Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Verschiedene Browser öffnen nur Facebook, Google & YouTube

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 28.05.2014, 00:10   #1
Physik_Rocks
 
Verschiedene Browser öffnen nur Facebook, Google & YouTube - Icon32

Verschiedene Browser öffnen nur Facebook, Google & YouTube



Hey Trojaner- Board- Support,

Ich habe folgendes Problem, was vermutlich die Folge von vielen Problemen war...
Also:
Meine Browser, Firefox als auch IE, öffnen nur 3 Seiten, diese wären alle FB- Seiten und alle YouTube- Seiten, als auch Google- Anfragen jedoch hört es da auch auf, wenn ich die Google- Ergebnisse anklicke kommt eine Art Seitenladefehler, da die Seite angeblich zu lange braucht um zu antworten, obwohl eine Internetverbindung besteht.
Nun denn, ich vermute stark, dass es Viren sind, da aus irgendwelchen Gründen AVG deaktiviert war.Also AVG habe ich darauf wieder aktiviert- PC nun potenziell ungeschützt
Dann habe ich diverse gut gemeinte Räte befolgt, wie in MS:config bei den Diensten alle deaktiviert, bis auf die Microsoft und bei Systemstart alle deaktiviert.
Zu dem Problem hinzuzufügen wäre, dass ich ebenfalls keine Updates machen kann geschweige denn etwas herunterladen, ausser es wird was per FB geschickt.
Anschließend wurde mir Combo- Fix geraten, was auch schon oft seine Dienste zu voller Zufriedenheit erfüllt hat, nur diesemal will er keine Log- Datei erstellen, zudem schreibe ich gerade über mein Handy was verdammt aufwendig ist, darum bitte ich um dringende Hilfe !!

Programme zur Systemstabilität die auf meinem PC lungern wären:
+ Iobit Anti- Malwarefighter
+ AVG free antivirus
+ Systemcare Advanced 7
+ u. ä. Programme von iobit :/ also keine kostenpflichtigen
+ ein altes Antivir free Setup
+ iobit uninstaller

Also ich bitte um schnellstmögliche Hilfe, da ich ab morgen erstmal unterwegs bin...
Mit freundllichen Grüßen
Mark

Alt 28.05.2014, 06:01   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Verschiedene Browser öffnen nur Facebook, Google & YouTube - Standard

Verschiedene Browser öffnen nur Facebook, Google & YouTube



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 07.06.2014, 20:54   #3
Physik_Rocks
 
Verschiedene Browser öffnen nur Facebook, Google & YouTube - Standard

Verschiedene Browser öffnen nur Facebook, Google & YouTube



Hey,

ich hoffe das klappt jetzt so vom antworten her ?? oder direkt antworten ?
zu dem Programm nachdem ich es erstmal über das Handy heruntergeladen habe und nun hoffentlich da keine Viren darauf hab, kam nur eine Meldung, dass ich dieses Programm auf eigen Gefahr benutze am sonsten ist nun hier hoffentlich die .txt- Datei

viele grüße und danke erstmal

Code:
ATTFilter
...\Desktop\FRST64\FRST.txt
         
Code:
ATTFilter
...\Desktop\FRST64\Addition.txt
         
PS: das mit dem # versteh ich immer noch nicht ganz -.-
__________________

Alt 08.06.2014, 09:58   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Verschiedene Browser öffnen nur Facebook, Google & YouTube - Standard

Verschiedene Browser öffnen nur Facebook, Google & YouTube



Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 08.06.2014, 14:08   #5
Physik_Rocks
 
Verschiedene Browser öffnen nur Facebook, Google & YouTube - Standard

Verschiedene Browser öffnen nur Facebook, Google & YouTube



Hey,

vielen Dank für die Mühe und Geduld ^^ dachte nur das hat was mit HTML zu tu oder so...
also dann wären die Logs hier :

FRST:


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-06-2014
Ran by Marki (administrator) on MARK on 06-06-2014 23:37:40
Running from C:\Users\Marki\Desktop\FRST64
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
() C:\Program Files (x86)\Ashampoo\Ashampoo Anti-Malware\AAMW_Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Users\Marki\AppData\Roaming\BupSystem\bup.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
() C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
() C:\Program Files (x86)\Tether\TBService.exe
(Team MediaPortal) C:\Program Files (x86)\Team MediaPortal\MediaPortal TV Server\TvService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Spotify Ltd) C:\Users\Marki\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Spigot, Inc.) C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
() C:\Program Files (x86)\Ashampoo\Ashampoo Anti-Malware\AAMW_WSC_Service_Vista.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adblock) C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Microsoft Corporation) C:\Windows\System32\osk.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2008-10-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Ashampoo Anti-Malware Guard] => C:\Program Files (x86)\Ashampoo\Ashampoo Anti-Malware\AAMW_Guard.exe [3314176 2010-08-26] (Ashampoo Development GmbH & Co. KG)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-04-17] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1225920 2014-04-30] (NVIDIA Corporation)
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [36864 2007-03-20] ()
HKLM-x32\...\Run: [SSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SearchSettings] => C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe [1383232 2013-12-27] (Spigot, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [1596224 2014-04-17] (IObit)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5180432 2014-04-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll] - "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll",DllRegisterServer [194432 2011-12-12] (DivX, LLC)
HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1
HKU\.DEFAULT\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_8_800_174_ActiveX.exe [815496 2013-09-15] (Adobe Systems Incorporated)
HKU\S-1-5-21-3467081931-4053979440-1662789119-1000\...\Run: [Spotify Web Helper] => C:\Users\Marki\APPDATA\ROAMING\SPOTIFY\Data\SpotifyWebHelper.exe [1140736 2013-10-21] (Spotify Ltd)
HKU\S-1-5-21-3467081931-4053979440-1662789119-1000\...\Run: [BackgroundContainer] => "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Marki\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <===== ATTENTION
HKU\S-1-5-21-3467081931-4053979440-1662789119-1000\...\Run: [Advanced SystemCare 7] => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2288928 2014-02-11] (IObit)
HKU\S-1-5-21-3467081931-4053979440-1662789119-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
AppInit_DLLs-x32:  => "" File Not Found
Startup: C:\Users\Marki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.search.yahoo.com/?type=198484&fr=spigot-yhp-ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1D22DD6489C9CB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.msn.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si=62606&tid=6533&ver=4.7&ts=1379200968509&tguid=62606-6533-1379200968509-3879E0CA1504A1ABDC3713DF9C68B0E1&st=chrome&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si=62606&tid=6533&ver=4.7&ts=1379200968509&tguid=62606-6533-1379200968509-3879E0CA1504A1ABDC3713DF9C68B0E1&st=chrome&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.certified-toolbar.com?si=62606&tid=6533&ver=4.7&ts=1379200968509&tguid=62606-6533-1379200968509-3879E0CA1504A1ABDC3713DF9C68B0E1&st=chrome&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.certified-toolbar.com?si=62606&tid=6533&ver=4.7&ts=1379200968509&tguid=62606-6533-1379200968509-3879E0CA1504A1ABDC3713DF9C68B0E1&st=chrome&q=
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKLM-x32 - (No Name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - No File
URLSearchHook: HKLM-x32 - (No Name) - {f4e6547e-325b-403c-a3bb-ad29ed37a92f} - No File
URLSearchHook: HKLM-x32 - (No Name) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - No File
URLSearchHook: HKLM-x32 - (No Name) - {e66f4171-0f28-4599-a595-58b840522f7e} - No File
URLSearchHook: HKCU - IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} -  No File
URLSearchHook: HKCU - (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File
URLSearchHook: HKCU - (No Name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope {5812BF44-8A36-405F-A7D3-9641EE6E5AA0} URL = 
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.certified-toolbar.com?si=62606&st=bs&tid=6533&ver=4.7&ts=1379200968509&tguid=62606-6533-1379200968509-3879E0CA1504A1ABDC3713DF9C68B0E1&q={searchTerms}
SearchScopes: HKCU - DefaultScope {D9BC1EC7-AECE-4A27-8A92-03A6A14D9F60} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=402027&p={searchTerms}
SearchScopes: HKCU - {5812BF44-8A36-405F-A7D3-9641EE6E5AA0} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3311336&CUI=UN39343419112783993&UM=2
SearchScopes: HKCU - {BB93D0AB-13CF-423E-ADAC-A809CBA75D3C} URL = hxxp://search.certified-toolbar.com?si=62606&st=bs&tid=6533&ver=4.7&ts=1379200968509&tguid=62606-6533-1379200968509-3879E0CA1504A1ABDC3713DF9C68B0E1&q={searchTerms}
SearchScopes: HKCU - {C9113DF5-0320-424F-B87D-DC1C2B8482AF} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=198484&p={searchTerms}
SearchScopes: HKCU - {D9BC1EC7-AECE-4A27-8A92-03A6A14D9F60} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=402027&p={searchTerms}
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Ads Removal - {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} - C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll (Adblock)
BHO-x32: No Name - {9fdfb66c-713b-4201-83a6-5b78ae227b41} -  No File
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: No Name - {e66f4171-0f28-4599-a595-58b840522f7e} -  No File
BHO-x32: No Name - {F443A627-5009-4323-9C1D-7FD598D0D712} -  No File
Toolbar: HKLM - IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} -  No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - No Name - {f4e6547e-325b-403c-a3bb-ad29ed37a92f} -  No File
Toolbar: HKLM-x32 - No Name - {30F9B915-B755-4826-820B-08FBA6BD249D} -  No File
Toolbar: HKLM-x32 - No Name - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} -  No File
Toolbar: HKLM-x32 - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKLM-x32 - No Name - {9fdfb66c-713b-4201-83a6-5b78ae227b41} -  No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll File Not found ()
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{16F52067-879E-43D0-B67F-9344FC2AB5D5}: [NameServer]208.67.222.222,208.67.220.220

FireFox:
========
FF ProfilePath: C:\Users\Marki\AppData\Roaming\Mozilla\Firefox\Profiles\n903b0ks.default-1390833912369
FF DefaultSearchEngine: Yahoo!
FF SelectedSearchEngine: Yahoo!
FF Keyword.URL: hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=402027&p=
FF Keyword.URL: hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=402027&p=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.40.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Users\Marki\Videos\Freewareprogramme\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc;version=0.8.6i - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN Team)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Marki\AppData\Roaming\Mozilla\Firefox\Profiles\n903b0ks.default-1390833912369\user.js
FF Plugin ProgramFiles/Appdata: C:\Users\Marki\AppData\Roaming\mozilla\plugins\np-mswmp.dll (Microsoft Corporation)
FF SearchPlugin: C:\Users\Marki\AppData\Roaming\Mozilla\Firefox\Profiles\n903b0ks.default-1390833912369\searchplugins\yahoo_ff.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo_ff.xml
FF Extension: Ads Removal - C:\Users\Marki\AppData\Roaming\Mozilla\Firefox\Profiles\n903b0ks.default-1390833912369\Extensions\adsremoval@adsremoval.net [2014-03-31]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Marki\AppData\Roaming\Mozilla\Firefox\Profiles\n903b0ks.default-1390833912369\Extensions\ascsurfingprotection@iobit.com [2014-04-25]
FF Extension: Protegere - C:\Users\Marki\AppData\Roaming\Mozilla\Firefox\Profiles\n903b0ks.default-1390833912369\Extensions\security@protegere.org [2014-04-17]
FF Extension: WOT - C:\Users\Marki\AppData\Roaming\Mozilla\Firefox\Profiles\n903b0ks.default-1390833912369\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-01-27]
FF Extension: FindBar Tweak - C:\Users\Marki\AppData\Roaming\Mozilla\Firefox\Profiles\n903b0ks.default-1390833912369\Extensions\fbt@quicksaver.xpi [2014-01-27]
FF Extension: Save My Tabs - C:\Users\Marki\AppData\Roaming\Mozilla\Firefox\Profiles\n903b0ks.default-1390833912369\Extensions\savemytabs@dmitriy.khudorozhkov.xpi [2014-01-27]
FF Extension: Adblock Plus - C:\Users\Marki\AppData\Roaming\Mozilla\Firefox\Profiles\n903b0ks.default-1390833912369\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-27]
FF Extension: DownThemAll! - C:\Users\Marki\AppData\Roaming\Mozilla\Firefox\Profiles\n903b0ks.default-1390833912369\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2014-01-27]
FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [2014-01-16]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-02-09]

