windows\SysWow64\iesetup.dll
2013-09-22 23:27 . 2013-10-10 06:59	109056	----a-w-	c:\windows\SysWow64\iesysprep.dll
2013-09-22 22:55 . 2013-10-10 06:59	51712	----a-w-	c:\windows\system32\ie4uinit.exe
2013-09-22 22:55 . 2013-10-10 06:59	2241024	----a-w-	c:\windows\system32\wininet.dll
2013-09-22 22:55 . 2013-10-10 06:59	1365504	----a-w-	c:\windows\system32\urlmon.dll
2013-09-22 22:54 . 2013-10-10 06:59	603136	----a-w-	c:\windows\system32\msfeeds.dll
2013-09-22 22:54 . 2013-10-10 06:59	19252224	----a-w-	c:\windows\system32\mshtml.dll
2013-09-22 22:54 . 2013-10-10 06:59	855552	----a-w-	c:\windows\system32\jscript.dll
2013-09-22 22:54 . 2013-10-10 06:59	3959296	----a-w-	c:\windows\system32\jscript9.dll
2013-09-22 22:54 . 2013-10-10 06:59	53248	----a-w-	c:\windows\system32\jsproxy.dll
2013-09-22 22:54 . 2013-10-10 06:59	526336	----a-w-	c:\windows\system32\ieui.dll
2013-09-22 22:54 . 2013-10-10 06:59	67072	----a-w-	c:\windows\system32\iesetup.dll
2013-09-22 22:54 . 2013-10-10 06:59	39936	----a-w-	c:\windows\system32\iernonce.dll
2013-09-22 22:54 . 2013-10-10 06:59	136704	----a-w-	c:\windows\system32\iesysprep.dll
2013-09-22 22:54 . 2013-10-10 06:59	2647552	----a-w-	c:\windows\system32\iertutil.dll
2013-09-22 22:54 . 2013-10-10 06:59	15404544	----a-w-	c:\windows\system32\ieframe.dll
2013-09-21 03:38 . 2013-10-10 06:59	2706432	----a-w-	c:\windows\system32\mshtml.tlb
2013-09-21 03:30 . 2013-10-10 06:59	2706432	----a-w-	c:\windows\SysWow64\mshtml.tlb
2013-09-21 02:48 . 2013-10-10 06:59	89600	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2013-09-21 02:39 . 2013-10-10 06:59	71680	----a-w-	c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-09-14 01:10 . 2013-10-10 06:39	497152	----a-w-	c:\windows\system32\drivers\afd.sys
2013-09-12 08:58 . 2013-09-25 18:41	1884448	----a-w-	c:\windows\system32\nvdispco6432723.dll
2013-09-12 08:58 . 2013-09-25 18:41	1511712	----a-w-	c:\windows\system32\nvdispgenco6432723.dll
2013-09-08 02:30 . 2013-10-10 06:39	1903552	----a-w-	c:\windows\system32\drivers\tcpip.sys
2013-09-08 02:27 . 2013-10-10 06:39	327168	----a-w-	c:\windows\system32\mswsock.dll
2013-09-08 02:03 . 2013-10-10 06:39	231424	----a-w-	c:\windows\SysWow64\mswsock.dll
2013-09-04 12:12 . 2013-10-10 18:31	343040	----a-w-	c:\windows\system32\drivers\usbhub.sys
2013-09-04 12:11 . 2013-10-10 18:31	325120	----a-w-	c:\windows\system32\drivers\usbport.sys
2013-09-04 12:11 . 2013-10-10 18:31	99840	----a-w-	c:\windows\system32\drivers\usbccgp.sys
2013-09-04 12:11 . 2013-10-10 18:31	52736	----a-w-	c:\windows\system32\drivers\usbehci.sys
2013-09-04 12:11 . 2013-10-10 18:31	30720	----a-w-	c:\windows\system32\drivers\usbuhci.sys
2013-09-04 12:11 . 2013-10-10 18:31	25600	----a-w-	c:\windows\system32\drivers\usbohci.sys
2013-09-04 12:11 . 2013-10-10 18:31	7808	----a-w-	c:\windows\system32\drivers\usbd.sys
2013-08-29 02:17 . 2013-10-10 06:39	5549504	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-08-29 02:16 . 2013-10-10 06:39	1732032	----a-w-	c:\windows\system32\ntdll.dll
2013-08-29 02:16 . 2013-10-10 06:39	243712	----a-w-	c:\windows\system32\wow64.dll
2013-08-29 02:16 . 2013-10-10 06:39	859648	----a-w-	c:\windows\system32\tdh.dll
2013-08-29 02:13 . 2013-10-10 06:39	878080	----a-w-	c:\windows\system32\advapi32.dll
2013-08-29 01:51 . 2013-10-10 06:39	3969472	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2013-08-29 01:51 . 2013-10-10 06:39	3914176	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2013-08-29 01:50 . 2013-10-10 06:39	5120	----a-w-	c:\windows\SysWow64\wow32.dll
2013-08-29 01:50 . 2013-10-10 06:39	1292192	----a-w-	c:\windows\SysWow64\ntdll.dll
2013-08-29 01:50 . 2013-10-10 06:39	619520	----a-w-	c:\windows\SysWow64\tdh.dll
2013-08-29 01:48 . 2013-10-10 06:39	640512	----a-w-	c:\windows\SysWow64\advapi32.dll
2013-08-29 01:48 . 2013-10-10 06:39	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2013-08-29 01:29 . 2013-10-10 06:39	33280	----a-w-	c:\windows\system32\drivers\usbser.sys
2013-08-29 00:49 . 2013-10-10 06:39	25600	----a-w-	c:\windows\SysWow64\setup16.exe
2013-08-29 00:49 . 2013-10-10 06:39	14336	----a-w-	c:\windows\SysWow64\ntvdm64.dll
2013-08-29 00:49 . 2013-10-10 06:39	7680	----a-w-	c:\windows\SysWow64\instnm.exe
2013-08-29 00:49 . 2013-10-10 06:39	2048	----a-w-	c:\windows\SysWow64\user.exe
2013-08-28 01:21 . 2013-10-10 06:39	3155968	----a-w-	c:\windows\system32\win32k.sys
2013-08-28 01:12 . 2013-10-10 06:36	461312	----a-w-	c:\windows\system32\scavengeui.dll
2009-09-27 07:39	369152	--sh--w-	c:\windows\SysWOW64\avisynth.dll
2005-07-14 10:31	32256	--sh--w-	c:\windows\SysWOW64\AVSredirect.dll
2004-02-22 08:11	719872	--sh--w-	c:\windows\SysWOW64\devil.dll
2006-05-03 09:06	163328	--sha-r-	c:\windows\SysWOW64\flvDX.dll
2004-01-24 22:00	70656	--sh--w-	c:\windows\SysWOW64\i420vfw.dll
2007-02-21 10:47	31232	--sha-r-	c:\windows\SysWOW64\msfDX.dll
2008-03-16 12:30	216064	--sha-r-	c:\windows\SysWOW64\nbDX.dll
2011-02-11 09:26	112128	--sha-r-	c:\windows\SysWOW64\OptimFROG.dll
2010-01-06 22:00	107520	--sha-r-	c:\windows\SysWOW64\TAKDSDecoder.dll
2012-10-05 17:54	188416	--sha-r-	c:\windows\SysWOW64\winDCE32.dll
2004-01-24 22:00	70656	--sh--w-	c:\windows\SysWOW64\yv12vfw.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2013-08-02 13:13	277512	----a-w-	c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Akamai NetSession Interface"="c:\users\Martin\AppData\Local\Akamai\netsession_win.exe" [2013-06-04 4489472]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-02-28 18642024]
"PC Suite Tray"="c:\program files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" [2012-06-26 1516632]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2013-07-26 1564016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280]
"AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2012-03-06 611712]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2013-05-08 44128]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2013-05-08 642664]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"KORG USB-MIDI Driver"="c:\program files (x86)\KORG\KORG USB-MIDI Driver\EsHelper2.exe" [2011-03-29 393616]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2013-04-25 1075296]
"WD Drive Manager"="c:\program files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe" [2012-05-01 480768]
"PTBSync"="c:\program files (x86)\PTBSync\PTBSync.exe" [2013-03-05 1582592]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"Adobe Creative Cloud"="c:\program files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" [2013-09-03 2237328]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2013-07-26 311152]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
c:\users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Hotkey.lnk - c:\program files (x86)\Hotkey\Hotkey.exe [2009-11-25 2412544]
i1Profiler Tray.lnk - c:\program files (x86)\X-Rite\i1Profiler\i1ProfilerTray.exe [2012-5-10 3295744]
LightShow.lnk - c:\program files (x86)\Hotkey\LightShow.exe [2009-11-25 1747456]
P2 Driver Installation Application.lnk - c:\program files\Panasonic P2\Drivers\App\p2inst_tasktray64.exe [2013-3-21 43848]
XRGamma.lnk - c:\program files (x86)\X-Rite\i1Profiler\XRGamma.exe [2012-5-10 802816]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 Avid Editor Broker;Avid Editor Broker;c:\program files\Avid\Editor Transcode\TranscodeService\AvidEditorMSE.exe;c:\program files\Avid\Editor Transcode\TranscodeService\AvidEditorMSE.exe [x]
R2 Avid Editor Db Engine;Avid Editor Db Engine;c:\program files\Avid\Editor Transcode\TranscodeService\AvidEditorDbEngine.exe;c:\program files\Avid\Editor Transcode\TranscodeService\AvidEditorDbEngine.exe [x]
R2 Avid Editor Transcode Status;Avid Editor Transcode Status;c:\program files\Avid\Editor Transcode\TranscodeService\rnc-central\AvidEditorTranscodeStatus.exe;c:\program files\Avid\Editor Transcode\TranscodeService\rnc-central\AvidEditorTranscodeStatus.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 dealplylive;DealPly Live-Dienst (dealplylive);c:\program files (x86)\DealPlyLive\Update\DealPlyLive.exe;c:\program files (x86)\DealPlyLive\Update\DealPlyLive.exe [x]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe;c:\program files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [x]
R3 Avid DMF Service;Avid DMF Service;c:\program files\Avid\Editor Transcode\Dynamic Media Files\DMFService.exe;c:\program files\Avid\Editor Transcode\Dynamic Media Files\DMFService.exe [x]
R3 Avid Editor Transcode Service;Avid Editor Transcode;c:\program files\Avid\Editor Transcode\TranscodeService\AvidEditorTranscode.exe;c:\program files\Avid\Editor Transcode\TranscodeService\AvidEditorTranscode.exe [x]
R3 BthAudioHF;BthAudioHF-Dienst;c:\windows\system32\DRIVERS\BthAudioHF.sys;c:\windows\SYSNATIVE\DRIVERS\BthAudioHF.sys [x]
R3 BthAvrcp;Bluetooth-AVRCP-Profil;c:\windows\system32\DRIVERS\BthAvrcp.sys;c:\windows\SYSNATIVE\DRIVERS\BthAvrcp.sys [x]
R3 csr_a2dp;Bluetooth-AV-Profil;c:\windows\system32\drivers\bthav.sys;c:\windows\SYSNATIVE\drivers\bthav.sys [x]
R3 dealplylivem;DealPly Live-Dienst (dealplylivem);c:\program files (x86)\DealPlyLive\Update\DealPlyLive.exe;c:\program files (x86)\DealPlyLive\Update\DealPlyLive.exe [x]
R3 Hfsplus;Hfsplus;c:\windows\system32\DRIVERS\hfsplus.sys;c:\windows\SYSNATIVE\DRIVERS\hfsplus.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsux64.sys [x]
R3 p2cache;p2cache;c:\windows\system32\DRIVERS\p2cache.sys;c:\windows\SYSNATIVE\DRIVERS\p2cache.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Lite 2013.SP4\RpcAgentSrv.exe;c:\program files\SiSoftware\SiSoftware Sandra Lite 2013.SP4\RpcAgentSrv.exe [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
S0 apmwin;apmwin;c:\windows\system32\DRIVERS\apmwin.sys;c:\windows\SYSNATIVE\DRIVERS\apmwin.sys [x]
S0 gpt_loader;gpt_loader;c:\windows\system32\DRIVERS\gpt_loader.sys;c:\windows\SYSNATIVE\DRIVERS\gpt_loader.sys [x]
S0 johci;JMicron 1394 Filter Driver;c:\windows\system32\DRIVERS\johci.sys;c:\windows\SYSNATIVE\DRIVERS\johci.sys [x]
S0 mounthlp;Mounter helper driver for HFS volumes;c:\windows\system32\DRIVERS\mounthlp.sys;c:\windows\SYSNATIVE\DRIVERS\mounthlp.sys [x]
S0 p2cata;p2cata;c:\windows\system32\DRIVERS\p2cata.sys;c:\windows\SYSNATIVE\DRIVERS\p2cata.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 MpKsl6acc2800;MpKsl6acc2800;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F6BA1F67-44F7-435D-B452-984EAC90EEC2}\MpKsl6acc2800.sys;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F6BA1F67-44F7-435D-B452-984EAC90EEC2}\MpKsl6acc2800.sys [x]
S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys;c:\windows\SYSNATIVE\drivers\aksdf.sys [x]
S2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE;c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [x]
S2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE;c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [x]
S2 hasplms;Sentinel HASP License Manager;c:\windows\system32\hasplms.exe  -run;c:\windows\SYSNATIVE\hasplms.exe  -run [x]
S2 HFGService;Handsfree Headset Service;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 HfsplusRec;HfsplusRec;c:\windows\system32\DRIVERS\hfsplusrec.sys;c:\windows\SYSNATIVE\DRIVERS\hfsplusrec.sys [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 p2csvc;p2csvc;c:\windows\system32\p2csvc.exe;c:\windows\SYSNATIVE\p2csvc.exe [x]
S2 p2csvc32;p2csvc32;c:\windows\SysWOW64\p2csvc32.exe;c:\windows\SysWOW64\p2csvc32.exe [x]
S2 PaceLicenseDServices;PACE License Services;c:\program files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe;c:\program files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [x]
S2 PowerBiosServer;PowerBiosServer;c:\program files (x86)\Hotkey\PowerBiosServer.exe;c:\program files (x86)\Hotkey\PowerBiosServer.exe [x]
S2 Sentinel64;Sentinel64;c:\windows\System32\Drivers\Sentinel64.sys;c:\windows\SYSNATIVE\Drivers\Sentinel64.sys [x]
S2 SentinelKeysServer;Sentinel Keys Server;c:\program files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe;c:\program files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [x]
S2 SentinelSecurityRuntime;Sentinel Security Runtime;c:\program files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe;c:\program files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 WDBtnMgrSvc.exe;WD Drive Manager Service;c:\program files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe;c:\program files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [x]
S2 WinI2C-DDC;WinI2C-DDC Kernel Mode Driver;c:\windows\system32\drivers\DDCDrv.sys;c:\windows\SYSNATIVE\drivers\DDCDrv.sys [x]
S2 WinRing0_1_2_0;WinRing0 driver;c:\windows\system32\Drivers\ptbring0.sys;c:\windows\SYSNATIVE\Drivers\ptbring0.sys [x]
S2 xrdd.exe;X-Rite Device Services Manager;c:\program files (x86)\X-Rite\Devices\Services\xrdd.exe;c:\program files (x86)\X-Rite\Devices\Services\xrdd.exe [x]
S3 dc3d;Microsoft-Hardware – Geräteerkennungstreiber;c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - MPKSL6ACC2800
.
Inhalt des "geplante Tasks" Ordners
.
2013-11-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-10 20:45]
.
2013-11-10 c:\windows\Tasks\AmiUpdXp.job
- c:\users\Martin\AppData\Local\SwvUpdater\Updater.exe [2013-08-20 08:35]
.
2013-11-09 c:\windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job
- c:\program files (x86)\DealPlyLive\Update\DealPlyLive.exe [2013-08-20 08:36]
.
2013-11-10 c:\windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job
- c:\program files (x86)\DealPlyLive\Update\DealPlyLive.exe [2013-08-20 08:36]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2013-08-02 13:13	336904	----a-w-	c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2013-08-30 08:01	3358064	----a-w-	c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2013-08-30 08:01	3358064	----a-w-	c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2013-08-30 08:01	3358064	----a-w-	c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NVRaidService"="c:\windows\system32\nvraidservice.exe" [2009-06-30 291872]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-08-12 1356240]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2013-06-13 472984]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-09-22 8116256]
"BisonHK"="c:\windows\BisonCam\BisonHK.exe" [2008-03-25 77824]
"DeLay"="c:\windows\BisonCam\DeLay.exe" [2008-03-11 53248]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-10-18 1028384]
"apmwinapp"="c:\program files (x86)\Paragon Software\HFS+ for Windows   (read-only)\apmwinsrv.exe" [2010-05-11 65552]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2013-10-18 1063200]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.dosearches.com/?utm_source=b&utm_medium=mp3&utm_campaign=eXQ&utm_content=hp&from=mp3&uid=3219913727_67194_1065BFFA&ts=1383054004
mDefault_Page_URL = hxxp://www.dosearches.com/?utm_source=b&utm_medium=mp3&utm_campaign=eXQ&utm_content=hp&from=mp3&uid=3219913727_67194_1065BFFA&ts=1383054004
mStart Page = hxxp://www.dosearches.com/?utm_source=b&utm_medium=mp3&utm_campaign=eXQ&utm_content=hp&from=mp3&uid=3219913727_67194_1065BFFA&ts=1383054004
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>;*.local
IE: An vorhandene PDF-Datei anfügen - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Free YouTube Download - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
IE: In Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Linkziel an vorhandene PDF-Datei anhängen - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Linkziel in Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Nach Microsoft &Excel exportieren - c:\progra~2\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
TCP: Interfaces\{9C0AED26-CE60-4B65-BEFF-45D3685EB637}: NameServer = 195.3.96.67,213.33.98.136
.
.
------- Dateityp-Verknüpfung -------
.
.txt=
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{9cf699ca-2174-4ed8-bec1-ba82095edce0} - c:\program files (x86)\DealPly\DealPlyIE.dll
Wow6432Node-HKCU-Run-updateMgr - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKCU-Run-KiesAirMessage - c:\program files (x86)\Samsung\Kies\KiesAirMessage.exe
Wow6432Node-HKCU-Run-Microsoft Svchost - c:\users\Martin\AppData\Roaming\yxIUHFgWYdks.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKLM-Run-Blackmagic CheckVersion - c:\program files (x86)\Blackmagic Design\Blackmagic Desktop Video\CheckVersion.exe
Wow6432Node-HKLM-Run-WinampAgent - c:\program files (x86)\Winamp\winampa.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Avid Background Services Manager.lnk - c:\windows\Installer\{0427308A-76E7-4D9C-BAA2-0156215CB191}\EditorSvcMgr.CC044E7F_6970_4832_89FC_E9116CEDE7D4.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\P2 Card Manager.lnk - c:\program files\Panasonic P2\Drivers\App\P2TaskTray.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-LchGKey - c:\program files (x86)\Chicony\GameKeys\LchGKey.exe
AddRemove-DealPly - c:\program files (x86)\DealPly\uninst.exe
AddRemove-{26604C7E-A313-4D12-867F-7C6E7820BE4C} - c:\program files (x86)\InstallShield Installation Information\{26604C7E-A313-4D12-867F-7C6E7820BE4C}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PaceLicenseDServices]
"ImagePath"="\"c:\program files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe\" -u https://activation.paceap.com/InitiateActivation"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-11-10  10:22:45
ComboFix-quarantined-files.txt  2013-11-10 09:22
.
Vor Suchlauf: 8.802.398.208 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 17.660.334.080 Bytes frei
.
- - End Of File - - 349CA8B22DF2B62BA93594679C65592B
         
--- --- --- A36C5E4F47E84449FF07ED3517B43A31

Alt 11.11.2013, 09:11   #7
schrauber
/// the machine
/// TB-Ausbilder
 

Win7/64bit: Rotbrow A-E nach Amazon-Mahnung, Windowsmeldung "Falsche Windows 7-Kopie" - Standard

Win7/64bit: Rotbrow A-E nach Amazon-Mahnung, Windowsmeldung "Falsche Windows 7-Kopie"



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 11.11.2013, 11:26   #8
mpolasek
 
Win7/64bit: Rotbrow A-E nach Amazon-Mahnung, Windowsmeldung "Falsche Windows 7-Kopie" - Standard

Win7/64bit: Rotbrow A-E nach Amazon-Mahnung, Windowsmeldung "Falsche Windows 7-Kopie"



Hallo schrauber,

hier die Ergebnisse:

1.MBAM:
Code:
ATTFilter
 Malwarebytes Anti-Malware  (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.11.11.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16721
Martin :: NEXOC-E712 [Administrator]

