Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Run DLL C:\Users\Mareike\AppData\Local\ConduitBackground\BackgroundContainer.dll Das angegebene Modul wurde nicht gefunden.

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 21.01.2014, 15:22   #1
MaryLoo
 
Run DLL C:\Users\Mareike\AppData\Local\ConduitBackground\BackgroundContainer.dll      Das angegebene Modul wurde nicht gefunden. - Standard

Run DLL C:\Users\Mareike\AppData\Local\ConduitBackground\BackgroundContainer.dll Das angegebene Modul wurde nicht gefunden.



Hallo, ich habe die o. g. Fehlermeldung und die Log-Dateien auch schon erstellt: Addition und FRST siehe unten.

Weiß jemand, wie ich weiter vorgehen muss?

Herzlichen Dank bereits im Voraus.

MaryLoo


#########################

Addition:

ZoneAlarm Security (x32 Version: 11.0.768.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Security Toolbar (x32 Version: 1.8.22.0 - Check Point Software Technologies LTD) Hidden

==================== Restore Points =========================

29-12-2013 23:24:14 Installed Classic Shell
06-01-2014 16:53:08 Geplanter Prüfpunkt
13-01-2014 19:48:03 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {02852596-7CA9-4A53-9CF1-62D1EFF834B3} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\SYSTEM32\MRT.EXE [2014-01-15] (Microsoft Corporation)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {05DFB97D-D085-45CA-8620-EA8479BC828A} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {100AC631-AEFE-44B2-8D5A-CFE8994F4081} - System32\Tasks\SlimDrivers Startup => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe [2013-07-10] (SlimWare Utilities, Inc.)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23EDA762-04AF-434D-A872-2116395BA943} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-11-26] (AVAST Software)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {2E9D9AEF-10BB-48FE-BC5A-AD65E6C00AF5} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {314C9385-2BBF-4671-A8CC-1AEF97C2EAA2} - System32\Tasks\SomotoUpdateCheckerAutoStart => C:\Users\Mareike\AppData\Local\FilesFrog Update Checker\update_checker.exe <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {37A9DC9C-0B70-4483-AFB1-ED15A3D309A4} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-10] (Adobe Systems Incorporated)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {4285C36F-B071-4297-995C-B210F405BA86} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2012-09-05] (Samsung Electronics CO., LTD.)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {57BED76F-2B59-4B60-901D-90511173243E} - System32\Tasks\BackgroundContainer Startup Task => Rundll32.exe "C:\Users\Mareike\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <==== ATTENTION
Task: {6A4F69E9-ECDE-410B-8C4D-20BBE803C0C2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-26] (Google Inc.)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {76F8B5B6-E640-461B-A7FB-B5852CD04FDD} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-08-24] (Synaptics Incorporated)
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7F268CCB-1857-4B1C-AE12-4EA5C9B52679} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {81854029-5869-4DC3-A034-69BBA9EEF401} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-26] (Google Inc.)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {97EC930E-BAE5-462B-912D-DF2E77D48530} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2013-10-16] (Samsung Electronics CO., LTD.)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A654CDB9-9CE8-4D2D-BEDC-888CA43A2896} - System32\Tasks\WLANStartup => C:\Program Files (x86)\Samsung\Easy Settings\WLANStartup.exe
Task: {BDDDCAB7-B139-48AF-B168-98327A7E95AD} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2012-09-17] (SEC)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {FFCBCE00-BE79-4B75-B839-8AB4C4493142} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\OneClick.exe [2013-08-30] (TuneUp Software)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\SlimDrivers Startup.job => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Loaded Modules (whitelisted) =============

2013-08-30 09:51 - 2013-08-30 09:51 - 00757048 _____ () C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\avgrepliba.dll
2013-09-05 02:36 - 2013-09-05 02:36 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-10-16 18:02 - 2013-10-16 18:02 - 03358064 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2013-10-16 19:15 - 2013-10-16 19:15 - 00088624 _____ () C:\Program Files\Samsung\S Agent\ToastX64.dll
2014-01-21 13:17 - 2014-01-20 18:52 - 02155520 _____ () C:\Program Files\AVAST Software\Avast\defs\14012001\algo.dll
2013-12-09 10:27 - 2009-01-10 11:32 - 00011362 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\mingwm10.dll
2013-12-09 10:27 - 2009-06-22 19:42 - 00043008 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\libgcc_s_dw2-1.dll
2013-12-09 10:27 - 2010-05-10 03:51 - 02415104 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtCore4.dll
2013-12-09 10:27 - 2010-02-10 15:10 - 01148416 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtNetwork4.dll
2013-12-09 10:27 - 2012-11-01 11:26 - 00843264 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QueryStrategy.dll
2013-12-09 10:27 - 2010-02-10 15:06 - 00398336 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtXml4.dll
2012-10-20 06:35 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2012-09-05 08:50 - 2012-09-05 08:50 - 00028792 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll
2012-09-05 08:50 - 2012-09-05 08:50 - 01012856 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll
2012-09-05 08:50 - 2012-09-05 08:50 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll
2012-09-05 08:50 - 2012-09-05 08:50 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll
2012-09-05 08:50 - 2012-09-05 08:50 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
2012-09-05 08:50 - 2012-09-05 08:50 - 00026744 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
2012-09-05 08:50 - 2012-09-05 08:50 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
2012-09-05 08:50 - 2012-09-05 08:50 - 00060536 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
2012-09-05 08:50 - 2012-09-05 08:50 - 00103544 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
2013-11-26 10:23 - 2013-11-26 10:23 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-12-21 01:20 - 2013-12-12 10:15 - 00886624 _____ () C:\Program Files (x86)\Opera\18.0.1284.68\libglesv2.dll
2013-12-21 01:20 - 2013-12-12 10:15 - 00108896 _____ () C:\Program Files (x86)\Opera\18.0.1284.68\libegl.dll
2013-12-21 01:20 - 2013-12-12 10:15 - 00879968 _____ () C:\Program Files (x86)\Opera\18.0.1284.68\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Mareike\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Could not start eventlog service, could not read events.

Der angeforderte Dienst wurde bereits gestartet.

Sie erhalten weitere Hilfe, wenn Sie NET HELPMSG 2182 eingeben.


==================== Memory info ===========================

Percentage of memory in use: 45%
Total physical RAM: 3795.53 MB
Available physical RAM: 2050.93 MB
Total Pagefile: 4691.54 MB
Available Pagefile: 2642.87 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:438.84 GB) (Free:231.45 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 7A80D030)

Partition: GPT Partition Type
==================== End Of Log ============================


FRST:
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-01-2014
Ran by Mareike (administrator) on MAREIKE-NB on 21-01-2014 14:46:08
Running from C:\Users\Mareike\Desktop
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
() C:\ProgramData\DataCardService\HWDeviceService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Samsung Electronics CO., LTD.) C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(SlimWare Utilities, Inc.) C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Opera Software) C:\Program Files (x86)\Opera\18.0.1284.68\opera.exe
() C:\Program Files (x86)\Opera\18.0.1284.68\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\18.0.1284.68\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\18.0.1284.68\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\18.0.1284.68\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\18.0.1284.68\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\18.0.1284.68\opera.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\livecomm.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2012-08-07] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] - C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [764032 2012-08-10] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-08-10] (Atheros Communications)
HKLM\...\Run: [IntelliPoint] - c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2917176 2012-08-24] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
HKLM\...\Run: [SpywareTerminatorShield] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2777736 2013-04-03] (Crawler.com)
HKLM\...\Run: [SpywareTerminatorUpdater] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [3684488 2013-04-03] (Crawler.com)
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] - C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] - C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-12] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-07-22] (Geek Software GmbH)
HKLM-x32\...\Run: [FUFAXRCV] - C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [495616 2011-03-09] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] - C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [856064 2011-03-09] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [EEventManager] - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-11-26] (AVAST Software)
HKLM-x32\...\Run: [Adobe Creative Cloud] - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-11-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [phonostar-PlayerTimer] - C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe [42496 2013-04-25] ()
HKCU\...\Run: [EPLTarget\P0000000000000000] - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIHSE.EXE [241280 2013-11-18] (SEIKO EPSON CORPORATION)
HKCU\...\Run: [AppsHat] - C:\Users\Mareike\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe [202752 2012-10-26] ()
MountPoints2: {4fb156a1-5d90-11e3-beb3-2cd05a283f5e} - "D:\AutoRun.exe" 
MountPoints2: {4fb156e0-5d90-11e3-beb3-2cd05a283f5e} - "D:\AutoRun.exe" 
MountPoints2: {983b72e5-6031-11e3-beb4-2cd05a283f5e} - "D:\AutoRun.exe" 
HKU\UpdatusUser\...\RunOnce: [WAB Migrate] - C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)
AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://do-search.com/web/?type=ds&ts=1385135312&from=smt&uid=ST500LM012XHN-M500MBB_S2RSJ9BD145925&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://do-search.com/?type=hp&ts=1385135312&from=smt&uid=ST500LM012XHN-M500MBB_S2RSJ9BD145925
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://do-search.com/?type=hp&ts=1385135312&from=smt&uid=ST500LM012XHN-M500MBB_S2RSJ9BD145925
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://do-search.com/web/?type=ds&ts=1385135312&from=smt&uid=ST500LM012XHN-M500MBB_S2RSJ9BD145925&q={searchTerms}
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://do-search.com/web/?type=ds&ts=1385135312&from=smt&uid=ST500LM012XHN-M500MBB_S2RSJ9BD145925&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://do-search.com/web/?type=ds&ts=1385135312&from=smt&uid=ST500LM012XHN-M500MBB_S2RSJ9BD145925&q={searchTerms}
SearchScopes: HKLM - {50952DBE-9475-4D32-B175-B9D835C33E99} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM-x32 - DefaultScope {A1321AA7-C4E1-45E4-AE3E-5B36421D56DA} URL = 
SearchScopes: HKLM-x32 - {50952DBE-9475-4D32-B175-B9D835C33E99} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=90FF5ED05A281E34&affID=121240&tsp=4993
SearchScopes: HKCU - {2964CFF3-C8EF-4A5C-9D50-1DF6B61E40E8} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=90ffd0880000000000005ed05a281e34&r=406
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKCU - {50952DBE-9475-4D32-B175-B9D835C33E99} URL = 
SearchScopes: HKCU - {72D7D848-109B-4332-958F-B39FBDC3E8EA} URL = hxxp://search.zonealarm.com/search?src=sp&tbid=goughDev3&Lan=de&q={searchTerms}&gu=2d6e1b8b51284e1782cf7d6e57e167d8&tu=10G9y009U1B0CO0&sku=&tstsId=&ver=&&r=671
BHO: Plus-HD-1.6 - {11111111-1111-1111-1111-110311201102} -  No File
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -  No File
BHO-x32: Zonealarm Helper Object - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} -  No File
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - ZoneAlarm Security Toolbar - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} -  No File
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Toolbar: HKCU - No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.255.212.1