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (Autodesk 123D Design) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\adcpobnhinigjfgdjponlboohbhigoml [2013-09-15]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [2014-04-25]
CHR Extension: (AutoCAD 360) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcjeclnkejmbepoibfnamioojinoopln [2013-09-15]
CHR Extension: (No Name) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddkeieaieohnceanbhdeijclgemgjjkf [2014-04-16]
CHR Extension: (Daum Equation Editor) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\dinfmiceliiomokeofbocegmacmagjhe [2013-09-15]
CHR Extension: (Ultimate Flash Sonic Smash Brothers) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\doldmgjebloaondlfkambkkofpnfgmfk [2013-09-15]
CHR Extension: (Autodesk ForceEffect) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekbaidcchahkpedbhdenlmleimihkcim [2013-09-15]
CHR Extension: (No Name) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmlgoencnlndpglbocajlimaikjohmab [2013-12-01]
CHR Extension: (Ads Removal) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopdddcinljmpmioaklghcalngfhbaen [2014-02-25]
CHR Extension: (Math Anywhere) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebhifiddmaaeecbaiemfpejghjdjmhc [2013-09-15]
CHR Extension: (Autodesk 123D Catch) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjmccldlkdbjakaebbpiojpfbambiphj [2013-09-15]
CHR Extension: (GmailTeX) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjnmclkoadjdljnfmbnnhaahilafoeji [2013-09-15]
CHR Extension: (Ebay Shopping Assistant by Spigot) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj [2013-09-15]
CHR Extension: (Domain Error Assistant) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj [2013-09-15]
CHR Extension: (Slick Savings) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk [2013-09-15]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2014-01-21]
CHR Extension: (Fiabee HTML5 Viewer) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngmmpodmhlhciagihcjpdggoihakcahf [2013-09-15]
CHR Extension: (Graph.tk) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkhkaamdeplibnmodcgodlkghphdbahk [2013-09-15]
CHR Extension: (Google Wallet) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-20]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-09-15]
CHR Extension: (Amazon 1Button App for Chrome) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2013-09-15]
CHR Extension: (Autodesk 123D Make) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcbnagfoedaclggcfcoodicggmnlhajl [2013-09-15]
CHR Extension: (Amazon Shopping Assistant by Spigot) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp [2013-09-15]
CHR HKCU\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam] - C:\Program Files (x86)\Amazon\ABB\AmazonChrome-bds-amzn.crx [2012-12-11]
CHR HKLM-x32\...\Chrome\Extension: [aaaaabfjnbeinlpljodiajipidiompfl] - C:\Users\Marki\AppData\Local\APN\GoogleCRXs\aaaaabfjnbeinlpljodiajipidiompfl_7.15.24.0.crx [2012-12-11]
CHR HKLM-x32\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.1.crx [2013-10-14]
CHR HKLM-x32\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files (x86)\Common Files\Spigot\GC\ErrorAssistant_1.3.crx [2013-12-27]
CHR HKLM-x32\...\Chrome\Extension: [lbbbdmbjkgojacipgefbifkiebpcdjhn] - C:\Program Files (x86)\Movie2KDownloader.com\m2kDownloader10.crx [2013-12-27]
CHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.4.crx [2013-04-26]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR HKLM-x32\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx [2012-11-22]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AAMWService; C:\Program Files (x86)\Ashampoo\Ashampoo Anti-Malware\AAMW_Service.exe [1313184 2011-09-13] ()
R2 AAMW_WSC_Service_Vista; C:\Program Files (x86)\Ashampoo\Ashampoo Anti-Malware\AAMW_WSC_Service_Vista.exe [52616 2010-03-02] ()
R2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [881952 2014-01-14] (IObit)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3645456 2014-04-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [291912 2014-03-27] (AVG Technologies CZ, s.r.o.)
R2 bupService; C:\Users\Marki\AppData\Roaming\BupSystem\bup.exe [1005056 2014-04-16] ()
S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2013\DfsdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [342336 2014-01-24] (IObit)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
S3 MsDepSvc; C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe [63304 2011-02-04] (Microsoft Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [58345832 2011-09-22] (Microsoft Corporation)
R2 MySQL; C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe [7599616 2009-08-18] ()
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1618888 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21009352 2014-04-30] (NVIDIA Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [87040 2012-03-23] ()
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [431464 2011-09-22] (Microsoft Corporation)
R2 Tether; C:\Program Files (x86)\Tether\TBService.exe [52664 2011-09-29] ()
R2 TVService; C:\Program Files (x86)\Team MediaPortal\MediaPortal TV Server\TVService.exe [192512 2010-04-13] (Team MediaPortal)
S3 watchmi; C:\Program Files (x86)\watchmi\TvdService.exe [70144 2011-10-07] ()
S2 wupdsrvc; C:\Windows\SysWOW64\wupdsrvc.exe [57344 2010-12-20] (VWP)
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [X]

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [237336 2014-04-18] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192792 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [236824 2014-03-27] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [324376 2014-03-27] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [130840 2014-03-31] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [32536 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-03-31] (AVG Technologies CZ, s.r.o.)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2008-10-28] (AVM Berlin)
R3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2008-10-28] (AVM GmbH)
S1 mbmiodrvr; C:\Windows\syswow64\mbmiodrvr.sys [4608 2004-04-10] (cansoft@livewiredev.com)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R0 nvamacpi; C:\Windows\System32\DRIVERS\NVAMACPI.sys [28192 2009-07-17] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19744 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2013-11-19] (IObit.com)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R1 SLEE_18_DRIVER; C:\Windows\Sleen1864.sys [108648 2012-07-24] (Softwareentwicklung Remus - ArchiCrypt - )
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2013-12-24] (IObit)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2011-01-17] (Duplex Secure Ltd.)
R3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-11-19] (IObit.com)
R3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [254976 2010-01-17] (Jungo)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz134; \??\C:\Users\Marki\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-06 23:37 - 2014-06-06 23:37 - 00000000 ____D () C:\FRST
2014-06-06 23:34 - 2014-06-06 23:37 - 00000000 ____D () C:\Users\Marki\Desktop\FRST64
2014-06-06 23:33 - 2014-06-06 23:33 - 01510329 _____ () C:\Users\Marki\Desktop\FRST64.rar
2014-06-02 19:31 - 2014-06-03 08:52 - 00000108 _____ () C:\Users\Marki\Desktop\Namen.txt
2014-06-01 23:25 - 2014-06-01 23:25 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-01 23:25 - 2014-06-01 23:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-01 23:25 - 2014-06-01 23:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-01 23:25 - 2014-06-01 23:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-01 23:25 - 2014-06-01 23:25 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-01 23:25 - 2014-06-01 23:25 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-01 23:14 - 2014-06-01 23:14 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-06-01 23:14 - 2014-06-01 23:14 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-06-01 23:11 - 2014-06-01 23:11 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-06-01 23:11 - 2014-06-01 23:11 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-06-01 23:11 - 2014-06-01 23:11 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-06-01 23:11 - 2014-06-01 23:11 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-06-01 23:11 - 2014-06-01 23:11 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-06-01 23:10 - 2014-06-01 23:10 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-06-01 23:10 - 2014-06-01 23:10 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-06-01 23:10 - 2014-06-01 23:10 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-06-01 23:10 - 2014-06-01 23:10 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-06-01 23:10 - 2014-06-01 23:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-06-01 23:10 - 2014-06-01 23:10 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-06-01 23:10 - 2014-06-01 23:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-06-01 22:26 - 2014-06-01 22:26 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-06-01 22:22 - 2014-05-15 01:49 - 03774821 _____ () C:\Windows\system32\nvcoproc.bin
2014-06-01 22:15 - 2014-05-20 04:44 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-06-01 22:15 - 2014-05-20 04:44 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-06-01 22:15 - 2014-05-20 04:44 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-06-01 22:15 - 2014-05-20 04:44 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-06-01 22:15 - 2014-05-20 04:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-06-01 22:15 - 2014-05-20 04:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-06-01 22:15 - 2014-05-20 04:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-06-01 22:15 - 2014-05-20 04:44 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-06-01 22:15 - 2014-05-20 04:44 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-06-01 22:15 - 2014-05-20 04:44 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-06-01 22:15 - 2014-05-20 04:44 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-06-01 22:14 - 2014-05-20 04:44 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-06-01 22:14 - 2014-05-20 04:44 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-06-01 22:14 - 2014-05-20 04:44 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-06-01 22:14 - 2014-05-20 04:44 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-06-01 22:14 - 2014-05-20 04:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-06-01 22:14 - 2014-05-20 04:44 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-06-01 22:14 - 2014-05-20 04:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-06-01 22:14 - 2014-05-20 04:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-06-01 22:14 - 2014-05-20 04:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-06-01 21:18 - 2014-03-31 18:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-06-01 21:18 - 2014-03-31 18:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-06-01 20:46 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-01 20:46 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-01 20:32 - 2014-06-01 20:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-28 00:06 - 2014-05-28 00:06 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-05-28 00:06 - 2014-05-28 00:06 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-05-28 00:06 - 2014-05-28 00:06 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-05-27 23:48 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-27 23:48 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-27 23:48 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-27 23:48 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-27 23:48 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-27 23:48 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-27 23:48 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-27 23:48 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-27 23:47 - 2014-05-28 00:21 - 00000000 ___SD () C:\ComboFix
2014-05-27 21:46 - 2014-05-27 21:46 - 00000000 ____D () C:\Users\Marki\Desktop\ComboFix
2014-05-27 21:44 - 2014-05-27 21:44 - 05200120 _____ () C:\Users\Marki\Desktop\ComboFix.zip
2014-05-27 21:35 - 2014-05-27 21:35 - 00000000 _____ () C:\ProgramData\rebootpending.txt
2014-05-27 20:57 - 2014-05-27 20:57 - 00003140 _____ () C:\Windows\System32\Tasks\{3B52FDD0-CC2B-4E61-BF64-DE3E218ED6AF}
2014-05-27 17:48 - 2014-05-27 21:36 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-05-27 15:32 - 2014-06-06 23:34 - 00058316 _____ () C:\Users\Marki\Desktop\opentabs-MARK-20140527-1429.txt
2014-05-14 23:45 - 2014-05-14 23:47 - 121274322 _____ () C:\Users\Marki\Desktop\Bilder_vom_Fußball_Team_Sheldon.zip
2014-05-07 02:23 - 2014-05-18 04:34 - 00038969 ____H () C:\Users\Marki\Desktop\~WRL0003.tmp