Schutz: Aktiviert

11.11.2013 11:18:40
mbam-log-2013-11-11 (11-18-40).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 259073
Laufzeit: 6 Minute(n), 49 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 69
HKCR\AppID\{80FABB17-63AF-4655-9F07-B6509EE37AF2} (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{80FABB17-63AF-4655-9F07-B6509EE37AF2} (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\DealPlyLiveUpdate.OnDemandCOMClassSvc.1.0 (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\DealPlyLiveUpdate.OnDemandCOMClassSvc (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\AppID\{F48FC5B2-094A-44C7-B48C-289738C9582D} (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{F48FC5B2-094A-44C7-B48C-289738C9582D} (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\DealPlyLiveUpdate.Update3COMClassService.1.0 (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\DealPlyLiveUpdate.Update3COMClassService (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{1E0C9B2A-6447-452C-B012-2314A0C29412} (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\DealPlyLiveUpdate.OnDemandCOMClassMachineFallback.1.0 (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\DealPlyLiveUpdate.OnDemandCOMClassMachineFallback (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{34A8CEB6-89BB-49F1-B5E4-0D0D6C21F3B1} (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\DealPlyLiveUpdate.CredentialDialogMachine.1.0 (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\DealPlyLiveUpdate.CredentialDialogMachine (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{3A4DBD3A-98CC-41CE-AD21-352D42B6F754} (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\DealPlyLiveUpdate.CoCreateAsync.1.0 (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\DealPlyLiveUpdate.CoCreateAsync (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{4F8A50F6-69DE-4BE3-A33A-A1079B9AC0DB} (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\DealPlyLiveUpdate.Update3WebMachineFallback.1.0 (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\DealPlyLiveUpdate.Update3WebMachineFallback (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{501CB57A-D4E2-4855-96AD-EDB0A9083395} (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\DealPlyLiveUpdate.CoreMachineClass.1 (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\DealPlyLiveUpdate.CoreMachineClass (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9} (PUP.Software.Updater) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476} (PUP.Software.Updater) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} (PUP.Software.Updater) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} (PUP.Software.Updater) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\Updater.AmiUpd.1 (PUP.Software.Updater) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\Updater.AmiUpd (PUP.Software.Updater) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{6FF2C4DD-77A4-4BB5-BA4C-B42DEFBF9137} (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\DealPlyLiveUpdate.ProcessLauncher.1.0 (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\DealPlyLiveUpdate.ProcessLauncher (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{83ABA270-8390-4CA6-AE48-FC089F55629E} (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\DealPlyLiveUpdate.OnDemandCOMClassMachine.1.0 (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\DealPlyLiveUpdate.OnDemandCOMClassMachine (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{8B218A5F-1A3D-4347-94EF-A79575EB8094} (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1} (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\DealPlyLive.Update3WebControl.3 (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1} (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1} (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{9BDB5E09-4BBA-4422-8C2B-529B281C32B8} (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{C536F080-57B7-46D6-8894-C647553F2889} (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\DealPlyLive.OneClickProcessLauncherMachine.1.0 (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\DealPlyLive.OneClickProcessLauncherMachine (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C536F080-57B7-46D6-8894-C647553F2889} (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{CA5D945F-E738-4D0B-A0B5-25AC51C64659} (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\DealPlyLiveUpdate.CoreClass.1 (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\DealPlyLiveUpdate.CoreClass (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{F7698761-4ABA-45C2-A5BB-D2163922C725} (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\DealPlyLiveUpdate.Update3WebSvc.1.0 (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\DealPlyLiveUpdate.Update3WebSvc (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{FFCC53E6-2655-47FC-A89B-54E8D7F305D1} (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\DealPlyLiveUpdate.Update3WebMachine.1.0 (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\DealPlyLiveUpdate.Update3WebMachine (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\DealPlyLive.OneClickCtrl.9 (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\AppID\DealPlyLive.exe (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\DealPlyLive (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\DEALPLY (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} (PUP.Optional.Qone8) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\DealPlyLive (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\dosearchesSoftware (PUP.Optional.DoSearches.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\DEALPLY (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} (PUP.Optional.Qone8) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=3 (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=9 (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SYSTEM\CurrentControlSet\Services\dealplylive (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SYSTEM\CurrentControlSet\Services\dealplylivem (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 3
HKCU\SOFTWARE\DealPly|Partner (PUP.Optional.DealPly.A) -> Daten: dpmnt -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\DealPly|ChromeCrxPath (PUP.Optional.DealPly.A) -> Daten: C:\Program Files (x86)\DealPly\DealPly.crx -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Mozilla\Firefox\extensions|{336D0C35-8A85-403a-B9D2-65C292C39087} (PUP.Optional.Incredibar) -> Daten: C:\Program Files\Web Assistant\Firefox -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 4
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.DoSearches) -> Bösartig: (hxxp://www.dosearches.com/?utm_source=b&utm_medium=mp3&utm_campaign=eXQ&utm_content=hp&from=mp3&uid=3219913727_67194_1065BFFA&ts=1383054004) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Page_URL (PUP.Optional.DoSearches) -> Bösartig: (hxxp://www.dosearches.com/?utm_source=b&utm_medium=mp3&utm_campaign=eXQ&utm_content=hp&from=mp3&uid=3219913727_67194_1065BFFA&ts=1383054004) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.DoSearches) -> Bösartig: (hxxp://www.dosearches.com/?utm_source=b&utm_medium=mp3&utm_campaign=eXQ&utm_content=hp&from=mp3&uid=3219913727_67194_1065BFFA&ts=1383054004) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|DefaultScope (PUP.Optional.Qone8) -> Bösartig: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}) Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}) -> Erfolgreich ersetzt und in Quarantäne gestellt.

Infizierte Verzeichnisse: 11
C:\Users\Martin\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly (PUP.OPtional.Dealply.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\DealPlyLive (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\DealPlyLive\Update (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\DealPlyLive\Update\Log (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Martin\AppData\Roaming\Dealply (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Martin\AppData\Roaming\Dealply\UpdateProc (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Martin\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Martin\AppData\Roaming\OpenCandy\0CA645CF3B78483194DA27378FF59EAE (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Martin\AppData\Local\DealPlyLive (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Martin\AppData\Local\DealPlyLive\CrashReports (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 15
C:\Users\Martin\AppData\Local\SwvUpdater\Updater.exe (PUP.Software.Updater) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Martin\AppData\Roaming\OpenCandy\0CA645CF3B78483194DA27378FF59EAE\DeltaTB.exe (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Martin\Downloads\FreeYouTubeDownload.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Martin\Downloads\winamp563_full_emusic-7plus_de-de.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\Tasks\AmiUpdXp.job (PUP.Software.Updater) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Martin\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly\Uninstall DealPly.lnk (PUP.OPtional.Dealply.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly\DealPly Help.url (PUP.OPtional.Dealply.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly\DealPly.url (PUP.OPtional.Dealply.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\DealPlyLive\Update\Log\DealPlyLive.log (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Martin\AppData\Roaming\Dealply\UpdateProc\config.dat (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Martin\AppData\Roaming\Dealply\UpdateProc\STTL.DAT (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Martin\AppData\Roaming\Dealply\UpdateProc\TTL.DAT (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
         
2. ADWCLEANER:
AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v3.012 - Bericht erstellt am 11/11/2013 um 11:50:51
# Updated 11/11/2013 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Martin - NEXOC-E712
# Gestartet von : C:\Users\Martin\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\eSafe
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Ordner Gelöscht : C:\Program Files (x86)\myfree codec
Ordner Gelöscht : C:\Users\Martin\AppData\Local\SwvUpdater
Ordner Gelöscht : C:\Users\Martin\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnmnhkgiphcaeefbaooconkceehicfi
Datei Gelöscht : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\e1vx4hku.default\invalidprefs.js
Datei Gelöscht : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\e1vx4hku.default\searchplugins\Babylon.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\dosearches.xml
Datei Gelöscht : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\e1vx4hku.default\user.js
Datei Gelöscht : C:\Windows\System32\Tasks\DealPlyUpdate
Datei Gelöscht : C:\Windows\System32\Tasks\Escolade

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\Martin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\Martin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Martin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Opera12.15 1748.lnk

***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403A-B9D2-65C292C39087}]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\SMBarBroker.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SMBarBroker.SMBarDealer
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SMBarBroker.SMBarDealer.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Schlüssel Gelöscht : HKCU\Software\5a6d8dce66aba10
Schlüssel Gelöscht : HKLM\SOFTWARE\5a6d8dce66aba10
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{3A188115-B81B-48F2-A958-F974C8F3F309}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0D89DE71-3D99-4288-84DC-F18F1047A7D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{20E1481B-E285-4ABC-ADC7-AE24842B81CD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{43769158-3B03-4932-8D8A-8F0F344BF024}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9CF699CA-2174-4ED8-BEC1-BA82095EDCE0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FC36B0BD-27F0-4CDD-8AB1-50651EFC3EFD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0194532A-A99C-4337-937E-2A452C8957BE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{78CE34FD-F6D4-4866-B79C-A37268D06A04}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{80904944-C726-4C7D-A452-3FFF2A882095}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2D9B1B31-D034-4738-8F6E-40F0AFCC742C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CF699CA-2174-4ED8-BEC1-BA82095EDCE0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CF699CA-2174-4ED8-BEC1-BA82095EDCE0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F0B76E1-4E46-427B-B55B-B90593468AC6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0194532A-A99C-4337-937E-2A452C8957BE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{78CE34FD-F6D4-4866-B79C-A37268D06A04}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{80904944-C726-4C7D-A452-3FFF2A882095}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\SAFARI.EXE\shell\open\command
Schlüssel Gelöscht : HKCU\Software\Delta
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\ImInstaller
Schlüssel Gelöscht : HKCU\Software\InstalledThirdPartyPrograms
Schlüssel Gelöscht : HKCU\Software\Myfree Codec
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\Delta
Schlüssel Gelöscht : HKLM\Software\Myfree Codec
Schlüssel Gelöscht : HKLM\Software\Web Assistant
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\InstalledThirdPartyPrograms
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Web Assistant

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16720

Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v

[ Datei : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\bfbe7mgi.default-1383684326173\prefs.js ]


[ Datei : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\e1vx4hku.default\prefs.js ]

Zeile gelöscht : user_pref("browser.newtab.url", "hxxp://www.dosearches.com/newtab/?utm_source=b&utm_medium=mp3&utm_campaign=eXQ&utm_content=nt&from=mp3&uid=3219913727_67194_1065BFFA&ts=1383054004");
Zeile gelöscht : user_pref("browser.search.defaultenginename", "dosearches");
Zeile gelöscht : user_pref("browser.search.selectedEngine", "dosearches");
Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://www.dosearches.com/?utm_source=b&utm_medium=mp3&utm_campaign=eXQ&utm_content=hp&from=mp3&uid=3219913727_67194_1065BFFA&ts=1383054004");
Zeile gelöscht : user_pref("extensions.delta.admin", false);
Zeile gelöscht : user_pref("extensions.delta.aflt", "babsst");
Zeile gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Zeile gelöscht : user_pref("extensions.delta.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.dfltLng", "de");
Zeile gelöscht : user_pref("extensions.delta.excTlbr", false);
Zeile gelöscht : user_pref("extensions.delta.ffxUnstlRst", true);
Zeile gelöscht : user_pref("extensions.delta.id", "1065bffa0000000000000090f58e67f3");
Zeile gelöscht : user_pref("extensions.delta.instlDay", "15927");
Zeile gelöscht : user_pref("extensions.delta.instlRef", "sst");
Zeile gelöscht : user_pref("extensions.delta.newTab", false);
Zeile gelöscht : user_pref("extensions.delta.prdct", "delta");
Zeile gelöscht : user_pref("extensions.delta.prtnrId", "delta");
Zeile gelöscht : user_pref("extensions.delta.rvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.delta.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
Zeile gelöscht : user_pref("extensions.delta.vrsn", "1.8.22.0");
Zeile gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.22.017:12:39");
Zeile gelöscht : user_pref("extensions.delta.vrsni", "1.8.22.0");
Zeile gelöscht : user_pref("extensions.delta_i.babExt", "");
Zeile gelöscht : user_pref("extensions.delta_i.babTrack", "affID=121564&tsp=4970");
Zeile gelöscht : user_pref("extensions.delta_i.srcExt", "ss");
Zeile gelöscht : user_pref("extensions.incredibar.actvtyRptTime", "1339274496493");
Zeile gelöscht : user_pref("extensions.incredibar.admin", false);
Zeile gelöscht : user_pref("extensions.incredibar.aflt", "orgnl");
Zeile gelöscht : user_pref("extensions.incredibar.afterInstallRpt", "sent");
Zeile gelöscht : user_pref("extensions.incredibar.cntry", "AT");
Zeile gelöscht : user_pref("extensions.incredibar.dfltlng", "en");
Zeile gelöscht : user_pref("extensions.incredibar.dfltsrch", "false");
Zeile gelöscht : user_pref("extensions.incredibar.did", "10643");
Zeile gelöscht : user_pref("extensions.incredibar.envrmnt", "production");
Zeile gelöscht : user_pref("extensions.incredibar.excTlbr", false);
Zeile gelöscht : user_pref("extensions.incredibar.hdrMd5", "1EF9E917EE014CA5598A44AF5C992ED0");
Zeile gelöscht : user_pref("extensions.incredibar.hmpg", false);
Zeile gelöscht : user_pref("extensions.incredibar.hrdid", "0");
Zeile gelöscht : user_pref("extensions.incredibar.id", "1065bffa0000000000000090f58e67f3");
Zeile gelöscht : user_pref("extensions.incredibar.installerproductid", "26");
Zeile gelöscht : user_pref("extensions.incredibar.instlday", "15500");
Zeile gelöscht : user_pref("extensions.incredibar.instlref", "");
Zeile gelöscht : user_pref("extensions.incredibar.isdcmntcmplt", "false");
Zeile gelöscht : user_pref("extensions.incredibar.keywordurl", "");
Zeile gelöscht : user_pref("extensions.incredibar.lastVrsnTs", "1.5.11.1420:39:11");
Zeile gelöscht : user_pref("extensions.incredibar.mntrvrsn", "1.2.0");
Zeile gelöscht : user_pref("extensions.incredibar.newtab", "false");
Zeile gelöscht : user_pref("extensions.incredibar.newtaburl", "");
Zeile gelöscht : user_pref("extensions.incredibar.noFFXTlbr", false);
Zeile gelöscht : user_pref("extensions.incredibar.ppd", "1");
Zeile gelöscht : user_pref("extensions.incredibar.prdct", "incredibar");
Zeile gelöscht : user_pref("extensions.incredibar.productid", "26");
Zeile gelöscht : user_pref("extensions.incredibar.propectorlck", 77834668);
Zeile gelöscht : user_pref("extensions.incredibar.prtkHmpg", 1);
Zeile gelöscht : user_pref("extensions.incredibar.prtnrid", "Incredibar");
Zeile gelöscht : user_pref("extensions.incredibar.sg", "none");
Zeile gelöscht : user_pref("extensions.incredibar.smplgrp", "none");
Zeile gelöscht : user_pref("extensions.incredibar.srch", "");
Zeile gelöscht : user_pref("extensions.incredibar.srchprvdr", "");
Zeile gelöscht : user_pref("extensions.incredibar.tlbrid", "base");
Zeile gelöscht : user_pref("extensions.incredibar.tlbrsrchurl", "hxxp://mystart.Incredibar.com/?a=6R8vv3OXn7&loc=IB_TB&i=26&search=");
Zeile gelöscht : user_pref("extensions.incredibar.upn2", "6R8vv3OXn7");
Zeile gelöscht : user_pref("extensions.incredibar.upn2n", "92824507054324997");
Zeile gelöscht : user_pref("extensions.incredibar.vrsn", "1.5.11.14");
Zeile gelöscht : user_pref("extensions.incredibar.vrsni", "1.5.11.14");
Zeile gelöscht : user_pref("extensions.incredibar.vrsnts", "1.5.11.1420:39:11");
Zeile gelöscht : user_pref("extensions.incredibar_i.aflt", "orgnl");
Zeile gelöscht : user_pref("extensions.incredibar_i.dfltLng", "");
Zeile gelöscht : user_pref("extensions.incredibar_i.did", "10643");
Zeile gelöscht : user_pref("extensions.incredibar_i.excTlbr", false);
Zeile gelöscht : user_pref("extensions.incredibar_i.id", "1065bffa0000000000000090f58e67f3");
Zeile gelöscht : user_pref("extensions.incredibar_i.installerproductid", "26");
Zeile gelöscht : user_pref("extensions.incredibar_i.instlDay", "15500");
Zeile gelöscht : user_pref("extensions.incredibar_i.instlRef", "");
Zeile gelöscht : user_pref("extensions.incredibar_i.ms_url_id", "");
Zeile gelöscht : user_pref("extensions.incredibar_i.newTab", false);
Zeile gelöscht : user_pref("extensions.incredibar_i.ppd", "1");
Zeile gelöscht : user_pref("extensions.incredibar_i.prdct", "incredibar");
Zeile gelöscht : user_pref("extensions.incredibar_i.productid", "26");
Zeile gelöscht : user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
Zeile gelöscht : user_pref("extensions.incredibar_i.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.incredibar_i.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6R8vv3OXn7&loc=IB_TB&i=26&search=");
Zeile gelöscht : user_pref("extensions.incredibar_i.upn2", "6R8vv3OXn7");
Zeile gelöscht : user_pref("extensions.incredibar_i.upn2n", "92824507054324997");
Zeile gelöscht : user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");
Zeile gelöscht : user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1420:39:11");
Zeile gelöscht : user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");

*************************

AdwCleaner[R0].txt - [18626 octets] - [11/11/2013 11:41:43]
AdwCleaner[S0].txt - [16862 octets] - [11/11/2013 11:50:51]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [16923 octets] ##########
         
--- --- ---


3. JRT:
JRT Logfile:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Professional x64
Ran by Martin on 11.11.2013 at 11:58:49,38
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2185295656-1746969743-3416853708-1000\Software\sweetim



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11.11.2013 at 12:05:24,96
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
--- --- ---


4a. FRST:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-11-2013 01
Ran by Martin (administrator) on NEXOC-E712 on 11-11-2013 12:13:27
Running from C:\Users\Martin\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(SafeNet Inc.) C:\Windows\system32\hasplms.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Panasonic Corporation) C:\Windows\system32\p2csvc.exe
(Panasonic Corporation) C:\Windows\SysWOW64\p2csvc32.exe
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
() C:\Program Files (x86)\Hotkey\PowerBiosServer.exe
(ElmüSoft) C:\Program Files (x86)\PTBSync\PTBSync.exe
(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
(SafeNet, Inc) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(WDC) C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(X-Rite Inc.) C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(NVIDIA Corporation) C:\Windows\System32\nvraidservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(mychat) C:\Windows\BisonCam\BisonHK.exe
(Bison Inc.) C:\Windows\BisonCam\DeLay.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
() C:\Program Files (x86)\Paragon Software\HFS+ for Windows   (read-only)\apmwinsrv.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Akamai Technologies, Inc.) C:\Users\Martin\AppData\Local\Akamai\netsession_win.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIGYE.EXE
(Akamai Technologies, Inc.) C:\Users\Martin\AppData\Local\Akamai\netsession_win.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
() C:\Program Files (x86)\Hotkey\Hotkey.exe
() C:\Program Files (x86)\X-Rite\i1Profiler\i1ProfilerTray.exe
() C:\Program Files (x86)\Hotkey\LightShow.exe
(KORG Inc.) C:\Program Files (x86)\KORG\KORG USB-MIDI Driver\EsHelper2.exe
(Panasonic Corporation) C:\Program Files\Panasonic P2\Drivers\App\p2inst_tasktray64.exe
(WDC) C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
(ElmüSoft) C:\Program Files (x86)\PTBSync\PTBSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1808680 2009-12-13] (Synaptics Incorporated)
HKLM\...\Run: [LchGKey] - C:\Program Files (x86)\Chicony\GameKeys\LchGKey.exe
HKLM\...\Run: [NVRaidService] - C:\Windows\System32\nvraidservice.exe [291872 2009-06-30] (NVIDIA Corporation)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-08-12] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [472984 2013-06-13] (Adobe Systems Incorporated)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8116256 2009-09-22] (Realtek Semiconductor)
HKLM\...\Run: [BisonHK] - C:\Windows\BisonCam\BisonHK.exe [77824 2008-03-25] (mychat)
HKLM\...\Run: [DeLay] - C:\Windows\BisonCam\DeLay.exe [53248 2008-03-11] (Bison Inc.)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384 2013-10-18] (NVIDIA Corporation)
HKLM\...\Run: [apmwinapp] - C:\Program Files (x86)\Paragon Software\HFS+ for Windows   (read-only)\apmwinsrv.exe [65552 2010-05-11] ()
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Martin\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [18642024 2013-02-28] (Skype Technologies S.A.)
HKCU\...\Run: [PC Suite Tray] - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia)
HKCU\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564016 2013-07-26] (Samsung)
HKCU\...\Run: [Epson Stylus Photo PX720WD(Netzwerk)] - C:\Users\Martin\AppData\Local\Temp\E_S191B.tmp [230 2013-11-10] ()
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2012-03-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe [44128 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe_ID0ENQBO] - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe [378224 2008-08-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KORG USB-MIDI Driver] - C:\Program Files (x86)\KORG\KORG USB-MIDI Driver\EsHelper2.exe [393616 2011-03-30] (KORG Inc.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [WD Drive Manager] - C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe [480768 2012-05-01] (WDC)
HKLM-x32\...\Run: [PTBSync] - C:\Program Files (x86)\PTBSync\PTBSync.exe [1582592 2013-03-05] (ElmüSoft)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-09-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-07-26] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\postgres\...\Run: [updateMgr] - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe AcPro7_0_0 -reboot 1
HKU\postgres\...\Run: [Epson Stylus Photo PX720WD(Netzwerk)] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGYE.EXE /FU "C:\Users\Martin\AppData\Local\Temp\E_SC79C.tmp" /EF "HKCU"
HKU\postgres\...\Run: [Akamai NetSession Interface] - C:\Users\Martin\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\postgres\...\Run: [AdobeBridge] - [x]
HKU\postgres\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [18642024 2013-02-28] (Skype Technologies S.A.)
Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xB0A2518C181ACD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM-x32 {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File
Tcpip\..\Interfaces\{9C0AED26-CE60-4B65-BEFF-45D3685EB637}: [NameServer]195.3.96.67,213.33.98.136

FireFox:
========
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\bfbe7mgi.default-1383684326173
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION

==================== Services (Whitelisted) =================

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2012-03-06] (Adobe Systems)
S3 Adobe Version Cue CS4; C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [288112 2012-03-06] (Adobe Systems Incorporated)
S3 Avid DMF Service; C:\Program Files\Avid\Editor Transcode\Dynamic Media Files\DMFService.exe [661832 2013-08-27] (Avid Technology, Inc.)
S2 Avid Editor Broker; C:\Program Files\Avid\Editor Transcode\TranscodeService\AvidEditorMSE.exe [662344 2013-08-27] (Avid Technology, Inc.)
S2 Avid Editor Db Engine; C:\Program Files\Avid\Editor Transcode\TranscodeService\AvidEditorDbEngine.exe [661832 2013-08-27] (Avid Technology, Inc.)
S3 Avid Editor Transcode Service; C:\Program Files\Avid\Editor Transcode\TranscodeService\AvidEditorTranscode.exe [662344 2013-08-27] (Avid Technology, Inc.)
S2 Avid Editor Transcode Status; C:\Program Files\Avid\Editor Transcode\TranscodeService\rnc-central\AvidEditorTranscodeStatus.exe [297800 2013-08-27] (Avid Technology, Inc.)
R2 hasplms; C:\Windows\system32\hasplms.exe [3750400 2009-12-16] (SafeNet Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-08-12] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-08-12] (Microsoft Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15122208 2013-10-18] (NVIDIA Corporation)
R2 p2csvc; C:\Windows\system32\p2csvc.exe [67072 2008-07-25] (Panasonic Corporation)
R2 p2csvc32; C:\Windows\SysWOW64\p2csvc32.exe [61440 2008-07-25] (Panasonic Corporation)
R2 PowerBiosServer; C:\Program Files (x86)\Hotkey\PowerBiosServer.exe [37784 2009-08-14] ()
R2 PTBSync; C:\Program Files (x86)\PTBSync\PTBSync.exe [1582592 2013-03-05] (ElmüSoft)
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP4\RpcAgentSrv.exe [71832 2009-06-15] (SiSoftware)
R2 SentinelKeysServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [376832 2013-01-09] (SafeNet, Inc.)
R2 SentinelProtectionServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [1259872 2013-01-09] (SafeNet, Inc)
R2 SentinelSecurityRuntime; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [293216 2013-01-09] (SafeNet, Inc.)
R2 WDBtnMgrSvc.exe; C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [119296 2012-05-01] (WDC)
R2 xrdd.exe; C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe [203600 2012-03-08] (X-Rite Inc.)
R2 PaceLicenseDServices; "C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe" -u https://activation.paceap.com/InitiateActivation [x]