FireFox:
========
FF ProfilePath: C:\Users\Mareike\AppData\Roaming\Mozilla\Firefox\Profiles\y10l559d.default
FF user.js: detected! => C:\Users\Mareike\AppData\Roaming\Mozilla\Firefox\Profiles\y10l559d.default\user.js
FF SearchEngineOrder.1: Google
FF Homepage: https://www.google.de/
FF Keyword.URL: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1561552&SearchSource=2&CUI=UN14212751791384810&UM=1&q=
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL No File
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @phonostar.de/phonostar-Player - C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll ( )
FF SearchPlugin: C:\Users\Mareike\AppData\Roaming\Mozilla\Firefox\Profiles\y10l559d.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Users\Mareike\AppData\Roaming\Mozilla\Firefox\Profiles\y10l559d.default\searchplugins\softonic.xml
FF SearchPlugin: C:\Users\Mareike\AppData\Roaming\Mozilla\Firefox\Profiles\y10l559d.default\searchplugins\zonealarm.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\do-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Plus-HD-1.6 - C:\Users\Mareike\AppData\Roaming\Mozilla\Firefox\Profiles\y10l559d.default\Extensions\6c937ed6-be66-4f72-9a60-ce5789cc7f09@53ba6712-2cae-46e2-b821-95baea44e049.com [2014-01-06]
FF Extension: LyricsSay-1 - C:\Users\Mareike\AppData\Roaming\Mozilla\Firefox\Profiles\y10l559d.default\Extensions\71139f7b-cef2-4ada-9c60-25f887d7e2e1@5b129621-59ed-453c-9453-d7593ee48c04.com [2013-11-15]
FF Extension: zonealarm.com - C:\Users\Mareike\AppData\Roaming\Mozilla\Firefox\Profiles\y10l559d.default\Extensions\ffxtlbr@zonealarm.com [2013-08-12]
FF Extension: 7Go - C:\Users\Mareike\AppData\Roaming\Mozilla\Firefox\Profiles\y10l559d.default\Extensions\7go@7go.com.xpi [2013-10-14]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Mareike\AppData\Roaming\Mozilla\Firefox\Profiles\y10l559d.default\Extensions\adblockpopups@jessehakanen.net.xpi [2013-12-08]
FF Extension: Speed Analysis 2 - C:\Users\Mareike\AppData\Roaming\Mozilla\Firefox\Profiles\y10l559d.default\Extensions\speedanalysis02@SpeedAnalysis.com.xpi [2013-10-07]
FF Extension: Adblock Plus - C:\Users\Mareike\AppData\Roaming\Mozilla\Firefox\Profiles\y10l559d.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-11-22]
FF Extension: Adblock Edge - C:\Users\Mareike\AppData\Roaming\Mozilla\Firefox\Profiles\y10l559d.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2013-12-08]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-11-26]

Chrome: 
=======
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR Extension: (Google Docs) - C:\Users\Mareike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-20]
CHR Extension: (Google Drive) - C:\Users\Mareike\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-20]
CHR Extension: (YouTube) - C:\Users\Mareike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-20]
CHR Extension: (Google-Suche) - C:\Users\Mareike\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-20]
CHR Extension: (avast! Online Security) - C:\Users\Mareike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-11-26]
CHR Extension: (Plus-HD-1.6) - C:\Users\Mareike\AppData\Local\Google\Chrome\User Data\Default\Extensions\jidjhchcblhlapbcpheibgdjkajekhbh [2013-11-30]
CHR Extension: (Google Wallet) - C:\Users\Mareike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
CHR Extension: (LyricsSay-1) - C:\Users\Mareike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjcbkbcncfkoljakenekllbfdonhjef [2013-10-13]
CHR Extension: (Google Mail) - C:\Users\Mareike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-20]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-08-20]
CHR HKLM-x32\...\Chrome\Extension: [gjajpkikblccgefaibcafkfbanllpefi] - C:\Users\Mareike\AppData\Roaming\7go\7go.crx [2013-08-20]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-11-26]
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

U2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-10] (Qualcomm Atheros Commnucations)
U2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-11-26] (AVAST Software)
U2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593976 2012-09-05] (Samsung Electronics CO., LTD.)
U2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
U2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
U2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
U2 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [657504 2012-11-01] ()
U2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1149104 2013-04-03] (Crawler.com)
U2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3018800 2013-10-21] (Samsung Electronics CO., LTD.)
U2 TuneUp.UtilitiesSvc; C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\TUNEUPUTILITIESSERVICE64.EXE [2100024 2013-08-30] (TuneUp Software)
U3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
U3 wifimansvc; C:\Program Files (x86)\Mobile Partner\eap\wifimansvc.exe [605696 2012-11-10] ()
U3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
U2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [54160 2013-06-18] (Check Point Software Technologies, Ltd.)
U2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-10] (Atheros)

==================== Drivers (Whitelisted) ====================

U0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
U2 aswFsBlk; C:\windows\system32\drivers\aswFsBlk.sys [38984 2013-11-26] (AVAST Software)
U2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [84328 2013-11-26] (AVAST Software)
U1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [92544 2013-11-26] (AVAST Software)
U0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-26] ()
U1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [1032416 2013-11-26] (AVAST Software)
U1 aswSP; C:\windows\system32\drivers\aswSP.sys [409832 2013-11-26] (AVAST Software)
U0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-11-26] ()
U3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
U3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-10] (Qualcomm Atheros)
U3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
U1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
U3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
U3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
U0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
U0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
U0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
U3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
U3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
U3 NPF; C:\Windows\System32\drivers\NPF.sys [35344 2012-09-22] (CACE Technologies, Inc.)
U3 NPF; C:\Windows\SysWOW64\drivers\NPF.sys [35344 2012-09-22] (CACE Technologies, Inc.)
U3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
U3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
U3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2013-02-04] (Windows (R) 2003 DDK 3790 provider)
U3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
U2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2013-12-11] (Windows (R) Win 7 DDK provider)
U0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-29] (Microsoft Corporation)
U3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16152 2014-01-21] ()
U3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.)
U3 TuneUpUtilitiesDrv; C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\TuneUpUtilitiesDriver64.sys [14112 2013-08-21] (TuneUp Software)
U3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
U3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
U3 ewusbnet; \SystemRoot\system32\DRIVERS\ewusbnet.sys [x]
U3 hwusbdev; \SystemRoot\system32\DRIVERS\ewusbdev.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-21 14:46 - 2014-01-21 14:46 - 00025229 _____ C:\Users\Mareike\Desktop\Addition_21.01.14.txt
2014-01-21 14:44 - 2014-01-21 14:45 - 00025229 _____ C:\Users\Mareike\Desktop\Addition.txt
2014-01-21 14:42 - 2014-01-21 14:46 - 00025782 _____ C:\Users\Mareike\Desktop\FRST.txt
2014-01-21 14:42 - 2014-01-21 14:42 - 00000000 ____D C:\FRST
2014-01-21 14:41 - 2014-01-21 14:41 - 02077184 _____ (Farbar) C:\Users\Mareike\Desktop\FRST64.exe
2014-01-21 12:20 - 2014-01-21 12:20 - 00000000 ___RD C:\Users\Mareike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\doPDF 7
2014-01-19 23:20 - 2014-01-19 23:20 - 00000000 ____D C:\Users\Mareike\Desktop\doPDF 7
2014-01-19 23:20 - 2014-01-19 23:20 - 00000000 ____D C:\Users\Mareike\AppData\Roaming\Softland
2014-01-19 23:20 - 2014-01-19 23:20 - 00000000 ____D C:\Program Files\Softland
2014-01-19 23:20 - 2013-08-20 13:28 - 00025920 _____ (Softland) C:\WINDOWS\system32\dopdfmn7.dll
2014-01-19 23:20 - 2013-08-20 13:28 - 00021312 _____ (Softland) C:\WINDOWS\system32\dopdfmi7.dll
2014-01-19 23:20 - 2010-11-25 12:17 - 00007549 _____ C:\WINDOWS\system32\dopdf7.ctm
2014-01-19 23:18 - 2014-01-19 23:19 - 04201928 _____ (Softland                                                    ) C:\Program Files\dopdf-7.exe
2014-01-18 15:55 - 2014-01-18 15:55 - 00002770 _____ C:\WINDOWS\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-01-17 15:03 - 2013-08-30 09:51 - 00040760 _____ (TuneUp Software) C:\WINDOWS\system32\TURegOpt.exe
2014-01-17 15:03 - 2013-08-30 09:51 - 00029496 _____ (TuneUp Software) C:\WINDOWS\system32\authuitu.dll
2014-01-17 15:03 - 2013-08-30 09:51 - 00025400 _____ (TuneUp Software) C:\WINDOWS\SysWOW64\authuitu.dll
2014-01-17 15:02 - 2014-01-17 15:02 - 00000000 ____D C:\Users\Mareike\AppData\Roaming\TuneUp Software
2014-01-17 15:01 - 2014-01-17 15:03 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2014
2014-01-17 15:00 - 2014-01-18 16:06 - 00000000 ____D C:\ProgramData\TuneUp Software
2014-01-17 14:59 - 2014-01-18 16:16 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-01-17 14:58 - 2014-01-17 14:58 - 00001508 _____ C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-01-17 14:58 - 2014-01-17 14:58 - 00001215 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2014-01-17 14:57 - 2014-01-17 14:57 - 00000000 ____D C:\Users\Mareike\AppData\Roaming\OpenCandy
2014-01-17 14:24 - 2014-01-17 14:24 - 00001198 _____ C:\Users\Mareike\Desktop\Videos - Verknüpfung.lnk
2014-01-16 11:40 - 2014-01-16 11:40 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2014-01-15 18:06 - 2013-12-09 01:15 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-01-15 18:06 - 2013-11-27 16:36 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-01-15 18:06 - 2013-11-27 12:41 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2014-01-15 18:06 - 2013-11-27 11:34 - 00138240 _____ C:\WINDOWS\system32\OEMLicense.dll
2014-01-15 18:06 - 2013-11-27 10:54 - 00103936 _____ C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-01-15 18:06 - 2013-11-27 09:48 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-15 18:06 - 2013-11-27 09:45 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-01-15 18:06 - 2013-11-27 09:40 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-15 18:06 - 2013-11-27 09:38 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-01-15 18:06 - 2013-11-27 09:17 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-01-15 18:06 - 2013-11-27 09:12 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-01-06 23:27 - 2014-01-06 23:27 - 00000000 ____D C:\ProgramData\McAfee
2014-01-06 18:48 - 2014-01-06 18:48 - 00580292 _____ C:\Users\Mareike\Downloads\Projektmanagement.zip
2014-01-06 04:23 - 2014-01-06 04:24 - 00000000 ____D C:\Users\Mareike\AppData\Local\Canon Easy-PhotoPrint EX
2014-01-06 04:21 - 2014-01-13 20:42 - 00000000 ____D C:\Program Files\Canon Camera
2014-01-06 04:03 - 2014-01-06 04:03 - 00000000 ___HD C:\ProgramData\CanonIJEPPEX2
2014-01-06 04:03 - 2014-01-06 04:03 - 00000000 ___HD C:\ProgramData\CanonEPP
2013-12-31 14:21 - 2014-01-21 14:37 - 00000000 ____D C:\Users\Mareike\AppData\Roaming\ClassicShell
2013-12-31 14:21 - 2013-12-31 14:21 - 00000000 ____D C:\ProgramData\ClassicShell
2013-12-31 14:21 - 2013-12-30 00:30 - 00002170 _____ C:\Users\Mareike\AppData\Roaming\Microsoft\Windows\Start Menu\startscreen.lnk
2013-12-30 00:30 - 2013-12-30 00:30 - 00000000 ____D C:\Program Files\Classic Shell
2013-12-30 00:17 - 2013-12-30 00:17 - 04285072 _____ (LionSea Software                                            ) C:\Program Files\Reparatur Tool - smartpcfixer - setup.exe
2013-12-22 13:48 - 2013-12-22 13:48 - 00000000 ____D C:\ProgramData\ZoomBrowser