==================== One Month Modified Files and Folders =======

2014-06-06 23:38 - 2010-03-08 03:09 - 00000000 ____D () C:\Users\Marki\AppData\Local\Temp
2014-06-06 23:37 - 2014-06-06 23:37 - 00000000 ____D () C:\FRST
2014-06-06 23:37 - 2014-06-06 23:34 - 00000000 ____D () C:\Users\Marki\Desktop\FRST64
2014-06-06 23:34 - 2014-05-27 15:32 - 00058316 _____ () C:\Users\Marki\Desktop\opentabs-MARK-20140527-1429.txt
2014-06-06 23:33 - 2014-06-06 23:33 - 01510329 _____ () C:\Users\Marki\Desktop\FRST64.rar
2014-06-06 22:45 - 2010-10-18 00:35 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-06 22:44 - 2012-03-17 00:53 - 00000000 ____D () C:\ProgramData\MFAData
2014-06-06 22:43 - 2011-09-10 22:33 - 00001138 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3467081931-4053979440-1662789119-1000UA.job
2014-06-06 22:08 - 2010-03-29 22:40 - 00003914 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{A3EDA87D-FFDA-4248-8FCA-7324950DEDAF}
2014-06-06 21:03 - 2014-01-27 02:58 - 01302052 _____ () C:\Windows\WindowsUpdate.log
2014-06-06 19:43 - 2011-09-10 22:33 - 00001116 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3467081931-4053979440-1662789119-1000Core.job
2014-06-06 18:00 - 2013-11-05 21:31 - 00000468 _____ () C:\Windows\Tasks\ParetoLogic Registration3.job
2014-06-06 17:52 - 2013-10-16 17:52 - 00001290 _____ () C:\Windows\Tasks\Plus-HD-3.8-updater.job
2014-06-06 17:51 - 2013-10-16 17:51 - 00001828 _____ () C:\Windows\Tasks\Plus-HD-3.8-firefoxinstaller.job
2014-06-06 17:51 - 2013-10-16 17:51 - 00001196 _____ () C:\Windows\Tasks\Plus-HD-3.8-codedownloader.job
2014-06-06 17:51 - 2013-10-16 17:51 - 00001094 _____ () C:\Windows\Tasks\Plus-HD-3.8-enabler.job
2014-06-06 17:50 - 2013-10-16 17:50 - 00001904 _____ () C:\Windows\Tasks\Plus-HD-3.8-chromeinstaller.job
2014-06-06 15:01 - 2013-05-01 17:55 - 00000276 _____ () C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2014-06-06 06:45 - 2010-10-18 00:35 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-06 04:44 - 2013-11-05 21:31 - 00000382 _____ () C:\Windows\Tasks\PC Health Advisor.job
2014-06-05 01:52 - 2013-11-05 21:31 - 00000442 _____ () C:\Windows\Tasks\ParetoLogic Update Version3.job
2014-06-04 17:54 - 2013-05-01 17:54 - 00000284 _____ () C:\Windows\Tasks\RegClean Pro_UPDATES.job
2014-06-04 15:35 - 2010-03-08 03:09 - 00000000 ____D () C:\Users\Marki
2014-06-04 04:44 - 2013-11-05 21:31 - 00000400 _____ () C:\Windows\Tasks\PC Health Advisor Defrag.job
2014-06-03 17:00 - 2013-05-21 17:20 - 00000402 _____ () C:\Windows\Tasks\Wise Turbo Checker.job
2014-06-03 09:06 - 2009-07-14 06:45 - 00015808 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-03 09:06 - 2009-07-14 06:45 - 00015808 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-03 08:56 - 2013-05-21 17:20 - 00000422 _____ () C:\Windows\Tasks\Wise Care 365.job
2014-06-03 08:56 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-03 08:52 - 2014-06-02 19:31 - 00000108 _____ () C:\Users\Marki\Desktop\Namen.txt
2014-06-02 16:28 - 2013-02-08 18:05 - 00004208 _____ () C:\Windows\System32\Tasks\Software Updater
2014-06-02 12:23 - 2014-01-26 23:33 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-02 12:21 - 2010-03-08 03:09 - 00000000 ___RD () C:\Users\Marki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-02 12:21 - 2010-03-08 03:09 - 00000000 ___RD () C:\Users\Marki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-06-02 09:01 - 2014-03-13 10:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-06-02 09:01 - 2014-02-26 03:05 - 00000981 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-06-02 05:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-02 04:11 - 2013-11-05 20:33 - 00000000 ____D () C:\ProgramData\ProductData
2014-06-02 04:08 - 2014-03-09 05:12 - 119029760 _____ () C:\Windows\system32\config\software.iodefrag.bak
2014-06-02 04:08 - 2014-03-09 05:12 - 06979584 _____ () C:\Windows\system32\config\default.iodefrag.bak
2014-06-02 04:08 - 2014-03-09 05:12 - 00065536 _____ () C:\Windows\system32\config\sam.iodefrag.bak
2014-06-02 04:08 - 2014-03-09 05:12 - 00032768 _____ () C:\Windows\system32\config\security.iodefrag.bak
2014-06-02 04:04 - 2014-04-29 23:11 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-02 03:40 - 2010-06-03 00:45 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-02 03:33 - 2013-09-15 03:28 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-02 03:13 - 2010-04-04 20:28 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-01 23:25 - 2014-06-01 23:25 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-01 23:25 - 2014-06-01 23:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-01 23:25 - 2014-06-01 23:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-01 23:25 - 2014-06-01 23:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-01 23:25 - 2014-06-01 23:25 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-01 23:25 - 2014-06-01 23:25 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-01 23:14 - 2014-06-01 23:14 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-06-01 23:14 - 2014-06-01 23:14 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-06-01 23:11 - 2014-06-01 23:11 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-06-01 23:11 - 2014-06-01 23:11 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-06-01 23:11 - 2014-06-01 23:11 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-06-01 23:11 - 2014-06-01 23:11 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-06-01 23:11 - 2014-06-01 23:11 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-06-01 23:10 - 2014-06-01 23:10 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-06-01 23:10 - 2014-06-01 23:10 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-06-01 23:10 - 2014-06-01 23:10 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-06-01 23:10 - 2014-06-01 23:10 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-06-01 23:10 - 2014-06-01 23:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-06-01 23:10 - 2014-06-01 23:10 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-06-01 23:10 - 2014-06-01 23:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-06-01 22:26 - 2014-06-01 22:26 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-06-01 22:26 - 2010-11-07 16:01 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-06-01 22:23 - 2010-03-12 01:57 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-01 20:33 - 2014-06-01 20:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-01 20:29 - 2011-06-21 19:25 - 00000004 _____ () C:\Windows\SysWOW64\wupdsrvc.cfg
2014-05-28 00:21 - 2014-05-27 23:47 - 00000000 ___SD () C:\ComboFix
2014-05-28 00:06 - 2014-05-28 00:06 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-05-28 00:06 - 2014-05-28 00:06 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-05-28 00:06 - 2014-05-28 00:06 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-05-27 23:48 - 2012-10-20 19:40 - 00000000 ____D () C:\Qoobox
2014-05-27 21:46 - 2014-05-27 21:46 - 00000000 ____D () C:\Users\Marki\Desktop\ComboFix
2014-05-27 21:44 - 2014-05-27 21:44 - 05200120 _____ () C:\Users\Marki\Desktop\ComboFix.zip
2014-05-27 21:36 - 2014-05-27 17:48 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-05-27 21:35 - 2014-05-27 21:35 - 00000000 _____ () C:\ProgramData\rebootpending.txt
2014-05-27 21:34 - 2012-10-20 20:57 - 00000000 ____D () C:\ProgramData\Avira
2014-05-27 20:57 - 2014-05-27 20:57 - 00003140 _____ () C:\Windows\System32\Tasks\{3B52FDD0-CC2B-4E61-BF64-DE3E218ED6AF}
2014-05-27 20:51 - 2010-10-18 21:13 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-27 20:38 - 2013-11-05 20:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7
2014-05-27 20:38 - 2013-09-15 01:13 - 00000000 ____D () C:\Users\Marki\AppData\Local\NVIDIA
2014-05-27 20:38 - 2012-09-26 01:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-05-27 20:38 - 2011-04-01 00:50 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-05-27 20:38 - 2011-03-05 09:51 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-05-27 20:38 - 2010-10-18 21:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-27 20:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-27 20:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2014-05-27 20:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2014-05-27 20:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-05-27 20:29 - 2010-05-02 19:07 - 00000000 ____D () C:\ProgramData\MySQL
2014-05-27 20:28 - 2012-01-11 21:55 - 00000000 ____D () C:\ProgramData\IObit
2014-05-27 20:23 - 2014-01-26 23:33 - 00134656 ___SH () C:\Users\Marki\Desktop\Thumbs.db
2014-05-27 14:39 - 2014-03-14 05:37 - 41512960 _____ () C:\Windows\system32\config\components.iodefrag.bak
2014-05-27 00:07 - 2014-04-06 21:38 - 00000000 ____D () C:\Users\Marki\Desktop\Physik_4.Semester
2014-05-26 21:32 - 2014-04-21 23:02 - 00000000 ____D () C:\Users\Marki\AppData\Local\NVIDIA Corporation
2014-05-21 02:18 - 2014-04-29 23:46 - 00000000 ____D () C:\Users\Marki\Desktop\Experimentelle_Methoden_der_Physik
2014-05-20 04:44 - 2014-06-01 22:15 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-05-20 04:44 - 2014-06-01 22:15 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-05-20 04:44 - 2014-06-01 22:15 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-05-20 04:44 - 2014-06-01 22:15 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-05-20 04:44 - 2014-06-01 22:15 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-05-20 04:44 - 2014-06-01 22:15 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-05-20 04:44 - 2014-06-01 22:15 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-05-20 04:44 - 2014-06-01 22:15 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-05-20 04:44 - 2014-06-01 22:15 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-05-20 04:44 - 2014-06-01 22:15 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-05-20 04:44 - 2014-06-01 22:15 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-05-20 04:44 - 2014-06-01 22:14 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-05-20 04:44 - 2014-06-01 22:14 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-05-20 04:44 - 2014-06-01 22:14 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-05-20 04:44 - 2014-06-01 22:14 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-05-20 04:44 - 2014-06-01 22:14 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-05-20 04:44 - 2014-06-01 22:14 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-05-20 04:44 - 2014-06-01 22:14 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-05-20 04:44 - 2014-06-01 22:14 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-05-20 04:44 - 2014-06-01 22:14 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-05-20 04:44 - 2013-11-05 21:12 - 16003912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-05-20 04:44 - 2013-11-05 21:12 - 14434704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-05-20 04:44 - 2013-02-26 00:32 - 18531568 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-05-20 04:44 - 2013-02-26 00:32 - 02730208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-05-20 04:44 - 2012-10-10 22:23 - 03109248 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-05-20 04:44 - 2012-02-27 20:59 - 00026069 _____ () C:\Windows\system32\nvinfo.pb
2014-05-20 03:25 - 2012-01-11 19:30 - 03514144 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-05-20 03:25 - 2012-01-11 19:30 - 02560968 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-05-20 03:25 - 2012-01-11 19:30 - 00927520 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-05-20 03:25 - 2012-01-11 19:30 - 00062808 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-05-20 03:25 - 2012-01-11 19:29 - 06769096 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-05-20 03:25 - 2012-01-11 19:29 - 00387528 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-05-18 04:34 - 2014-05-07 02:23 - 00038969 ____H () C:\Users\Marki\Desktop\~WRL0003.tmp
2014-05-17 01:38 - 2011-03-03 00:56 - 00000000 ____D () C:\Users\Marki\Desktop\Ich..... auf Fotos
2014-05-17 01:34 - 2011-10-01 19:54 - 00000000 ____D () C:\Users\Marki\AppData\Local\Paint.NET
2014-05-15 01:49 - 2014-06-01 22:22 - 03774821 _____ () C:\Windows\system32\nvcoproc.bin
2014-05-14 23:47 - 2014-05-14 23:45 - 121274322 _____ () C:\Users\Marki\Desktop\Bilder_vom_Fußball_Team_Sheldon.zip
2014-05-09 08:14 - 2014-06-01 20:46 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-06-01 20:46 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-08 06:40 - 2010-10-18 00:35 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-08 06:40 - 2010-10-18 00:35 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-06-02 05:04

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Nummer 1


Alt 08.06.2014, 14:09   #6
Physik_Rocks
 
Verschiedene Browser öffnen nur Facebook, Google & YouTube - Standard

Verschiedene Browser öffnen nur Facebook, Google & YouTube



Nummer 2 :
Addition :