==================== Drivers (Whitelisted) ====================

R0 apmwin; C:\Windows\System32\DRIVERS\apmwin.sys [28176 2010-05-11] (Paragon Software Group)
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [29184 2009-08-13] (CSR, plc)
S2 cvintdrv; C:\Windows\SysWow64\Drivers\cvintdrv.sys [7140 2003-07-29] ()
R0 gpt_loader; C:\Windows\System32\DRIVERS\gpt_loader.sys [50192 2010-05-11] (Paragon Software Group)
S3 Hfsplus; C:\Windows\System32\DRIVERS\hfsplus.sys [102928 2010-05-11] (Paragon Software Group)
R2 HfsplusRec; C:\Windows\System32\DRIVERS\hfsplusrec.sys [13840 2010-05-11] (Paragon Software Group)
R0 johci; C:\Windows\System32\DRIVERS\johci.sys [20392 2009-12-13] (JMicron )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 mod7700; C:\Windows\System32\Drivers\dvb7700all.sys [956416 2012-03-04] (DiBcom)
R0 mounthlp; C:\Windows\System32\DRIVERS\mounthlp.sys [36368 2010-05-11] (Paragon Software Group)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)
R0 nvrd64; C:\Windows\System32\DRIVERS\nvrd64.sys [175648 2009-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-09-28] (NVIDIA Corporation)
S3 p2cache; C:\Windows\System32\DRIVERS\p2cache.sys [68096 2008-07-24] (Panasonic Corporation)
R0 p2cata; C:\Windows\System32\DRIVERS\p2cata.sys [56832 2008-07-24] (Panasonic Corporation)
S3 pfc; C:\Windows\SysWow64\drivers\pfc.sys [10368 2005-11-02] (Padus, Inc.)
R3 RTL8187Se; C:\Windows\System32\DRIVERS\RTL8187Se.sys [439296 2009-12-13] (Realtek Semiconductor Corporation                           )
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP4\WNt500x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)
R2 WinI2C-DDC; C:\Windows\system32\drivers\DDCDrv.sys [20832 2012-03-28] (Nicomsoft Ltd.)
R2 WinI2C-DDC; C:\Windows\SysWow64\drivers\DDCDrv.sys [10240 2012-03-28] (Nicomsoft Ltd.)
R2 WinRing0_1_2_0; C:\Windows\system32\Drivers\ptbring0.sys [14544 2013-03-05] (OpenLibSys.org)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-11 12:12 - 2013-11-11 12:12 - 01957590 _____ (Farbar) C:\Users\Martin\Desktop\FRST64.exe
2013-11-11 12:05 - 2013-11-11 12:05 - 00000816 _____ C:\Users\Martin\Desktop\JRT.txt
2013-11-11 11:58 - 2013-11-11 11:58 - 00000000 ____D C:\Windows\ERUNT
2013-11-11 11:57 - 2013-11-11 11:57 - 01034531 _____ (Thisisu) C:\Users\Martin\Desktop\JRT.exe
2013-11-11 11:54 - 2013-11-11 11:54 - 00017068 _____ C:\Users\Martin\Desktop\AdwCleaner[S0].txt
2013-11-11 11:41 - 2013-11-11 11:50 - 00000000 ____D C:\AdwCleaner
2013-11-11 11:39 - 2013-11-11 11:40 - 01085542 _____ C:\Users\Martin\Desktop\adwcleaner.exe
2013-11-11 11:13 - 2013-11-11 11:13 - 00001155 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-11-11 11:13 - 2013-11-11 11:13 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Malwarebytes
2013-11-11 11:13 - 2013-11-11 11:13 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-11 11:13 - 2013-11-11 11:13 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-11 11:13 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-11-11 09:40 - 2013-11-11 09:40 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Martin\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-10 18:39 - 2013-11-10 18:39 - 00159144 _____ (Microsoft Corporation) C:\Users\Martin\Downloads\WindowsActivationUpdate.exe
2013-11-10 10:25 - 2013-11-10 10:25 - 00033783 _____ C:\Users\Martin\Desktop\Combofix 10-11-13.txt
2013-11-10 10:23 - 2013-11-10 10:23 - 00033783 _____ C:\ComboFix.txt
2013-11-10 09:43 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2013-11-10 09:43 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2013-11-10 09:43 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-11-10 09:43 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-11-10 09:43 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-11-10 09:43 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2013-11-10 09:43 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2013-11-10 09:43 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2013-11-10 09:39 - 2013-11-10 10:23 - 00000000 ____D C:\Qoobox
2013-11-10 09:39 - 2013-11-10 10:18 - 00000000 ____D C:\Windows\erdnt
2013-11-09 15:59 - 2013-11-09 15:59 - 00907792 __RSH C:\Users\Martin\AppData\Roaming\689F8AC39767376A3A04C62470492
2013-11-09 15:55 - 2013-11-09 15:56 - 00471816 _____ C:\Windows\Minidump\110913-30716-01.dmp
2013-11-09 14:14 - 2013-11-09 14:14 - 05145633 ____R (Swearware) C:\Users\Martin\Downloads\ComboFix.exe
2013-11-09 12:54 - 2013-11-09 12:54 - 00009342 _____ C:\Users\Martin\Downloads\Addition.zip
2013-11-09 12:54 - 2013-11-09 12:54 - 00002456 _____ C:\Users\Martin\Downloads\Gmer.zip
2013-11-09 12:53 - 2013-11-09 12:53 - 00013346 _____ C:\Users\Martin\Downloads\FRST.zip
2013-11-09 12:44 - 2013-11-09 12:44 - 01110476 _____ C:\Users\Martin\Downloads\7z920.exe
2013-11-09 12:06 - 2013-11-09 12:06 - 00022226 _____ C:\Users\Martin\Downloads\Gmer.txt
2013-11-09 11:50 - 2013-11-09 11:50 - 00377856 _____ C:\Users\Martin\Downloads\gmer_2.1.19163.exe
2013-11-09 11:49 - 2013-11-09 11:49 - 00071727 _____ C:\Users\Martin\Downloads\FRST.txt
2013-11-09 11:45 - 2013-11-09 11:45 - 00000474 _____ C:\Users\Martin\Downloads\defogger_disable.log
2013-11-09 11:45 - 2013-11-09 11:45 - 00000000 _____ C:\Users\Martin\defogger_reenable
2013-11-09 11:43 - 2013-11-09 11:43 - 00050477 _____ C:\Users\Martin\Downloads\Defogger.exe
2013-11-09 11:40 - 2013-11-09 11:49 - 00036993 _____ C:\Users\Martin\Downloads\Addition.txt
2013-11-06 21:40 - 2013-11-06 21:40 - 00000000 ____D C:\FRST
2013-11-06 19:49 - 2013-11-11 11:51 - 00001392 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-06 19:49 - 2013-11-11 11:51 - 00001392 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-06 19:49 - 2013-11-06 19:50 - 00000552 _____ C:\Windows\system32\spsys.log
2013-11-06 09:10 - 2013-11-06 09:10 - 00000000 ____D C:\Users\Martin\.android
2013-11-06 09:06 - 2013-11-06 09:06 - 00000000 ____D C:\Users\Martin\Downloads\CSM_Y1149-E50_Backup
2013-11-06 08:56 - 2013-11-06 09:03 - 185382983 _____ C:\Users\Martin\Downloads\CSM_Y1149-E50_Backup.zip
2013-11-05 21:45 - 2013-11-05 21:45 - 00000000 ____D C:\Users\Martin\Desktop\Alte Firefox-Daten
2013-11-05 21:40 - 2013-11-05 21:42 - 00477265 _____ C:\Users\Martin\Desktop\lftp13.rar
2013-11-05 21:40 - 2013-11-05 21:42 - 00477265 _____ C:\Users\Martin\Desktop\Install.rar
2013-11-05 21:21 - 2013-11-10 10:26 - 00000000 _____ C:\Users\Martin\AppData\Roaming\lock
2013-11-05 21:21 - 2013-11-10 10:02 - 00003795 _____ C:\Users\Martin\AppData\Roaming\state
2013-11-04 11:19 - 2013-11-05 10:15 - 00000355 _____ C:\Users\Martin\Desktop\My Home is My Castle.txt
2013-11-02 08:32 - 2013-11-02 08:32 - 00000858 _____ C:\Users\Public\Desktop\Print CD.lnk
2013-10-30 09:24 - 2013-10-30 10:55 - 00000812 _____ C:\Users\Martin\Desktop\Der Tod - Wien heute.txt
2013-10-30 09:16 - 2013-10-30 01:35 - 352218306 _____ C:\Users\Martin\Desktop\der_tod_das_muss_ein_wiener_sein_DVCHDPRO-Desktop.m4v
2013-10-29 19:43 - 2013-10-29 19:47 - 100547994 _____ C:\Users\Martin\Downloads\PDZVX10 XDCAM VIEWER_v230.zip
2013-10-29 19:42 - 2013-10-29 19:42 - 07526147 _____ C:\Users\Martin\Downloads\PDZKMA233.zip
2013-10-29 14:38 - 2013-10-29 14:45 - 00000000 ____D C:\Users\Martin\AppData\Roaming\iPumper
2013-10-29 14:38 - 2013-10-29 14:38 - 05434312 _____ C:\Users\Martin\Downloads\xdcam_hd422_codec_Downloader.exe
2013-10-29 14:34 - 2013-10-29 14:33 - 00279656 _____ (Apple Inc.) C:\Users\Martin\Downloads\ProResDecoderSetup.exe
2013-10-29 10:21 - 2013-10-29 10:21 - 00000000 ____D C:\Users\Martin\Desktop\Pressefotos neu
2013-10-29 10:05 - 2013-10-29 10:05 - 00002039 _____ C:\Users\Martin\Desktop\Pressefotos - Legende.txt
2013-10-28 20:56 - 2013-10-23 11:30 - 30344480 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 22933792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 18199872 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 12572960 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-10-28 20:56 - 2013-10-23 11:30 - 11426568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 11374520 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 09524088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 09480328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 03131680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 03124512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433165.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433165.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 00696096 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 00655136 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 00560416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-10-28 20:50 - 2013-10-18 02:36 - 01063200 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2013-10-28 20:50 - 2013-10-18 02:36 - 00955168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2013-10-28 20:48 - 2013-09-28 00:01 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2013-10-28 20:48 - 2013-09-28 00:01 - 00028960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2013-10-28 20:16 - 2013-10-23 11:30 - 15855568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-10-28 20:16 - 2013-10-16 01:48 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433158.dll
2013-10-28 20:16 - 2013-10-16 01:48 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433158.dll
2013-10-27 16:41 - 2013-10-08 07:50 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-27 16:41 - 2013-10-08 07:46 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-27 16:41 - 2013-10-08 07:46 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-27 16:41 - 2013-10-08 07:46 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-27 16:40 - 2013-10-27 16:41 - 00004278 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-27 10:19 - 2013-10-27 10:39 - 00000000 ____D C:\Users\Public\Pressefotos
2013-10-27 09:41 - 2010-05-11 11:39 - 00050192 _____ (Paragon Software Group) C:\Windows\system32\Drivers\gpt_loader.sys
2013-10-27 09:41 - 2010-05-11 11:39 - 00036368 _____ (Paragon Software Group) C:\Windows\system32\Drivers\mounthlp.sys
2013-10-27 09:40 - 2013-10-27 09:40 - 00000000 ____D C:\Program Files (x86)\Paragon Software
2013-10-27 09:40 - 2010-05-11 11:39 - 00102928 _____ (Paragon Software Group) C:\Windows\system32\Drivers\hfsplus.sys
2013-10-27 09:40 - 2010-05-11 11:39 - 00028176 _____ (Paragon Software Group) C:\Windows\system32\Drivers\apmwin.sys
2013-10-27 09:40 - 2010-05-11 11:39 - 00013840 _____ (Paragon Software Group) C:\Windows\system32\Drivers\hfsplusrec.sys
2013-10-27 09:39 - 2013-10-27 09:39 - 02416640 _____ C:\Users\Martin\Downloads\Paragon-153-PEG_WinInstallx64_1.0.5_001.msi
2013-10-24 21:43 - 2013-10-24 21:43 - 00000000 ____D C:\Users\Martin\Downloads\tod
2013-10-24 21:40 - 2013-10-24 21:43 - 245266481 _____ C:\Users\Martin\Downloads\tod.zip
2013-10-23 03:02 - 2013-10-23 03:02 - 00589600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-10-21 20:26 - 2013-10-23 11:57 - 00799418 _____ C:\Users\Martin\Desktop\Der Tod, das muß ein Wiener sein! Einzeltitel.psd
2013-10-17 07:57 - 2012-12-13 16:19 - 216051490 _____ C:\Users\Martin\Desktop\P062_LogoOrthopaedie_Final_V3_1080_25p_13-12-2012.mov
2013-10-13 14:06 - 2013-10-23 16:08 - 00000000 ____D C:\Users\Public\Der Tod, das muß ein Wiener sein

==================== One Month Modified Files and Folders =======

2013-11-11 12:12 - 2013-11-11 12:12 - 01957590 _____ (Farbar) C:\Users\Martin\Desktop\FRST64.exe
2013-11-11 12:05 - 2013-11-11 12:05 - 00000816 _____ C:\Users\Martin\Desktop\JRT.txt
2013-11-11 12:03 - 2012-03-04 17:22 - 01912638 _____ C:\Windows\WindowsUpdate.log
2013-11-11 11:58 - 2013-11-11 11:58 - 00000000 ____D C:\Windows\ERUNT
2013-11-11 11:57 - 2013-11-11 11:57 - 01034531 _____ (Thisisu) C:\Users\Martin\Desktop\JRT.exe
2013-11-11 11:55 - 2012-11-12 21:22 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Skype
2013-11-11 11:54 - 2013-11-11 11:54 - 00017068 _____ C:\Users\Martin\Desktop\AdwCleaner[S0].txt
2013-11-11 11:54 - 2012-03-04 13:19 - 00001546 _____ C:\Users\Martin\Documents\PTBSync-DesktopSetting-Martin.txt
2013-11-11 11:54 - 2012-03-04 13:19 - 00000584 _____ C:\Users\Martin\Documents\PTBSync-AutoExport-Martin.ini
2013-11-11 11:52 - 2012-03-04 17:53 - 00000000 ____D C:\ProgramData\NVIDIA
2013-11-11 11:52 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-11 11:52 - 2009-07-14 05:51 - 00109773 _____ C:\Windows\setupact.log
2013-11-11 11:51 - 2013-11-06 19:49 - 00001392 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-11 11:51 - 2013-11-06 19:49 - 00001392 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-11 11:50 - 2013-11-11 11:41 - 00000000 ____D C:\AdwCleaner
2013-11-11 11:50 - 2013-01-18 06:07 - 00001039 _____ C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-11 11:40 - 2013-11-11 11:39 - 01085542 _____ C:\Users\Martin\Desktop\adwcleaner.exe
2013-11-11 11:39 - 2012-04-10 19:00 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-11 11:31 - 2012-03-04 17:52 - 00057252 _____ C:\Windows\PFRO.log
2013-11-11 11:13 - 2013-11-11 11:13 - 00001155 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-11-11 11:13 - 2013-11-11 11:13 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Malwarebytes
2013-11-11 11:13 - 2013-11-11 11:13 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-11 11:13 - 2013-11-11 11:13 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-11 09:40 - 2013-11-11 09:40 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Martin\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-11 03:40 - 2012-03-04 22:57 - 00000000 ____D C:\Users\Martin\AppData\Local\Adobe
2013-11-10 18:51 - 2013-09-19 10:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-10 18:39 - 2013-11-10 18:39 - 00159144 _____ (Microsoft Corporation) C:\Users\Martin\Downloads\WindowsActivationUpdate.exe
2013-11-10 10:26 - 2013-11-05 21:21 - 00000000 _____ C:\Users\Martin\AppData\Roaming\lock
2013-11-10 10:25 - 2013-11-10 10:25 - 00033783 _____ C:\Users\Martin\Desktop\Combofix 10-11-13.txt
2013-11-10 10:23 - 2013-11-10 10:23 - 00033783 _____ C:\ComboFix.txt
2013-11-10 10:23 - 2013-11-10 09:39 - 00000000 ____D C:\Qoobox
2013-11-10 10:18 - 2013-11-10 09:39 - 00000000 ____D C:\Windows\erdnt
2013-11-10 10:06 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2013-11-10 10:02 - 2013-11-05 21:21 - 00003795 _____ C:\Users\Martin\AppData\Roaming\state
2013-11-09 15:59 - 2013-11-09 15:59 - 00907792 __RSH C:\Users\Martin\AppData\Roaming\689F8AC39767376A3A04C62470492
2013-11-09 15:56 - 2013-11-09 15:55 - 00471816 _____ C:\Windows\Minidump\110913-30716-01.dmp
2013-11-09 15:55 - 2013-06-06 07:30 - 695959793 _____ C:\Windows\MEMORY.DMP
2013-11-09 15:55 - 2012-03-05 00:50 - 00000000 ____D C:\Windows\Minidump
2013-11-09 14:14 - 2013-11-09 14:14 - 05145633 ____R (Swearware) C:\Users\Martin\Downloads\ComboFix.exe
2013-11-09 12:54 - 2013-11-09 12:54 - 00009342 _____ C:\Users\Martin\Downloads\Addition.zip
2013-11-09 12:54 - 2013-11-09 12:54 - 00002456 _____ C:\Users\Martin\Downloads\Gmer.zip
2013-11-09 12:53 - 2013-11-09 12:53 - 00013346 _____ C:\Users\Martin\Downloads\FRST.zip
2013-11-09 12:44 - 2013-11-09 12:44 - 01110476 _____ C:\Users\Martin\Downloads\7z920.exe
2013-11-09 12:06 - 2013-11-09 12:06 - 00022226 _____ C:\Users\Martin\Downloads\Gmer.txt
2013-11-09 11:50 - 2013-11-09 11:50 - 00377856 _____ C:\Users\Martin\Downloads\gmer_2.1.19163.exe
2013-11-09 11:49 - 2013-11-09 11:49 - 00071727 _____ C:\Users\Martin\Downloads\FRST.txt
2013-11-09 11:49 - 2013-11-09 11:40 - 00036993 _____ C:\Users\Martin\Downloads\Addition.txt
2013-11-09 11:45 - 2013-11-09 11:45 - 00000474 _____ C:\Users\Martin\Downloads\defogger_disable.log
2013-11-09 11:45 - 2013-11-09 11:45 - 00000000 _____ C:\Users\Martin\defogger_reenable
2013-11-09 11:45 - 2012-03-04 17:27 - 00000000 ____D C:\Users\Martin
2013-11-09 11:43 - 2013-11-09 11:43 - 00050477 _____ C:\Users\Martin\Downloads\Defogger.exe
2013-11-09 11:14 - 2012-03-04 14:08 - 00000000 ____D C:\Users\Martin\Documents\LogIns
2013-11-06 21:40 - 2013-11-06 21:40 - 00000000 ____D C:\FRST
2013-11-06 19:50 - 2013-11-06 19:49 - 00000552 _____ C:\Windows\system32\spsys.log
2013-11-06 09:10 - 2013-11-06 09:10 - 00000000 ____D C:\Users\Martin\.android
2013-11-06 09:06 - 2013-11-06 09:06 - 00000000 ____D C:\Users\Martin\Downloads\CSM_Y1149-E50_Backup
2013-11-06 09:03 - 2013-11-06 08:56 - 185382983 _____ C:\Users\Martin\Downloads\CSM_Y1149-E50_Backup.zip
2013-11-06 08:54 - 2013-04-29 22:37 - 00000000 ____D C:\Program Files (x86)\Opera
2013-11-05 21:45 - 2013-11-05 21:45 - 00000000 ____D C:\Users\Martin\Desktop\Alte Firefox-Daten
2013-11-05 21:42 - 2013-11-05 21:40 - 00477265 _____ C:\Users\Martin\Desktop\lftp13.rar
2013-11-05 21:42 - 2013-11-05 21:40 - 00477265 _____ C:\Users\Martin\Desktop\Install.rar
2013-11-05 21:38 - 2012-03-04 12:55 - 06582279 _____ (Ambrose) C:\Users\Martin\Desktop\XMediaRecode2268_setup.exe
2013-11-05 21:37 - 2012-03-04 12:55 - 10731527 _____ (Ambrose) C:\Users\Martin\Desktop\SetupDocumentsManager.exe
2013-11-05 21:37 - 2012-03-04 12:55 - 02101255 _____ (Ambrose) C:\Users\Martin\Desktop\WGAPluginInstall.exe
2013-11-05 21:36 - 2012-03-04 12:55 - 14651399 _____ (Ambrose) C:\Users\Martin\Desktop\mp3rocket.exe
2013-11-05 21:36 - 2012-03-04 12:55 - 07884807 _____ (Ambrose) C:\Users\Martin\Desktop\Openwave_v70_Simulator.exe
2013-11-05 21:36 - 2012-03-04 12:55 - 01843207 _____ (Ambrose) C:\Users\Martin\Desktop\pcs.exe
2013-11-05 21:35 - 2012-05-10 15:06 - 15994887 _____ (Ambrose) C:\Users\Martin\Desktop\HCFRSetup.exe
2013-11-05 21:34 - 2013-01-04 09:36 - 00000000 ____D C:\Users\Martin\Documents\Rechnungen 2013
2013-11-05 21:34 - 2012-10-07 10:24 - 01634311 _____ (Ambrose) C:\Users\Martin\Desktop\h264info.exe
2013-11-05 21:34 - 2012-05-03 04:21 - 02248711 _____ (Ambrose) C:\Users\Martin\Desktop\GPU-Z.0.6.2.exe
2013-11-05 21:34 - 2012-04-10 23:14 - 21942279 _____ (Ambrose) C:\Users\Martin\Desktop\DVDFab8175Qt.exe
2013-11-05 21:33 - 2012-03-04 12:54 - 05079047 _____ (Ambrose) C:\Users\Martin\Desktop\DVD2MP4.exe
2013-11-05 21:32 - 2012-03-04 12:54 - 22794247 _____ (Ambrose) C:\Users\Martin\Desktop\DivXInstaller721.exe
2013-11-05 21:31 - 2012-03-04 12:54 - 111759367 _____ (Ambrose) C:\Users\Martin\Desktop\DiscWizardSetup.de.exe
2013-11-05 21:26 - 2012-03-04 12:54 - 62115847 _____ (Ambrose) C:\Users\Martin\Desktop\AVSVideoConverter.exe
2013-11-05 21:22 - 2012-05-15 10:32 - 02301959 _____ (Ambrose) C:\Users\Martin\Desktop\7z920.exe
2013-11-05 21:22 - 2012-03-04 12:53 - 09482247 _____ (Ambrose) C:\Users\Martin\Desktop\AvidCodecsLE_MSI_Install.exe
2013-11-05 11:48 - 2012-03-04 14:08 - 00000000 ____D C:\Users\Martin\Documents\Honorarnoten
2013-11-05 10:15 - 2013-11-04 11:19 - 00000355 _____ C:\Users\Martin\Desktop\My Home is My Castle.txt
2013-11-02 22:14 - 2012-03-05 09:04 - 00000000 ____D C:\Users\Martin\AppData\Roaming\FileZilla
2013-11-02 09:39 - 2012-03-04 14:04 - 00000000 ____D C:\Users\Martin\Documents\Epson Print CD
2013-11-02 08:32 - 2013-11-02 08:32 - 00000858 _____ C:\Users\Public\Desktop\Print CD.lnk
2013-11-02 08:32 - 2012-03-08 11:53 - 00000000 ____D C:\Program Files (x86)\Epson Software
2013-11-02 08:32 - 2012-03-04 17:35 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-11-01 21:26 - 2012-03-04 13:23 - 00000000 ____D C:\Users\Martin\Documents\CD- und Video-Etiketten
2013-10-31 23:41 - 2012-03-05 16:22 - 00000000 ____D C:\Users\Public\Documents\Avid Media Composer
2013-10-31 00:02 - 2012-03-19 09:43 - 00012292 ____H C:\Users\Public\.DS_Store
2013-10-30 10:55 - 2013-10-30 09:24 - 00000812 _____ C:\Users\Martin\Desktop\Der Tod - Wien heute.txt
2013-10-30 01:35 - 2013-10-30 09:16 - 352218306 _____ C:\Users\Martin\Desktop\der_tod_das_muss_ein_wiener_sein_DVCHDPRO-Desktop.m4v
2013-10-29 19:47 - 2013-10-29 19:43 - 100547994 _____ C:\Users\Martin\Downloads\PDZVX10 XDCAM VIEWER_v230.zip
2013-10-29 19:42 - 2013-10-29 19:42 - 07526147 _____ C:\Users\Martin\Downloads\PDZKMA233.zip
2013-10-29 15:39 - 2012-03-04 12:59 - 00000000 ____D C:\Users\Martin\Desktop\Install
2013-10-29 14:45 - 2013-10-29 14:38 - 00000000 ____D C:\Users\Martin\AppData\Roaming\iPumper
2013-10-29 14:38 - 2013-10-29 14:38 - 05434312 _____ C:\Users\Martin\Downloads\xdcam_hd422_codec_Downloader.exe
2013-10-29 14:33 - 2013-10-29 14:34 - 00279656 _____ (Apple Inc.) C:\Users\Martin\Downloads\ProResDecoderSetup.exe
2013-10-29 10:44 - 2011-09-09 06:16 - 00000000 ___HD C:\Users\Martin\AppData\Local\xnWURx8Skku
2013-10-29 10:21 - 2013-10-29 10:21 - 00000000 ____D C:\Users\Martin\Desktop\Pressefotos neu
2013-10-29 10:05 - 2013-10-29 10:05 - 00002039 _____ C:\Users\Martin\Desktop\Pressefotos - Legende.txt
2013-10-28 21:01 - 2012-03-04 17:34 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-10-28 20:50 - 2012-03-04 19:57 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-10-28 20:50 - 2012-03-04 17:35 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-10-27 16:41 - 2013-10-27 16:40 - 00004278 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-27 16:41 - 2013-09-11 20:28 - 00000000 ____D C:\ProgramData\Oracle
2013-10-27 16:41 - 2012-03-13 19:46 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-27 10:39 - 2013-10-27 10:19 - 00000000 ____D C:\Users\Public\Pressefotos
2013-10-27 09:40 - 2013-10-27 09:40 - 00000000 ____D C:\Program Files (x86)\Paragon Software
2013-10-27 09:39 - 2013-10-27 09:39 - 02416640 _____ C:\Users\Martin\Downloads\Paragon-153-PEG_WinInstallx64_1.0.5_001.msi
2013-10-24 21:43 - 2013-10-24 21:43 - 00000000 ____D C:\Users\Martin\Downloads\tod
2013-10-24 21:43 - 2013-10-24 21:40 - 245266481 _____ C:\Users\Martin\Downloads\tod.zip
2013-10-23 16:08 - 2013-10-13 14:06 - 00000000 ____D C:\Users\Public\Der Tod, das muß ein Wiener sein
2013-10-23 12:08 - 2012-09-18 15:40 - 00001456 _____ C:\Users\Martin\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2013-10-23 11:57 - 2013-10-21 20:26 - 00799418 _____ C:\Users\Martin\Desktop\Der Tod, das muß ein Wiener sein! Einzeltitel.psd
2013-10-23 11:30 - 2013-10-28 20:56 - 30344480 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 22933792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 18199872 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 12572960 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-10-23 11:30 - 2013-10-28 20:56 - 11426568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 11374520 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 09524088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 09480328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 03131680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 03124512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433165.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433165.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 00696096 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 00655136 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 00560416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-10-23 11:30 - 2013-10-28 20:16 - 15855568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-10-23 11:30 - 2013-05-23 23:15 - 15212336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-10-23 11:30 - 2012-09-14 06:16 - 02695200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-10-23 11:30 - 2012-03-04 19:56 - 18286416 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-10-23 11:30 - 2012-03-04 19:56 - 03067560 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-10-23 11:30 - 2012-03-04 19:56 - 00023287 _____ C:\Windows\system32\nvinfo.pb
2013-10-23 09:20 - 2012-04-14 11:13 - 06669600 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-10-23 09:20 - 2012-04-14 11:13 - 03489568 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-10-23 09:20 - 2012-04-14 11:13 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2013-10-23 09:20 - 2012-04-14 11:13 - 00922912 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-10-23 09:20 - 2012-04-14 11:13 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-10-23 09:20 - 2012-04-14 11:13 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-10-23 03:02 - 2013-10-23 03:02 - 00589600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-10-18 02:36 - 2013-10-28 20:50 - 01063200 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2013-10-18 02:36 - 2013-10-28 20:50 - 00955168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2013-10-17 07:48 - 2012-03-12 09:57 - 00000216 _____ C:\Users\Martin\AppData\Roaming\default.rss
2013-10-16 18:45 - 2013-08-13 15:07 - 00004467 _____ C:\Users\Martin\Desktop\Der Tod, das muß... Legende.txt
2013-10-16 01:48 - 2013-10-28 20:16 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433158.dll
2013-10-16 01:48 - 2013-10-28 20:16 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433158.dll