==================== One Month Modified Files and Folders =======

2014-01-21 14:46 - 2014-01-21 14:46 - 00025229 _____ C:\Users\Mareike\Desktop\Addition_21.01.14.txt
2014-01-21 14:46 - 2014-01-21 14:42 - 00025782 _____ C:\Users\Mareike\Desktop\FRST.txt
2014-01-21 14:45 - 2014-01-21 14:44 - 00025229 _____ C:\Users\Mareike\Desktop\Addition.txt
2014-01-21 14:42 - 2014-01-21 14:42 - 00000000 ____D C:\FRST
2014-01-21 14:42 - 2013-08-11 17:53 - 00003592 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-927294191-717072922-153577076-1002
2014-01-21 14:41 - 2014-01-21 14:41 - 02077184 _____ (Farbar) C:\Users\Mareike\Desktop\FRST64.exe
2014-01-21 14:39 - 2012-10-20 06:47 - 00000000 ____D C:\ProgramData\WinClon
2014-01-21 14:38 - 2013-11-29 11:26 - 00000000 __RDO C:\Users\Mareike\SkyDrive
2014-01-21 14:38 - 2013-11-26 10:26 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-21 14:37 - 2013-12-31 14:21 - 00000000 ____D C:\Users\Mareike\AppData\Roaming\ClassicShell
2014-01-21 14:37 - 2013-11-29 10:41 - 01498135 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-21 14:37 - 2013-09-02 23:11 - 00016152 _____ C:\WINDOWS\system32\Drivers\SWDUMon.sys
2014-01-21 14:37 - 2013-09-02 23:11 - 00000436 _____ C:\WINDOWS\Tasks\SlimDrivers Startup.job
2014-01-21 14:36 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\sru
2014-01-21 13:36 - 2013-11-26 10:26 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-21 12:56 - 2013-08-12 15:22 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-01-21 12:20 - 2014-01-21 12:20 - 00000000 ___RD C:\Users\Mareike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\doPDF 7
2014-01-21 12:04 - 2013-12-11 23:44 - 00000000 ____D C:\ProgramData\Spyware Terminator
2014-01-21 12:01 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2014-01-20 00:38 - 2013-12-08 18:46 - 00003946 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{09FD12B5-E364-4FF7-AE6D-BAF3212E2F15}
2014-01-19 23:20 - 2014-01-19 23:20 - 00000000 ____D C:\Users\Mareike\Desktop\doPDF 7
2014-01-19 23:20 - 2014-01-19 23:20 - 00000000 ____D C:\Users\Mareike\AppData\Roaming\Softland
2014-01-19 23:20 - 2014-01-19 23:20 - 00000000 ____D C:\Program Files\Softland
2014-01-19 23:19 - 2014-01-19 23:18 - 04201928 _____ (Softland                                                    ) C:\Program Files\dopdf-7.exe
2014-01-19 22:45 - 2013-11-18 11:13 - 00000000 ____D C:\Users\Mareike\AppData\Roaming\Epson
2014-01-18 18:59 - 2013-09-30 05:14 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2014-01-18 18:59 - 2013-09-30 04:56 - 00765582 _____ C:\WINDOWS\system32\perfh007.dat
2014-01-18 18:59 - 2013-09-30 04:56 - 00159366 _____ C:\WINDOWS\system32\perfc007.dat
2014-01-18 18:24 - 2013-08-22 15:46 - 00340452 _____ C:\WINDOWS\setupact.log
2014-01-18 18:11 - 2013-09-29 20:04 - 00308110 _____ C:\WINDOWS\PFRO.log
2014-01-18 18:11 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-18 18:11 - 2013-08-22 14:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2014-01-18 16:16 - 2014-01-17 14:59 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-01-18 16:16 - 2013-11-22 17:14 - 00000000 ____D C:\Users\Mareike\Desktop\Programmverknüpfungen
2014-01-18 16:06 - 2014-01-17 15:00 - 00000000 ____D C:\ProgramData\TuneUp Software
2014-01-18 15:55 - 2014-01-18 15:55 - 00002770 _____ C:\WINDOWS\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-01-17 23:44 - 2013-11-29 10:49 - 00000000 ____D C:\Users\Mareike
2014-01-17 15:22 - 2013-08-11 17:47 - 00000000 ____D C:\Users\Mareike\AppData\Local\VirtualStore
2014-01-17 15:03 - 2014-01-17 15:01 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2014
2014-01-17 15:02 - 2014-01-17 15:02 - 00000000 ____D C:\Users\Mareike\AppData\Roaming\TuneUp Software
2014-01-17 14:58 - 2014-01-17 14:58 - 00001508 _____ C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-01-17 14:58 - 2014-01-17 14:58 - 00001215 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2014-01-17 14:58 - 2013-11-22 16:54 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2014-01-17 14:57 - 2014-01-17 14:57 - 00000000 ____D C:\Users\Mareike\AppData\Roaming\OpenCandy
2014-01-17 14:57 - 2013-09-08 21:42 - 00000000 ____D C:\Users\Mareike\AppData\Roaming\DVDVideoSoft
2014-01-17 14:24 - 2014-01-17 14:24 - 00001198 _____ C:\Users\Mareike\Desktop\Videos - Verknüpfung.lnk
2014-01-17 14:22 - 2013-11-09 02:08 - 00000000 ____D C:\Users\Mareike\AppData\Roaming\vlc
2014-01-17 14:08 - 2013-12-08 18:40 - 00000000 ____D C:\Program Files\Crack Adobe CC
2014-01-17 11:06 - 2013-11-10 21:18 - 00000000 ____D C:\Users\Mareike\AppData\Roaming\PhotoScape
2014-01-16 11:40 - 2014-01-16 11:40 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2014-01-16 10:02 - 2013-11-26 10:29 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-01-15 19:47 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2014-01-15 18:55 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\WinStore
2014-01-15 18:29 - 2013-08-15 14:02 - 00000000 ____D C:\WINDOWS\system32\MRT
2014-01-15 18:22 - 2013-08-15 14:02 - 86054176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-01-13 20:42 - 2014-01-06 04:21 - 00000000 ____D C:\Program Files\Canon Camera
2014-01-13 19:56 - 2013-08-11 21:23 - 00000000 ____D C:\Mareike
2014-01-13 19:44 - 2013-11-22 16:45 - 00019456 ____H C:\Users\Mareike\Desktop\photothumb.db
2014-01-11 17:15 - 2013-08-11 17:48 - 00000000 ____D C:\Users\Mareike\AppData\Roaming\Adobe
2014-01-06 23:31 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-01-06 23:31 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-06 23:30 - 2013-08-11 17:49 - 00000000 ____D C:\Users\Mareike\AppData\Local\Adobe
2014-01-06 23:27 - 2014-01-06 23:27 - 00000000 ____D C:\ProgramData\McAfee
2014-01-06 23:26 - 2012-10-20 06:51 - 00000000 ____D C:\ProgramData\Adobe
2014-01-06 23:25 - 2012-10-20 06:51 - 00000000 ____D C:\Program Files (x86)\Adobe
2014-01-06 23:22 - 2013-10-22 12:33 - 00000000 ____D C:\Users\Mareike\AppData\Roaming\Skype
2014-01-06 18:48 - 2014-01-06 18:48 - 00580292 _____ C:\Users\Mareike\Downloads\Projektmanagement.zip
2014-01-06 04:24 - 2014-01-06 04:23 - 00000000 ____D C:\Users\Mareike\AppData\Local\Canon Easy-PhotoPrint EX
2014-01-06 04:24 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2014-01-06 04:20 - 2013-08-20 20:56 - 00000000 ____D C:\Program Files\Canon Printer
2014-01-06 04:10 - 2013-08-12 18:33 - 00000000 ____D C:\Program Files (x86)\Canon
2014-01-06 04:09 - 2013-09-03 00:24 - 00000000 ____D C:\Users\Mareike\AppData\Roaming\Canon
2014-01-06 04:03 - 2014-01-06 04:03 - 00000000 ___HD C:\ProgramData\CanonIJEPPEX2
2014-01-06 04:03 - 2014-01-06 04:03 - 00000000 ___HD C:\ProgramData\CanonEPP
2013-12-31 14:21 - 2013-12-31 14:21 - 00000000 ____D C:\ProgramData\ClassicShell
2013-12-30 00:30 - 2013-12-31 14:21 - 00002170 _____ C:\Users\Mareike\AppData\Roaming\Microsoft\Windows\Start Menu\startscreen.lnk
2013-12-30 00:30 - 2013-12-30 00:30 - 00000000 ____D C:\Program Files\Classic Shell
2013-12-30 00:20 - 2013-11-08 04:38 - 00012375 _____ C:\Users\Mareike\Documents\Abrechnung Florida-Urlaub Mareike_Anita_2013.xlsx
2013-12-30 00:17 - 2013-12-30 00:17 - 04285072 _____ (LionSea Software                                            ) C:\Program Files\Reparatur Tool - smartpcfixer - setup.exe
2013-12-29 17:18 - 2013-08-22 15:44 - 05139496 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-12-22 23:49 - 2013-08-11 17:57 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-22 23:45 - 2012-10-20 07:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-12-22 23:43 - 2013-09-30 04:59 - 00000000 ____D C:\WINDOWS\ShellNew
2013-12-22 14:12 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2013-12-22 13:54 - 2013-08-11 21:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-22 13:48 - 2013-12-22 13:48 - 00000000 ____D C:\ProgramData\ZoomBrowser