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-06-2014
Ran by Marki at 2014-06-06 23:38:41
Running from C:\Users\Marki\Desktop\FRST64
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AV: Ashampoo Anti-Malware (Disabled - Out of date) {1586225C-B0F7-7A3E-FBB7-F15B3A4D2579}
AS: Ashampoo Anti-Malware (Disabled - Out of date) {AEE7C3B8-96CD-75B0-C107-CA2941CA6FC4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Enabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
AbiWord 2.8.6 (HKLM-x32\...\AbiWord2) (Version: 2.8.6 - AbiSource Developers)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.1430 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.8.0.1430 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.8.800.174 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
Advanced SystemCare 7 (HKLM-x32\...\Advanced SystemCare 7_is1) (Version: 7.2.1 - IObit)
Ashampoo Anti-Malware v.1.21 (HKLM-x32\...\{1DA193D3-BEC6-4FEF-89E3-D8F739216BFB}_is1) (Version: 1.2.1 - Ashampoo GmbH & Co. KG)
Ashampoo Burning Studio 2010 Advanced 9.25 (HKLM-x32\...\Ashampoo Burning Studio 2010 Advanced_is1) (Version: 3.1.1 - ashampoo GmbH & Co. KG)
Ashampoo ClipFinder HD v.2.3.3 (HKLM-x32\...\Ashampoo ClipFinder HD_is1) (Version: 2.3.3 - Ashampoo GmbH & Co. KG)
Ashampoo Home Designer1.0.0 (HKLM-x32\...\{46552BC3-52B6-404c-9B42-CE536AB719FD}_is1) (Version: 1.0.0.0 - Creative Amadeo GmbH)
Ashampoo Undeleter v.1.10 (HKLM-x32\...\Ashampoo Undeleter_is1) (Version: 1.1.0 - Ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 2013 v.1.0.0 (HKLM-x32\...\{4209F371-7B85-60AD-E5CE-E4409D39E3DE}_is1) (Version: 1.00.00 - Ashampoo GmbH & Co. KG)
Audacity 1.3.12 (Unicode) (HKLM-x32\...\Audacity 1.3 Beta (Unicode)_is1) (Version:  - Audacity Team)
Audacity 2.0.4 (HKLM-x32\...\Audacity_is1) (Version: 2.0.4 - Audacity Team)
Aufgabensammlung Stufe 3 (HKLM-x32\...\Aufgabensammlung Stufe 3_is1) (Version:  - Topos Marketing GmbH)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4570 - AVG Technologies)
AVG 2014 (Version: 14.0.3955 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4570 - AVG Technologies) Hidden
AVR Jungo USB (HKLM-x32\...\{E8F8861D-98E0-43FF-9E48-AC236CC3BE4E}) (Version: 10.1 - Atmel)
AVRStudio4 (HKLM-x32\...\{D5D88F8F-FDA4-4CF4-9F3E-3F40118C2120}) (Version: 4.18.716 - Atmel)
AVRStudio4 (x32 Version: 4.18.684 - Atmel) Hidden
BASIC++ 2006 (HKLM-x32\...\{51C03C3E-CB8A-488B-B02A-2F6967247167}_is1) (Version:  - )
BookScan&Whiteboard Suite (HKLM-x32\...\{F4933D9F-89CC-4CA9-B5B0-CF32968890C7}) (Version: 1.0 - Reallusion)
Brother MFL-Pro Suite DCP-375CW (HKLM-x32\...\{6BF66AED-3EA4-4106-B240-5CE96C9B76B0}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 4.01 - Piriform)
Conduit Engine (HKLM-x32\...\conduitEngine) (Version:  - Conduit Ltd.) <==== ATTENTION
CrazyTalk v6.21 SE (HKLM-x32\...\{60CE924D-12CB-4A96-8B75-18F92CE1D585}) (Version: 6.21.2325.1 - Reallusion)
Digital TV 2050 (HKLM-x32\...\Digital TV 2050) (Version:  - )
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.5 - DivX, LLC)
Driver Booster (HKLM-x32\...\Driver Booster_is1) (Version: 1.3 - IObit)
Dropbox (HKCU\...\Dropbox) (Version: 1.6.18 - Dropbox, Inc.)
e7impress (HKLM-x32\...\e7impress_is1) (Version:  - )
Facebook Video Calling 1.2.0.287 (HKLM-x32\...\{B92C5909-1D37-4C51-8397-A28BB28E5DC3}) (Version: 1.2.287 - Skype Limited)
FaceFilter Studio Brother Edition (HKLM-x32\...\{F59205C8-E5FB-43F5-AAB2-16C1760D4F59}) (Version: 1.0 - )
Fastest Free YouTube Downloader to MP3 Converter (HKCU\...\Fastest Free YouTube Downloader to MP3 Converter) (Version: 4.2 - FastestYouTubeDownloader.com)
FileASSASSIN (HKLM-x32\...\FileASSASSIN) (Version: 1.06 - Malwarebytes)
Formelsammlung Chemie (HKLM-x32\...\Formelsammlung Chemie_is1) (Version:  - Franzis' Verlag)
Formelsammlung Physik (HKLM-x32\...\Formelsammlung Physik_is1) (Version:  - Franzis' Verlag)
Free Fun Movie Maker (HKLM-x32\...\{177f897a-5a7e-49c8-8096-2e973c008d80}) (Version: 1.0.0.0 - Covus Freemium GmbH)
Free Fun Movie Maker (x32 Version: 1.0.0.0 - Covus Freemium GmbH) Hidden
Free Studio version 4.8 (HKLM-x32\...\Free Studio_is1) (Version:  - DVDVideoSoft Limited.)
FreeMat (HKLM-x32\...\FreeMat) (Version: 4.2 - Humanity)
FreeMind (HKLM-x32\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 0.9.0_RC_6 - )
FreeUndelete (HKLM-x32\...\FreeUndelete) (Version:  - )
FrostWire 5.1.5 (HKLM-x32\...\FrostWire 5) (Version: 5.1.5.0 - FrostWire Team)
Gamestudio A8 (HKLM-x32\...\Gamestudio A8) (Version: 8.03.2 - oP group)
GIMP 2.6.8 (HKLM-x32\...\WinGimp-2.0_is1) (Version:  - )
gnuplot 4.6.0 (HKLM-x32\...\{AB419AC3-9BC1-4EC5-A75B-4D8870DD651F}_is1) (Version: 4.6.0 - gnuplot development team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Graph 4.3 (HKLM-x32\...\Graph_is1) (Version:  - Ivan Johansen)
hilo.desktop.db-4.0-core-64 (Version: 1.13.0.863 - SAP BusinessObjects) Hidden
hilo.desktop.jre-4.0-core-64 (Version: 1.13.0.863 - SAP BusinessObjects) Hidden
hilo.desktop.lumira-4.0-core-64 (Version: 1.13.0.863 - SAP BusinessObjects) Hidden
Hotfix für Microsoft Visual Basic 2010 Express - DEU (KB2635973) (HKLM-x32\...\{CCAC7E52-ECCE-3C4D-B1BE-BC2ACF1C1C0E}.KB2635973) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual C# 2010 Express - DEU (KB2635973) (HKLM-x32\...\{D81641E8-ABF1-3D07-803B-60E8FC619368}.KB2635973) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual C++ 2010 Express - DEU (KB2565057) (HKLM-x32\...\{DEEB5FE3-40F5-3C5B-8F85-5306EF3C08F4}.KB2565057) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual C++ 2010 Express - DEU (KB2635973) (HKLM-x32\...\{DEEB5FE3-40F5-3C5B-8F85-5306EF3C08F4}.KB2635973) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual Web Developer 2010 Express - DEU (KB2548139) (HKLM-x32\...\{638AA518-6A32-33CC-B88F-BCD20B2DCF2E}.KB2548139) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual Web Developer 2010 Express - DEU (KB2635973) (HKLM-x32\...\{638AA518-6A32-33CC-B88F-BCD20B2DCF2E}.KB2635973) (Version: 1 - Microsoft Corporation)
HTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
HTC Driver Installer (HKLM-x32\...\{6D6664A9-3342-4948-9B7E-034EFE366F0F}) (Version: 3.0.0.021 - HTC Corporation)
HTC Sync (HKLM-x32\...\{AB77DFDE-9949-4AEF-B180-BE322C3E65D0}) (Version: 3.2.20 - HTC Corporation)
IcoFX 1.6.4 (HKLM-x32\...\IcoFX_is1) (Version:  - )
ICQ7.6 (HKLM-x32\...\{7644E42D-B096-457F-8B5B-901238FC81AE}) (Version: 7.6 - ICQ)
Icy Tower v1.4 (HKLM-x32\...\Icy Tower v1.4_is1) (Version:  - Free Lunch Design)
IIS 7.5 Express (HKLM-x32\...\{0EB9033E-0564-4D12-81BB-70EA3DF14C0C}) (Version: 7.5.1046 - Microsoft Corporation)
Introduction to CSharp Programming Language (HKLM-x32\...\{77F5F27D-F418-4DC8-82F0-7E80008FF957}) (Version: 1.0.0 - MSDN)
IObit Malware Fighter (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 2.3 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.1.8.2434 - IObit)
Java 7 Update 40 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417040FF}) (Version: 7.0.400 - Oracle)
JMB36X Raid Configurer (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0000 - JMICRON Technology Corp.)
Juniper Networks Host Checker (HKCU\...\Neoteris_Host_Checker) (Version: 6.5.0.14951 - Juniper Networks)
Juniper Networks Setup Client (HKCU\...\Juniper_Setup_Client) (Version: 2.1.2.5973 - Juniper Networks)
Juniper Terminal Services Client (HKCU\...\Juniper_Term_Services) (Version: 6.5.0.14951 - Juniper Networks)
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.0.3.89 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.0.3.89 - LogMeIn, Inc.) Hidden
MAGIX Slideshow Maker 1.0.1.3 (D) (HKLM-x32\...\MAGIX Slideshow Maker D) (Version: 1.0.1.3 - MAGIX AG)
ManageMyMobile (HKLM-x32\...\ManageMyMobile_is1) (Version: 1.0 - IObit)
MatchWare Mediator 7 Pro Installation (HKLM-x32\...\MatchWare Mediator 7 Pro Installation) (Version:  - )
MediaMonkey 3.2 (HKLM-x32\...\MediaMonkey_is1) (Version: 3.2 - Ventis Media Inc.)
MediaPortal (HKLM-x32\...\MediaPortal) (Version: 1.1.0 RC2 - Team MediaPortal)
MediaPortal TV Server / Client (HKLM-x32\...\MediaPortal TV Server) (Version: 1.1.0 RC2 - Team MediaPortal)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 2 - DEU (HKLM-x32\...\{E4E9CBC9-1CF5-48E3-AF6F-1AB44A856346}) (Version: 2.0.50331.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - VWD Express 2010 Tools - DEU (HKLM-x32\...\{2CE77981-14DE-4773-8106-27C9C964720C}) (Version: 2.0.50331.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - VWD Express 2010 Tools (HKLM-x32\...\{5BDFAB82-060E-438B-AB4F-A2331B2294C0}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{1803A630-3C38-4D2B-9B9A-0CB37243539C}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages - DEU (HKLM-x32\...\{93EEC4E9-EEFE-4027-ACD3-6E8C1D085975}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office XP Professional mit FrontPage (HKLM-x32\...\{90280407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK - Deutsch (HKLM-x32\...\{91F54E1D-804A-46D8-A56C-53EA9C4B3177}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK - Deutsch (HKLM-x32\...\{803910CC-3A39-45E3-A594-0D5512A60A86}) (Version: 4.0.50826.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (Version:  - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{4AF2248C-B3DF-46FB-9596-87F5DB193689}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Common Files (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Services (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Shared (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{2180B33F-3225-423E-BBC1-7798CFD3CD1F}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server 2008 RsFx Driver (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM\...\{CDB54E3C-F790-4254-B402-A3CAA2B9199F}) (Version: 11.1.2807.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{CD028205-3E88-418E-A090-1B9E536A3F74}) (Version: 11.1.2807.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{13C9CD03-A5FE-4F50-AC8A-17B77C38CC52}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU CTP1 (HKLM\...\{CA62C93E-A637-4BEC-B90D-69ABFBEB402C}) (Version: 4.0.8854.1 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{877B76B2-F83F-4F5A-B28D-3F398641ADB6}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{28D06854-572C-4A65-83E5-F8CAF26B9FDC}) (Version: 10.2.4000.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - DEU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - DEU (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual C# 2010 Express - DEU (HKLM-x32\...\Microsoft Visual C# 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C# 2010 Express - DEU (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual C++  Compilers 2010 Standard - enu - x86 (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - DEU (HKLM-x32\...\Microsoft Visual C++ 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - DEU (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50325 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.50330 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.50325 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50325 - Microsoft Corporation)
Microsoft Visual Studio Express 2012 für das Web - DEU (HKLM-x32\...\{95e4a066-55df-43be-8e69-d9dde915896a}) (Version: 11.0.50727.26 - Microsoft Corporation)
Microsoft Visual Web Developer 2010 Express - DEU (HKLM-x32\...\Microsoft Visual Web Developer 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Web Developer 2010 Express - DEU (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Web Deploy 2.0 (HKLM\...\{DB321C62-AD24-449E-859A-53A5F6C0270F}) (Version: 2.0.1046 - Microsoft Corporation)
Microsoft Web Platform Installer 4.6 (HKLM\...\{16C7D2AD-20CA-491E-80BC-8607A9AACED9}) (Version: 4.0.40719.0 - Microsoft Corporation)
Microsoft WebMatrix (HKLM-x32\...\{E2B99809-4BDF-43E8-BECD-C6C54B6673A2}) (Version: 1.0.1046 - Microsoft Corporation)
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
MiKTeX 2.9 (HKLM-x32\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Motherboard Monitor 5 (HKLM-x32\...\Motherboard Monitor 5_is1) (Version: 5 - Alexander van Kaam)
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSM2MSI_gstudio (HKLM-x32\...\{C53F001E-5912-4E76-AC49-9AC20B36B1A2}) (Version: 2.0 - Pantaray)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MVTec HALCON 10.0 (HKLM-x32\...\MVTec HALCON 10.0) (Version: 10.0.1.0 - MVTec Software GmbH)
MyPC Backup  (HKLM\...\MyPC Backup) (Version:  - MyPC Backup) <==== ATTENTION
MySQL Server 5.1 (HKLM\...\{561AB451-B967-475C-80E0-3B6679C38B52}) (Version: 5.1.38 - MySQL AB)
MySQL Workbench 5.2 CE (HKLM-x32\...\{38766225-85FA-469B-A373-82BF1923A7E4}) (Version: 5.2.29 - Oracle Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.6.8 - )
NVIDIA 3D Vision Controller-Treiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.5 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.154.1168 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden
NVIDIA Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Nvu 1.0 (HKLM-x32\...\Nvu_is1) (Version: 1.0 - Thorsten Fritz)
OpenOffice.org 3.2 (HKLM-x32\...\{192A107E-C6B9-41B9-BDBF-38E3AA226054}) (Version: 3.2.9483 - OpenOffice.org)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
PaperPort Image Printer 64-bit (HKLM\...\{ABA4FAF1-6389-45F9-92CE-3914A4E5C471}) (Version: 1.00.0000 - Nuance Communications, Inc.)
PASSAGE 3 Weihnachts-Edition (HKLM-x32\...\Passage 3 Weihnachts-Edition) (Version:  - )
Pdf995 (HKLM-x32\...\Pdf995) (Version:  - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.8 - Google, Inc.)
Pinch ol' Santa 2 (HKLM-x32\...\Pinch ol' Santa 2_is1) (Version: Pinch ol' Santa 2 - SwordLord - the coding crew)
PlanetPenguin Racer (HKLM-x32\...\PlanetPenguin Racer_is1) (Version: 0.3.1 - PlanetPenguin)
Pokki (HKCU\...\Pokki) (Version: 0.262.11.444 - Pokki)
product.hilo.icons-4.0-core-nu (Version: 1.13.0.863 - SAP BusinessObjects) Hidden
product.shared.hilo.installiverse.reg-4.0-core-nu (Version: 1.13.0.863 - SAP BusinessObjects) Hidden
Protegere (HKLM-x32\...\Protegere) (Version:  - )
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7183 - Realtek Semiconductor Corp.)
SAP Lumira 1.13 (HKLM-x32\...\{25B75D92-098D-4616-9C50-96287EBECA75}) (Version: 1.13.0.863 - SAP AG)
ScanSoft PaperPort 11 (HKLM-x32\...\{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}) (Version: 11.2.0000 - Nuance Communications, Inc.)
SearchElf 1.2 Toolbar (HKLM-x32\...\SearchElf_1.2 Toolbar) (Version: 6.2.7.3 - SearchElf 1.2)
Service Pack 3 für SQL Server 2008 (KB2546951) (64-bit) (HKLM\...\KB2546951) (Version: 10.3.5500.0 - Microsoft Corporation)
Shadowgun: DeadZone (HKLM-x32\...\Shadowgun DeadZone) (Version: 2.2.2 - MADFINGER Games)
SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) Hidden
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (HKLM-x32\...\SLABCOMM&10C4&EA60) (Version:  - )
Silicon Laboratories CP210x VCP Drivers for Windows 2000/XP/2003 Server/Vista (HKLM-x32\...\{D003309D-A16E-42A1-AA7B-89A8D02E79CC}) (Version: 5.40.24 - Silicon Laboratories, Inc.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Smart Defrag 3 (HKLM-x32\...\Smart Defrag 3_is1) (Version: 3.1 - IObit)
Software Informer 1.0 BETA (HKLM-x32\...\Software Informer_is1) (Version:  - Informer Technologies, Inc.)
Spotify (HKCU\...\Spotify) (Version: 0.9.4.185.g7545a404 - Spotify AB)
Sql Server Customer Experience Improvement Program (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Steganos Safe 2012 (HKLM-x32\...\{FADC3DC0-BCD9-4F6A-BB9D-360D695C5791}) (Version: 13.0.5 - Steganos Software GmbH)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.0 - IObit)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tauschserver TG11 (HKCU\...\aa3fe26e95b1b263) (Version: 1.0.0.1 - Felix Queißner)
TeamViewer 5 (HKLM-x32\...\TeamViewer 5) (Version: 5.1.13999  - TeamViewer GmbH)
Tether 1.4.5.0 (HKLM-x32\...\{2863C12B-2A02-4258-8495-6220605B2E5C}_is1) (Version:  - Tether)
TeX Live 2012 (HKCU\...\TeXLive2012) (Version: 2012 - )
Texmaker (HKLM-x32\...\Texmaker) (Version:  - )
TeXnicCenter Version 2.0 Stable (HKLM\...\TeXnicCenter_is1) (Version: 2.0 Stable - The TeXnicCenter Team)
TI Connect 1.6 (HKLM-x32\...\{A8B94669-8654-4126-BD28-D0D2412CDED6}) (Version: 1.6 - Texas Instruments Incorporated)
TubeBox (HKLM-x32\...\{dfba3ed5-70d7-4801-8429-7e77a5fb11ea}) (Version: 5.0.0.0 - Freetec)
TubeBox (x32 Version: 5.0.0.0 - Freetec) Hidden
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version:  - )
Unterstützungsdateien für Microsoft SQL Server 2008-Setup  (HKLM\...\{A5957447-7367-4BC5-BE6E-D8CA8F386B48}) (Version: 10.2.4000.0 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2880505) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{2720451F-5D04-43EC-AB1F-26D948FD971B}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VideoLAN VLC media player 0.8.6i (HKLM-x32\...\VLC media player) (Version: 0.8.6i - VideoLAN Team)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version:  - Elaborate Bytes)
VIS (HKLM-x32\...\VIS) (Version:  - ) <==== ATTENTION
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Vokabel Trainer 5 (HKLM-x32\...\{5E0D2061-86AB-4B83-A671-A0BF3FF1537B}_is1) (Version:  - Manuel Wäschle)
watchmi (HKLM-x32\...\{409DC300-28AF-468F-9624-1F3309701881}) (Version: 2.7.0 - Axel Springer Digital TV Guide GmbH)
Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
Webtools von Microsoft SQL Server Compact 4.0 DEU (HKLM-x32\...\{76FAE3C6-F0F2-43D3-9D94-C2AD772C2326}) (Version: 4.0.8482.1 - Microsoft Corporation)
Windows Azure Authoring Tools - v2.1 (HKLM\...\{EDABC076-B762-4CB9-8FFC-9F82A950D542}) (Version: 2.1.6493.1 - Microsoft Corporation)
Windows Azure Libraries for .NET – v2.1 (HKLM\...\{7905D851-DA4D-47B7-8E24-AAFF76BAA56B}) (Version: 2.1.0717.110 - Microsoft Corporation)
Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB  (06/11/2009 1.0.0.0) (HKLM\...\EC3E466026556D3EB760B01C4772277614354E11) (Version: 06/11/2009 1.0.0.0 - Texas Instruments Inc.)
Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB  (09/02/2009 1.0.0.1) (HKLM\...\7511B29C86C398B4D11A0B0E4176CAD68D1B7057) (Version: 09/02/2009 1.0.0.1 - Texas Instruments Inc.)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Call (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinPhysik Klasse 11 (HKLM-x32\...\{4419E791-DCB8-47D5-9E9F-0C41B19B7858}) (Version: 1.00.0000 - Topos Marketing GmbH)
WinPhysik Klasse 12 (HKLM-x32\...\{E45D28D6-CEEC-41FD-AAEF-7FE4D7F0619D}) (Version: 1.00.0000 - Topos Marketing GmbH)
WinPhysik Klasse 13 (HKLM-x32\...\{2ECF7190-7B09-49BE-AFCA-86FC02CC00FE}) (Version: 1.00.0000 - Topos Marketing GmbH)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )
Xoya (HKLM-x32\...\com.moojaa.air.MOOJAA) (Version: 1.00.005 - MooJaa GmbH)
Xoya (x32 Version: 1.00.005 - MooJaa GmbH) Hidden