Some content of TEMP:
====================
C:\Users\Martin\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-10 00:06

==================== End Of Log ============================
         
--- --- ---


4b. Addition:
FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-11-2013 01
Ran by Martin at 2013-11-11 12:13:54
Running from C:\Users\Martin\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Disabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Disabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

3CXPhone (x32 Version: 4.0.26523.0)
7-Zip 9.20 (x32)
Acrobat.com (x32 Version: 0.0.0)
Acrobat.com (x32 Version: 1.2.443)
Adobe Acrobat 9 Pro - English, Français, Deutsch (x32 Version: 9.5.5)
Adobe Acrobat 9.5.5 - CPSID_83708 (x32)
Adobe Acrobat XI Pro (x32 Version: 11.0)
Adobe After Effects CS4 Third Party Content (x32 Version: 9)
Adobe AIR (x32 Version: 3.8.0.1280)
Adobe Anchor Service CS4 (x32 Version: 2.0)
Adobe Asset Services CS4 (x32 Version: 4)
Adobe Audition 2.0 (x32 Version: 2.0)
Adobe Bridge 1.0 (x32 Version: 1.0.1.1)
Adobe Bridge CS4 (x32 Version: 3)
Adobe CMaps CS4 (x32 Version: 2.0)
Adobe Color EU Recommended Settings CS4 (x32 Version: 2.0)
Adobe Color JA Extra Settings CS4 (x32 Version: 2.0)
Adobe Color NA Extra Settings CS4 (x32 Version: 2.0)
Adobe Common File Installer (x32 Version: 1.00.002)
Adobe Creative Cloud (x32 Version: 2.1.2.232)
Adobe Creative Suite 4 Master Collection (x32 Version: 4.0)
Adobe Creative Suite 6 Production Premium (x32 Version: 6)
Adobe CS4 American English Speech Analysis Models (x32 Version: 1)
Adobe CSI CS4 (x32 Version: 1)
Adobe CSI CS4 x64 (Version: 1)
Adobe Default Language CS4 (x32 Version: 2.0)
Adobe Dreamweaver CS6 (x32 Version: 12.0.3)
Adobe Drive CS4 (x32 Version: 1)
Adobe Drive CS4 x64 (Version: 1)
Adobe Dynamiclink Support (x32 Version: 1)
Adobe Edge Animate (x32 Version: 1.5)
Adobe Encore CS4 Codecs (x32 Version: 4)
Adobe Exchange Panel (x32 Version: 1)
Adobe ExtendScript Toolkit CS4 (x32 Version: 3.0.0)
Adobe Extension Manager CS4 (x32 Version: 2.0)
Adobe Fireworks CS4 (x32 Version: 10.0)
Adobe Fireworks CS6 (x32 Version: 12.0.1)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Flash Professional CS6 (x32 Version: 12.0)
Adobe Fonts All (x32 Version: 2.0)
Adobe Help Center 2.0 (x32 Version: 2.0.0)
Adobe Help Manager (x32 Version: 4.0.244)
Adobe Illustrator CS6 (x32 Version: 16.0)
Adobe InDesign CS4 (x32 Version: 6.0)
Adobe InDesign CS4 Application Feature Set Files (Roman) (x32 Version: 6.0)
Adobe InDesign CS4 Common Base Files (x32 Version: 6.0)
Adobe InDesign CS4 Icon Handler (x32 Version: 6.0)
Adobe InDesign CS4 Icon Handler x64 (Version: 6.0)
Adobe InDesign CS6 (x32 Version: 8.0)
Adobe Linguistics CS4 (x32 Version: 4.0.0)
Adobe Media Encoder CS4 Exporter (x32 Version: 1.0)
Adobe Media Encoder CS4 Importer (x32 Version: 1.0)
Adobe Media Player (x32 Version: 1.8)
Adobe Muse (x32 Version: 2.0)
Adobe Muse (x32 Version: 2.3.50)
Adobe Output Module (x32 Version: 2.0)
Adobe PDF Library Files CS4 (x32 Version: 9.0)
Adobe Photoshop CS6 (x32 Version: 13.0)
Adobe Premiere Pro CS4 Third Party Content (x32 Version: 4)
Adobe Premiere Pro CS6 (x32 Version: 6.0)
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05)
Adobe Search for Help (x32 Version: 1.0)
Adobe Service Manager Extension (x32 Version: 1.0)
Adobe Setup (x32 Version: 2.0)
Adobe SGM CS4 (x32 Version: 3.0)
Adobe SING CS4 (x32 Version: 2.0)
Adobe Soundbooth CS4 (x32 Version: 2)
Adobe Soundbooth CS4 Codecs (x32 Version: 2)
Adobe SVG Viewer 3.0 (x32 Version:  3.0)
Adobe Touch App Plugins (x32 Version: 1.0)
Adobe Type Support CS4 (x32 Version: 9.0)
Adobe Update Manager CS4 (x32 Version: 6.0.0)
Adobe Version Cue CS4 Server (x32 Version: 4.0)
Adobe Widget Browser (x32 Version: 2.0 Build 348)
Adobe Widget Browser (x32 Version: 2.0.348)
Adobe WinSoft Linguistics Plugin (x32 Version: 1.1)
Adobe XMP Panels CS4 (x32 Version: 2.0)
Adobe® Content Viewer (x32 Version: 3.3.0)
AdobeColorCommonSetCMYK (x32 Version: 2.0)
AdobeColorCommonSetRGB (x32 Version: 2.0)
Advertising Center (x32 Version: 0.0.0.2)
Akamai NetSession Interface (HKCU)
Any Video Converter 5.0.5 (x32)
Apple Application Support (x32 Version: 2.3)
Apple Software Update (x32 Version: 2.1.3.127)
Avery Wizard 3.1 (x32 Version: 3.1.8)
Avid AMA Plug-in for MXF (x32 Version: 1.7.2.5330)
Avid AMA Plug-in for Panasonic P2 (x32 Version: 2.6.0.5505)
Avid Codecs LE (x32 Version: 2.3.7)
Avid Editor Transcode (Version: 3.0.5)
Avid License Control (x32 Version: 3.0.1)
Avid Media Composer (Version: 7.0.2)
AVS Update Manager 1.0 (x32)
AVS Video Converter 8 (x32)
AVS4YOU Software Navigator 1.4 (x32)
BisonCam (x32 Version: 6.96.710.05.1)
Bitrate Viewer 2.3 (x32 Version: 2.3)
bl (x32 Version: 1.0.0)
Bonjour (Version: 3.0.0.10)
Compatibility Pack für 2007 Office System (x32 Version: 12.0.6612.1000)
Connect (x32 Version: 1.0.0.1)
CPUID CPU-Z 1.66.1
DesignPro 5 (x32 Version: 5.5.708)
DiffDaff Version 1.0 (x32)
DolbyFiles (x32 Version: 2.0)
DVD Decrypter (Remove Only) (x32)
DVD Shrink 3.2 (x32)
DVDFab 8.1.7.5 (07/04/2012) Qt (x32)
DVD-lab PRO 2.31 (Production Stable) (x32)
Epson Print CD (x32 Version: 2.20.00)
EPSON PX720WD Series Printer Uninstall
EPSON Scan (x32)
EpsonNet Print (x32 Version: 2.5.00)
EpsonNet Setup 3.3 (x32 Version: 3.3b)
FileZilla Client 3.7.3 (x32 Version: 3.7.3)
Flash Builder (x32 Version: 4.6.1)
Free YouTube Download version 3.2.9.725 (x32 Version: 3.2.9.725)
FreeOCR 3.0 (Version: 3.0)
FTPRush 2.1.8 (x32 Version: 2.1.8)
GeForce Experience NvStream Client Components (Version: 1.6.28)
Google Update Helper (x32 Version: 1.3.23.0)
HCFR (x32)
Hotkey 3.0037 (x32 Version: 3.00.37)
i1Profiler (x32)
iCloud (Version: 3.0.2.163)
ImagXpress (x32 Version: 7.0.74.0)
ImgBurn (x32 Version: 2.5.8.0)
ITECIR (x32 Version: 1.00.0000)
iZotope Insight (x32 Version: 1.02)
Java 7 Update 45 (x32 Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.8)
JMicron 1394 Filter Driver (x32 Version: 1.00.04.00)
JMicron JMB38X Flash Media Controller (x32 Version: 1.0.32.1)
KORG USB-MIDI Driver Tools for Windows (x32 Version: 1.13.0601)
kuler (x32 Version: 2.0)
LeechFTP  (x32)
License Support (x32 Version: 1.1.1.1524)
MainConcept Reference DShow Add-On (x32 Version: 2.2.0.0)
MainConcept Reference v2 (x32 Version: 2.2.0.0)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
MediaInfo 0.7.60 (Version: 0.7.60)
Menu Templates - Starter Kit (x32 Version: 9.6.0.0)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1)
Microsoft Office Professional Edition 2003 (x32 Version: 11.0.8173.0)
Microsoft Security Client (Version: 4.3.0219.0)
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 4.3.219.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000)
Microsoft-Maus- und Tastatur-Center (Version: 2.2.173.0)
Movie Templates - Starter Kit (x32 Version: 9.6.0.0)
MSVC90_x64 (Version: 1.0.1.2)
MSVC90_x86 (x32 Version: 1.0.1.2)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
Nero 9 (x32)
Nero BurnRights (x32 Version: 3.4.13.100)
Nero ControlCenter (x32 Version: 9.0.0.1)
Nero CoverDesigner (x32 Version: 1.0.0.0)
Nero Disc Copy Gadget (x32 Version: 2.4.43.0)
Nero DiscSpeed (x32 Version: 5.4.13.100)
Nero DriveSpeed (x32 Version: 4.4.12.100)
Nero InfoTool (x32 Version: 6.4.12.100)
Nero Installer (x32 Version: 4.4.9.0)
Nero PhotoSnap (x32 Version: 2.4.29.0)
Nero Recode (x32 Version: 4.4.40.0)
Nero Rescue Agent (x32 Version: 2.4.14.100)
Nero ShowTime (x32 Version: 5.4.27.100)
Nero StartSmart (x32 Version: 9.4.40.100)
Nero Vision (x32 Version: 6.4.19.100)
Nero WaveEditor (x32 Version: 5.4.39.0)
NeroBurningROM (x32 Version: 1.0.0.0)
NeroExpress (x32 Version: 1.0.0.0)
neroxml (x32 Version: 1.0.0)
NewBlue Titler Pro for Windows (Version: 1.0)
Nokia Connectivity Cable Driver (x32 Version: 7.1.78.0)
Nokia PC Suite (x32 Version: 7.1.180.94)
NVIDIA 3D Vision Treiber 331.65 (Version: 331.65)
NVIDIA CUDA Toolkit v4.0 (64 bit) (Version: 4.00.1500.0000)
NVIDIA Drivers (Version: 1.5)
NVIDIA GeForce Experience 1.7 (Version: 1.7)
NVIDIA Grafiktreiber 331.65 (Version: 331.65)
NVIDIA Install Application (Version: 2.1002.140.952)
NVIDIA LED Visualizer 1.0 (Version: 1.0)
NVIDIA PhysX (x32 Version: 9.13.0725)
NVIDIA PhysX-Systemsoftware 9.13.0725 (Version: 9.13.0725)
NVIDIA ShadowPlay 9.3.16 (Version: 9.3.16)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3165)
NVIDIA Systemsteuerung 331.65 (Version: 331.65)
NVIDIA Update 9.3.16 (Version: 9.3.16)
NVIDIA Update Components (Version: 9.3.16)
NVIDIA Virtual Audio 1.2.9 (Version: 1.2.9)
One Clip Ingest Software (x32 Version: 1.00.0000)
Opera 12.16 (x32 Version: 12.16.1860)
P2PlugIn (Version: 1.0.1.0)
PACE License Support Win64 (Version: 2.0.0.0256)
Panasonic Drive Mount Converter (x32 Version: 1.00.0007)
Panasonic P2 AVC-Intra Decoder Component (x32 Version: 1.0.0)
Panasonic P2 Drivers (Version: 2.21.0000)
Panasonic P2 Viewer Plus (x32 Version: 1.0.7)
Paragon HFS+ for Windows™ (read-only) (Version: 1.00)
PC Connectivity Solution (x32 Version: 12.0.27.0)
PDF Settings CS4 (x32 Version: 9.0)
PDF Settings CS6 (x32 Version: 11.0)
ph (x32 Version: 1.0.0)
Photoshop Camera Raw (x32 Version: 5.0)
PreSonus Studio One 2 x64 (Version: 2.0.6.18491)
PTBSync (Atomuhr Synchronisation & Terminkalender) (x32 Version: 5.7b)
QuickTime (x32 Version: 7.74.80.86)
QuickTime MPEG2 (x32 Version: 7.60.92.0)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.5943)
REALTEK Wireless LAN Driver (x32 Version: 1.00.0118)
Safari (x32 Version: 5.34.57.2)
Samsung Kies (x32 Version: 2.6.0.13064_2)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.27.0)
SDFormatter (x32 Version: 4.0.0)
Sentinel Protection Installer 7.6.6 (x32 Version: 7.6.6)
SES Driver (Version: 1.0.0)
SHIELD Streaming (Version: 1.6.34)
SiSoftware Sandra Lite 2013.SP4 (Version: 19.50.2013.7)
Skype Click to Call (x32 Version: 6.3.11079)
Skype™ 6.3 (x32 Version: 6.3.105)
SmartTools Publishing · Mail-Assistent für Outlook (HKCU Version: v2.50)
SoundTrax (x32 Version: 4.4.39.0)
Suite Shared Configuration CS4 (x32 Version: 1.0)
SUPER © v2013.build.57+Recorder (2013/07/13) Version v2013.buil (x32 Version: v2013.build.57+Recorder)
Synaptics Pointing Device Driver (Version: 13.2.3.0)
Tracktion 3.0.4.8 (x32)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3)
Visual C++ 64-bit Redistributables (Version: 1.1.0.0929)
Visual C++ 64-bit Redistributables (Version: 1.1.1.1524)
Visual C++ 64-bit Redistributables (x32 Version: 1.1.0.0929)
Visual C++ 64-bit Redistributables (x32 Version: 1.1.1.1524)
Visual C++ Redistributables (x32 Version: 1.1.0.0929)
Visual C++ Redistributables (x32 Version: 1.1.1.1524)
WD Drive Manager (x64) (Version: 2.116)
WD WinDLG (x32 Version: 1.0.0)
Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM  (01/19/2011 1.0.0009.0) (Version: 01/19/2011 1.0.0009.0)
Windows-Treiberpaket - Nokia Modem  (02/25/2011 4.7) (Version: 02/25/2011 4.7)
Windows-Treiberpaket - Nokia Modem  (02/25/2011 7.01.0.9) (Version: 02/25/2011 7.01.0.9)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (Version: 05/31/2012 7.1.2.0)
Windows-Treiberpaket - YUAN (mod7700) Media  (05/22/2009 2.3.3.31) (Version: 05/22/2009 2.3.3.31)
WinRAR (x32)
XMedia Recode Version 3.1.2.8 (x32 Version: 3.1.2.8)
X-Rite Device Services Manager (x32 Version: 2.2.37)