Files to move or delete:
====================
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-19 21:06

==================== End Of Log ============================
         
--- --- ---
Zusätzliche Info: Ich habe AVAST! Free Antivirus installiert.

Es gibt auch noch eine weitere Fehlermeldung:
Spyware Terminator Echtzeit-Schutz
Cannot create shell notification Icon

Alt 21.01.2014, 15:37   #2
aharonov
/// TB-Ausbilder
 
Run DLL C:\Users\Mareike\AppData\Local\ConduitBackground\BackgroundContainer.dll      Das angegebene Modul wurde nicht gefunden. - Standard

Run DLL C:\Users\Mareike\AppData\Local\ConduitBackground\BackgroundContainer.dll Das angegebene Modul wurde nicht gefunden.



Hallo,

die Addition.txt ist unvollständig, da fehlt die obere Hälfte.
Kannst du dieses Log bitte noch einmal komplett nachreichen?
__________________

__________________

Alt 21.01.2014, 16:45   #3
MaryLoo
 
Run DLL C:\Users\Mareike\AppData\Local\ConduitBackground\BackgroundContainer.dll      Das angegebene Modul wurde nicht gefunden. - Standard

Run DLL C:\Users\Mareike\AppData\Local\ConduitBackground\BackgroundContainer.dll Das angegebene Modul wurde nicht gefunden.



Ich glaube, der Fehler ist behoben. Ich bin wie folgt vorgegangen:

-Press Windows key + R on your keyboard to launch the Run box.

-Type taskschd.msc in this box and hit Enter to open Task Scheduler window.

-Click on the Task Scheduler Library folder in the left panel.

-Now locate and right click the Background Container task in the middle panel

-Choose to Delete this task and Exit Task Scheduler.


Hier nochmal die Log-Dateien...
...FRST.....
FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-01-2014
Ran by Mareike (administrator) on MAREIKE-NB on 21-01-2014 16:37:27
Running from C:\Users\Mareike\Desktop
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
() C:\ProgramData\DataCardService\HWDeviceService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Samsung Electronics CO., LTD.) C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DataCardService\DCSHelper.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\livecomm.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Windows\System32\sdclt.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2012-08-07] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] - C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [764032 2012-08-10] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-08-10] (Atheros Communications)
HKLM\...\Run: [IntelliPoint] - c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2917176 2012-08-24] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
HKLM\...\Run: [SpywareTerminatorShield] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2777736 2013-04-03] (Crawler.com)
HKLM\...\Run: [SpywareTerminatorUpdater] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [3684488 2013-04-03] (Crawler.com)
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] - C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] - C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-12] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-07-22] (Geek Software GmbH)
HKLM-x32\...\Run: [FUFAXRCV] - C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [495616 2011-03-09] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] - C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [856064 2011-03-09] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [EEventManager] - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2014-01-21] (AVAST Software)
HKLM-x32\...\Run: [Adobe Creative Cloud] - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-11-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [phonostar-PlayerTimer] - C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe [42496 2013-04-25] ()
HKCU\...\Run: [EPLTarget\P0000000000000000] - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIHSE.EXE [241280 2013-11-18] (SEIKO EPSON CORPORATION)
HKCU\...\Run: [AppsHat] - C:\Users\Mareike\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe [202752 2012-10-26] ()
MountPoints2: {4fb156a1-5d90-11e3-beb3-2cd05a283f5e} - "D:\AutoRun.exe" 
MountPoints2: {4fb156e0-5d90-11e3-beb3-2cd05a283f5e} - "D:\AutoRun.exe" 
MountPoints2: {983b72e5-6031-11e3-beb4-2cd05a283f5e} - "D:\AutoRun.exe" 
HKU\UpdatusUser\...\RunOnce: [WAB Migrate] - C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)
AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://do-search.com/web/?type=ds&ts=1385135312&from=smt&uid=ST500LM012XHN-M500MBB_S2RSJ9BD145925&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://do-search.com/?type=hp&ts=1385135312&from=smt&uid=ST500LM012XHN-M500MBB_S2RSJ9BD145925
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://do-search.com/?type=hp&ts=1385135312&from=smt&uid=ST500LM012XHN-M500MBB_S2RSJ9BD145925
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://do-search.com/web/?type=ds&ts=1385135312&from=smt&uid=ST500LM012XHN-M500MBB_S2RSJ9BD145925&q={searchTerms}
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://do-search.com/web/?type=ds&ts=1385135312&from=smt&uid=ST500LM012XHN-M500MBB_S2RSJ9BD145925&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://do-search.com/web/?type=ds&ts=1385135312&from=smt&uid=ST500LM012XHN-M500MBB_S2RSJ9BD145925&q={searchTerms}
SearchScopes: HKLM - {50952DBE-9475-4D32-B175-B9D835C33E99} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM-x32 - DefaultScope {A1321AA7-C4E1-45E4-AE3E-5B36421D56DA} URL = 
SearchScopes: HKLM-x32 - {50952DBE-9475-4D32-B175-B9D835C33E99} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=90FF5ED05A281E34&affID=121240&tsp=4993
SearchScopes: HKCU - {2964CFF3-C8EF-4A5C-9D50-1DF6B61E40E8} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=90ffd0880000000000005ed05a281e34&r=406
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKCU - {50952DBE-9475-4D32-B175-B9D835C33E99} URL = 
SearchScopes: HKCU - {72D7D848-109B-4332-958F-B39FBDC3E8EA} URL = hxxp://search.zonealarm.com/search?src=sp&tbid=goughDev3&Lan=de&q={searchTerms}&gu=2d6e1b8b51284e1782cf7d6e57e167d8&tu=10G9y009U1B0CO0&sku=&tstsId=&ver=&&r=671
BHO: Plus-HD-1.6 - {11111111-1111-1111-1111-110311201102} -  No File
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -  No File
BHO-x32: Zonealarm Helper Object - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} -  No File
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - ZoneAlarm Security Toolbar - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} -  No File
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.255.212.1