==================== Restore Points  =========================

04-06-2014 22:00:02 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2009-07-14 04:34 - 2014-05-28 00:21 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {01551E6F-1880-4506-9DB2-195BBE4CF1A8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {0CBCB1D7-D3D0-4576-BF4B-1B92CD28A75A} - System32\Tasks\elbyExecuteWithUAC => C:\Users\Marki\Freeware aus dem www\VirtualCloneDrive\ExecuteWithUAC.exe [2008-06-27] ()
Task: {0CDC4DCD-BB1C-4B9D-9A79-F081945354C5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [2013-04-23] (Piriform Ltd)
Task: {0E36B2A0-C858-4E66-8A69-132362453474} - System32\Tasks\Driver Booster SkipUAC (SYSTEM) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-03-14] (IObit)
Task: {1C1E28CF-58C7-45E0-A8F9-1E5067AFB1CB} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe <==== ATTENTION
Task: {1CD22D9D-E87D-45DD-82A3-962107A198AC} - System32\Tasks\ParetoLogic Registration3 => Rundll32.exe "C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns
Task: {1E4619A7-626E-4AE8-8B38-8AC5069D8915} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3467081931-4053979440-1662789119-1000Core => C:\Users\Marki\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {1F4DD86B-3BB6-4414-9945-F7FC273A12A3} - System32\Tasks\ASC7_SkipUac_Marki => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe [2014-03-10] (IObit)
Task: {1F9002F6-4F00-43CB-8E73-27E90387B7EF} - System32\Tasks\Plus-HD-3.8-codedownloader => C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-codedownloader.exe <==== ATTENTION
Task: {28041367-5813-44F5-A9A0-239C93A2298E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-18] (Google Inc.)
Task: {2B8BCA86-03CC-4E51-896F-8F4D4D3A9CF2} - System32\Tasks\ASC7_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe [2014-02-11] (IObit)
Task: {2B92FCBE-FEA6-47E7-BF24-694D191E7303} - System32\Tasks\JetBoost_AutoUpdate => C:\Program Files (x86)\BlueSprig\JetBoost\AutoUpdate.exe
Task: {2E67EEC8-C132-4706-9F56-3EA889796295} - System32\Tasks\ParetoLogic Update Version3 => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2011-03-30] (ParetoLogic Inc.)
Task: {3179631F-9A72-4CE7-81B6-8284E6C29213} - System32\Tasks\RegClean Pro_DEFAULT => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: {391BB704-547E-419A-B3C6-0B813168D72F} - System32\Tasks\Plus-HD-3.8-firefoxinstaller => C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-firefoxinstaller.exe <==== ATTENTION
Task: {48D965F6-DCAF-44D2-B5E2-6D8DC686FB64} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2014-03-13] (IObit)
Task: {4D9524C9-903A-4325-9B5C-5CCB133D9452} - System32\Tasks\Software Updater Ui => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Ui.exe
Task: {57AC2663-9A7C-4FF2-99A2-8F2F39D3BF26} - System32\Tasks\PC Health Advisor Defrag => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe
Task: {6C78D53B-0370-411D-8378-DD6CDD79271A} - System32\Tasks\RegClean Pro => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: {73532BAB-B1E8-411A-AA1C-904ACB3CF3E1} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: {7509A65A-9744-4636-9D82-15FA224214A7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-18] (Google Inc.)
Task: {75C14E90-114A-4327-84D9-421A9B67FCC7} - System32\Tasks\Plus-HD-3.8-enabler => C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-enabler.exe <==== ATTENTION
Task: {795141F2-262B-4385-8F0F-239C5AACCD7A} - System32\Tasks\Divx-Online-Aktualisierungsprogramm => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2011-07-29] ()
Task: {79B5E2C1-B671-4B63-86AF-0577EF8CBD7F} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2012-04-17] ()
Task: {8AA57D0A-7CCD-4451-8B65-C9EC1427F1F6} - System32\Tasks\BackgroundContainer Startup Task => Rundll32.exe "C:\Users\Marki\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <==== ATTENTION
Task: {8D041C4C-C4CD-4DB7-B12F-FA6F779143AA} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-12-21] (Adobe Systems Incorporated)
Task: {8E909A45-A54C-4C12-81AB-5E87D1754256} - System32\Tasks\Wise Turbo Checker => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe
Task: {9302D83B-4EFA-49EF-A9F5-C0515EC0568E} - System32\Tasks\Wise Care 365 => C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe
Task: {97EB4B8D-D63C-4BB1-8092-709259C2267E} - System32\Tasks\Plus-HD-3.8-updater => C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-updater.exe <==== ATTENTION
Task: {A6E99377-3AE8-47D3-9ADA-ED26AB0AC1C3} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2014-03-12] (IObit)
Task: {ABC21DF3-E971-4782-823E-A5E9D689737A} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-02-13] (IObit)
Task: {AC389800-7A14-4A4B-9F8F-C4411F861C6D} - System32\Tasks\PC Health Advisor => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe
Task: {AD83D58D-A372-4AB6-AA94-5E1DADC28DC8} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Task: {AF601AAB-613B-43C8-9905-A147E66D7C4C} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3467081931-4053979440-1662789119-1000UA => C:\Users\Marki\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {D57B826B-CBCE-464A-818C-6D08BD57AD64} - System32\Tasks\Plus-HD-3.8-chromeinstaller => C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-chromeinstaller.exe <==== ATTENTION
Task: {E8A4D418-4890-4FEA-8605-EE735FFB3150} - System32\Tasks\Software Updater => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe [2014-04-08] ()
Task: {E9902AE3-9BCC-4DF3-929F-E1BD1A6237D9} - System32\Tasks\{03629F28-20DA-40BE-84F7-4948958C9210} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {ED22B259-178F-4AA8-9CB0-438A60771F29} - System32\Tasks\SmartDefrag3_Update => C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe [2014-03-10] (IObit)
Task: {F3639A8A-C18C-47B0-ACBF-5F8A5FE09FD8} - System32\Tasks\SmartDefrag_Schedule => C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3467081931-4053979440-1662789119-1000Core.job => C:\Users\Marki\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3467081931-4053979440-1662789119-1000UA.job => C:\Users\Marki\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ParetoLogic Registration3.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll
Task: C:\Windows\Tasks\ParetoLogic Update Version3.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: C:\Windows\Tasks\PC Health Advisor Defrag.job => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe
Task: C:\Windows\Tasks\PC Health Advisor.job => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe
Task: C:\Windows\Tasks\Plus-HD-3.8-chromeinstaller.job => C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-chromeinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-3.8-codedownloader.job => C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-3.8-enabler.job => C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-3.8-firefoxinstaller.job => C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-firefoxinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-3.8-updater.job => C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: C:\Windows\Tasks\RegClean Pro_UPDATES.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: C:\Windows\Tasks\Wise Care 365.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe
Task: C:\Windows\Tasks\Wise Turbo Checker.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe

==================== Loaded Modules (whitelisted) =============

2012-01-11 19:29 - 2014-05-20 03:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-10-23 19:20 - 2011-09-13 10:10 - 01313184 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo Anti-Malware\AAMW_Service.exe
2014-04-16 20:09 - 2014-04-16 20:09 - 01005056 _____ () C:\Users\Marki\AppData\Roaming\BupSystem\bup.exe
2010-04-29 00:39 - 2010-03-15 11:28 - 00052224 _____ () C:\Users\Marki\Videos\WinRAR\rarext64.dll
2012-10-29 17:45 - 2012-10-29 17:45 - 00220672 _____ () C:\Program Files (x86)\Steganos Safe 2012\ShellExtension.dll
2009-11-25 01:36 - 2009-11-25 01:36 - 00125440 _____ () C:\Users\Marki\Videos\Notepad++\NppShell_01.dll
2009-08-18 21:09 - 2009-08-18 21:09 - 07599616 _____ () C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe
2012-03-23 14:25 - 2012-03-23 14:25 - 00087040 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2013-06-16 19:09 - 2011-09-29 12:11 - 00052664 _____ () C:\Program Files (x86)\Tether\TBService.exe
2013-10-23 19:19 - 2010-03-02 03:32 - 00052616 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo Anti-Malware\AAMW_WSC_Service_Vista.exe
2013-11-05 20:33 - 2013-10-25 12:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\sqlite3.dll
2014-04-16 20:09 - 2014-04-16 20:09 - 00374272 _____ () C:\Users\Marki\AppData\Roaming\BupSystem\sub\default.dll
2010-04-13 00:38 - 2010-04-13 00:38 - 00131072 _____ () C:\Program Files (x86)\Team MediaPortal\MediaPortal TV Server\Gentle.Framework.dll
2010-04-13 00:38 - 2010-04-13 00:38 - 00069632 _____ () C:\Program Files (x86)\Team MediaPortal\MediaPortal TV Server\Gentle.Common.dll
2010-04-13 00:38 - 2010-04-13 00:38 - 00024576 _____ () C:\Program Files (x86)\Team MediaPortal\MediaPortal TV Server\Gentle.Provider.MySQL.dll
2010-04-13 00:38 - 2010-04-13 00:38 - 00040960 _____ () C:\Program Files (x86)\Team MediaPortal\MediaPortal TV Server\Gentle.Provider.SQLServer.dll
2010-03-19 00:52 - 2010-03-19 00:52 - 00194560 _____ () C:\Program Files (x86)\Team MediaPortal\MediaPortal TV Server\StreamingServer.dll
2013-11-05 20:33 - 2013-01-15 18:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\webres.dll
2009-10-20 21:02 - 2010-03-29 01:17 - 00970752 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2012-10-12 04:53 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2013-09-15 02:18 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madExcept_.bpl
2013-09-15 02:18 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madBasic_.bpl
2013-09-15 02:18 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madDisAsm_.bpl
2013-09-15 02:18 - 2013-12-12 18:46 - 08001344 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\WebUI.dll
2013-03-06 10:34 - 2013-05-16 19:26 - 00182080 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\unrar.dll
2013-12-05 05:44 - 2013-10-16 22:17 - 00185168 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\libcurl-4.dll
2013-03-06 10:34 - 2013-05-16 19:26 - 00145216 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\zlibwapi.dll
2012-09-23 21:43 - 2012-09-23 21:43 - 00313992 _____ () C:\Program Files (x86)\Adobe\Reader 11.0\Reader\sqlite.dll
2013-12-21 08:04 - 2013-12-21 08:04 - 14588632 _____ () C:\Program Files (x86)\Adobe\Reader 11.0\Reader\NPSWF32.dll
2013-11-05 20:33 - 2013-12-02 19:06 - 01281312 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\Scan.dll
2014-06-01 20:33 - 2014-06-01 20:33 - 03839088 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-04-03 03:42 - 2014-04-03 03:42 - 16276872 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^Users^Marki^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe
MSCONFIG\startupreg: BrMfcWnd => c:\program files (x86)\brother\brmfcmon\brmfcwnd.exe /autorun
MSCONFIG\startupreg: Browser Infrastructure Helper => c:\users\marki\appdata\local\smartbar\application\quickshare.exe startup
MSCONFIG\startupreg: CheckMedi8or => C:\Users\Marki\Videos\Mediator 7 Pro\CheckNewUser.exe
MSCONFIG\startupreg: ControlCenter3 => c:\program files (x86)\brother\controlcenter3\brctrcen.exe /autorun
MSCONFIG\startupreg: Free Download Manager => 
MSCONFIG\startupreg: GrooveMonitor => c:\program files (x86)\microsoft office\office12\groovemonitor.exe
MSCONFIG\startupreg: HTC Sync Loader => "c:\program files (x86)\htc\htc sync 3.0\htcupctloader.exe" -startup
MSCONFIG\startupreg: ICQ => "C:\Program Files (x86)\ICQ7.6\ICQ.exe" silent loginmode=4
MSCONFIG\startupreg: IndexSearch => c:\program files (x86)\scansoft\paperport\indexsearch.exe
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Users\Marki\Freeware aus dem www\Hamachi\hamachi-2-ui.exe" --auto-start                                                                                                                                                                                              
MSCONFIG\startupreg: PaperPort PTD => c:\program files (x86)\scansoft\paperport\pptd40nt.exe
MSCONFIG\startupreg: PPort11reminder => c:\program files (x86)\scansoft\paperport\ereg\ereg.exe" -r "c:\programdata\scansoft\paperport\11\config\ereg\ereg.ini
MSCONFIG\startupreg: RtHDVCpl => c:\program files\realtek\audio\hda\ravcpl64.exe
MSCONFIG\startupreg: SAFE2012 File Redirection Starter => c:\program files (x86)\steganos safe 2012\fredirstarter.exe
MSCONFIG\startupreg: SAFE2012 HotKeys => c:\program files (x86)\steganos safe 2012\steganoshotkeyservice.exe
MSCONFIG\startupreg: SDTray => c:\program files (x86)\spybot - search & destroy 2\sdtray.exe
MSCONFIG\startupreg: Spotify => "c:\users\marki\appdata\roaming\spotify\spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Marki\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Spybot-S&D Cleaning => "c:\program files (x86)\spybot - search & destroy 2\sdcleaner.exe" /autoclean
MSCONFIG\startupreg: SpybotSD TeaTimer => 
MSCONFIG\startupreg: VirtualCloneDrive => "c:\users\marki\freeware aus dem www\virtualclonedrive\vcddaemon.exe" /s