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 03:34 - 2013-11-10 10:05 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0230CE8F-7427-47E5-AA04-7C25AE490EBA} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-20] (Microsoft Corporation)
Task: {1AFFE7F4-421F-45FF-9E0C-16B4EC0568E6} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {4D074A5C-ED20-4793-B329-C4F269B76CF7} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\MouseKeyboardCenter.exe [2013-05-13] (Microsoft)
Task: {57E573F9-8E13-4111-8FE2-84867E478604} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {62D0C0F1-9323-44BD-9626-CA4541B30BC7} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {64725695-1049-40A5-8EA6-304053997C29} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => C:\Program Files\Microsoft Device Center\devicecenter.exe
Task: {664F5D30-1DC5-44C9-90B9-3A10462555B7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7F0B5BB6-A5D8-4D00-B157-0FFF0672879F} - \DealPlyUpdate No Task File
Task: {91F1E2DF-EEC3-4937-B8A3-6322E6F35BCD} - System32\Tasks\X-Rite\X-RiteDeviceServicesSoftwareUpdate => C:\Program
Task: {9BFF35EA-81E3-46D0-8091-2BC38796EFA8} - System32\Tasks\AdobeAAMUpdater-1.0-Nexoc-E712-Martin => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2013-06-13] (Adobe Systems Incorporated)
Task: {EC3FADE3-25CE-48B0-9BB4-7471C62D9C21} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {F5E3D16D-AA1A-4158-B81A-AC379CAAC38F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09] (Adobe Systems Incorporated)
Task: {FF70BC1A-0FA8-4C31-AC40-51320DBBFDBC} - \Escolade No Task File
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2013-08-30 09:01 - 2013-08-30 09:01 - 03358064 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2012-03-08 11:25 - 2012-03-08 11:25 - 01615696 _____ () C:\Program Files (x86)\X-Rite\Devices\rm200\GoldenEye.dll
2012-03-08 11:25 - 2012-03-08 11:25 - 02639696 _____ () C:\Program Files (x86)\X-Rite\Devices\colormunki\colormunki.dll
2012-11-12 22:07 - 2008-03-25 15:44 - 00028672 _____ () C:\Windows\BisonCam\KBHookDLL.dll
2012-06-26 12:11 - 2012-06-26 12:11 - 02302040 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtCore4.dll
2012-06-26 12:11 - 2012-06-26 12:11 - 08197208 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtGui4.dll
2012-06-26 12:11 - 2012-06-26 12:11 - 00345688 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtXml4.dll
2012-06-26 12:10 - 2012-06-26 12:10 - 00202328 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll
2012-06-26 12:10 - 2012-06-26 12:10 - 00027736 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll
2012-06-26 12:11 - 2012-06-26 12:11 - 00282200 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtSvg4.dll
2013-05-17 15:41 - 2009-02-27 16:39 - 00019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.deu
2009-06-06 13:50 - 2009-06-06 13:50 - 00019968 _____ () C:\Program Files (x86)\Hotkey\Audiodll.dll
2012-05-10 15:17 - 2012-03-27 23:14 - 44090368 _____ () C:\Program Files (x86)\X-Rite\i1Profiler\Prism.dll
2012-05-10 15:17 - 2012-03-28 01:17 - 03449344 _____ () C:\Program Files (x86)\X-Rite\i1Profiler\CxF2_VC90MD_2.1.dll
2012-05-10 15:17 - 2012-03-28 01:17 - 00898560 _____ () C:\Program Files (x86)\X-Rite\i1Profiler\libxml2.dll
2012-05-10 15:17 - 2012-03-28 01:17 - 00073728 _____ () C:\Program Files (x86)\X-Rite\i1Profiler\zlib1.dll
2012-05-10 15:17 - 2012-03-28 01:17 - 07982592 _____ () C:\Program Files (x86)\X-Rite\i1Profiler\QtGui4.dll
2012-05-10 15:17 - 2012-03-28 01:17 - 02147328 _____ () C:\Program Files (x86)\X-Rite\i1Profiler\QtCore4.dll
2013-09-03 14:25 - 2013-09-03 14:25 - 32726528 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll
2013-03-13 12:42 - 2013-03-13 13:42 - 00071568 _____ () C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\zlib1.dll
2013-08-30 09:00 - 2013-08-30 09:00 - 00381808 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CCInvokeAAM.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Microsoft:8Z7WGiPuSYuxn6tHufBb
AlternateDataStreams: C:\ProgramData\Microsoft:afb2gtnEoP2hdz886KFnYaHX
AlternateDataStreams: C:\ProgramData\Microsoft:ml9taiNhEFn5q2tRn0ndHtTu
AlternateDataStreams: C:\ProgramData\Microsoft:OFf0XQtiDJXhV9iKxKOhoQBE3YGv
AlternateDataStreams: C:\Users\Martin\Cookies:E5EyevmztKUx9YL6FX57CQNG2
AlternateDataStreams: C:\Users\Martin\Cookies:MHiZXv4suTQnWq1jTGR
AlternateDataStreams: C:\Users\Martin\Desktop\Uni Klagenfurt 2012:AFP_AFPINFO
AlternateDataStreams: C:\Users\Martin\AppData\Local\5kfj674QJb:6kDOy8XKfo8GBUmk7HbP
AlternateDataStreams: C:\Users\Martin\AppData\Local\xnWURx8Skku:wgMFxBHXeRop5Jc2Wj3D
AlternateDataStreams: C:\Users\Martin\Documents\SpanHofreitschuleBluRay:Mac_Metadata
AlternateDataStreams: C:\Users\Martin\Documents\SpanHofreitschuleBluRay.ncor:Mac_Metadata

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2013-11-10 09:55:50.275
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-10 09:55:50.166
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-06 07:35:13.274
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\C-LAUFWERK 040312\Windows\System32\fveapibase.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-06 07:35:13.046
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\C-LAUFWERK 040312\Windows\System32\fveapibase.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-06 07:35:12.828
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\C-LAUFWERK 040312\Windows\System32\fveapibase.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-06 07:35:12.605
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\C-LAUFWERK 040312\Windows\System32\fveapibase.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-06 07:29:40.528
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\C-LAUFWERK 040312\Windows\System32\drivers\appid.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-06 07:29:40.317
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\C-LAUFWERK 040312\Windows\System32\drivers\appid.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-06 07:29:40.079
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\C-LAUFWERK 040312\Windows\System32\drivers\appid.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-06 07:29:39.865
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\C-LAUFWERK 040312\Windows\System32\drivers\appid.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 28%
Total physical RAM: 8190.35 MB
Available physical RAM: 5861.19 MB
Total Pagefile: 16378.88 MB
Available Pagefile: 14064.92 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive a: (Martin 2) (Fixed) (Total:931.42 GB) (Free:2.49 GB) NTFS
Drive c: (Martin) (Fixed) (Total:298.09 GB) (Free:17.1 GB) NTFS
Drive f: (WD My Book) (Fixed) (Total:1863.01 GB) (Free:16.06 GB) NTFS
Drive i: (My Book 2TB) (Fixed) (Total:1863.01 GB) (Free:37.59 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 8C059331)
Partition 1: (Active) - (Size=298 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 835B6220)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 1863 GB) (Disk ID: F4617063)
Partition 1: (Not Active) - (Size=-198631309312) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 1863 GB) (Disk ID: FB9F335D)
Partition 1: (Not Active) - (Size=-198626966528) - (Type=07 NTFS)

==================== End Of Log ============================
         
--- --- ---


Gruß, m.

Alt 11.11.2013, 14:26   #9
schrauber
/// the machine
/// TB-Ausbilder
 

Win7/64bit: Rotbrow A-E nach Amazon-Mahnung, Windowsmeldung "Falsche Windows 7-Kopie" - Standard

Win7/64bit: Rotbrow A-E nach Amazon-Mahnung, Windowsmeldung "Falsche Windows 7-Kopie"




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 12.11.2013, 08:51   #10
mpolasek
 
Win7/64bit: Rotbrow A-E nach Amazon-Mahnung, Windowsmeldung "Falsche Windows 7-Kopie" - Standard

Win7/64bit: Rotbrow A-E nach Amazon-Mahnung, Windowsmeldung "Falsche Windows 7-Kopie"



Hallo schrauber,

Nach der nach Deiner Anleitung durchgeführten Scans ist die Forderung "Die Echtheit dieser Windows-Kopie würde noch nicht bestätigt" usw., immer noch aktiv.

Hier die Ergebnisse:

1. Eset:
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=418d6490c434d045bfcd80afacc90074
# engine=15838
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-11-12 01:54:14
# local_time=2013-11-12 02:54:14 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 10608493 135851104 0 0
# scanned=1159659
# found=26
# cleaned=0
# scan_time=36973
sh=DDB74AE4C0B1E7AC52F61EAC52383A36DD45A3B4 ft=1 fh=91d20688a8d1ef85 vn="a variant of MSIL/Injector.CEA trojan" ac=I fn="C:\Qoobox\Quarantine\C\Users\Martin\AppData\Roaming\bBLVQdb.exe.vir"
sh=DDB74AE4C0B1E7AC52F61EAC52383A36DD45A3B4 ft=1 fh=91d20688a8d1ef85 vn="a variant of MSIL/Injector.CEA trojan" ac=I fn="C:\Qoobox\Quarantine\C\Users\Martin\AppData\Roaming\BIIQAFHaDlYRo.exe.vir"
sh=DDB74AE4C0B1E7AC52F61EAC52383A36DD45A3B4 ft=1 fh=91d20688a8d1ef85 vn="a variant of MSIL/Injector.CEA trojan" ac=I fn="C:\Qoobox\Quarantine\C\Users\Martin\AppData\Roaming\BXAZpmJdRdPd.exe.vir"
sh=DDB74AE4C0B1E7AC52F61EAC52383A36DD45A3B4 ft=1 fh=91d20688a8d1ef85 vn="a variant of MSIL/Injector.CEA trojan" ac=I fn="C:\Qoobox\Quarantine\C\Users\Martin\AppData\Roaming\cwvcRFRzOzBk.exe.vir"
sh=DDB74AE4C0B1E7AC52F61EAC52383A36DD45A3B4 ft=1 fh=91d20688a8d1ef85 vn="a variant of MSIL/Injector.CEA trojan" ac=I fn="C:\Qoobox\Quarantine\C\Users\Martin\AppData\Roaming\DfRMBcwXKQK.exe.vir"
sh=DDB74AE4C0B1E7AC52F61EAC52383A36DD45A3B4 ft=1 fh=91d20688a8d1ef85 vn="a variant of MSIL/Injector.CEA trojan" ac=I fn="C:\Qoobox\Quarantine\C\Users\Martin\AppData\Roaming\ePJirfBcmMqDQX.exe.vir"
sh=DDB74AE4C0B1E7AC52F61EAC52383A36DD45A3B4 ft=1 fh=91d20688a8d1ef85 vn="a variant of MSIL/Injector.CEA trojan" ac=I fn="C:\Qoobox\Quarantine\C\Users\Martin\AppData\Roaming\eVhJcd.exe.vir"
sh=DDB74AE4C0B1E7AC52F61EAC52383A36DD45A3B4 ft=1 fh=91d20688a8d1ef85 vn="a variant of MSIL/Injector.CEA trojan" ac=I fn="C:\Qoobox\Quarantine\C\Users\Martin\AppData\Roaming\GWPLLii.exe.vir"
sh=DDB74AE4C0B1E7AC52F61EAC52383A36DD45A3B4 ft=1 fh=91d20688a8d1ef85 vn="a variant of MSIL/Injector.CEA trojan" ac=I fn="C:\Qoobox\Quarantine\C\Users\Martin\AppData\Roaming\hcMffauywJSi.exe.vir"
sh=DDB74AE4C0B1E7AC52F61EAC52383A36DD45A3B4 ft=1 fh=91d20688a8d1ef85 vn="a variant of MSIL/Injector.CEA trojan" ac=I fn="C:\Qoobox\Quarantine\C\Users\Martin\AppData\Roaming\hMdUd.exe.vir"
sh=DDB74AE4C0B1E7AC52F61EAC52383A36DD45A3B4 ft=1 fh=91d20688a8d1ef85 vn="a variant of MSIL/Injector.CEA trojan" ac=I fn="C:\Qoobox\Quarantine\C\Users\Martin\AppData\Roaming\jMibT.exe.vir"
sh=DDB74AE4C0B1E7AC52F61EAC52383A36DD45A3B4 ft=1 fh=91d20688a8d1ef85 vn="a variant of MSIL/Injector.CEA trojan" ac=I fn="C:\Qoobox\Quarantine\C\Users\Martin\AppData\Roaming\KdBolWxuRVXf.exe.vir"
sh=DDB74AE4C0B1E7AC52F61EAC52383A36DD45A3B4 ft=1 fh=91d20688a8d1ef85 vn="a variant of MSIL/Injector.CEA trojan" ac=I fn="C:\Qoobox\Quarantine\C\Users\Martin\AppData\Roaming\LsiZXuACAEK.exe.vir"
sh=DDB74AE4C0B1E7AC52F61EAC52383A36DD45A3B4 ft=1 fh=91d20688a8d1ef85 vn="a variant of MSIL/Injector.CEA trojan" ac=I fn="C:\Qoobox\Quarantine\C\Users\Martin\AppData\Roaming\PzcaUDQ.exe.vir"
sh=DDB74AE4C0B1E7AC52F61EAC52383A36DD45A3B4 ft=1 fh=91d20688a8d1ef85 vn="a variant of MSIL/Injector.CEA trojan" ac=I fn="C:\Qoobox\Quarantine\C\Users\Martin\AppData\Roaming\qfkwvGQ.exe.vir"
sh=DDB74AE4C0B1E7AC52F61EAC52383A36DD45A3B4 ft=1 fh=91d20688a8d1ef85 vn="a variant of MSIL/Injector.CEA trojan" ac=I fn="C:\Qoobox\Quarantine\C\Users\Martin\AppData\Roaming\qjGvUbCwoVRH.exe.vir"
sh=DDB74AE4C0B1E7AC52F61EAC52383A36DD45A3B4 ft=1 fh=91d20688a8d1ef85 vn="a variant of MSIL/Injector.CEA trojan" ac=I fn="C:\Qoobox\Quarantine\C\Users\Martin\AppData\Roaming\qLLrCpOPlzLTHu.exe.vir"
sh=DDB74AE4C0B1E7AC52F61EAC52383A36DD45A3B4 ft=1 fh=91d20688a8d1ef85 vn="a variant of MSIL/Injector.CEA trojan" ac=I fn="C:\Qoobox\Quarantine\C\Users\Martin\AppData\Roaming\RjEty.exe.vir"
sh=DDB74AE4C0B1E7AC52F61EAC52383A36DD45A3B4 ft=1 fh=91d20688a8d1ef85 vn="a variant of MSIL/Injector.CEA trojan" ac=I fn="C:\Qoobox\Quarantine\C\Users\Martin\AppData\Roaming\RrSNesONMPa.exe.vir"
sh=DDB74AE4C0B1E7AC52F61EAC52383A36DD45A3B4 ft=1 fh=91d20688a8d1ef85 vn="a variant of MSIL/Injector.CEA trojan" ac=I fn="C:\Qoobox\Quarantine\C\Users\Martin\AppData\Roaming\SLsSXKQEZtFBwH.exe.vir"
sh=DDB74AE4C0B1E7AC52F61EAC52383A36DD45A3B4 ft=1 fh=91d20688a8d1ef85 vn="a variant of MSIL/Injector.CEA trojan" ac=I fn="C:\Qoobox\Quarantine\C\Users\Martin\AppData\Roaming\TNosXW.exe.vir"
sh=DDB74AE4C0B1E7AC52F61EAC52383A36DD45A3B4 ft=1 fh=91d20688a8d1ef85 vn="a variant of MSIL/Injector.CEA trojan" ac=I fn="C:\Qoobox\Quarantine\C\Users\Martin\AppData\Roaming\wqCuI.exe.vir"
sh=DDB74AE4C0B1E7AC52F61EAC52383A36DD45A3B4 ft=1 fh=91d20688a8d1ef85 vn="a variant of MSIL/Injector.CEA trojan" ac=I fn="C:\Qoobox\Quarantine\C\Users\Martin\AppData\Roaming\xrSAQi.exe.vir"
sh=DDB74AE4C0B1E7AC52F61EAC52383A36DD45A3B4 ft=1 fh=91d20688a8d1ef85 vn="a variant of MSIL/Injector.CEA trojan" ac=I fn="C:\Qoobox\Quarantine\C\Users\Martin\AppData\Roaming\YbvnjzYxRisLT.exe.vir"
sh=DDB74AE4C0B1E7AC52F61EAC52383A36DD45A3B4 ft=1 fh=91d20688a8d1ef85 vn="a variant of MSIL/Injector.CEA trojan" ac=I fn="C:\Qoobox\Quarantine\C\Users\Martin\AppData\Roaming\yxIUHFgWYdks.exe.vir"
sh=32AC72466374706A4C49C8204072D9FD867E8819 ft=1 fh=82232db6af9a4275 vn="multiple threats" ac=I fn="F:\C-LAUFWERK 040312\Users\Martin\AppData\Local\Temp\Jc2EEbe5.exe.part"
         