FireFox:
========
FF ProfilePath: C:\Users\Mareike\AppData\Roaming\Mozilla\Firefox\Profiles\y10l559d.default
FF user.js: detected! => C:\Users\Mareike\AppData\Roaming\Mozilla\Firefox\Profiles\y10l559d.default\user.js
FF SearchEngineOrder.1: Google
FF Homepage: https://www.google.de/
FF Keyword.URL: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1561552&SearchSource=2&CUI=UN14212751791384810&UM=1&q=
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL No File
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @phonostar.de/phonostar-Player - C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll ( )
FF SearchPlugin: C:\Users\Mareike\AppData\Roaming\Mozilla\Firefox\Profiles\y10l559d.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Users\Mareike\AppData\Roaming\Mozilla\Firefox\Profiles\y10l559d.default\searchplugins\softonic.xml
FF SearchPlugin: C:\Users\Mareike\AppData\Roaming\Mozilla\Firefox\Profiles\y10l559d.default\searchplugins\zonealarm.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\do-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Plus-HD-1.6 - C:\Users\Mareike\AppData\Roaming\Mozilla\Firefox\Profiles\y10l559d.default\Extensions\6c937ed6-be66-4f72-9a60-ce5789cc7f09@53ba6712-2cae-46e2-b821-95baea44e049.com [2014-01-06]
FF Extension: LyricsSay-1 - C:\Users\Mareike\AppData\Roaming\Mozilla\Firefox\Profiles\y10l559d.default\Extensions\71139f7b-cef2-4ada-9c60-25f887d7e2e1@5b129621-59ed-453c-9453-d7593ee48c04.com [2013-11-15]
FF Extension: zonealarm.com - C:\Users\Mareike\AppData\Roaming\Mozilla\Firefox\Profiles\y10l559d.default\Extensions\ffxtlbr@zonealarm.com [2013-08-12]
FF Extension: 7Go - C:\Users\Mareike\AppData\Roaming\Mozilla\Firefox\Profiles\y10l559d.default\Extensions\7go@7go.com.xpi [2013-10-14]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Mareike\AppData\Roaming\Mozilla\Firefox\Profiles\y10l559d.default\Extensions\adblockpopups@jessehakanen.net.xpi [2013-12-08]
FF Extension: Speed Analysis 2 - C:\Users\Mareike\AppData\Roaming\Mozilla\Firefox\Profiles\y10l559d.default\Extensions\speedanalysis02@SpeedAnalysis.com.xpi [2013-10-07]
FF Extension: Adblock Plus - C:\Users\Mareike\AppData\Roaming\Mozilla\Firefox\Profiles\y10l559d.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-11-22]
FF Extension: Adblock Edge - C:\Users\Mareike\AppData\Roaming\Mozilla\Firefox\Profiles\y10l559d.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2013-12-08]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-11-26]

Chrome: 
=======
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR Extension: (Google Docs) - C:\Users\Mareike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-20]
CHR Extension: (Google Drive) - C:\Users\Mareike\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-20]
CHR Extension: (YouTube) - C:\Users\Mareike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-20]
CHR Extension: (Google-Suche) - C:\Users\Mareike\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-20]
CHR Extension: (avast! Online Security) - C:\Users\Mareike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-11-26]
CHR Extension: (Plus-HD-1.6) - C:\Users\Mareike\AppData\Local\Google\Chrome\User Data\Default\Extensions\jidjhchcblhlapbcpheibgdjkajekhbh [2013-11-30]
CHR Extension: (Google Wallet) - C:\Users\Mareike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
CHR Extension: (LyricsSay-1) - C:\Users\Mareike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjcbkbcncfkoljakenekllbfdonhjef [2013-10-13]
CHR Extension: (Google Mail) - C:\Users\Mareike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-20]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-08-20]
CHR HKLM-x32\...\Chrome\Extension: [gjajpkikblccgefaibcafkfbanllpefi] - C:\Users\Mareike\AppData\Roaming\7go\7go.crx [2013-08-20]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-11-26]
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

U2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-10] (Qualcomm Atheros Commnucations)
U2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-21] (AVAST Software)
U2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593976 2012-09-05] (Samsung Electronics CO., LTD.)
U2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
U2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
U2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
U2 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [657504 2012-11-01] ()
U2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1149104 2013-04-03] (Crawler.com)
U2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3018800 2013-10-21] (Samsung Electronics CO., LTD.)
U2 TuneUp.UtilitiesSvc; C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\TUNEUPUTILITIESSERVICE64.EXE [2100024 2013-08-30] (TuneUp Software)
U3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
U3 wifimansvc; C:\Program Files (x86)\Mobile Partner\eap\wifimansvc.exe [605696 2012-11-10] ()
U3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
U2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [54160 2013-06-18] (Check Point Software Technologies, Ltd.)
U2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-10] (Atheros)

==================== Drivers (Whitelisted) ====================

U0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
U2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [78648 2014-01-21] (AVAST Software)
U1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [92544 2013-11-26] (AVAST Software)
U0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-26] ()
U1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [1034464 2014-01-21] (AVAST Software)
U1 aswSP; C:\windows\system32\drivers\aswSP.sys [422216 2014-01-21] (AVAST Software)
U3 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [79672 2014-01-21] (AVAST Software)
U0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-21] ()
U3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
U3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-10] (Qualcomm Atheros)
U3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
U1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
U3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
U3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
U0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
U0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
U0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
U3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
U3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
U3 NPF; C:\Windows\System32\drivers\NPF.sys [35344 2012-09-22] (CACE Technologies, Inc.)
U3 NPF; C:\Windows\SysWOW64\drivers\NPF.sys [35344 2012-09-22] (CACE Technologies, Inc.)
U3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
U3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
U3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2013-02-04] (Windows (R) 2003 DDK 3790 provider)
U3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
U2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2013-12-11] (Windows (R) Win 7 DDK provider)
U0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-29] (Microsoft Corporation)
U3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16152 2014-01-21] ()
U3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.)
U3 TuneUpUtilitiesDrv; C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\TuneUpUtilitiesDriver64.sys [14112 2013-08-21] (TuneUp Software)
U3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
U3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
U3 ewusbnet; \SystemRoot\system32\DRIVERS\ewusbnet.sys [x]
U3 hwusbdev; \SystemRoot\system32\DRIVERS\ewusbdev.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-21 16:37 - 2014-01-21 16:37 - 00025456 _____ C:\Users\Mareike\Desktop\FRST.txt
2014-01-21 15:40 - 2014-01-21 15:40 - 00089204 _____ C:\Users\Mareike\Desktop\Sicherung_Änderung der Registry_21.01.14.reg
2014-01-21 15:34 - 2014-01-21 15:34 - 00002776 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-01-21 15:34 - 2014-01-21 15:34 - 00000000 ____D C:\Program Files\CCleaner
2014-01-21 15:30 - 2014-01-21 15:30 - 03571656 _____ (Piriform Ltd) C:\Program Files\ccsetup409_slim.exe
2014-01-21 15:06 - 2014-01-21 15:06 - 00079672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
2014-01-21 14:42 - 2014-01-21 14:42 - 00000000 ____D C:\FRST
2014-01-21 14:41 - 2014-01-21 14:41 - 02077184 _____ (Farbar) C:\Users\Mareike\Desktop\FRST64.exe
2014-01-21 12:20 - 2014-01-21 12:20 - 00000000 ___RD C:\Users\Mareike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\doPDF 7
2014-01-19 23:20 - 2014-01-21 15:47 - 00000000 ____D C:\Program Files\doPDF 7
2014-01-19 23:20 - 2014-01-19 23:20 - 00001827 _____ C:\Users\Mareike\Desktop\doPDF.lnk
2014-01-19 23:20 - 2014-01-19 23:20 - 00000000 ____D C:\Users\Mareike\AppData\Roaming\Softland
2014-01-19 23:20 - 2014-01-19 23:20 - 00000000 ____D C:\Program Files\Softland
2014-01-19 23:20 - 2013-08-20 13:28 - 00025920 _____ (Softland) C:\WINDOWS\system32\dopdfmn7.dll
2014-01-19 23:20 - 2013-08-20 13:28 - 00021312 _____ (Softland) C:\WINDOWS\system32\dopdfmi7.dll
2014-01-19 23:20 - 2010-11-25 12:17 - 00007549 _____ C:\WINDOWS\system32\dopdf7.ctm
2014-01-19 23:18 - 2014-01-19 23:19 - 04201928 _____ (Softland                                                    ) C:\Program Files\dopdf-7.exe
2014-01-17 15:03 - 2013-08-30 09:51 - 00040760 _____ (TuneUp Software) C:\WINDOWS\system32\TURegOpt.exe
2014-01-17 15:03 - 2013-08-30 09:51 - 00029496 _____ (TuneUp Software) C:\WINDOWS\system32\authuitu.dll
2014-01-17 15:03 - 2013-08-30 09:51 - 00025400 _____ (TuneUp Software) C:\WINDOWS\SysWOW64\authuitu.dll
2014-01-17 15:02 - 2014-01-17 15:02 - 00000000 ____D C:\Users\Mareike\AppData\Roaming\TuneUp Software
2014-01-17 15:01 - 2014-01-17 15:03 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2014
2014-01-17 15:00 - 2014-01-18 16:06 - 00000000 ____D C:\ProgramData\TuneUp Software
2014-01-17 14:59 - 2014-01-18 16:16 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-01-17 14:57 - 2014-01-17 14:57 - 00000000 ____D C:\Users\Mareike\AppData\Roaming\OpenCandy
2014-01-17 14:24 - 2014-01-17 14:24 - 00001198 _____ C:\Users\Mareike\Desktop\Videos - Verknüpfung.lnk
2014-01-16 11:40 - 2014-01-16 11:40 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2014-01-15 18:06 - 2013-12-09 01:15 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-01-15 18:06 - 2013-11-27 16:36 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-01-15 18:06 - 2013-11-27 12:41 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2014-01-15 18:06 - 2013-11-27 11:34 - 00138240 _____ C:\WINDOWS\system32\OEMLicense.dll
2014-01-15 18:06 - 2013-11-27 10:54 - 00103936 _____ C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-01-15 18:06 - 2013-11-27 09:48 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-15 18:06 - 2013-11-27 09:45 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-01-15 18:06 - 2013-11-27 09:40 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-15 18:06 - 2013-11-27 09:38 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-01-15 18:06 - 2013-11-27 09:17 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-01-15 18:06 - 2013-11-27 09:12 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-01-10 14:33 - 2014-01-21 15:31 - 00010927 _____ C:\Users\Mareike\Desktop\Antrag Kostenerstattung Arbeitsamt.xlsx
2014-01-06 23:27 - 2014-01-06 23:27 - 00000000 ____D C:\ProgramData\McAfee
2014-01-06 18:48 - 2014-01-06 18:48 - 00580292 _____ C:\Users\Mareike\Downloads\Projektmanagement.zip
2014-01-06 04:23 - 2014-01-06 04:24 - 00000000 ____D C:\Users\Mareike\AppData\Local\Canon Easy-PhotoPrint EX
2014-01-06 04:21 - 2014-01-13 20:42 - 00000000 ____D C:\Program Files\Canon Camera
2014-01-06 04:03 - 2014-01-06 04:03 - 00000000 ___HD C:\ProgramData\CanonIJEPPEX2
2014-01-06 04:03 - 2014-01-06 04:03 - 00000000 ___HD C:\ProgramData\CanonEPP
2013-12-31 14:21 - 2014-01-21 16:36 - 00000000 ____D C:\Users\Mareike\AppData\Roaming\ClassicShell
2013-12-31 14:21 - 2013-12-31 14:21 - 00000000 ____D C:\ProgramData\ClassicShell
2013-12-31 14:21 - 2013-12-30 00:30 - 00002170 _____ C:\Users\Mareike\AppData\Roaming\Microsoft\Windows\Start Menu\startscreen.lnk
2013-12-30 00:30 - 2013-12-30 00:30 - 00000000 ____D C:\Program Files\Classic Shell
2013-12-30 00:17 - 2013-12-30 00:17 - 04285072 _____ (LionSea Software                                            ) C:\Program Files\Reparatur Tool - smartpcfixer - setup.exe
2013-12-22 13:48 - 2013-12-22 13:48 - 00000000 ____D C:\ProgramData\ZoomBrowser