==================== Faulty Device Manager Devices =============

Name: GT-I8190
Description: GT-I8190
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: SAMSUNG Electronics Co. Ltd. 
Service: WUDFRd
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Hamachi Network Interface
Description: Hamachi Network Interface
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn, Inc.
Service: hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/03/2014 08:57:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wupdsrvc.exe, Version: 1.0.0.0, Zeitstempel: 0x4d0f3d24
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0xeec
Startzeit der fehlerhaften Anwendung: 0xwupdsrvc.exe0
Pfad der fehlerhaften Anwendung: wupdsrvc.exe1
Pfad des fehlerhaften Moduls: wupdsrvc.exe2
Berichtskennung: wupdsrvc.exe3

Error: (06/03/2014 08:57:05 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (06/03/2014 08:57:05 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (06/03/2014 08:57:05 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (06/02/2014 00:22:11 PM) (Source: MsiInstaller) (EventID: 1024) (User: Mark)
Description: Produkt: Adobe Reader XI - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011007}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (06/02/2014 04:26:48 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: Microsoft.SqlServer.Management.SmoMetadataProvider, Version=10.0.0.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91 . Error code = 0x80070002

Error: (06/02/2014 04:26:47 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: Microsoft.SqlServer.Management.SmoMetadataProvider, Version=10.0.0.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91 . Error code = 0x80070002

Error: (06/02/2014 03:58:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wmpnetwk.exe, Version: 12.0.7601.17514, Zeitstempel: 0x4ce7ae7f
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1677
Ausnahmecode: 0x0000046b
Fehleroffset: 0x000000000000940d
ID des fehlerhaften Prozesses: 0xc20
Startzeit der fehlerhaften Anwendung: 0xwmpnetwk.exe0
Pfad der fehlerhaften Anwendung: wmpnetwk.exe1
Pfad des fehlerhaften Moduls: wmpnetwk.exe2
Berichtskennung: wmpnetwk.exe3

Error: (06/01/2014 08:43:38 PM) (Source: MsiInstaller) (EventID: 1024) (User: Mark)
Description: Produkt: Adobe Reader XI - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011007}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (06/01/2014 08:37:57 PM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Die Leistungsüberwachung für den Gatherer-Dienst kann nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.

Kontext:  Anwendung, SystemIndex Katalog


System errors:
=============
Error: (06/06/2014 09:14:28 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

	Neue Signaturversion: 

	Vorherige Signaturversion: 1.175.1089.0

	Aktualisierungsquelle: %NT-AUTORITÄT59

	Aktualisierungsphase: 4.5.0216.00

	Quellpfad: 4.5.0216.01

	Signaturtyp: %NT-AUTORITÄT602

	Aktualisierungstyp: %NT-AUTORITÄT604

	Benutzer: NT-AUTORITÄT\SYSTEM

	Aktuelle Modulversion: %NT-AUTORITÄT605

	Vorherige Modulversion: %NT-AUTORITÄT606

	Fehlercode: %NT-AUTORITÄT607

	Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (06/05/2014 09:15:10 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

	Neue Signaturversion: 

	Vorherige Signaturversion: 1.175.1089.0

	Aktualisierungsquelle: %NT-AUTORITÄT59

	Aktualisierungsphase: 4.5.0216.00

	Quellpfad: 4.5.0216.01

	Signaturtyp: %NT-AUTORITÄT602

	Aktualisierungstyp: %NT-AUTORITÄT604

	Benutzer: NT-AUTORITÄT\SYSTEM

	Aktuelle Modulversion: %NT-AUTORITÄT605

	Vorherige Modulversion: %NT-AUTORITÄT606

	Fehlercode: %NT-AUTORITÄT607

	Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (06/04/2014 09:16:34 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

	Neue Signaturversion: 

	Vorherige Signaturversion: 1.175.1089.0

	Aktualisierungsquelle: %NT-AUTORITÄT59

	Aktualisierungsphase: 4.5.0216.00

	Quellpfad: 4.5.0216.01

	Signaturtyp: %NT-AUTORITÄT602

	Aktualisierungstyp: %NT-AUTORITÄT604

	Benutzer: NT-AUTORITÄT\SYSTEM

	Aktuelle Modulversion: %NT-AUTORITÄT605

	Vorherige Modulversion: %NT-AUTORITÄT606

	Fehlercode: %NT-AUTORITÄT607

	Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (06/04/2014 02:29:12 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (06/03/2014 09:15:28 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

	Neue Signaturversion: 

	Vorherige Signaturversion: 1.175.1089.0

	Aktualisierungsquelle: %NT-AUTORITÄT59

	Aktualisierungsphase: 4.5.0216.00

	Quellpfad: 4.5.0216.01

	Signaturtyp: %NT-AUTORITÄT602

	Aktualisierungstyp: %NT-AUTORITÄT604

	Benutzer: NT-AUTORITÄT\SYSTEM

	Aktuelle Modulversion: %NT-AUTORITÄT605

	Vorherige Modulversion: %NT-AUTORITÄT606

	Fehlercode: %NT-AUTORITÄT607

	Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (06/03/2014 09:00:16 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Computer Backup (MyPC Backup)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (06/03/2014 08:58:16 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "LiveUpdate" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/03/2014 08:58:15 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
mbmiodrvr
sptd

Error: (06/03/2014 08:54:56 AM) (Source: sptd) (EventID: 4) (User: )
Description: Der Treiber hat einen internen Fehler in seinen Datenstrukturen für  festgestellt.

Error: (06/03/2014 04:28:09 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

	Neue Signaturversion: 

	Vorherige Signaturversion: 1.175.1089.0

	Aktualisierungsquelle: %NT-AUTORITÄT59

	Aktualisierungsphase: 4.5.0216.00

	Quellpfad: 4.5.0216.01

	Signaturtyp: %NT-AUTORITÄT602

	Aktualisierungstyp: %NT-AUTORITÄT604

	Benutzer: NT-AUTORITÄT\SYSTEM

	Aktuelle Modulversion: %NT-AUTORITÄT605

	Vorherige Modulversion: %NT-AUTORITÄT606

	Fehlercode: %NT-AUTORITÄT607

	Fehlerbeschreibung: %NT-AUTORITÄT608


Microsoft Office Sessions:
=========================
Error: (05/19/2014 03:01:35 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6695.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 32986 seconds with 660 seconds of active time.  This session ended with a crash.

Error: (11/20/2013 06:20:39 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 958 seconds with 780 seconds of active time.  This session ended with a crash.

Error: (04/01/2013 09:12:46 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1095 seconds with 1080 seconds of active time.  This session ended with a crash.

Error: (01/13/2013 11:19:32 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 10475 seconds with 6120 seconds of active time.  This session ended with a crash.

Error: (11/19/2012 04:30:22 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 2024 seconds with 1980 seconds of active time.  This session ended with a crash.

Error: (08/03/2012 02:54:59 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 80 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (07/15/2012 04:48:02 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 20 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (06/07/2012 02:13:39 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 6 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (06/06/2012 09:27:00 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4099 seconds with 1800 seconds of active time.  This session ended with a crash.

Error: (02/29/2012 10:13:35 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 23 seconds with 0 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2014-06-03 08:55:46.875
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\mbmiodrvr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-03 08:55:46.687
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\mbmiodrvr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-02 04:09:44.843
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\mbmiodrvr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-02 04:09:44.671
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\mbmiodrvr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-02 04:08:08.515
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\mbmiodrvr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-02 04:08:08.328
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\mbmiodrvr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-01 20:23:13.718
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\mbmiodrvr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-01 20:23:13.562
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\mbmiodrvr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-05-28 01:24:39.140
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\mbmiodrvr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-05-28 01:24:38.968
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\mbmiodrvr.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 84%
Total physical RAM: 5887.24 MB
Available physical RAM: 913.25 MB
Total Pagefile: 11772.66 MB
Available Pagefile: 5354.39 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:271.47 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 84F69442)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Alt 09.06.2014, 06:52   #7
schrauber
/// the machine
/// TB-Ausbilder
 

Verschiedene Browser öffnen nur Facebook, Google & YouTube - Standard

Verschiedene Browser öffnen nur Facebook, Google & YouTube



Adware & Co. deinstallieren
  • Lade Dir bitte von hier Revo Uninstaller herunter.
  • Installiere und starte das Programm.
  • Suche im Uninstallerfeld nach den Programmen, die unter:

    diesen Zusatz haben:
  • Wähle die Programme nacheinander aus und klicke jedesmal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

Solltest Du ein Programm nicht finden oder nicht deinstallieren können, mache bitte mit dem nächsten Schritt weiter:





Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 09.06.2014, 20:14   #8
Physik_Rocks
 
Verschiedene Browser öffnen nur Facebook, Google & YouTube - Standard

Verschiedene Browser öffnen nur Facebook, Google & YouTube



Hallo,

danke für die sehr konkreten Anweisungen .

Nun denn was es zu berichten gibt, wären ... 2 der drei Programme die in Addition mit dem Zusatz Attention versehen waren konnte ich deinstallieren mit dem Revo- Installer, leider hat dieser aber MyPC Backup nicht gefunden, also habe ich dieses Programm nicht deinstalliert.
Bei dem ersten Programm Conduit Engine habe ich zu den Dateiresten auch noch Registry- Reste gelöscht und bei VIS kam irgendwie nicht so ein Fenster...

Zu combofix, das erste mal hat combofix nicht rumgemeckert wegen den Antivirenprogrammen- ich habe aber auch aktiviert was ging ... -.