2. checkup.txt:
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.76  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 10  
``````````````Antivirus/Firewall Check:`````````````` 
Microsoft Security Essentials   
  (On Access scanning disabled!) 
 Error obtaining update status for antivirus!  
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware Version 1.75.0.1300  
 Java 7 Update 45  
 Adobe Flash Player 11.9.900.117  
 Adobe Reader XI  
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe 
 Microsoft Security Essentials msseces.exe 
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbamgui.exe  
 Malwarebytes' Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         
3. Frst, frisch:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-11-2013 01
Ran by Martin (administrator) on NEXOC-E712 on 12-11-2013 08:14:41
Running from C:\Users\Martin\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(SafeNet Inc.) C:\Windows\system32\hasplms.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Panasonic Corporation) C:\Windows\system32\p2csvc.exe
(Panasonic Corporation) C:\Windows\SysWOW64\p2csvc32.exe
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
() C:\Program Files (x86)\Hotkey\PowerBiosServer.exe
(ElmüSoft) C:\Program Files (x86)\PTBSync\PTBSync.exe
(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
(SafeNet, Inc) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(WDC) C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(X-Rite Inc.) C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(NVIDIA Corporation) C:\Windows\System32\nvraidservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(mychat) C:\Windows\BisonCam\BisonHK.exe
(Bison Inc.) C:\Windows\BisonCam\DeLay.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
() C:\Program Files (x86)\Paragon Software\HFS+ for Windows   (read-only)\apmwinsrv.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Akamai Technologies, Inc.) C:\Users\Martin\AppData\Local\Akamai\netsession_win.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIGYE.EXE
(Akamai Technologies, Inc.) C:\Users\Martin\AppData\Local\Akamai\netsession_win.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
() C:\Program Files (x86)\Hotkey\Hotkey.exe
() C:\Program Files (x86)\X-Rite\i1Profiler\i1ProfilerTray.exe
() C:\Program Files (x86)\Hotkey\LightShow.exe
(KORG Inc.) C:\Program Files (x86)\KORG\KORG USB-MIDI Driver\EsHelper2.exe
(Panasonic Corporation) C:\Program Files\Panasonic P2\Drivers\App\p2inst_tasktray64.exe
(WDC) C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
(ElmüSoft) C:\Program Files (x86)\PTBSync\PTBSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Opera Software) C:\Program Files (x86)\Opera\opera.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1808680 2009-12-13] (Synaptics Incorporated)
HKLM\...\Run: [LchGKey] - C:\Program Files (x86)\Chicony\GameKeys\LchGKey.exe
HKLM\...\Run: [NVRaidService] - C:\Windows\System32\nvraidservice.exe [291872 2009-06-30] (NVIDIA Corporation)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-08-12] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [472984 2013-06-13] (Adobe Systems Incorporated)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8116256 2009-09-22] (Realtek Semiconductor)
HKLM\...\Run: [BisonHK] - C:\Windows\BisonCam\BisonHK.exe [77824 2008-03-25] (mychat)
HKLM\...\Run: [DeLay] - C:\Windows\BisonCam\DeLay.exe [53248 2008-03-11] (Bison Inc.)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384 2013-10-18] (NVIDIA Corporation)
HKLM\...\Run: [apmwinapp] - C:\Program Files (x86)\Paragon Software\HFS+ for Windows   (read-only)\apmwinsrv.exe [65552 2010-05-11] ()
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Martin\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [18642024 2013-02-28] (Skype Technologies S.A.)
HKCU\...\Run: [PC Suite Tray] - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia)
HKCU\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564016 2013-07-26] (Samsung)
HKCU\...\Run: [Epson Stylus Photo PX720WD(Netzwerk)] - C:\Users\Martin\AppData\Local\Temp\E_S191B.tmp [230 2013-11-10] ()
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2012-03-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe [44128 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe_ID0ENQBO] - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe [378224 2008-08-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KORG USB-MIDI Driver] - C:\Program Files (x86)\KORG\KORG USB-MIDI Driver\EsHelper2.exe [393616 2011-03-30] (KORG Inc.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [WD Drive Manager] - C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe [480768 2012-05-01] (WDC)
HKLM-x32\...\Run: [PTBSync] - C:\Program Files (x86)\PTBSync\PTBSync.exe [1582592 2013-03-05] (ElmüSoft)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-09-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-07-26] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\postgres\...\Run: [updateMgr] - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe AcPro7_0_0 -reboot 1
HKU\postgres\...\Run: [Epson Stylus Photo PX720WD(Netzwerk)] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGYE.EXE /FU "C:\Users\Martin\AppData\Local\Temp\E_SC79C.tmp" /EF "HKCU"
HKU\postgres\...\Run: [Akamai NetSession Interface] - C:\Users\Martin\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\postgres\...\Run: [AdobeBridge] - [x]
HKU\postgres\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [18642024 2013-02-28] (Skype Technologies S.A.)
Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xB0A2518C181ACD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM-x32 {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File
Tcpip\..\Interfaces\{9C0AED26-CE60-4B65-BEFF-45D3685EB637}: [NameServer]195.3.96.67,213.33.98.136

FireFox:
========
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\bfbe7mgi.default-1383684326173
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION

==================== Services (Whitelisted) =================

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2012-03-06] (Adobe Systems)
S3 Adobe Version Cue CS4; C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [288112 2012-03-06] (Adobe Systems Incorporated)
S3 Avid DMF Service; C:\Program Files\Avid\Editor Transcode\Dynamic Media Files\DMFService.exe [661832 2013-08-27] (Avid Technology, Inc.)
S2 Avid Editor Broker; C:\Program Files\Avid\Editor Transcode\TranscodeService\AvidEditorMSE.exe [662344 2013-08-27] (Avid Technology, Inc.)
S2 Avid Editor Db Engine; C:\Program Files\Avid\Editor Transcode\TranscodeService\AvidEditorDbEngine.exe [661832 2013-08-27] (Avid Technology, Inc.)
S3 Avid Editor Transcode Service; C:\Program Files\Avid\Editor Transcode\TranscodeService\AvidEditorTranscode.exe [662344 2013-08-27] (Avid Technology, Inc.)
S2 Avid Editor Transcode Status; C:\Program Files\Avid\Editor Transcode\TranscodeService\rnc-central\AvidEditorTranscodeStatus.exe [297800 2013-08-27] (Avid Technology, Inc.)
R2 hasplms; C:\Windows\system32\hasplms.exe [3750400 2009-12-16] (SafeNet Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-08-12] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-08-12] (Microsoft Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15122208 2013-10-18] (NVIDIA Corporation)
R2 p2csvc; C:\Windows\system32\p2csvc.exe [67072 2008-07-25] (Panasonic Corporation)
R2 p2csvc32; C:\Windows\SysWOW64\p2csvc32.exe [61440 2008-07-25] (Panasonic Corporation)
R2 PowerBiosServer; C:\Program Files (x86)\Hotkey\PowerBiosServer.exe [37784 2009-08-14] ()
R2 PTBSync; C:\Program Files (x86)\PTBSync\PTBSync.exe [1582592 2013-03-05] (ElmüSoft)
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP4\RpcAgentSrv.exe [71832 2009-06-15] (SiSoftware)
R2 SentinelKeysServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [376832 2013-01-09] (SafeNet, Inc.)
R2 SentinelProtectionServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [1259872 2013-01-09] (SafeNet, Inc)
R2 SentinelSecurityRuntime; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [293216 2013-01-09] (SafeNet, Inc.)
R2 WDBtnMgrSvc.exe; C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [119296 2012-05-01] (WDC)
R2 xrdd.exe; C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe [203600 2012-03-08] (X-Rite Inc.)
R2 PaceLicenseDServices; "C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe" -u https://activation.paceap.com/InitiateActivation [x]

==================== Drivers (Whitelisted) ====================

R0 apmwin; C:\Windows\System32\DRIVERS\apmwin.sys [28176 2010-05-11] (Paragon Software Group)
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [29184 2009-08-13] (CSR, plc)
S2 cvintdrv; C:\Windows\SysWow64\Drivers\cvintdrv.sys [7140 2003-07-29] ()
R0 gpt_loader; C:\Windows\System32\DRIVERS\gpt_loader.sys [50192 2010-05-11] (Paragon Software Group)
S3 Hfsplus; C:\Windows\System32\DRIVERS\hfsplus.sys [102928 2010-05-11] (Paragon Software Group)
R2 HfsplusRec; C:\Windows\System32\DRIVERS\hfsplusrec.sys [13840 2010-05-11] (Paragon Software Group)
R0 johci; C:\Windows\System32\DRIVERS\johci.sys [20392 2009-12-13] (JMicron )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 mod7700; C:\Windows\System32\Drivers\dvb7700all.sys [956416 2012-03-04] (DiBcom)
R0 mounthlp; C:\Windows\System32\DRIVERS\mounthlp.sys [36368 2010-05-11] (Paragon Software Group)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)
R0 nvrd64; C:\Windows\System32\DRIVERS\nvrd64.sys [175648 2009-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-09-28] (NVIDIA Corporation)
S3 p2cache; C:\Windows\System32\DRIVERS\p2cache.sys [68096 2008-07-24] (Panasonic Corporation)
R0 p2cata; C:\Windows\System32\DRIVERS\p2cata.sys [56832 2008-07-24] (Panasonic Corporation)
S3 pfc; C:\Windows\SysWow64\drivers\pfc.sys [10368 2005-11-02] (Padus, Inc.)
R3 RTL8187Se; C:\Windows\System32\DRIVERS\RTL8187Se.sys [439296 2009-12-13] (Realtek Semiconductor Corporation                           )
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP4\WNt500x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)
R2 WinI2C-DDC; C:\Windows\system32\drivers\DDCDrv.sys [20832 2012-03-28] (Nicomsoft Ltd.)
R2 WinI2C-DDC; C:\Windows\SysWow64\drivers\DDCDrv.sys [10240 2012-03-28] (Nicomsoft Ltd.)
R2 WinRing0_1_2_0; C:\Windows\system32\Drivers\ptbring0.sys [14544 2013-03-05] (OpenLibSys.org)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-12 08:06 - 2013-11-12 08:06 - 00001018 _____ C:\Users\Martin\Desktop\checkup.txt
2013-11-12 03:42 - 2013-11-12 03:42 - 00891184 _____ C:\Users\Martin\Desktop\SecurityCheck.exe
2013-11-11 16:34 - 2013-11-11 16:34 - 00006180 _____ C:\Windows\system32\PerfStringBackup.TMP
2013-11-11 16:32 - 2013-11-11 16:32 - 02347384 _____ (ESET) C:\Users\Martin\Desktop\esetsmartinstaller_enu.exe
2013-11-11 12:13 - 2013-11-11 12:14 - 00026090 _____ C:\Users\Martin\Desktop\Addition.txt
2013-11-11 12:12 - 2013-11-11 12:12 - 01957590 _____ (Farbar) C:\Users\Martin\Desktop\FRST64.exe
2013-11-11 12:05 - 2013-11-11 12:05 - 00000816 _____ C:\Users\Martin\Desktop\JRT.txt
2013-11-11 11:58 - 2013-11-11 11:58 - 00000000 ____D C:\Windows\ERUNT
2013-11-11 11:57 - 2013-11-11 11:57 - 01034531 _____ (Thisisu) C:\Users\Martin\Desktop\JRT.exe
2013-11-11 11:54 - 2013-11-11 11:54 - 00017068 _____ C:\Users\Martin\Desktop\AdwCleaner[S0].txt
2013-11-11 11:41 - 2013-11-11 11:50 - 00000000 ____D C:\AdwCleaner
2013-11-11 11:39 - 2013-11-11 11:40 - 01085542 _____ C:\Users\Martin\Desktop\adwcleaner.exe
2013-11-11 11:13 - 2013-11-11 11:13 - 00001155 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-11-11 11:13 - 2013-11-11 11:13 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Malwarebytes
2013-11-11 11:13 - 2013-11-11 11:13 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-11 11:13 - 2013-11-11 11:13 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-11 11:13 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-11-11 09:40 - 2013-11-11 09:40 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Martin\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-10 18:39 - 2013-11-10 18:39 - 00159144 _____ (Microsoft Corporation) C:\Users\Martin\Downloads\WindowsActivationUpdate.exe
2013-11-10 10:25 - 2013-11-10 10:25 - 00033783 _____ C:\Users\Martin\Desktop\Combofix 10-11-13.txt
2013-11-10 10:23 - 2013-11-10 10:23 - 00033783 _____ C:\ComboFix.txt
2013-11-10 09:43 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2013-11-10 09:43 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2013-11-10 09:43 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-11-10 09:43 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-11-10 09:43 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-11-10 09:43 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2013-11-10 09:43 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2013-11-10 09:43 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2013-11-10 09:39 - 2013-11-10 10:23 - 00000000 ____D C:\Qoobox
2013-11-10 09:39 - 2013-11-10 10:18 - 00000000 ____D C:\Windows\erdnt
2013-11-09 15:59 - 2013-11-09 15:59 - 00907792 __RSH C:\Users\Martin\AppData\Roaming\689F8AC39767376A3A04C62470492
2013-11-09 15:55 - 2013-11-09 15:56 - 00471816 _____ C:\Windows\Minidump\110913-30716-01.dmp
2013-11-09 14:14 - 2013-11-09 14:14 - 05145633 ____R (Swearware) C:\Users\Martin\Downloads\ComboFix.exe
2013-11-09 12:54 - 2013-11-09 12:54 - 00009342 _____ C:\Users\Martin\Downloads\Addition.zip
2013-11-09 12:54 - 2013-11-09 12:54 - 00002456 _____ C:\Users\Martin\Downloads\Gmer.zip
2013-11-09 12:53 - 2013-11-09 12:53 - 00013346 _____ C:\Users\Martin\Downloads\FRST.zip
2013-11-09 12:44 - 2013-11-09 12:44 - 01110476 _____ C:\Users\Martin\Downloads\7z920.exe
2013-11-09 12:06 - 2013-11-09 12:06 - 00022226 _____ C:\Users\Martin\Downloads\Gmer.txt
2013-11-09 11:50 - 2013-11-09 11:50 - 00377856 _____ C:\Users\Martin\Downloads\gmer_2.1.19163.exe
2013-11-09 11:49 - 2013-11-09 11:49 - 00071727 _____ C:\Users\Martin\Downloads\FRST.txt
2013-11-09 11:45 - 2013-11-09 11:45 - 00000474 _____ C:\Users\Martin\Downloads\defogger_disable.log
2013-11-09 11:45 - 2013-11-09 11:45 - 00000000 _____ C:\Users\Martin\defogger_reenable
2013-11-09 11:43 - 2013-11-09 11:43 - 00050477 _____ C:\Users\Martin\Downloads\Defogger.exe
2013-11-09 11:40 - 2013-11-09 11:49 - 00036993 _____ C:\Users\Martin\Downloads\Addition.txt
2013-11-06 21:40 - 2013-11-06 21:40 - 00000000 ____D C:\FRST
2013-11-06 19:49 - 2013-11-12 07:53 - 00001392 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-06 19:49 - 2013-11-12 07:53 - 00001392 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-06 19:49 - 2013-11-06 19:50 - 00000552 _____ C:\Windows\system32\spsys.log
2013-11-06 09:10 - 2013-11-06 09:10 - 00000000 ____D C:\Users\Martin\.android
2013-11-06 09:06 - 2013-11-06 09:06 - 00000000 ____D C:\Users\Martin\Downloads\CSM_Y1149-E50_Backup
2013-11-06 08:56 - 2013-11-06 09:03 - 185382983 _____ C:\Users\Martin\Downloads\CSM_Y1149-E50_Backup.zip
2013-11-05 21:45 - 2013-11-05 21:45 - 00000000 ____D C:\Users\Martin\Desktop\Alte Firefox-Daten
2013-11-05 21:40 - 2013-11-05 21:42 - 00477265 _____ C:\Users\Martin\Desktop\lftp13.rar
2013-11-05 21:40 - 2013-11-05 21:42 - 00477265 _____ C:\Users\Martin\Desktop\Install.rar
2013-11-05 21:21 - 2013-11-10 10:26 - 00000000 _____ C:\Users\Martin\AppData\Roaming\lock
2013-11-05 21:21 - 2013-11-10 10:02 - 00003795 _____ C:\Users\Martin\AppData\Roaming\state
2013-11-04 11:19 - 2013-11-05 10:15 - 00000355 _____ C:\Users\Martin\Desktop\My Home is My Castle.txt
2013-11-02 08:32 - 2013-11-02 08:32 - 00000858 _____ C:\Users\Public\Desktop\Print CD.lnk
2013-10-30 09:24 - 2013-10-30 10:55 - 00000812 _____ C:\Users\Martin\Desktop\Der Tod - Wien heute.txt
2013-10-30 09:16 - 2013-10-30 01:35 - 352218306 _____ C:\Users\Martin\Desktop\der_tod_das_muss_ein_wiener_sein_DVCHDPRO-Desktop.m4v
2013-10-29 19:43 - 2013-10-29 19:47 - 100547994 _____ C:\Users\Martin\Downloads\PDZVX10 XDCAM VIEWER_v230.zip
2013-10-29 19:42 - 2013-10-29 19:42 - 07526147 _____ C:\Users\Martin\Downloads\PDZKMA233.zip
2013-10-29 14:38 - 2013-10-29 14:45 - 00000000 ____D C:\Users\Martin\AppData\Roaming\iPumper
2013-10-29 14:38 - 2013-10-29 14:38 - 05434312 _____ C:\Users\Martin\Downloads\xdcam_hd422_codec_Downloader.exe
2013-10-29 14:34 - 2013-10-29 14:33 - 00279656 _____ (Apple Inc.) C:\Users\Martin\Downloads\ProResDecoderSetup.exe
2013-10-29 10:21 - 2013-10-29 10:21 - 00000000 ____D C:\Users\Martin\Desktop\Pressefotos neu
2013-10-29 10:05 - 2013-10-29 10:05 - 00002039 _____ C:\Users\Martin\Desktop\Pressefotos - Legende.txt
2013-10-28 20:56 - 2013-10-23 11:30 - 30344480 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 22933792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 18199872 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 12572960 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-10-28 20:56 - 2013-10-23 11:30 - 11426568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 11374520 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 09524088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 09480328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 03131680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 03124512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433165.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433165.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 00696096 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 00655136 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-10-28 20:56 - 2013-10-23 11:30 - 00560416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-10-28 20:50 - 2013-10-18 02:36 - 01063200 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2013-10-28 20:50 - 2013-10-18 02:36 - 00955168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2013-10-28 20:48 - 2013-09-28 00:01 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2013-10-28 20:48 - 2013-09-28 00:01 - 00028960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2013-10-28 20:16 - 2013-10-23 11:30 - 15855568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-10-28 20:16 - 2013-10-16 01:48 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433158.dll
2013-10-28 20:16 - 2013-10-16 01:48 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433158.dll
2013-10-27 16:41 - 2013-10-08 07:50 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-27 16:41 - 2013-10-08 07:46 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-27 16:41 - 2013-10-08 07:46 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-27 16:41 - 2013-10-08 07:46 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-27 16:40 - 2013-10-27 16:41 - 00004278 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-27 10:19 - 2013-10-27 10:39 - 00000000 ____D C:\Users\Public\Pressefotos
2013-10-27 09:41 - 2010-05-11 11:39 - 00050192 _____ (Paragon Software Group) C:\Windows\system32\Drivers\gpt_loader.sys
2013-10-27 09:41 - 2010-05-11 11:39 - 00036368 _____ (Paragon Software Group) C:\Windows\system32\Drivers\mounthlp.sys
2013-10-27 09:40 - 2013-10-27 09:40 - 00000000 ____D C:\Program Files (x86)\Paragon Software
2013-10-27 09:40 - 2010-05-11 11:39 - 00102928 _____ (Paragon Software Group) C:\Windows\system32\Drivers\hfsplus.sys
2013-10-27 09:40 - 2010-05-11 11:39 - 00028176 _____ (Paragon Software Group) C:\Windows\system32\Drivers\apmwin.sys
2013-10-27 09:40 - 2010-05-11 11:39 - 00013840 _____ (Paragon Software Group) C:\Windows\system32\Drivers\hfsplusrec.sys
2013-10-27 09:39 - 2013-10-27 09:39 - 02416640 _____ C:\Users\Martin\Downloads\Paragon-153-PEG_WinInstallx64_1.0.5_001.msi
2013-10-24 21:43 - 2013-10-24 21:43 - 00000000 ____D C:\Users\Martin\Downloads\tod
2013-10-24 21:40 - 2013-10-24 21:43 - 245266481 _____ C:\Users\Martin\Downloads\tod.zip
2013-10-23 03:02 - 2013-10-23 03:02 - 00589600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-10-21 20:26 - 2013-10-23 11:57 - 00799418 _____ C:\Users\Martin\Desktop\Der Tod, das muß ein Wiener sein! Einzeltitel.psd
2013-10-17 07:57 - 2012-12-13 16:19 - 216051490 _____ C:\Users\Martin\Desktop\P062_LogoOrthopaedie_Final_V3_1080_25p_13-12-2012.mov
2013-10-13 14:06 - 2013-10-23 16:08 - 00000000 ____D C:\Users\Public\Der Tod, das muß ein Wiener sein

==================== One Month Modified Files and Folders =======

2013-11-12 08:06 - 2013-11-12 08:06 - 00001018 _____ C:\Users\Martin\Desktop\checkup.txt
2013-11-12 07:53 - 2013-11-06 19:49 - 00001392 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-12 07:53 - 2013-11-06 19:49 - 00001392 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-12 07:49 - 2012-03-04 13:19 - 00000584 _____ C:\Users\Martin\Documents\PTBSync-AutoExport-Martin.ini
2013-11-12 07:39 - 2012-04-10 19:00 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-12 06:26 - 2012-03-04 17:22 - 01945701 _____ C:\Windows\WindowsUpdate.log
2013-11-12 03:42 - 2013-11-12 03:42 - 00891184 _____ C:\Users\Martin\Desktop\SecurityCheck.exe
2013-11-12 02:00 - 2012-03-04 22:57 - 00000000 ____D C:\Users\Martin\AppData\Local\Adobe
2013-11-11 16:34 - 2013-11-11 16:34 - 00006180 _____ C:\Windows\system32\PerfStringBackup.TMP
2013-11-11 16:32 - 2013-11-11 16:32 - 02347384 _____ (ESET) C:\Users\Martin\Desktop\esetsmartinstaller_enu.exe
2013-11-11 12:14 - 2013-11-11 12:13 - 00026090 _____ C:\Users\Martin\Desktop\Addition.txt
2013-11-11 12:12 - 2013-11-11 12:12 - 01957590 _____ (Farbar) C:\Users\Martin\Desktop\FRST64.exe