==================== One Month Modified Files and Folders =======

2014-01-21 16:38 - 2014-01-21 16:37 - 00025456 _____ C:\Users\Mareike\Desktop\FRST.txt
2014-01-21 16:37 - 2013-11-29 11:26 - 00000000 __RDO C:\Users\Mareike\SkyDrive
2014-01-21 16:36 - 2013-12-31 14:21 - 00000000 ____D C:\Users\Mareike\AppData\Roaming\ClassicShell
2014-01-21 16:36 - 2013-11-29 10:49 - 00000000 ____D C:\Users\Mareike
2014-01-21 16:36 - 2013-11-26 10:26 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-21 16:36 - 2013-11-26 10:26 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-21 16:33 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-21 16:23 - 2013-08-11 17:53 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-927294191-717072922-153577076-1002
2014-01-21 16:17 - 2013-11-29 10:41 - 01573933 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-21 16:04 - 2012-10-20 06:47 - 00000000 ____D C:\ProgramData\WinClon
2014-01-21 16:02 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\sru
2014-01-21 15:58 - 2013-08-22 14:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2014-01-21 15:56 - 2013-08-12 15:22 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-01-21 15:49 - 2013-12-08 18:46 - 00003946 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{09FD12B5-E364-4FF7-AE6D-BAF3212E2F15}
2014-01-21 15:47 - 2014-01-19 23:20 - 00000000 ____D C:\Program Files\doPDF 7
2014-01-21 15:45 - 2013-11-22 17:14 - 00000000 ____D C:\Users\Mareike\Desktop\Programmverknüpfungen
2014-01-21 15:44 - 2013-09-02 23:11 - 00016152 _____ C:\WINDOWS\system32\Drivers\SWDUMon.sys
2014-01-21 15:40 - 2014-01-21 15:40 - 00089204 _____ C:\Users\Mareike\Desktop\Sicherung_Änderung der Registry_21.01.14.reg
2014-01-21 15:37 - 2013-11-29 10:37 - 00000000 ___DC C:\WINDOWS\Panther
2014-01-21 15:37 - 2013-08-12 18:46 - 00000000 ____D C:\Users\Mareike\AppData\Local\CrashDumps
2014-01-21 15:34 - 2014-01-21 15:34 - 00002776 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-01-21 15:34 - 2014-01-21 15:34 - 00000000 ____D C:\Program Files\CCleaner
2014-01-21 15:32 - 2013-08-11 21:23 - 00000000 ____D C:\Mareike
2014-01-21 15:31 - 2014-01-10 14:33 - 00010927 _____ C:\Users\Mareike\Desktop\Antrag Kostenerstattung Arbeitsamt.xlsx
2014-01-21 15:30 - 2014-01-21 15:30 - 03571656 _____ (Piriform Ltd) C:\Program Files\ccsetup409_slim.exe
2014-01-21 15:06 - 2014-01-21 15:06 - 00079672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
2014-01-21 15:06 - 2013-11-26 10:29 - 00003924 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-01-21 15:06 - 2013-11-26 10:23 - 01034464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-01-21 15:06 - 2013-11-26 10:23 - 00422216 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-01-21 15:06 - 2013-11-26 10:23 - 00334136 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-01-21 15:06 - 2013-11-26 10:23 - 00207904 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-01-21 15:06 - 2013-11-26 10:23 - 00078648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-01-21 15:05 - 2013-11-26 10:23 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-01-21 14:42 - 2014-01-21 14:42 - 00000000 ____D C:\FRST
2014-01-21 14:41 - 2014-01-21 14:41 - 02077184 _____ (Farbar) C:\Users\Mareike\Desktop\FRST64.exe
2014-01-21 12:20 - 2014-01-21 12:20 - 00000000 ___RD C:\Users\Mareike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\doPDF 7
2014-01-21 12:04 - 2013-12-11 23:44 - 00000000 ____D C:\ProgramData\Spyware Terminator
2014-01-21 12:01 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2014-01-19 23:20 - 2014-01-19 23:20 - 00001827 _____ C:\Users\Mareike\Desktop\doPDF.lnk
2014-01-19 23:20 - 2014-01-19 23:20 - 00000000 ____D C:\Users\Mareike\AppData\Roaming\Softland
2014-01-19 23:20 - 2014-01-19 23:20 - 00000000 ____D C:\Program Files\Softland
2014-01-19 23:19 - 2014-01-19 23:18 - 04201928 _____ (Softland                                                    ) C:\Program Files\dopdf-7.exe
2014-01-19 22:45 - 2013-11-18 11:13 - 00000000 ____D C:\Users\Mareike\AppData\Roaming\Epson
2014-01-18 18:59 - 2013-09-30 05:14 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2014-01-18 18:59 - 2013-09-30 04:56 - 00765582 _____ C:\WINDOWS\system32\perfh007.dat
2014-01-18 18:59 - 2013-09-30 04:56 - 00159366 _____ C:\WINDOWS\system32\perfc007.dat
2014-01-18 16:16 - 2014-01-17 14:59 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-01-18 16:06 - 2014-01-17 15:00 - 00000000 ____D C:\ProgramData\TuneUp Software
2014-01-17 15:22 - 2013-08-11 17:47 - 00000000 ____D C:\Users\Mareike\AppData\Local\VirtualStore
2014-01-17 15:03 - 2014-01-17 15:01 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2014
2014-01-17 15:02 - 2014-01-17 15:02 - 00000000 ____D C:\Users\Mareike\AppData\Roaming\TuneUp Software
2014-01-17 14:58 - 2013-11-22 16:54 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2014-01-17 14:57 - 2014-01-17 14:57 - 00000000 ____D C:\Users\Mareike\AppData\Roaming\OpenCandy
2014-01-17 14:57 - 2013-09-08 21:42 - 00000000 ____D C:\Users\Mareike\AppData\Roaming\DVDVideoSoft
2014-01-17 14:24 - 2014-01-17 14:24 - 00001198 _____ C:\Users\Mareike\Desktop\Videos - Verknüpfung.lnk
2014-01-17 14:22 - 2013-11-09 02:08 - 00000000 ____D C:\Users\Mareike\AppData\Roaming\vlc
2014-01-17 14:08 - 2013-12-08 18:40 - 00000000 ____D C:\Program Files\Crack Adobe CC
2014-01-17 11:06 - 2013-11-10 21:18 - 00000000 ____D C:\Users\Mareike\AppData\Roaming\PhotoScape
2014-01-16 11:40 - 2014-01-16 11:40 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2014-01-15 19:47 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2014-01-15 18:55 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\WinStore
2014-01-15 18:29 - 2013-08-15 14:02 - 00000000 ____D C:\WINDOWS\system32\MRT
2014-01-15 18:22 - 2013-08-15 14:02 - 86054176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-01-13 20:42 - 2014-01-06 04:21 - 00000000 ____D C:\Program Files\Canon Camera
2014-01-13 19:44 - 2013-11-22 16:45 - 00019456 ____H C:\Users\Mareike\Desktop\photothumb.db
2014-01-11 17:15 - 2013-08-11 17:48 - 00000000 ____D C:\Users\Mareike\AppData\Roaming\Adobe
2014-01-06 23:31 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-01-06 23:31 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-06 23:30 - 2013-08-11 17:49 - 00000000 ____D C:\Users\Mareike\AppData\Local\Adobe
2014-01-06 23:27 - 2014-01-06 23:27 - 00000000 ____D C:\ProgramData\McAfee
2014-01-06 23:26 - 2012-10-20 06:51 - 00000000 ____D C:\ProgramData\Adobe
2014-01-06 23:25 - 2012-10-20 06:51 - 00000000 ____D C:\Program Files (x86)\Adobe
2014-01-06 23:22 - 2013-10-22 12:33 - 00000000 ____D C:\Users\Mareike\AppData\Roaming\Skype
2014-01-06 18:48 - 2014-01-06 18:48 - 00580292 _____ C:\Users\Mareike\Downloads\Projektmanagement.zip
2014-01-06 04:24 - 2014-01-06 04:23 - 00000000 ____D C:\Users\Mareike\AppData\Local\Canon Easy-PhotoPrint EX
2014-01-06 04:24 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2014-01-06 04:20 - 2013-08-20 20:56 - 00000000 ____D C:\Program Files\Canon Printer
2014-01-06 04:10 - 2013-08-12 18:33 - 00000000 ____D C:\Program Files (x86)\Canon
2014-01-06 04:09 - 2013-09-03 00:24 - 00000000 ____D C:\Users\Mareike\AppData\Roaming\Canon
2014-01-06 04:03 - 2014-01-06 04:03 - 00000000 ___HD C:\ProgramData\CanonIJEPPEX2
2014-01-06 04:03 - 2014-01-06 04:03 - 00000000 ___HD C:\ProgramData\CanonEPP
2013-12-31 14:21 - 2013-12-31 14:21 - 00000000 ____D C:\ProgramData\ClassicShell
2013-12-30 00:30 - 2013-12-31 14:21 - 00002170 _____ C:\Users\Mareike\AppData\Roaming\Microsoft\Windows\Start Menu\startscreen.lnk
2013-12-30 00:30 - 2013-12-30 00:30 - 00000000 ____D C:\Program Files\Classic Shell
2013-12-30 00:20 - 2013-11-08 04:38 - 00012375 _____ C:\Users\Mareike\Documents\Abrechnung Florida-Urlaub Mareike_Anita_2013.xlsx
2013-12-30 00:17 - 2013-12-30 00:17 - 04285072 _____ (LionSea Software                                            ) C:\Program Files\Reparatur Tool - smartpcfixer - setup.exe
2013-12-29 17:18 - 2013-08-22 15:44 - 05139496 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-12-22 23:49 - 2013-08-11 17:57 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-22 23:45 - 2012-10-20 07:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-12-22 23:43 - 2013-09-30 04:59 - 00000000 ____D C:\WINDOWS\ShellNew
2013-12-22 14:12 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2013-12-22 13:54 - 2013-08-11 21:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-22 13:48 - 2013-12-22 13:48 - 00000000 ____D C:\ProgramData\ZoomBrowser