Die log wäre dann hier

Code:
ATTFilter
ComboFix 14-06-09.01 - Marki 09.06.2014  20:42:40.5.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.5887.3790 [GMT 2:00]
ausgeführt von:: c:\users\Marki\Desktop\ComboFix.exe
AV: Ashampoo Anti-Malware *Disabled/Outdated* {1586225C-B0F7-7A3E-FBB7-F15B3A4D2579}
AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Ashampoo Anti-Malware *Disabled/Outdated* {AEE7C3B8-96CD-75B0-C107-CA2941CA6FC4}
SP: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\SET160A.tmp
c:\windows\SysWow64\SET657.tmp
c:\windows\SysWow64\SETF0F4.tmp
.
---- Vorheriger Suchlauf -------
.
C:\install.exe
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_ofjgnhihlklpobkaloamkankaaoclfjh_0\12
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\background.html
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\chromeCoreFilesIndex.txt
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\crossriderManifest.json
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\extensionData\manifest.xml
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\extensionData\plugins.json
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\extensionData\plugins\1_base.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\extensionData\plugins\102_dealply_m.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\extensionData\plugins\103_intext_5_m.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\extensionData\plugins\104_jollywallet_m.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\extensionData\plugins\119_similar_web_m.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\extensionData\plugins\123_intext_adv_m.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\extensionData\plugins\124_superfish_no_search_no_coupons_m.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\extensionData\plugins\13_CrossriderAppUtils.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\extensionData\plugins\14_CrossriderUtils.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\extensionData\plugins\155_ibario_pops_m.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\extensionData\plugins\17_jQuery.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\extensionData\plugins\177_crossriderDashboard.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\extensionData\plugins\178_revizer_ws_dynamic_m.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\extensionData\plugins\179_revizer_p_dynamic_m.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\extensionData\plugins\180_bpo_serp_m.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\extensionData\plugins\182_openUrl.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\extensionData\plugins\183_tabsWrapper.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\extensionData\plugins\184_noproblemppc_m.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\extensionData\plugins\19_CHAppAPIWrapper.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\extensionData\plugins\191_ciuvo_m.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\extensionData\plugins\194_retargeting_bi_m.js.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\extensionData\plugins\195_icm_convertmedia_m.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\extensionData\plugins\207_dbWrapper.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\extensionData\plugins\208_gam_manager.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\extensionData\plugins\21_debug.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\extensionData\plugins\22_resources.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\extensionData\plugins\220_icm_base_m.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\extensionData\plugins\223_imonomy_m.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\extensionData\plugins\246_setup.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\extensionData\plugins\28_initializer.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\extensionData\plugins\4_jquery_1_7_1.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\extensionData\plugins\47_resources_background.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\extensionData\plugins\64_appApiMessage.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\extensionData\plugins\7_hooks.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\extensionData\plugins\72_appApiValidation.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\extensionData\plugins\78_CrossriderInfo.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\extensionData\plugins\80_CHPopupAppAPI.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\extensionData\plugins\9_search_engine_hook.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\extensionData\plugins\91_monetizationLoader.js.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\extensionData\plugins\93_superfish_no_coupons_m.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\extensionData\plugins\97_resourceApiWrapper.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\extensionData\userCode\background.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\extensionData\userCode\extension.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\icons\actions\1.png
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\icons\icon128.png
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\icons\icon16.png
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\icons\icon48.png
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\js\api\chrome.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\js\api\cookie.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\js\api\message.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\js\api\monitor.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\js\api\pageAction.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\js\api\pageActionBG.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\js\background.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\js\lib\app_api.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\js\lib\bg_app_api.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\js\lib\consts.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\js\lib\cookie_store.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\js\lib\crossriderAPI.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\js\lib\delegate.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\js\lib\events.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\js\lib\extensionDataStore.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\js\lib\installer.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\js\lib\logFile.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\js\lib\logging.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\js\lib\onBGDocumentLoad.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\js\lib\popupResource\newPopup.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\js\lib\popupResource\popup.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\js\lib\reports.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\js\lib\storageWrapper.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\js\lib\updateManager.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\js\lib\util.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\js\lib\xhr.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\js\main.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\js\platformVersion.js
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\manifest.json
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\popup.html
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ofjgnhihlklpobkaloamkankaaoclfjh\000005.ldb
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ofjgnhihlklpobkaloamkankaaoclfjh\000008.ldb
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ofjgnhihlklpobkaloamkankaaoclfjh\000009.log
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ofjgnhihlklpobkaloamkankaaoclfjh\CURRENT
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ofjgnhihlklpobkaloamkankaaoclfjh\LOCK
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ofjgnhihlklpobkaloamkankaaoclfjh\LOG
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ofjgnhihlklpobkaloamkankaaoclfjh\LOG.old
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ofjgnhihlklpobkaloamkankaaoclfjh\MANIFEST-000007
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ofjgnhihlklpobkaloamkankaaoclfjh_0.localstorage-journal
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ofjgnhihlklpobkaloamkankaaoclfjh_0.localstorage
c:\users\Marki\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\Public\AlexaNSISPlugin.10984.dll
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-05-09 bis 2014-06-09  ))))))))))))))))))))))))))))))
.
.
2014-06-09 18:51 . 2014-06-09 18:51	--------	d-----w-	c:\users\Public\AppData\Local\temp
2014-06-09 18:51 . 2014-06-09 18:51	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-06-09 18:27 . 2014-06-09 18:27	--------	d-----w-	c:\program files (x86)\VS Revo Group
2014-06-09 18:17 . 2014-05-19 23:18	10702536	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{FCAA5A7A-9ED6-4BED-8B99-E92C5D692DC0}\mpengine.dll
2014-06-07 17:30 . 2014-04-23 09:50	1031560	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B923A3F5-EE16-4D51-BA05-E2D91F6BA4D3}\gapaengine.dll
2014-06-07 17:24 . 2014-05-19 23:18	10702536	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-06-06 21:37 . 2014-06-06 21:39	--------	d-----w-	C:\FRST
2014-06-01 21:25 . 2014-06-01 21:25	84992	----a-w-	c:\windows\system32\mshtmled.dll
2014-06-01 21:25 . 2014-06-01 21:25	2724864	----a-w-	c:\windows\SysWow64\mshtml.tlb
2014-06-01 21:25 . 2014-06-01 21:25	2724864	----a-w-	c:\windows\system32\mshtml.tlb
2014-06-01 21:25 . 2014-06-01 21:25	23544320	----a-w-	c:\windows\system32\mshtml.dll
2014-06-01 21:14 . 2014-06-01 21:14	14175744	----a-w-	c:\windows\system32\shell32.dll
2014-06-01 21:10 . 2014-06-01 21:10	3969984	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2014-06-01 21:10 . 2014-06-01 21:10	3914176	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2014-06-01 21:10 . 2014-06-01 21:10	274944	----a-w-	c:\windows\SysWow64\KernelBase.dll
2014-06-01 21:10 . 2014-06-01 21:10	259584	----a-w-	c:\windows\SysWow64\msv1_0.dll
2014-06-01 21:10 . 2014-06-01 21:10	172032	----a-w-	c:\windows\SysWow64\wdigest.dll
2014-06-01 21:10 . 2014-06-01 21:10	247808	----a-w-	c:\windows\SysWow64\schannel.dll
2014-06-01 21:10 . 2014-06-01 21:10	538112	----a-w-	c:\windows\SysWow64\objsel.dll
2014-06-01 20:26 . 2014-06-01 20:26	--------	d-----w-	c:\program files (x86)\AGEIA Technologies
2014-06-01 20:22 . 2014-05-14 23:49	3774821	----a-w-	c:\windows\system32\nvcoproc.bin
2014-06-01 20:15 . 2014-05-20 02:44	11599072	----a-w-	c:\windows\system32\nvopencl.dll
2014-06-01 20:15 . 2014-05-20 02:44	9697640	----a-w-	c:\windows\SysWow64\nvopencl.dll
2014-06-01 20:15 . 2014-05-20 02:44	31387936	----a-w-	c:\windows\system32\nvoglv64.dll
2014-06-01 20:15 . 2014-05-20 02:44	24025376	----a-w-	c:\windows\SysWow64\nvoglv32.dll
2014-06-01 20:15 . 2014-05-20 02:44	12688328	----a-w-	c:\windows\system32\drivers\nvlddmkm.sys
2014-06-01 20:15 . 2014-05-20 02:44	895776	----a-w-	c:\windows\system32\NvIFR64.dll
2014-06-01 20:15 . 2014-05-20 02:44	867784	----a-w-	c:\windows\SysWow64\NvIFR.dll
2014-06-01 20:15 . 2014-05-20 02:44	892704	----a-w-	c:\windows\system32\NvFBC64.dll
2014-06-01 20:15 . 2014-05-20 02:44	861128	----a-w-	c:\windows\SysWow64\NvFBC.dll
2014-06-01 20:15 . 2014-05-20 02:44	1541576	----a-w-	c:\windows\system32\nvdispgenco6433788.dll
2014-06-01 20:15 . 2014-05-20 02:44	1889112	----a-w-	c:\windows\system32\nvdispco6433788.dll
2014-06-01 20:14 . 2014-05-20 02:44	17480432	----a-w-	c:\windows\system32\nvd3dumx.dll
2014-06-01 20:14 . 2014-05-20 02:44	9735256	----a-w-	c:\windows\SysWow64\nvcuda.dll
2014-06-01 20:14 . 2014-05-20 02:44	3141976	----a-w-	c:\windows\system32\nvcuvid.dll
2014-06-01 20:14 . 2014-05-20 02:44	2953672	----a-w-	c:\windows\SysWow64\nvcuvid.dll
2014-06-01 20:14 . 2014-05-20 02:44	2785568	----a-w-	c:\windows\system32\nvcuvenc.dll
2014-06-01 20:14 . 2014-05-20 02:44	2412376	----a-w-	c:\windows\SysWow64\nvcuvenc.dll
2014-06-01 20:14 . 2014-05-20 02:44	11644928	----a-w-	c:\windows\system32\nvcuda.dll
2014-06-01 20:14 . 2014-05-20 02:44	25256224	----a-w-	c:\windows\system32\nvcompiler.dll
2014-06-01 20:14 . 2014-05-20 02:44	17561544	----a-w-	c:\windows\SysWow64\nvcompiler.dll
2014-06-01 19:18 . 2014-03-31 16:42	40392	----a-w-	c:\windows\system32\drivers\nvvad64v.sys
2014-06-01 19:18 . 2014-03-31 16:42	34760	----a-w-	c:\windows\SysWow64\nvaudcap32v.dll
2014-06-01 18:46 . 2014-05-09 06:14	477184	----a-w-	c:\windows\system32\aepdu.dll
2014-06-01 18:46 . 2014-05-09 06:11	424448	----a-w-	c:\windows\system32\aeinv.dll
2014-05-27 15:48 . 2014-05-27 19:36	--------	d-----w-	c:\program files (x86)\Avira
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-06-02 01:13 . 2010-04-04 18:28	93223848	----a-w-	c:\windows\system32\MRT.exe
2014-05-20 02:44 . 2013-11-05 19:12	16003912	----a-w-	c:\windows\SysWow64\nvwgf2um.dll
2014-05-20 02:44 . 2013-11-05 19:12	14434704	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2014-05-20 02:44 . 2013-02-25 22:32	2730208	----a-w-	c:\windows\SysWow64\nvapi.dll
2014-05-20 02:44 . 2013-02-25 22:32	18531568	----a-w-	c:\windows\system32\nvwgf2umx.dll
2014-05-20 02:44 . 2012-10-10 20:23	3109248	----a-w-	c:\windows\system32\nvapi64.dll
2014-05-20 01:25 . 2012-01-11 17:30	3514144	----a-w-	c:\windows\system32\nvsvc64.dll
2014-05-20 01:25 . 2012-01-11 17:29	6769096	----a-w-	c:\windows\system32\nvcpl.dll
2014-05-20 01:25 . 2012-01-11 17:30	927520	----a-w-	c:\windows\system32\nvvsvc.exe
2014-05-20 01:25 . 2012-01-11 17:30	62808	----a-w-	c:\windows\system32\nvshext.dll
2014-05-20 01:25 . 2012-01-11 17:30	2560968	----a-w-	c:\windows\system32\nvsvcr.dll
2014-05-20 01:25 . 2012-01-11 17:29	387528	----a-w-	c:\windows\system32\nvmctray.dll
2014-04-30 18:29 . 2014-04-21 21:03	1081112	----a-w-	c:\windows\SysWow64\nvspcap.dll
2014-04-30 18:29 . 2014-04-21 21:03	1225920	----a-w-	c:\windows\system32\nvspcap64.dll
2014-04-23 09:50 . 2014-01-24 19:54	1031560	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-04-18 13:01 . 2014-04-18 13:01	237336	----a-w-	c:\windows\system32\drivers\avgidsdrivera.sys
2014-04-16 23:11 . 2014-04-16 23:11	2157704	----a-w-	c:\windows\system32\YamahaAE.dll
2014-04-16 23:11 . 2014-04-16 23:11	2101848	----a-w-	c:\windows\system32\WavesGUILib64.dll
2014-04-16 23:11 . 2014-04-16 23:11	724728	----a-w-	c:\windows\system32\sltech64.dll
2014-04-16 23:11 . 2014-04-16 23:11	245496	----a-w-	c:\windows\system32\slprp64.dll
2014-04-16 23:11 . 2014-04-16 23:11	1045752	----a-w-	c:\windows\system32\slcnt64.dll
2014-04-16 23:11 . 2014-04-16 23:11	899320	----a-w-	c:\windows\system32\sl3apo64.dll
2014-04-16 23:11 . 2014-04-16 23:11	1958616	----a-w-	c:\windows\system32\RTSnMg64.cpl
2014-04-16 23:11 . 2014-04-16 23:10	2825432	----a-w-	c:\windows\system32\RtPgEx64.dll
2014-04-16 23:10 . 2014-04-16 23:10	3872984	----a-w-	c:\windows\system32\drivers\RTKVHD64.sys
2014-04-16 23:10 . 2014-04-16 23:10	2792152	----a-w-	c:\windows\system32\RtkAPO64.dll
2014-04-16 23:10 . 2014-04-16 23:10	1024216	----a-w-	c:\windows\system32\RtkApi64.dll
2014-04-16 23:10 . 2014-04-16 23:10	624344	----a-w-	c:\windows\system32\RtDataProc64.dll
2014-04-16 23:10 . 2014-04-16 23:10	1286872	----a-w-	c:\windows\system32\RTCOM64.dll