2013-11-11 12:05 - 2013-11-11 12:05 - 00000816 _____ C:\Users\Martin\Desktop\JRT.txt
2013-11-11 11:58 - 2013-11-11 11:58 - 00000000 ____D C:\Windows\ERUNT
2013-11-11 11:57 - 2013-11-11 11:57 - 01034531 _____ (Thisisu) C:\Users\Martin\Desktop\JRT.exe
2013-11-11 11:55 - 2012-11-12 21:22 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Skype
2013-11-11 11:54 - 2013-11-11 11:54 - 00017068 _____ C:\Users\Martin\Desktop\AdwCleaner[S0].txt
2013-11-11 11:54 - 2012-03-04 13:19 - 00001546 _____ C:\Users\Martin\Documents\PTBSync-DesktopSetting-Martin.txt
2013-11-11 11:52 - 2012-03-04 17:53 - 00000000 ____D C:\ProgramData\NVIDIA
2013-11-11 11:52 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-11 11:52 - 2009-07-14 05:51 - 00109773 _____ C:\Windows\setupact.log
2013-11-11 11:50 - 2013-11-11 11:41 - 00000000 ____D C:\AdwCleaner
2013-11-11 11:50 - 2013-01-18 06:07 - 00001039 _____ C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-11 11:40 - 2013-11-11 11:39 - 01085542 _____ C:\Users\Martin\Desktop\adwcleaner.exe
2013-11-11 11:31 - 2012-03-04 17:52 - 00057252 _____ C:\Windows\PFRO.log
2013-11-11 11:13 - 2013-11-11 11:13 - 00001155 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-11-11 11:13 - 2013-11-11 11:13 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Malwarebytes
2013-11-11 11:13 - 2013-11-11 11:13 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-11 11:13 - 2013-11-11 11:13 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-11 09:40 - 2013-11-11 09:40 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Martin\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-10 18:51 - 2013-09-19 10:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-10 18:39 - 2013-11-10 18:39 - 00159144 _____ (Microsoft Corporation) C:\Users\Martin\Downloads\WindowsActivationUpdate.exe
2013-11-10 10:26 - 2013-11-05 21:21 - 00000000 _____ C:\Users\Martin\AppData\Roaming\lock
2013-11-10 10:25 - 2013-11-10 10:25 - 00033783 _____ C:\Users\Martin\Desktop\Combofix 10-11-13.txt
2013-11-10 10:23 - 2013-11-10 10:23 - 00033783 _____ C:\ComboFix.txt
2013-11-10 10:23 - 2013-11-10 09:39 - 00000000 ____D C:\Qoobox
2013-11-10 10:18 - 2013-11-10 09:39 - 00000000 ____D C:\Windows\erdnt
2013-11-10 10:06 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2013-11-10 10:02 - 2013-11-05 21:21 - 00003795 _____ C:\Users\Martin\AppData\Roaming\state
2013-11-09 15:59 - 2013-11-09 15:59 - 00907792 __RSH C:\Users\Martin\AppData\Roaming\689F8AC39767376A3A04C62470492
2013-11-09 15:56 - 2013-11-09 15:55 - 00471816 _____ C:\Windows\Minidump\110913-30716-01.dmp
2013-11-09 15:55 - 2013-06-06 07:30 - 695959793 _____ C:\Windows\MEMORY.DMP
2013-11-09 15:55 - 2012-03-05 00:50 - 00000000 ____D C:\Windows\Minidump
2013-11-09 14:14 - 2013-11-09 14:14 - 05145633 ____R (Swearware) C:\Users\Martin\Downloads\ComboFix.exe
2013-11-09 12:54 - 2013-11-09 12:54 - 00009342 _____ C:\Users\Martin\Downloads\Addition.zip
2013-11-09 12:54 - 2013-11-09 12:54 - 00002456 _____ C:\Users\Martin\Downloads\Gmer.zip
2013-11-09 12:53 - 2013-11-09 12:53 - 00013346 _____ C:\Users\Martin\Downloads\FRST.zip
2013-11-09 12:44 - 2013-11-09 12:44 - 01110476 _____ C:\Users\Martin\Downloads\7z920.exe
2013-11-09 12:06 - 2013-11-09 12:06 - 00022226 _____ C:\Users\Martin\Downloads\Gmer.txt
2013-11-09 11:50 - 2013-11-09 11:50 - 00377856 _____ C:\Users\Martin\Downloads\gmer_2.1.19163.exe
2013-11-09 11:49 - 2013-11-09 11:49 - 00071727 _____ C:\Users\Martin\Downloads\FRST.txt
2013-11-09 11:49 - 2013-11-09 11:40 - 00036993 _____ C:\Users\Martin\Downloads\Addition.txt
2013-11-09 11:45 - 2013-11-09 11:45 - 00000474 _____ C:\Users\Martin\Downloads\defogger_disable.log
2013-11-09 11:45 - 2013-11-09 11:45 - 00000000 _____ C:\Users\Martin\defogger_reenable
2013-11-09 11:45 - 2012-03-04 17:27 - 00000000 ____D C:\Users\Martin
2013-11-09 11:43 - 2013-11-09 11:43 - 00050477 _____ C:\Users\Martin\Downloads\Defogger.exe
2013-11-09 11:14 - 2012-03-04 14:08 - 00000000 ____D C:\Users\Martin\Documents\LogIns
2013-11-06 21:40 - 2013-11-06 21:40 - 00000000 ____D C:\FRST
2013-11-06 19:50 - 2013-11-06 19:49 - 00000552 _____ C:\Windows\system32\spsys.log
2013-11-06 09:10 - 2013-11-06 09:10 - 00000000 ____D C:\Users\Martin\.android
2013-11-06 09:06 - 2013-11-06 09:06 - 00000000 ____D C:\Users\Martin\Downloads\CSM_Y1149-E50_Backup
2013-11-06 09:03 - 2013-11-06 08:56 - 185382983 _____ C:\Users\Martin\Downloads\CSM_Y1149-E50_Backup.zip
2013-11-06 08:54 - 2013-04-29 22:37 - 00000000 ____D C:\Program Files (x86)\Opera
2013-11-05 21:45 - 2013-11-05 21:45 - 00000000 ____D C:\Users\Martin\Desktop\Alte Firefox-Daten
2013-11-05 21:42 - 2013-11-05 21:40 - 00477265 _____ C:\Users\Martin\Desktop\lftp13.rar
2013-11-05 21:42 - 2013-11-05 21:40 - 00477265 _____ C:\Users\Martin\Desktop\Install.rar
2013-11-05 21:38 - 2012-03-04 12:55 - 06582279 _____ (Ambrose) C:\Users\Martin\Desktop\XMediaRecode2268_setup.exe
2013-11-05 21:37 - 2012-03-04 12:55 - 10731527 _____ (Ambrose) C:\Users\Martin\Desktop\SetupDocumentsManager.exe
2013-11-05 21:37 - 2012-03-04 12:55 - 02101255 _____ (Ambrose) C:\Users\Martin\Desktop\WGAPluginInstall.exe
2013-11-05 21:36 - 2012-03-04 12:55 - 14651399 _____ (Ambrose) C:\Users\Martin\Desktop\mp3rocket.exe
2013-11-05 21:36 - 2012-03-04 12:55 - 07884807 _____ (Ambrose) C:\Users\Martin\Desktop\Openwave_v70_Simulator.exe
2013-11-05 21:36 - 2012-03-04 12:55 - 01843207 _____ (Ambrose) C:\Users\Martin\Desktop\pcs.exe
2013-11-05 21:35 - 2012-05-10 15:06 - 15994887 _____ (Ambrose) C:\Users\Martin\Desktop\HCFRSetup.exe
2013-11-05 21:34 - 2013-01-04 09:36 - 00000000 ____D C:\Users\Martin\Documents\Rechnungen 2013
2013-11-05 21:34 - 2012-10-07 10:24 - 01634311 _____ (Ambrose) C:\Users\Martin\Desktop\h264info.exe
2013-11-05 21:34 - 2012-05-03 04:21 - 02248711 _____ (Ambrose) C:\Users\Martin\Desktop\GPU-Z.0.6.2.exe
2013-11-05 21:34 - 2012-04-10 23:14 - 21942279 _____ (Ambrose) C:\Users\Martin\Desktop\DVDFab8175Qt.exe
2013-11-05 21:33 - 2012-03-04 12:54 - 05079047 _____ (Ambrose) C:\Users\Martin\Desktop\DVD2MP4.exe
2013-11-05 21:32 - 2012-03-04 12:54 - 22794247 _____ (Ambrose) C:\Users\Martin\Desktop\DivXInstaller721.exe
2013-11-05 21:31 - 2012-03-04 12:54 - 111759367 _____ (Ambrose) C:\Users\Martin\Desktop\DiscWizardSetup.de.exe
2013-11-05 21:26 - 2012-03-04 12:54 - 62115847 _____ (Ambrose) C:\Users\Martin\Desktop\AVSVideoConverter.exe
2013-11-05 21:22 - 2012-05-15 10:32 - 02301959 _____ (Ambrose) C:\Users\Martin\Desktop\7z920.exe
2013-11-05 21:22 - 2012-03-04 12:53 - 09482247 _____ (Ambrose) C:\Users\Martin\Desktop\AvidCodecsLE_MSI_Install.exe
2013-11-05 11:48 - 2012-03-04 14:08 - 00000000 ____D C:\Users\Martin\Documents\Honorarnoten
2013-11-05 10:15 - 2013-11-04 11:19 - 00000355 _____ C:\Users\Martin\Desktop\My Home is My Castle.txt
2013-11-02 22:14 - 2012-03-05 09:04 - 00000000 ____D C:\Users\Martin\AppData\Roaming\FileZilla
2013-11-02 09:39 - 2012-03-04 14:04 - 00000000 ____D C:\Users\Martin\Documents\Epson Print CD
2013-11-02 08:32 - 2013-11-02 08:32 - 00000858 _____ C:\Users\Public\Desktop\Print CD.lnk
2013-11-02 08:32 - 2012-03-08 11:53 - 00000000 ____D C:\Program Files (x86)\Epson Software
2013-11-02 08:32 - 2012-03-04 17:35 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-11-01 21:26 - 2012-03-04 13:23 - 00000000 ____D C:\Users\Martin\Documents\CD- und Video-Etiketten
2013-10-31 23:41 - 2012-03-05 16:22 - 00000000 ____D C:\Users\Public\Documents\Avid Media Composer
2013-10-31 00:02 - 2012-03-19 09:43 - 00012292 ____H C:\Users\Public\.DS_Store
2013-10-30 10:55 - 2013-10-30 09:24 - 00000812 _____ C:\Users\Martin\Desktop\Der Tod - Wien heute.txt
2013-10-30 01:35 - 2013-10-30 09:16 - 352218306 _____ C:\Users\Martin\Desktop\der_tod_das_muss_ein_wiener_sein_DVCHDPRO-Desktop.m4v
2013-10-29 19:47 - 2013-10-29 19:43 - 100547994 _____ C:\Users\Martin\Downloads\PDZVX10 XDCAM VIEWER_v230.zip
2013-10-29 19:42 - 2013-10-29 19:42 - 07526147 _____ C:\Users\Martin\Downloads\PDZKMA233.zip
2013-10-29 15:39 - 2012-03-04 12:59 - 00000000 ____D C:\Users\Martin\Desktop\Install
2013-10-29 14:45 - 2013-10-29 14:38 - 00000000 ____D C:\Users\Martin\AppData\Roaming\iPumper
2013-10-29 14:38 - 2013-10-29 14:38 - 05434312 _____ C:\Users\Martin\Downloads\xdcam_hd422_codec_Downloader.exe
2013-10-29 14:33 - 2013-10-29 14:34 - 00279656 _____ (Apple Inc.) C:\Users\Martin\Downloads\ProResDecoderSetup.exe
2013-10-29 10:44 - 2011-09-09 06:16 - 00000000 ___HD C:\Users\Martin\AppData\Local\xnWURx8Skku
2013-10-29 10:21 - 2013-10-29 10:21 - 00000000 ____D C:\Users\Martin\Desktop\Pressefotos neu
2013-10-29 10:05 - 2013-10-29 10:05 - 00002039 _____ C:\Users\Martin\Desktop\Pressefotos - Legende.txt
2013-10-28 21:01 - 2012-03-04 17:34 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-10-28 20:50 - 2012-03-04 19:57 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-10-28 20:50 - 2012-03-04 17:35 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-10-27 16:41 - 2013-10-27 16:40 - 00004278 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-27 16:41 - 2013-09-11 20:28 - 00000000 ____D C:\ProgramData\Oracle
2013-10-27 16:41 - 2012-03-13 19:46 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-27 10:39 - 2013-10-27 10:19 - 00000000 ____D C:\Users\Public\Pressefotos
2013-10-27 09:40 - 2013-10-27 09:40 - 00000000 ____D C:\Program Files (x86)\Paragon Software
2013-10-27 09:39 - 2013-10-27 09:39 - 02416640 _____ C:\Users\Martin\Downloads\Paragon-153-PEG_WinInstallx64_1.0.5_001.msi
2013-10-24 21:43 - 2013-10-24 21:43 - 00000000 ____D C:\Users\Martin\Downloads\tod
2013-10-24 21:43 - 2013-10-24 21:40 - 245266481 _____ C:\Users\Martin\Downloads\tod.zip
2013-10-23 16:08 - 2013-10-13 14:06 - 00000000 ____D C:\Users\Public\Der Tod, das muß ein Wiener sein
2013-10-23 12:08 - 2012-09-18 15:40 - 00001456 _____ C:\Users\Martin\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2013-10-23 11:57 - 2013-10-21 20:26 - 00799418 _____ C:\Users\Martin\Desktop\Der Tod, das muß ein Wiener sein! Einzeltitel.psd
2013-10-23 11:30 - 2013-10-28 20:56 - 30344480 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 22933792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 18199872 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 12572960 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-10-23 11:30 - 2013-10-28 20:56 - 11426568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 11374520 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 09524088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 09480328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 03131680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 03124512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433165.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433165.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 00696096 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 00655136 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-10-23 11:30 - 2013-10-28 20:56 - 00560416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-10-23 11:30 - 2013-10-28 20:16 - 15855568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-10-23 11:30 - 2013-05-23 23:15 - 15212336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-10-23 11:30 - 2012-09-14 06:16 - 02695200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-10-23 11:30 - 2012-03-04 19:56 - 18286416 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-10-23 11:30 - 2012-03-04 19:56 - 03067560 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-10-23 11:30 - 2012-03-04 19:56 - 00023287 _____ C:\Windows\system32\nvinfo.pb
2013-10-23 09:20 - 2012-04-14 11:13 - 06669600 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-10-23 09:20 - 2012-04-14 11:13 - 03489568 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-10-23 09:20 - 2012-04-14 11:13 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2013-10-23 09:20 - 2012-04-14 11:13 - 00922912 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-10-23 09:20 - 2012-04-14 11:13 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-10-23 09:20 - 2012-04-14 11:13 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-10-23 03:02 - 2013-10-23 03:02 - 00589600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-10-18 02:36 - 2013-10-28 20:50 - 01063200 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2013-10-18 02:36 - 2013-10-28 20:50 - 00955168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2013-10-17 07:48 - 2012-03-12 09:57 - 00000216 _____ C:\Users\Martin\AppData\Roaming\default.rss
2013-10-16 18:45 - 2013-08-13 15:07 - 00004467 _____ C:\Users\Martin\Desktop\Der Tod, das muß... Legende.txt
2013-10-16 01:48 - 2013-10-28 20:16 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433158.dll
2013-10-16 01:48 - 2013-10-28 20:16 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433158.dll

Some content of TEMP:
====================
C:\Users\Martin\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-10 00:06

==================== End Of Log ============================
         
--- --- ---

--- --- ---


sowie auch Addition:
FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-11-2013 01
Ran by Martin at 2013-11-12 08:15:29
Running from C:\Users\Martin\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

3CXPhone (x32 Version: 4.0.26523.0)
7-Zip 9.20 (x32)
Acrobat.com (x32 Version: 0.0.0)
Acrobat.com (x32 Version: 1.2.443)
Adobe Acrobat 9 Pro - English, Français, Deutsch (x32 Version: 9.5.5)
Adobe Acrobat 9.5.5 - CPSID_83708 (x32)
Adobe Acrobat XI Pro (x32 Version: 11.0)
Adobe After Effects CS4 Third Party Content (x32 Version: 9)
Adobe AIR (x32 Version: 3.8.0.1280)
Adobe Anchor Service CS4 (x32 Version: 2.0)
Adobe Asset Services CS4 (x32 Version: 4)
Adobe Audition 2.0 (x32 Version: 2.0)
Adobe Bridge 1.0 (x32 Version: 1.0.1.1)
Adobe Bridge CS4 (x32 Version: 3)
Adobe CMaps CS4 (x32 Version: 2.0)
Adobe Color EU Recommended Settings CS4 (x32 Version: 2.0)
Adobe Color JA Extra Settings CS4 (x32 Version: 2.0)
Adobe Color NA Extra Settings CS4 (x32 Version: 2.0)
Adobe Common File Installer (x32 Version: 1.00.002)
Adobe Creative Cloud (x32 Version: 2.1.2.232)
Adobe Creative Suite 4 Master Collection (x32 Version: 4.0)
Adobe Creative Suite 6 Production Premium (x32 Version: 6)
Adobe CS4 American English Speech Analysis Models (x32 Version: 1)
Adobe CSI CS4 (x32 Version: 1)
Adobe CSI CS4 x64 (Version: 1)
Adobe Default Language CS4 (x32 Version: 2.0)
Adobe Dreamweaver CS6 (x32 Version: 12.0.3)
Adobe Drive CS4 (x32 Version: 1)
Adobe Drive CS4 x64 (Version: 1)
Adobe Dynamiclink Support (x32 Version: 1)
Adobe Edge Animate (x32 Version: 1.5)
Adobe Encore CS4 Codecs (x32 Version: 4)
Adobe Exchange Panel (x32 Version: 1)
Adobe ExtendScript Toolkit CS4 (x32 Version: 3.0.0)
Adobe Extension Manager CS4 (x32 Version: 2.0)
Adobe Fireworks CS4 (x32 Version: 10.0)
Adobe Fireworks CS6 (x32 Version: 12.0.1)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Flash Professional CS6 (x32 Version: 12.0)
Adobe Fonts All (x32 Version: 2.0)
Adobe Help Center 2.0 (x32 Version: 2.0.0)
Adobe Help Manager (x32 Version: 4.0.244)
Adobe Illustrator CS6 (x32 Version: 16.0)
Adobe InDesign CS4 (x32 Version: 6.0)
Adobe InDesign CS4 Application Feature Set Files (Roman) (x32 Version: 6.0)
Adobe InDesign CS4 Common Base Files (x32 Version: 6.0)
Adobe InDesign CS4 Icon Handler (x32 Version: 6.0)
Adobe InDesign CS4 Icon Handler x64 (Version: 6.0)
Adobe InDesign CS6 (x32 Version: 8.0)
Adobe Linguistics CS4 (x32 Version: 4.0.0)
Adobe Media Encoder CS4 Exporter (x32 Version: 1.0)
Adobe Media Encoder CS4 Importer (x32 Version: 1.0)
Adobe Media Player (x32 Version: 1.8)
Adobe Muse (x32 Version: 2.0)
Adobe Muse (x32 Version: 2.3.50)
Adobe Output Module (x32 Version: 2.0)
Adobe PDF Library Files CS4 (x32 Version: 9.0)
Adobe Photoshop CS6 (x32 Version: 13.0)
Adobe Premiere Pro CS4 Third Party Content (x32 Version: 4)
Adobe Premiere Pro CS6 (x32 Version: 6.0)
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05)
Adobe Search for Help (x32 Version: 1.0)
Adobe Service Manager Extension (x32 Version: 1.0)
Adobe Setup (x32 Version: 2.0)
Adobe SGM CS4 (x32 Version: 3.0)
Adobe SING CS4 (x32 Version: 2.0)
Adobe Soundbooth CS4 (x32 Version: 2)
Adobe Soundbooth CS4 Codecs (x32 Version: 2)
Adobe SVG Viewer 3.0 (x32 Version:  3.0)
Adobe Touch App Plugins (x32 Version: 1.0)
Adobe Type Support CS4 (x32 Version: 9.0)
Adobe Update Manager CS4 (x32 Version: 6.0.0)
Adobe Version Cue CS4 Server (x32 Version: 4.0)
Adobe Widget Browser (x32 Version: 2.0 Build 348)
Adobe Widget Browser (x32 Version: 2.0.348)
Adobe WinSoft Linguistics Plugin (x32 Version: 1.1)
Adobe XMP Panels CS4 (x32 Version: 2.0)
Adobe® Content Viewer (x32 Version: 3.3.0)
AdobeColorCommonSetCMYK (x32 Version: 2.0)
AdobeColorCommonSetRGB (x32 Version: 2.0)
Advertising Center (x32 Version: 0.0.0.2)
Akamai NetSession Interface (HKCU)
Any Video Converter 5.0.5 (x32)
Apple Application Support (x32 Version: 2.3)
Apple Software Update (x32 Version: 2.1.3.127)
Avery Wizard 3.1 (x32 Version: 3.1.8)
Avid AMA Plug-in for MXF (x32 Version: 1.7.2.5330)
Avid AMA Plug-in for Panasonic P2 (x32 Version: 2.6.0.5505)
Avid Codecs LE (x32 Version: 2.3.7)
Avid Editor Transcode (Version: 3.0.5)
Avid License Control (x32 Version: 3.0.1)
Avid Media Composer (Version: 7.0.2)
AVS Update Manager 1.0 (x32)
AVS Video Converter 8 (x32)
AVS4YOU Software Navigator 1.4 (x32)
BisonCam (x32 Version: 6.96.710.05.1)
Bitrate Viewer 2.3 (x32 Version: 2.3)
bl (x32 Version: 1.0.0)
Bonjour (Version: 3.0.0.10)
Compatibility Pack für 2007 Office System (x32 Version: 12.0.6612.1000)
Connect (x32 Version: 1.0.0.1)
CPUID CPU-Z 1.66.1
DesignPro 5 (x32 Version: 5.5.708)
DiffDaff Version 1.0 (x32)
DolbyFiles (x32 Version: 2.0)
DVD Decrypter (Remove Only) (x32)
DVD Shrink 3.2 (x32)
DVDFab 8.1.7.5 (07/04/2012) Qt (x32)
DVD-lab PRO 2.31 (Production Stable) (x32)
Epson Print CD (x32 Version: 2.20.00)
EPSON PX720WD Series Printer Uninstall
EPSON Scan (x32)
EpsonNet Print (x32 Version: 2.5.00)
EpsonNet Setup 3.3 (x32 Version: 3.3b)
FileZilla Client 3.7.3 (x32 Version: 3.7.3)
Flash Builder (x32 Version: 4.6.1)
Free YouTube Download version 3.2.9.725 (x32 Version: 3.2.9.725)
FreeOCR 3.0 (Version: 3.0)
FTPRush 2.1.8 (x32 Version: 2.1.8)
GeForce Experience NvStream Client Components (Version: 1.6.28)
Google Update Helper (x32 Version: 1.3.23.0)
HCFR (x32)
Hotkey 3.0037 (x32 Version: 3.00.37)
i1Profiler (x32)
iCloud (Version: 3.0.2.163)
ImagXpress (x32 Version: 7.0.74.0)
ImgBurn (x32 Version: 2.5.8.0)
ITECIR (x32 Version: 1.00.0000)
iZotope Insight (x32 Version: 1.02)
Java 7 Update 45 (x32 Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.8)
JMicron 1394 Filter Driver (x32 Version: 1.00.04.00)
JMicron JMB38X Flash Media Controller (x32 Version: 1.0.32.1)
KORG USB-MIDI Driver Tools for Windows (x32 Version: 1.13.0601)
kuler (x32 Version: 2.0)
LeechFTP  (x32)
License Support (x32 Version: 1.1.1.1524)
MainConcept Reference DShow Add-On (x32 Version: 2.2.0.0)
MainConcept Reference v2 (x32 Version: 2.2.0.0)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
MediaInfo 0.7.60 (Version: 0.7.60)
Menu Templates - Starter Kit (x32 Version: 9.6.0.0)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1)
Microsoft Office Professional Edition 2003 (x32 Version: 11.0.8173.0)
Microsoft Security Client (Version: 4.3.0219.0)
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 4.3.219.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000)
Microsoft-Maus- und Tastatur-Center (Version: 2.2.173.0)
Movie Templates - Starter Kit (x32 Version: 9.6.0.0)
MSVC90_x64 (Version: 1.0.1.2)
MSVC90_x86 (x32 Version: 1.0.1.2)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
Nero 9 (x32)
Nero BurnRights (x32 Version: 3.4.13.100)
Nero ControlCenter (x32 Version: 9.0.0.1)
Nero CoverDesigner (x32 Version: 1.0.0.0)
Nero Disc Copy Gadget (x32 Version: 2.4.43.0)
Nero DiscSpeed (x32 Version: 5.4.13.100)
Nero DriveSpeed (x32 Version: 4.4.12.100)
Nero InfoTool (x32 Version: 6.4.12.100)
Nero Installer (x32 Version: 4.4.9.0)
Nero PhotoSnap (x32 Version: 2.4.29.0)
Nero Recode (x32 Version: 4.4.40.0)
Nero Rescue Agent (x32 Version: 2.4.14.100)
Nero ShowTime (x32 Version: 5.4.27.100)
Nero StartSmart (x32 Version: 9.4.40.100)
Nero Vision (x32 Version: 6.4.19.100)
Nero WaveEditor (x32 Version: 5.4.39.0)
NeroBurningROM (x32 Version: 1.0.0.0)
NeroExpress (x32 Version: 1.0.0.0)
neroxml (x32 Version: 1.0.0)
NewBlue Titler Pro for Windows (Version: 1.0)
Nokia Connectivity Cable Driver (x32 Version: 7.1.78.0)
Nokia PC Suite (x32 Version: 7.1.180.94)
NVIDIA 3D Vision Treiber 331.65 (Version: 331.65)
NVIDIA CUDA Toolkit v4.0 (64 bit) (Version: 4.00.1500.0000)
NVIDIA Drivers (Version: 1.5)
NVIDIA GeForce Experience 1.7 (Version: 1.7)
NVIDIA Grafiktreiber 331.65 (Version: 331.65)
NVIDIA Install Application (Version: 2.1002.140.952)
NVIDIA LED Visualizer 1.0 (Version: 1.0)
NVIDIA PhysX (x32 Version: 9.13.0725)
NVIDIA PhysX-Systemsoftware 9.13.0725 (Version: 9.13.0725)
NVIDIA ShadowPlay 9.3.16 (Version: 9.3.16)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3165)
NVIDIA Systemsteuerung 331.65 (Version: 331.65)
NVIDIA Update 9.3.16 (Version: 9.3.16)
NVIDIA Update Components (Version: 9.3.16)
NVIDIA Virtual Audio 1.2.9 (Version: 1.2.9)
One Clip Ingest Software (x32 Version: 1.00.0000)
Opera 12.16 (x32 Version: 12.16.1860)
P2PlugIn (Version: 1.0.1.0)
PACE License Support Win64 (Version: 2.0.0.0256)
Panasonic Drive Mount Converter (x32 Version: 1.00.0007)