Files to move or delete:
====================
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-19 21:06

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Addition:FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-01-2014
Ran by Mareike at 2014-01-21 16:43:27
Running from C:\Users\Mareike\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

Adobe Creative Cloud (x32 Version: 2.2.1.260 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Photoshop CC (x32 Version: 14.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (x32 Version: 11.0.06 - Adobe Systems Incorporated)
avast! Free Antivirus (x32 Version: 9.0.2011 - Avast Software)
Benutzerhandbuch EPSON BX935FWD Series (x32 Version:  - )
CANON iMAGE GATEWAY Task for ZoomBrowser EX (x32 Version: 1.5.0.3 - Canon Inc.)
Canon Internet Library for ZoomBrowser EX (x32 Version: 1.6.1.6 - Canon Inc.)
Canon RAW Image Task for ZoomBrowser EX (x32 Version: 3.3.0.5 - Canon Inc.)
Canon Utilities CameraWindow (x32 Version: 7.1.0.2 - Canon Inc.)
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (x32 Version: 6.4.2.16 - Canon Inc.)
Canon Utilities Digital Photo Professional 3.4 (x32 Version: 3.4.0.0 - Canon Inc.)
Canon Utilities EOS Utility (x32 Version: 2.4.0.1 - Canon Inc.)
Canon Utilities MyCamera (x32 Version: 6.4.0.5 - Canon Inc.)
Canon Utilities PhotoStitch (x32 Version: 3.1.21.45 - Canon Inc.)
Canon Utilities Picture Style Editor (x32 Version: 1.3.0.0 - Canon Inc.)
Canon Utilities RemoteCapture Task for ZoomBrowser EX (x32 Version: 1.7.1.9 - Canon Inc.)
Canon Utilities WFT-E1/E2/E3 Utility (x32 Version: 3.2.1.1 - Canon Inc.)
Canon Utilities ZoomBrowser EX (x32 Version: 6.1.1.21 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (x32 Version: 1.1.0.8 - Canon Inc.)
CCleaner (Version: 4.09 - Piriform)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.)
Classic Shell (Version: 4.0.2 - IvoSoft)
CyberLink Power2Go 8 (x32 Version: 8.0.0.1912 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.1912 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (x32 Version: 10.0.4421.02 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.4421.02 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32 Version:  - Microsoft)
doPDF 7.3 printer (Version: 7.3.393 - Softland)
Download Navigator (x32 Version: 1.1.0 - SEIKO EPSON CORPORATION)
Easy File Share (x32 Version: 1.3.4 - Samsung Electronics CO.,LTD.)
E-POP (x32 Version: 1.0.1 - Samsung Electronics CO., LTD.)
EPSON BX935FWD Series Printer Uninstall (Version:  - SEIKO EPSON Corporation)
Epson Easy Photo Print 2 (x32 Version: 2.3.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (x32 Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
Epson Event Manager (x32 Version: 2.50.0001 - SEIKO EPSON CORPORATION)
Epson FAX Utility (x32 Version: 1.20.00 - SEIKO EPSON CORPORATION)
EPSON Scan (x32 Version:  - Seiko Epson Corporation)
EpsonNet Print (x32 Version: 2.4j - SEIKO EPSON CORPORATION)
Extended Update (HKCU Version:  - )
File Opener Pro (x32 Version:  - FileOpenerPro) <==== ATTENTION
Fotogalerie (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Free YouTube Download version 3.2.16.1030 (x32 Version: 3.2.16.1030 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.20.1230 (x32 Version: 3.12.20.1230 - DVDVideoSoft Ltd.)
Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Google Chrome (x32 Version: 32.0.1700.76 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Help Desk (Version: 1.0.6 - Samsung Electronics CO., LTD.)
Intel AppUp(SM) center (x32 Version: 3.6.1.33070.11 - Intel)
Intel(R) Manageability Engine Firmware Recovery Agent (x32 Version: 1.0.0.36702 - Intel Corporation)
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2932 - Intel Corporation)
Intel(R) Rapid Storage Technology (x32 Version: 11.5.2.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Mobile Partner (x32 Version: 23.009.05.03.1014 - Huawei Technologies Co.,Ltd)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden
Netzwerkhandbuch EPSON BX935FWD Series (x32 Version:  - )
NVIDIA Grafiktreiber 327.02 (Version: 327.02 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.10.8 (Version: 1.10.8 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0613 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.12.0613 (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Systemsteuerung 327.02 (Version: 327.02 - NVIDIA Corporation) Hidden
NVIDIA Update 1.10.8 (Version: 1.10.8 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
Opera Stable 18.0.1284.68 (x32 Version: 18.0.1284.68 - Opera Software ASA)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
PDF24 Creator 5.7.0 (x32 Version:  - PDF24.org)
phonostar-Player Version 3.03.1 (x32 Version:  - )
Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
PhotoScape (x32 Version:  - )
Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.206 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (x32 Version: 10.0 - Qualcomm Atheros)
QuickShare (x32 Version: 1.90.60.12091 - Linkury Inc.) <==== ATTENTION
Raccolta foto (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (x32 Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6699 - Realtek Semiconductor Corp.)
Recovery (x32 Version: 6.0.6.5 - Samsung Electronics CO., LTD.)
S Agent (Version: 1.1.45 - Samsung Electronics CO., LTD.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Settings (x32 Version: 2.0.0 - Samsung Electronics CO., LTD.)
Skype™ 6.9 (x32 Version: 6.9.106 - Skype Technologies S.A.)
SlimDrivers (x32 Version: 2.2.30877 - SlimWare Utilities, Inc.)
SpyHunter (Version: 4.16.5.4290 - Enigma Software Group USA, LLC)
Spyware Terminator 2012 (x32 Version: 3.0.0.82 - Crawler.com)
Support Center (Version: 2.1.1201 - Samsung Electronics CO., LTD.)
Support Center FAQ (x32 Version: 1.0.5 - Samsung Electronics CO., LTD.) Hidden
SW Update (x32 Version: 2.1.21 - Samsung Electronics CO., LTD.)
Synaptics Pointing Device Driver (Version: 16.2.11.3 - Synaptics Incorporated)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.89 - TuneUp Software) Hidden
TuneUp Utilities 2014 (x32 Version: 14.0.1000.89 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.89 - TuneUp Software) Hidden
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (x32 Version:  - Microsoft)
User Guide (x32 Version: 1.2.00 - Samsung Electronics CO., LTD.)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Video Performer (x32 Version:  - PerformerSoft LLC)
Visual C++ 9.0 CRT (x86) WinSXS MSM (x32 Version: 9.0 - Microsoft Corporation) Hidden
VLC media player 2.1.0 (x32 Version: 2.1.0 - VideoLAN)
Windows Driver Package - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass  (07/27/2012 20.57.1.735) (Version: 07/27/2012 20.57.1.735 - Samsung Electronics Co. Ltd.)
Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
WinRAR 5.01 (64-Bit) (Version: 5.01.0 - win.rar GmbH)
ZoneAlarm Firewall (x32 Version: 11.0.768.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Security (x32 Version: 11.0.768.000 - Check Point Software Technologies Ltd.) Hidden

==================== Restore Points  =========================

29-12-2013 23:24:14 Installed Classic Shell
06-01-2014 16:53:08 Geplanter Prüfpunkt
13-01-2014 19:48:03 Geplanter Prüfpunkt
21-01-2014 14:02:35 avast! antivirus system restore point

==================== Hosts content: ==========================

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {05DFB97D-D085-45CA-8620-EA8479BC828A} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {2E9D9AEF-10BB-48FE-BC5A-AD65E6C00AF5} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {314C9385-2BBF-4671-A8CC-1AEF97C2EAA2} - System32\Tasks\SomotoUpdateCheckerAutoStart => C:\Users\Mareike\AppData\Local\FilesFrog Update Checker\update_checker.exe <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {37A9DC9C-0B70-4483-AFB1-ED15A3D309A4} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-10] (Adobe Systems Incorporated)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {4285C36F-B071-4297-995C-B210F405BA86} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2012-09-05] (Samsung Electronics CO., LTD.)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {6A4F69E9-ECDE-410B-8C4D-20BBE803C0C2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-26] (Google Inc.)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {76F8B5B6-E640-461B-A7FB-B5852CD04FDD} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-08-24] (Synaptics Incorporated)
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7F268CCB-1857-4B1C-AE12-4EA5C9B52679} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {81854029-5869-4DC3-A034-69BBA9EEF401} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-26] (Google Inc.)
Task: {852DD497-DFE2-42A4-9C85-9B07B430AD6F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\SYSTEM32\MRT.EXE [2014-01-15] (Microsoft Corporation)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {97EC930E-BAE5-462B-912D-DF2E77D48530} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2013-10-16] (Samsung Electronics CO., LTD.)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A654CDB9-9CE8-4D2D-BEDC-888CA43A2896} - System32\Tasks\WLANStartup => C:\Program Files (x86)\Samsung\Easy Settings\WLANStartup.exe
Task: {BDDDCAB7-B139-48AF-B168-98327A7E95AD} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2012-09-17] (SEC)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {E7A8C99B-AE9F-42EB-9B7B-9B09156BB114} - System32\Tasks\CCleanerSkipUAC => C:\PROGRAM FILES\CCLEANER\CCLEANER.EXE [2013-12-17] (Piriform Ltd)
Task: {FC22B48F-212A-4842-A2CB-AC13371094C6} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-01-21] (AVAST Software)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Loaded Modules (whitelisted) =============

2013-09-05 02:36 - 2013-09-05 02:36 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-08-30 09:51 - 2013-08-30 09:51 - 00757048 _____ () C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\avgrepliba.dll
2013-10-16 18:02 - 2013-10-16 18:02 - 03358064 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2013-10-16 19:15 - 2013-10-16 19:15 - 00088624 _____ () C:\Program Files\Samsung\S Agent\ToastX64.dll
2014-01-21 14:58 - 2014-01-21 10:27 - 02155520 _____ () C:\Program Files\AVAST Software\Avast\defs\14012100\algo.dll
2013-12-09 10:27 - 2009-01-10 11:32 - 00011362 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\mingwm10.dll
2013-12-09 10:27 - 2009-06-22 19:42 - 00043008 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\libgcc_s_dw2-1.dll
2013-12-09 10:27 - 2010-05-10 03:51 - 02415104 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtCore4.dll
2013-12-09 10:27 - 2010-02-10 15:10 - 01148416 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtNetwork4.dll
2013-12-09 10:27 - 2012-11-01 11:26 - 00843264 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QueryStrategy.dll
2013-12-09 10:27 - 2010-02-10 15:06 - 00398336 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtXml4.dll
2012-09-05 08:50 - 2012-09-05 08:50 - 00028792 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll
2012-09-05 08:50 - 2012-09-05 08:50 - 01012856 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll
2012-09-05 08:50 - 2012-09-05 08:50 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll
2012-09-05 08:50 - 2012-09-05 08:50 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll
2012-09-05 08:50 - 2012-09-05 08:50 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
2012-09-05 08:50 - 2012-09-05 08:50 - 00026744 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
2012-09-05 08:50 - 2012-09-05 08:50 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
2012-09-05 08:50 - 2012-09-05 08:50 - 00060536 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
2012-09-05 08:50 - 2012-09-05 08:50 - 00103544 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
2013-11-26 10:23 - 2013-11-26 10:23 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2012-10-20 06:35 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-12-21 01:20 - 2013-12-12 10:15 - 00886624 _____ () C:\Program Files (x86)\Opera\18.0.1284.68\libglesv2.dll
2013-12-21 01:20 - 2013-12-12 10:15 - 00108896 _____ () C:\Program Files (x86)\Opera\18.0.1284.68\libegl.dll
2013-12-21 01:20 - 2013-12-12 10:15 - 00879968 _____ () C:\Program Files (x86)\Opera\18.0.1284.68\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Mareike\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Could not start eventlog service, could not read events.

Der angeforderte Dienst wurde bereits gestartet.

Sie erhalten weitere Hilfe, wenn Sie NET HELPMSG 2182 eingeben.


==================== Memory info =========================== 

Percentage of memory in use: 37%
Total physical RAM: 3795.53 MB
Available physical RAM: 2354.62 MB
Total Pagefile: 4755.54 MB
Available Pagefile: 3149.25 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:438.84 GB) (Free:232.52 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 7A80D030)

Partition: GPT Partition Type
==================== End Of Log ============================
         
--- --- ---
__________________

Alt 21.01.2014, 17:06   #4
aharonov
/// TB-Ausbilder
 
Run DLL C:\Users\Mareike\AppData\Local\ConduitBackground\BackgroundContainer.dll      Das angegebene Modul wurde nicht gefunden. - Standard

Run DLL C:\Users\Mareike\AppData\Local\ConduitBackground\BackgroundContainer.dll Das angegebene Modul wurde nicht gefunden.



Schritt 1

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).



Schritt 2

Starte noch einmal FRST.
  • Ändere keine der Voreinstellungen und drücke auf Scan.
  • Wenn der Scan abgeschlossen ist, werden ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
  • Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.
__________________
cheers,
Leo

Antwort

Themen zu Run DLL C:\Users\Mareike\AppData\Local\ConduitBackground\BackgroundContainer.dll Das angegebene Modul wurde nicht gefunden.
.dll, adblock, administrator, adobe, antivirus, avast, browser, defender, explorer, fehlermeldung, flash player, homepage, hotspot, launch, mozilla, mp3, object, realtek, registry, rundll, security, services.exe, software, spyware, svchost.exe, system, windows, windowsapps, winlogon.exe



Ähnliche Themen: Run DLL C:\Users\Mareike\AppData\Local\ConduitBackground\BackgroundContainer.dll Das angegebene Modul wurde nicht gefunden.


  1. Win 7 mit 3 Problemen: Problem beim Starten von C:\Users\Admin\AppData\Local\Conduit\BackgroundContainer.dll
    Log-Analyse und Auswertung - 19.02.2014 (27)
  2. bekomme nach dem hochfahren des pc folgende fehlermeldung :C:\Users\Eva\AppData\Local\Conduit\BackgroundContainer.dll Das angegebene Modul
    Plagegeister aller Art und deren Bekämpfung - 08.02.2014 (9)
  3. Fehlermeldung. C:\Users\User\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer
    Plagegeister aller Art und deren Bekämpfung - 05.02.2014 (11)
  4. Windows 7 meldet nach dem hochfahren "******App/Data/Local/Temp/b34btbztdb0vavaw.exe Das angegebene Modul wurde nicht gefunden.
    Log-Analyse und Auswertung - 11.01.2014 (9)
  5. bekomme nach dem hochfahren des pc folgende fehlermeldung :C:\Users\Eva\AppData\Local\Conduit\BackgroundContainer.dll Das angegebene Modul
    Plagegeister aller Art und deren Bekämpfung - 28.11.2013 (11)
  6. Fehlermeldung: RunDLL - Problem beim Starten von C:\Users\a.....\AppData\Local\Temp\ch810.exe Das angegebene Modul wurde nicht gefunden.
    Log-Analyse und Auswertung - 05.10.2013 (10)
  7. Fehlermeldung: RunDLL - Problem beim Starten von C:\Users\C..\AppData\...\enhancedNT.dll Das angegebene Modul wurde nicht gefunden.
    Log-Analyse und Auswertung - 02.10.2013 (6)
  8. Das angegebene Modul wurde nicht gefunden
    Plagegeister aller Art und deren Bekämpfung - 23.06.2013 (48)
  9. C:\Users\User\wgsdgsdgdsgsd.dll (Das angegebene Modul wurde nicht gefunden)
    Plagegeister aller Art und deren Bekämpfung - 17.01.2013 (9)
  10. RunDLL: Problem beim Starten von C\Users\user\AppData\Local\Temp\wgsdgsdgdsgsd.exe - das angegebenen Modul wurde nicht gefunden
    Plagegeister aller Art und deren Bekämpfung - 21.12.2012 (1)
  11. C:\Users\User\AppData\Local\Temp\wgsdgsdgdsgsd.exe wurde nicht Gefunden
    Log-Analyse und Auswertung - 19.12.2012 (2)
  12. RunDLL: Problem beim Starten von C\Users\user\AppData\Local\Temp\wgsdgsdgdsgsd.exe - das angegebenen Modul wurde nicht gefunden
    Log-Analyse und Auswertung - 17.12.2012 (9)
  13. C:\Users\User\AppData\Local\Temp\wgsdgsdgdsgsd.exe wurde nicht Gefunden
    Plagegeister aller Art und deren Bekämpfung - 10.11.2012 (11)
  14. C:\Users\***\AppData\Local\Temp\wgsdgsdgdsgsd.exe - Das Modul kann nicht gefunden werden.
    Plagegeister aller Art und deren Bekämpfung - 05.11.2012 (13)
  15. C:\Users\User\AppData\Local\Temp\wgsdgsdgdsgsd.exe wurde nicht Gefunden - GVU Trojaner
    Plagegeister aller Art und deren Bekämpfung - 22.09.2012 (16)
  16. Das angegebene Modul wurde nicht gefunden
    Log-Analyse und Auswertung - 30.07.2012 (1)
  17. C:/users/anwender/AppData/Local/Temp/0.9455801217990903.exe modul konnte nicht gefunden werden.
    Plagegeister aller Art und deren Bekämpfung - 08.04.2012 (1)

Zum Thema Run DLL C:\Users\Mareike\AppData\Local\ConduitBackground\BackgroundContainer.dll Das angegebene Modul wurde nicht gefunden. - Hallo, ich habe die o. g. Fehlermeldung und die Log-Dateien auch schon erstellt: Addition und FRST siehe unten. Weiß jemand, wie ich weiter vorgehen muss? Herzlichen Dank bereits im Voraus. - Run DLL C:\Users\Mareike\AppData\Local\ConduitBackground\BackgroundContainer.dll Das angegebene Modul wurde nicht gefunden....
Archiv
Du betrachtest: Run DLL C:\Users\Mareike\AppData\Local\ConduitBackground\BackgroundContainer.dll Das angegebene Modul wurde nicht gefunden. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.