Panasonic P2 AVC-Intra Decoder Component (x32 Version: 1.0.0)
Panasonic P2 Drivers (Version: 2.21.0000)
Panasonic P2 Viewer Plus (x32 Version: 1.0.7)
Paragon HFS+ for Windows™ (read-only) (Version: 1.00)
PC Connectivity Solution (x32 Version: 12.0.27.0)
PDF Settings CS4 (x32 Version: 9.0)
PDF Settings CS6 (x32 Version: 11.0)
ph (x32 Version: 1.0.0)
Photoshop Camera Raw (x32 Version: 5.0)
PreSonus Studio One 2 x64 (Version: 2.0.6.18491)
PTBSync (Atomuhr Synchronisation & Terminkalender) (x32 Version: 5.7b)
QuickTime (x32 Version: 7.74.80.86)
QuickTime MPEG2 (x32 Version: 7.60.92.0)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.5943)
REALTEK Wireless LAN Driver (x32 Version: 1.00.0118)
Safari (x32 Version: 5.34.57.2)
Samsung Kies (x32 Version: 2.6.0.13064_2)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.27.0)
SDFormatter (x32 Version: 4.0.0)
Sentinel Protection Installer 7.6.6 (x32 Version: 7.6.6)
SES Driver (Version: 1.0.0)
SHIELD Streaming (Version: 1.6.34)
SiSoftware Sandra Lite 2013.SP4 (Version: 19.50.2013.7)
Skype Click to Call (x32 Version: 6.3.11079)
Skype™ 6.3 (x32 Version: 6.3.105)
SmartTools Publishing · Mail-Assistent für Outlook (HKCU Version: v2.50)
SoundTrax (x32 Version: 4.4.39.0)
Suite Shared Configuration CS4 (x32 Version: 1.0)
SUPER © v2013.build.57+Recorder (2013/07/13) Version v2013.buil (x32 Version: v2013.build.57+Recorder)
Synaptics Pointing Device Driver (Version: 13.2.3.0)
Tracktion 3.0.4.8 (x32)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3)
Visual C++ 64-bit Redistributables (Version: 1.1.0.0929)
Visual C++ 64-bit Redistributables (Version: 1.1.1.1524)
Visual C++ 64-bit Redistributables (x32 Version: 1.1.0.0929)
Visual C++ 64-bit Redistributables (x32 Version: 1.1.1.1524)
Visual C++ Redistributables (x32 Version: 1.1.0.0929)
Visual C++ Redistributables (x32 Version: 1.1.1.1524)
WD Drive Manager (x64) (Version: 2.116)
WD WinDLG (x32 Version: 1.0.0)
Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM  (01/19/2011 1.0.0009.0) (Version: 01/19/2011 1.0.0009.0)
Windows-Treiberpaket - Nokia Modem  (02/25/2011 4.7) (Version: 02/25/2011 4.7)
Windows-Treiberpaket - Nokia Modem  (02/25/2011 7.01.0.9) (Version: 02/25/2011 7.01.0.9)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (Version: 05/31/2012 7.1.2.0)
Windows-Treiberpaket - YUAN (mod7700) Media  (05/22/2009 2.3.3.31) (Version: 05/22/2009 2.3.3.31)
WinRAR (x32)
XMedia Recode Version 3.1.2.8 (x32 Version: 3.1.2.8)
X-Rite Device Services Manager (x32 Version: 2.2.37)

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 03:34 - 2013-11-10 10:05 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0230CE8F-7427-47E5-AA04-7C25AE490EBA} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-20] (Microsoft Corporation)
Task: {1AFFE7F4-421F-45FF-9E0C-16B4EC0568E6} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {4D074A5C-ED20-4793-B329-C4F269B76CF7} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\MouseKeyboardCenter.exe [2013-05-13] (Microsoft)
Task: {57E573F9-8E13-4111-8FE2-84867E478604} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {62D0C0F1-9323-44BD-9626-CA4541B30BC7} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {64725695-1049-40A5-8EA6-304053997C29} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => C:\Program Files\Microsoft Device Center\devicecenter.exe
Task: {664F5D30-1DC5-44C9-90B9-3A10462555B7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7F0B5BB6-A5D8-4D00-B157-0FFF0672879F} - \DealPlyUpdate No Task File
Task: {91F1E2DF-EEC3-4937-B8A3-6322E6F35BCD} - System32\Tasks\X-Rite\X-RiteDeviceServicesSoftwareUpdate => C:\Program
Task: {9BFF35EA-81E3-46D0-8091-2BC38796EFA8} - System32\Tasks\AdobeAAMUpdater-1.0-Nexoc-E712-Martin => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2013-06-13] (Adobe Systems Incorporated)
Task: {EC3FADE3-25CE-48B0-9BB4-7471C62D9C21} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {F5E3D16D-AA1A-4158-B81A-AC379CAAC38F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09] (Adobe Systems Incorporated)
Task: {FF70BC1A-0FA8-4C31-AC40-51320DBBFDBC} - \Escolade No Task File
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2013-08-30 09:01 - 2013-08-30 09:01 - 03358064 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2012-04-13 10:56 - 2009-12-12 14:12 - 00052224 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2012-03-08 11:25 - 2012-03-08 11:25 - 01615696 _____ () C:\Program Files (x86)\X-Rite\Devices\rm200\GoldenEye.dll
2012-03-08 11:25 - 2012-03-08 11:25 - 02639696 _____ () C:\Program Files (x86)\X-Rite\Devices\colormunki\colormunki.dll
2012-11-12 22:07 - 2008-03-25 15:44 - 00028672 _____ () C:\Windows\BisonCam\KBHookDLL.dll
2012-06-26 12:11 - 2012-06-26 12:11 - 02302040 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtCore4.dll
2012-06-26 12:11 - 2012-06-26 12:11 - 08197208 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtGui4.dll
2012-06-26 12:11 - 2012-06-26 12:11 - 00345688 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtXml4.dll
2012-06-26 12:10 - 2012-06-26 12:10 - 00202328 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll
2012-06-26 12:10 - 2012-06-26 12:10 - 00027736 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll
2012-06-26 12:11 - 2012-06-26 12:11 - 00282200 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtSvg4.dll
2013-05-17 15:41 - 2009-02-27 16:39 - 00019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.deu
2009-06-06 13:50 - 2009-06-06 13:50 - 00019968 _____ () C:\Program Files (x86)\Hotkey\Audiodll.dll
2012-05-10 15:17 - 2012-03-27 23:14 - 44090368 _____ () C:\Program Files (x86)\X-Rite\i1Profiler\Prism.dll
2012-05-10 15:17 - 2012-03-28 01:17 - 03449344 _____ () C:\Program Files (x86)\X-Rite\i1Profiler\CxF2_VC90MD_2.1.dll
2012-05-10 15:17 - 2012-03-28 01:17 - 00898560 _____ () C:\Program Files (x86)\X-Rite\i1Profiler\libxml2.dll
2012-05-10 15:17 - 2012-03-28 01:17 - 00073728 _____ () C:\Program Files (x86)\X-Rite\i1Profiler\zlib1.dll
2012-05-10 15:17 - 2012-03-28 01:17 - 07982592 _____ () C:\Program Files (x86)\X-Rite\i1Profiler\QtGui4.dll
2012-05-10 15:17 - 2012-03-28 01:17 - 02147328 _____ () C:\Program Files (x86)\X-Rite\i1Profiler\QtCore4.dll
2013-09-03 14:25 - 2013-09-03 14:25 - 32726528 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll
2013-08-07 20:25 - 2013-08-07 20:25 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2013-03-13 12:42 - 2013-03-13 13:42 - 00071568 _____ () C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\zlib1.dll
2013-08-30 09:00 - 2013-08-30 09:00 - 00381808 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CCInvokeAAM.dll
2013-04-29 22:37 - 2013-11-06 08:54 - 00835584 _____ () C:\Program Files (x86)\Opera\gstreamer\gstreamer.dll
2013-04-29 22:37 - 2013-11-06 08:54 - 00093696 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioconvert.dll
2013-04-29 22:37 - 2013-11-06 08:54 - 00094208 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioresample.dll
2013-04-29 22:37 - 2013-11-06 08:54 - 00057344 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstautodetect.dll
2013-04-29 22:37 - 2013-11-06 08:54 - 00096256 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstcoreplugins.dll
2013-04-29 22:37 - 2013-11-06 08:54 - 00062976 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstdecodebin2.dll
2013-04-29 22:37 - 2013-11-06 08:54 - 00067072 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstdirectsound.dll
2013-04-29 22:37 - 2013-11-06 08:54 - 00158208 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstffmpegcolorspace.dll
2013-04-29 22:37 - 2013-11-06 08:54 - 00312832 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstoggdec.dll
2013-04-29 22:37 - 2013-11-06 08:54 - 00038912 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstwaveform.dll
2013-04-29 22:37 - 2013-11-06 08:54 - 00073728 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstwavparse.dll
2013-04-29 22:37 - 2013-11-06 08:54 - 00101888 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstwebmdec.dll
2011-09-27 07:23 - 2011-09-27 07:23 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 07:22 - 2011-09-27 07:22 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Microsoft:8Z7WGiPuSYuxn6tHufBb
AlternateDataStreams: C:\ProgramData\Microsoft:afb2gtnEoP2hdz886KFnYaHX
AlternateDataStreams: C:\ProgramData\Microsoft:ml9taiNhEFn5q2tRn0ndHtTu
AlternateDataStreams: C:\ProgramData\Microsoft:OFf0XQtiDJXhV9iKxKOhoQBE3YGv
AlternateDataStreams: C:\Users\Martin\Cookies:E5EyevmztKUx9YL6FX57CQNG2
AlternateDataStreams: C:\Users\Martin\Cookies:MHiZXv4suTQnWq1jTGR
AlternateDataStreams: C:\Users\Martin\Desktop\Uni Klagenfurt 2012:AFP_AFPINFO
AlternateDataStreams: C:\Users\Martin\AppData\Local\5kfj674QJb:6kDOy8XKfo8GBUmk7HbP
AlternateDataStreams: C:\Users\Martin\AppData\Local\xnWURx8Skku:wgMFxBHXeRop5Jc2Wj3D
AlternateDataStreams: C:\Users\Martin\Documents\SpanHofreitschuleBluRay:Mac_Metadata
AlternateDataStreams: C:\Users\Martin\Documents\SpanHofreitschuleBluRay.ncor:Mac_Metadata

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/12/2013 08:14:00 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/12/2013 03:24:43 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (11/12/2013 03:23:56 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/11/2013 07:52:01 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/11/2013 04:36:05 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/11/2013 04:35:33 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/11/2013 04:35:30 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/11/2013 04:34:05 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren, die für die Sprach-ID "009" definiert wurden, können nicht gelesen werden. Das erste DWORD im Datenbereich enthält den Win32-Fehlercode.

Error: (11/11/2013 04:34:05 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren, die für die Sprach-ID "007" definiert wurden, können nicht gelesen werden. Das erste DWORD im Datenbereich enthält den Win32-Fehlercode.

Error: (11/11/2013 04:34:05 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren, die für die Sprach-ID "009" definiert wurden, können nicht gelesen werden. Das erste DWORD im Datenbereich enthält den Win32-Fehlercode.


System errors:
=============
Error: (11/11/2013 06:43:54 PM) (Source: DCOM) (User: )
Description: {3EEF301F-B596-4C0B-BD92-013BEAFCE793}


Microsoft Office Sessions:
=========================
Error: (11/12/2013 08:14:00 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Martin\Desktop\esetsmartinstaller_enu.exe

Error: (11/12/2013 03:24:43 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\Nokia\Nokia PC Suite 7\TIS_Windows7PIM.dll

Error: (11/12/2013 03:23:56 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (11/11/2013 07:52:01 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (11/11/2013 04:36:05 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Martin\Desktop\esetsmartinstaller_enu.exe

Error: (11/11/2013 04:35:33 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Martin\Desktop\esetsmartinstaller_enu.exe

Error: (11/11/2013 04:35:30 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Martin\Desktop\esetsmartinstaller_enu.exe

Error: (11/11/2013 04:34:05 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: 0098020000002D010000

Error: (11/11/2013 04:34:05 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: 0078020000002D010000

Error: (11/11/2013 04:34:05 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: 009120200000000000000AF000000


CodeIntegrity Errors:
===================================
  Date: 2013-11-10 09:55:50.275
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-10 09:55:50.166
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-06 07:35:13.274
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\C-LAUFWERK 040312\Windows\System32\fveapibase.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-06 07:35:13.046
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\C-LAUFWERK 040312\Windows\System32\fveapibase.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-06 07:35:12.828
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\C-LAUFWERK 040312\Windows\System32\fveapibase.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-06 07:35:12.605
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\C-LAUFWERK 040312\Windows\System32\fveapibase.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-06 07:29:40.528
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\C-LAUFWERK 040312\Windows\System32\drivers\appid.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-06 07:29:40.317
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\C-LAUFWERK 040312\Windows\System32\drivers\appid.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-06 07:29:40.079
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\C-LAUFWERK 040312\Windows\System32\drivers\appid.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-06 07:29:39.865
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\C-LAUFWERK 040312\Windows\System32\drivers\appid.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 43%
Total physical RAM: 8190.35 MB
Available physical RAM: 4602.32 MB
Total Pagefile: 16378.88 MB
Available Pagefile: 13362.88 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive a: (Martin 2) (Fixed) (Total:931.42 GB) (Free:2.49 GB) NTFS
Drive c: (Martin) (Fixed) (Total:298.09 GB) (Free:16.23 GB) NTFS
Drive f: (WD My Book) (Fixed) (Total:1863.01 GB) (Free:16.37 GB) NTFS
Drive g: (eSATA) (Fixed) (Total:931.51 GB) (Free:11.6 GB) NTFS
Drive i: (My Book 2TB) (Fixed) (Total:1863.01 GB) (Free:37.59 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 8C059331)
Partition 1: (Active) - (Size=298 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 835B6220)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 1863 GB) (Disk ID: F4617063)
Partition 1: (Not Active) - (Size=-198631309312) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 1863 GB) (Disk ID: FB9F335D)
Partition 1: (Not Active) - (Size=-198626966528) - (Type=07 NTFS)

========================================================
Disk: 4 (MBR Code: Windows XP) (Size: 932 GB) (Disk ID: 3ED354BC)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
--- --- ---


gruß m.

Zum Problem mit dem Product-Key möchte ich noch ergänzen:
Unter "eigenschaften" steht bei mir bzgl. Windows-Aktivierung "Status: nicht verfügbar, Produkt-ID: nicht verfügbar". Ich habe natürlich eine gültige ID, die erkennt der Computer aber nicht (mehr) an. In Folge funktionieren weder "Windows Update" noch "Security Essentials".

Gibt es da überhaupt noch Lösungen abseits vom "Neuaufsetzen"?

Alt 12.11.2013, 12:20   #11
schrauber
/// the machine
/// TB-Ausbilder
 

Win7/64bit: Rotbrow A-E nach Amazon-Mahnung, Windowsmeldung "Falsche Windows 7-Kopie" - Standard

Win7/64bit: Rotbrow A-E nach Amazon-Mahnung, Windowsmeldung "Falsche Windows 7-Kopie"



Wir versuchen mal was. Manuel Key eingeben wurde schn versucht oder?
Downloade dir bitte Windows Repair (All In One) von hier.
  • Installiere das Programm. Starte es, nachdem die Installation abgeschlossen wurde.
  • Klicke auf Step 2 und drücke unter Check Disk auf Do It.

  • Wenn der Vorgang abgeschlossen ist, klicke auf Step 3 und drücke unter System File Check auf Do It.

  • Nachdem der Vorgang abgeschlossen ist, klicke auf Start Repairs, wähle den Advanced Mode und drücke Start.

  • Gehe bitte sicher, dass die Kästchen wie unten zu sehen angehakt sind. Bitte hake zusätzlich noch Set Windows Services to Default Startup an.
  • Hake Restart System when Finished an.
  • Drücke Start.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 12.11.2013, 17:03   #12
mpolasek
 
Win7/64bit: Rotbrow A-E nach Amazon-Mahnung, Windowsmeldung "Falsche Windows 7-Kopie" - Standard

Win7/64bit: Rotbrow A-E nach Amazon-Mahnung, Windowsmeldung "Falsche Windows 7-Kopie"



Hallo schrauber,

das hat leider auch nichts Neues gebracht. Hast Du noch mögliche hilfreiche Alternativen auf Lager? m.

Alt 13.11.2013, 08:45   #13
schrauber
/// the machine
/// TB-Ausbilder
 

Win7/64bit: Rotbrow A-E nach Amazon-Mahnung, Windowsmeldung "Falsche Windows 7-Kopie" - Standard

Win7/64bit: Rotbrow A-E nach Amazon-Mahnung, Windowsmeldung "Falsche Windows 7-Kopie"



Ich würde jetzt ne Wind-Scheibe einlegen und ne Rep-Install versuchen.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 13.11.2013, 21:46   #14
mpolasek
 
Win7/64bit: Rotbrow A-E nach Amazon-Mahnung, Windowsmeldung "Falsche Windows 7-Kopie" - Standard

Win7/64bit: Rotbrow A-E nach Amazon-Mahnung, Windowsmeldung "Falsche Windows 7-Kopie"



"Der Beginn einer massiven Vertrottelung konnte dank 'schrauber' indirekt gestoppt werden"

Entsprechend der letzten Anweisung verzweifelt nach der Windows-CD suchend, fiel mir plötzlich ein, daß ich die ganze Zeit einen veralteten Product-Key eingegeben hatte (ich hatte früher Win7 mit 32bit).

Dem Problem nicht wirklich Herr werdend, da ich die richtige CD dann ja trotzdem nicht fand, konnte ich mittels der Freeware "Magical Jelly Bean Keyfinder" (bei CHIP entdeckt) binnen weniger Sekunden meinen Win7-Product-Key ablesen...!

Ich hoffe, daß ich mit diesem Hinweis jetzt nicht irgendeine Forumregel gebrochen habe... Bei mir funktioniert jetzt jedenfalls alles wieder (bis auf ein paar kleine Programme, die ich bei Bedarf neu instalieren muß, mit "Active-X-Steuerelementen" u. ä.).
Und ich bedanke mich ganz herzlich bei Dir, Mr. Hub-schrauber! m.

Alt 14.11.2013, 09:33   #15
schrauber
/// the machine
/// TB-Ausbilder
 

Win7/64bit: Rotbrow A-E nach Amazon-Mahnung, Windowsmeldung "Falsche Windows 7-Kopie" - Standard

Win7/64bit: Rotbrow A-E nach Amazon-Mahnung, Windowsmeldung "Falsche Windows 7-Kopie"



Hehe dann ist ja alles gut

Installier die anderne Programme mal neu und teste. Melde dich einfach wenn noch was ist
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Win7/64bit: Rotbrow A-E nach Amazon-Mahnung, Windowsmeldung "Falsche Windows 7-Kopie"
amazon, code, entfernen, falsche, gen, größe, log, microsoft, msil/injector.cea, pup.optional.babylon.a, pup.optional.datamngr.a, pup.optional.dealply.a, pup.optional.delta.a, pup.optional.dosearches, pup.optional.dosearches.a, pup.optional.incredibar, pup.optional.opencandy, pup.optional.qone8, pup.software.updater, security, starten, windows-kopie, zusätzlich



Ähnliche Themen: Win7/64bit: Rotbrow A-E nach Amazon-Mahnung, Windowsmeldung "Falsche Windows 7-Kopie"


  1. Win7 - 64bit: Fehlermeldung "...\zlrkqt wurde nicht gefunden" - Bluescreens und verlangsamtes Hochfahren
    Log-Analyse und Auswertung - 26.06.2015 (45)
  2. Windows7: Seiten springen auf Werbung um, Seiten nich zu öffnen oder schließen "Tr.Drop.Rotbrow.K.1 " und 8 weitere Viren in Quarantäne"
    Log-Analyse und Auswertung - 21.03.2015 (9)
  3. "Windows 7 Build 7601 Die Echtheit dieser Windows-Kopie wurde noch nicht bestätigt"
    Plagegeister aller Art und deren Bekämpfung - 08.03.2015 (22)
  4. Win7 64bit "Windows Version installer, Continue VuuPC Installation, MyPC Backup, Advanced System Protector,..."
    Log-Analyse und Auswertung - 03.07.2014 (21)
  5. Win7 64bit gesperrt von "schweizer Interpol"
    Plagegeister aller Art und deren Bekämpfung - 02.06.2014 (5)
  6. Win7 64bit gesperrt von "schweizer Interpol"
    Mülltonne - 30.05.2014 (0)
  7. Avira: (Win7) Trojaner "TR/Rogue.11186992" in "C:\Windows\Temp\44158_updater.exe" gefunden
    Plagegeister aller Art und deren Bekämpfung - 25.04.2014 (77)
  8. Win7 nach AntiVir Funden "TR/Crypt.zpack.Gen7" und "Adspy.Gen2" stark verlangsamt
    Log-Analyse und Auswertung - 13.04.2014 (28)
  9. Win7 64bit Festplatte "rödelt" oft im Hintergrund während des Surfens! Virus? Malware?
    Plagegeister aller Art und deren Bekämpfung - 04.04.2014 (5)
  10. Spammail: Mahnung von Amazon; "ownz.su"; "775499404.Rechnung.11.08.13.PDF(1).exe"
    Log-Analyse und Auswertung - 12.11.2013 (22)
  11. Amazon startet Single Sign-On "Login with Amazon"
    Nachrichten - 30.05.2013 (0)
  12. 1) Polizei Cyber Crime... Department 2) "Windows-Kopie ist noch nicht bestätigt..."
    Plagegeister aller Art und deren Bekämpfung - 02.02.2013 (5)
  13. Win7 64bit Bootproblem durch "EXP/2012-0507.CX2"
    Plagegeister aller Art und deren Bekämpfung - 15.08.2012 (1)
  14. "Der Computer ist für die Verletzung..." Desktop-Block, Win7 64Bit
    Log-Analyse und Auswertung - 05.08.2012 (2)
  15. "Achtung! Aus Sicherheitsgründen wurde Ihr Windowssystem blockiert.", schwarz-rot-gold, Win7 64bit
    Plagegeister aller Art und deren Bekämpfung - 11.01.2012 (5)
  16. "Aus Sicherheitsgründen wurde ihr Windowssystem blockiert" auf Win7 64bit HELP!
    Log-Analyse und Auswertung - 09.01.2012 (14)
  17. aswMBR.exe findet "Windows XP default MBR code" auf Win7 64bit System und unbekannte Partitionstabel
    Log-Analyse und Auswertung - 29.10.2011 (5)

Zum Thema Win7/64bit: Rotbrow A-E nach Amazon-Mahnung, Windowsmeldung "Falsche Windows 7-Kopie" - Ich bin leider auf ein "Amazon.de"-Mahnungsfile (...pdf.exe) hieingefallen. Nun erhalte ich immer wieder die Meldung "möglicherweise falsche Windows-Kopie", es wird die Seriennr. der Windows7 nicht authorisiert u. ä. Ein Microsoft - Win7/64bit: Rotbrow A-E nach Amazon-Mahnung, Windowsmeldung "Falsche Windows 7-Kopie"...
Archiv
Du betrachtest: Win7/64bit: Rotbrow A-E nach Amazon-Mahnung, Windowsmeldung "Falsche Windows 7-Kopie" auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.