2014-04-16 23:10 . 2014-04-16 23:10	56270848	----a-w-	c:\windows\system32\RCoRes64.dat
2014-04-16 23:10 . 2014-04-16 23:10	946392	----a-w-	c:\windows\system32\RCoInstII64.dll
2014-04-16 23:10 . 2014-04-16 23:10	942384	----a-w-	c:\windows\system32\NAHIMICAPOSettingsIPC.dll
2014-04-16 23:10 . 2014-04-16 23:10	5752072	----a-w-	c:\windows\system32\NAHIMICAPOlfx.dll
2014-04-16 23:10 . 2014-04-16 23:10	938608	----a-w-	c:\windows\system32\MaxxVoiceAPO2064.dll
2014-04-16 23:10 . 2014-04-16 23:10	3923032	----a-w-	c:\windows\system32\MaxxAudioVnN64.dll
2014-04-16 23:10 . 2014-04-16 23:10	1313904	----a-w-	c:\windows\system32\MaxxSpeechAPO64.dll
2014-04-16 23:10 . 2014-04-16 23:10	12793944	----a-w-	c:\windows\system32\MaxxVoiceAPO3064.dll
2014-04-16 23:10 . 2014-04-16 23:10	28310104	----a-w-	c:\windows\system32\MaxxAudioVnA64.dll
2014-04-16 23:10 . 2014-04-16 23:10	14737496	----a-w-	c:\windows\system32\MaxxAudioRealtek64.dll
2014-04-16 23:10 . 2014-04-16 23:10	1932888	----a-w-	c:\windows\system32\MaxxAudioRealtek264.dll
2014-04-16 23:10 . 2014-04-16 23:10	2037336	----a-w-	c:\windows\system32\MaxxAudioEQ64.dll
2014-04-16 23:10 . 2014-04-16 23:10	1033304	----a-w-	c:\windows\system32\MaxxAudioAPOShell64.dll
2014-04-16 23:10 . 2014-04-16 23:10	2319960	----a-w-	c:\windows\system32\MaxxAudioAPO6064.dll
2014-04-16 23:10 . 2014-04-16 23:10	1419376	----a-w-	c:\windows\system32\MaxxAudioAPO5064.dll
2014-04-16 23:10 . 2014-04-16 23:10	1419376	----a-w-	c:\windows\system32\MaxxAudioAPO4064.dll
2014-04-16 23:10 . 2014-04-16 23:10	2770976	----a-w-	c:\windows\system32\FMAPO64.dll
2014-04-16 23:10 . 2014-04-16 23:10	31520	----a-w-	c:\windows\system32\nvhdap64.dll
2014-04-16 23:10 . 2014-04-16 23:10	1515296	----a-w-	c:\windows\system32\nvhdagenco6420103.dll
2014-04-16 23:10 . 2014-04-16 23:10	74016	----a-w-	c:\windows\system32\nvapo64v.dll
2014-04-16 23:10 . 2014-04-16 23:10	197408	----a-w-	c:\windows\system32\drivers\nvhda64v.sys
2014-04-16 23:08 . 2013-02-25 22:32	18302384	----a-w-	c:\windows\system32\SETEEAE.tmp
2014-04-16 23:08 . 2014-04-16 23:08	1516488	----a-w-	c:\windows\system32\nvdispgenco6433523.dll
2014-04-16 23:08 . 2014-04-16 23:08	1885472	----a-w-	c:\windows\system32\nvdispco6433523.dll
2014-04-16 23:08 . 2012-10-10 20:23	3093280	----a-w-	c:\windows\system32\SETACB9.tmp
2014-04-16 23:07 . 2013-11-05 19:02	107552	----a-w-	c:\windows\system32\RTNUninst64.dll
2014-04-16 23:07 . 2014-04-16 23:07	73800	----a-w-	c:\windows\system32\RtNicProp64.dll
2014-04-16 23:07 . 2014-04-16 23:07	901848	----a-w-	c:\windows\system32\drivers\Rt64win7.sys
2014-04-12 15:22 . 2014-04-12 15:22	628736	----a-w-	c:\windows\system32\msfeeds.dll
2014-04-12 15:22 . 2014-04-12 15:22	61952	----a-w-	c:\windows\SysWow64\iesetup.dll
2014-04-12 15:22 . 2014-04-12 15:22	586240	----a-w-	c:\windows\system32\ie4uinit.exe
2014-04-12 15:22 . 2014-04-12 15:22	574976	----a-w-	c:\windows\system32\ieui.dll
2014-04-12 15:22 . 2014-04-12 15:22	51200	----a-w-	c:\windows\SysWow64\ieetwproxystub.dll
2014-04-12 15:22 . 2014-04-12 15:22	48640	----a-w-	c:\windows\system32\ieetwproxystub.dll
2014-04-12 15:22 . 2014-04-12 15:22	453120	----a-w-	c:\windows\system32\dxtmsft.dll
2014-04-12 15:22 . 2014-04-12 15:22	4096	----a-w-	c:\windows\system32\ieetwcollectorres.dll
2014-04-12 15:22 . 2014-04-12 15:22	33792	----a-w-	c:\windows\system32\iernonce.dll
2014-04-12 15:22 . 2014-04-12 15:22	296960	----a-w-	c:\windows\system32\dxtrans.dll
2014-04-12 15:22 . 2014-04-12 15:22	139264	----a-w-	c:\windows\system32\ieUnatt.exe
2014-04-12 15:22 . 2014-04-12 15:22	13551104	----a-w-	c:\windows\system32\ieframe.dll
2014-04-12 15:22 . 2014-04-12 15:22	112128	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2014-04-12 15:22 . 2014-04-12 15:22	111616	----a-w-	c:\windows\system32\ieetwcollector.exe
2014-04-12 15:22 . 2014-04-12 15:22	846336	----a-w-	c:\windows\system32\ieapfltr.dll
2014-04-12 15:22 . 2014-04-12 15:22	752640	----a-w-	c:\windows\system32\jscript9diag.dll
2014-04-12 15:22 . 2014-04-12 15:22	66048	----a-w-	c:\windows\system32\iesetup.dll
2014-04-12 15:22 . 2014-04-12 15:22	592896	----a-w-	c:\windows\SysWow64\jscript9diag.dll
2014-04-12 15:22 . 2014-04-12 15:22	5784064	----a-w-	c:\windows\system32\jscript9.dll
2014-04-12 15:22 . 2014-04-12 15:22	548352	----a-w-	c:\windows\system32\vbscript.dll
2014-04-12 15:22 . 2014-04-12 15:22	51200	----a-w-	c:\windows\system32\jsproxy.dll
2014-04-12 15:22 . 2014-04-12 15:22	455168	----a-w-	c:\windows\SysWow64\vbscript.dll
2014-04-12 15:22 . 2014-04-12 15:22	4254720	----a-w-	c:\windows\SysWow64\jscript9.dll
2014-04-12 15:22 . 2014-04-12 15:22	38400	----a-w-	c:\windows\system32\JavaScriptCollectionAgent.dll
2014-04-12 15:22 . 2014-04-12 15:22	32256	----a-w-	c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-04-12 15:22 . 2014-04-12 15:22	2260480	----a-w-	c:\windows\system32\wininet.dll
2014-04-12 15:22 . 2014-04-12 15:22	2043904	----a-w-	c:\windows\system32\inetcpl.cpl
2014-04-12 15:22 . 2014-04-12 15:22	1967104	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2014-04-12 15:22 . 2014-04-12 15:22	1789440	----a-w-	c:\windows\SysWow64\wininet.dll
2014-04-12 15:22 . 2014-04-12 15:22	1400832	----a-w-	c:\windows\system32\urlmon.dll
2014-04-12 15:22 . 2014-04-12 15:22	940032	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2014-04-12 15:22 . 2014-04-12 15:22	2767360	----a-w-	c:\windows\system32\iertutil.dll
2014-04-12 15:22 . 2014-04-12 15:22	195584	----a-w-	c:\windows\system32\msrating.dll
2014-04-03 01:42 . 2012-10-02 17:19	692616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-04-03 01:42 . 2011-09-29 15:41	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-31 20:46 . 2014-03-31 20:46	130712	----a-w-	c:\windows\SysWow64\MSSTDFMT.DLL
2014-03-31 20:46 . 2014-03-31 20:46	1070232	----a-w-	c:\windows\SysWow64\MSCOMCTL.OCX
2014-03-31 16:42 . 2014-04-21 21:01	37320	----a-w-	c:\windows\system32\nvaudcap64v.dll
2014-03-31 14:20 . 2014-03-31 14:20	274200	----a-w-	c:\windows\system32\drivers\avgtdia.sys
2014-03-31 14:06 . 2014-03-31 14:06	130840	----a-w-	c:\windows\system32\drivers\avgmfx64.sys
2014-03-27 20:14 . 2014-03-27 20:14	192792	----a-w-	c:\windows\system32\drivers\avgidsha.sys
2014-03-27 20:14 . 2014-03-27 20:14	153368	----a-w-	c:\windows\system32\drivers\avgdiska.sys
2014-03-27 20:07 . 2014-03-27 20:07	236824	----a-w-	c:\windows\system32\drivers\avgldx64.sys
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F}]
2014-02-25 09:32	464720	----a-w-	c:\program files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Spotify Web Helper"="c:\users\Marki\APPDATA\ROAMING\SPOTIFY\Data\SpotifyWebHelper.exe" [2013-10-21 1140736]
"BackgroundContainer"="c:\users\Marki\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll" [2013-10-14 319264]
"Advanced SystemCare 7"="c:\program files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" [2014-02-11 2288928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]
"SSBkgdUpdate"="c:\program files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"ControlCenter3"="c:\program files (x86)\Brother\ControlCenter3\brctrcen.exe" [2008-12-24 114688]
"SearchSettings"="c:\program files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe" [2013-12-27 1383232]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-12-21 959904]
"IObit Malware Fighter"="c:\program files (x86)\IObit\IObit Malware Fighter\IMF.exe" [2014-04-17 1596224]
"AVG_UI"="c:\program files (x86)\AVG\AVG2014\avgui.exe" [2014-04-06 5180432]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"="c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_8_800_174_ActiveX.exe" [2013-09-14 815496]
.
c:\users\Marki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.2.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2009-12-15 384000]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0SmartDefragBootTime.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"HTC Sync Loader"="c:\program files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
R2 AAMW_WSC_Service_Vista;Ashampoo Anti-Malware WSC Service;c:\program files (x86)\Ashampoo\Ashampoo Anti-Malware\AAMW_WSC_Service_Vista.exe;c:\program files (x86)\Ashampoo\Ashampoo Anti-Malware\AAMW_WSC_Service_Vista.exe [x]
R2 BackupStack;Computer Backup (MyPC Backup);c:\program files (x86)\MyPC Backup\BackupStack.exe;c:\program files (x86)\MyPC Backup\BackupStack.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 TVService;TVService;c:\program files (x86)\Team MediaPortal\MediaPortal TV Server\TVService.exe;c:\program files (x86)\Team MediaPortal\MediaPortal TV Server\TVService.exe [x]
R2 wupdsrvc;Update-Service;c:\windows\SYSTEM32\wupdsrvc.exe;c:\windows\SYSNATIVE\wupdsrvc.exe [x]
R3 Application Updater;Application Updater;c:\program files (x86)\Application Updater\ApplicationUpdater.exe;c:\program files (x86)\Application Updater\ApplicationUpdater.exe [x]
R3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys;c:\windows\SYSNATIVE\drivers\avmeject.sys [x]
R3 cpuz134;cpuz134;c:\users\Marki\AppData\Local\Temp\cpuz134\cpuz134_x64.sys;c:\users\Marki\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]
R3 DfSdkS;Defragmentation-Service;c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 2013\DfsdkS64.exe;c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 2013\DfsdkS64.exe [x]
R3 FileMonitor;FileMonitor;c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys;c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [x]
R3 FWLANUSB;AVM FRITZ!WLAN;c:\windows\system32\DRIVERS\fwlanusb.sys;c:\windows\SYSNATIVE\DRIVERS\fwlanusb.sys [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MsDepSvc;Webbereitstellungs-Agent-Dienst;c:\program files\IIS\Microsoft Web Deploy\MsDepSvc.exe;c:\program files\IIS\Microsoft Web Deploy\MsDepSvc.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RegFilter;RegFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [x]
R3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver;c:\windows\system32\DRIVERS\silabenm.sys;c:\windows\SYSNATIVE\DRIVERS\silabenm.sys [x]
R3 silabser;Silicon Labs CP210x USB to UART Bridge Driver;c:\windows\system32\DRIVERS\silabser.sys;c:\windows\SYSNATIVE\DRIVERS\silabser.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 UrlFilter;UrlFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [x]
R3 watchmi;watchmi service;c:\program files (x86)\watchmi\TvdService.exe;c:\program files (x86)\watchmi\TvdService.exe [x]
R4 MSSQLServerADHelper100;SQL Server Hilfsdienst für Active Directory;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 RsFx0105;RsFx0105 Driver;c:\windows\system32\DRIVERS\RsFx0105.sys;c:\windows\SYSNATIVE\DRIVERS\RsFx0105.sys [x]
R4 SQLAgent$SQLEXPRESS;SQL Server-Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE;c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S0 nvamacpi;NVIDIA Away Mode System;c:\windows\system32\DRIVERS\NVAMACPI.sys;c:\windows\SYSNATIVE\DRIVERS\NVAMACPI.sys [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys;c:\windows\SYSNATIVE\Drivers\SmartDefragDriver.sys [x]
S1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c:\windows\SYSNATIVE\DRIVERS\avgdiska.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S1 SLEE_18_DRIVER;Steganos Live Encryption Engine 18 [Driver];c:\windows\Sleen1864.sys;c:\windows\Sleen1864.sys [x]
S2 AAMWService;Ashampoo Anti-Malware Service;c:\program files (x86)\Ashampoo\Ashampoo Anti-Malware\AAMW_Service.exe;c:\program files (x86)\Ashampoo\Ashampoo Anti-Malware\AAMW_Service.exe [x]
S2 AdvancedSystemCareService7;Advanced SystemCare Service 7;c:\program files (x86)\IObit\Advanced SystemCare 7\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [x]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe [x]
S2 bupService;BUP Service;c:\users\Marki\AppData\Roaming\BupSystem\bup.exe;c:\users\Marki\AppData\Roaming\BupSystem\bup.exe [x]
S2 IMFservice;IMF Service;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]
S2 TeamViewer5;TeamViewer 5;c:\program files (x86)\TeamViewer\Version5\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version5\TeamViewer_Service.exe [x]
S2 Tether;Tether;c:\program files (x86)\Tether\TBService.exe;c:\program files (x86)\Tether\TBService.exe [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 qrkis;Tether Miniport;c:\windows\system32\DRIVERS\qrkis.sys;c:\windows\SYSNATIVE\DRIVERS\qrkis.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-05-27 18:51	1091912	----a-w-	c:\program files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-06-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-17 22:34]
.
2014-06-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-17 22:34]
.
2014-06-08 c:\windows\Tasks\ParetoLogic Registration3.job
- c:\windows\system32\rundll32.exe [2009-07-13 01:14]
.
2014-06-04 c:\windows\Tasks\ParetoLogic Update Version3.job
- c:\program files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2011-03-29 23:51]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
2014-04-25 21:21	2471744	----a-w-	c:\program files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2008-10-03 1833504]
"Ashampoo Anti-Malware Guard"="c:\program files (x86)\Ashampoo\Ashampoo Anti-Malware\AAMW_Guard.exe" [2010-08-26 3314176]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2014-04-16 13667032]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-03-11 1271072]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-04-30 2199840]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-04-30 1225920]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://de.search.yahoo.com/?type=198484&fr=spigot-yhp-ie
uDefault_Search_URL = hxxp://search.certified-toolbar.com?si=62606&tid=6533&ver=4.7&ts=1379200968509&tguid=62606-6533-1379200968509-3879E0CA1504A1ABDC3713DF9C68B0E1&st=chrome&q=
mDefault_Search_URL = hxxp://search.certified-toolbar.com?si=62606&tid=6533&ver=4.7&ts=1379200968509&tguid=62606-6533-1379200968509-3879E0CA1504A1ABDC3713DF9C68B0E1&st=chrome&q=
mStart Page = about:newtab
mSearch Page = hxxp://search.certified-toolbar.com?si=62606&tid=6533&ver=4.7&ts=1379200968509&tguid=62606-6533-1379200968509-3879E0CA1504A1ABDC3713DF9C68B0E1&st=chrome&q=
mSearch Bar = hxxp://search.certified-toolbar.com?si=62606&tid=6533&ver=4.7&ts=1379200968509&tguid=62606-6533-1379200968509-3879E0CA1504A1ABDC3713DF9C68B0E1&st=chrome&q=
uInternet Settings,ProxyOverride = fritz.box;*.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: An OneNote s&enden - c:\progra~2\MIF5BA~1\Office14\ONBttnIE.dll/105
IE: Free YouTube Download - c:\users\Marki\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm
IE: Free YouTube to Mp3 Converter - c:\users\Marki\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
IE: Nach Microsoft &Excel exportieren - c:\users\Marki\Music\Office10\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\users\Marki\Music\Office12\EXCEL.EXE/3000
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files (x86)\ICQ7.6\ICQ.exe
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{16F52067-879E-43D0-B67F-9344FC2AB5D5}: NameServer = 208.67.222.222,208.67.220.220
FF - ProfilePath - c:\users\Marki\AppData\Roaming\Mozilla\Firefox\Profiles\n903b0ks.default-1390833912369\
FF - prefs.js: browser.search.selectedEngine - Yahoo!
FF - prefs.js: keyword.URL - hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=402027&p=
FF - prefs.js: keyword.url - hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=402027&p=
FF - user.js: extensions.blocklist.enabled - false
FF - user.js: app.update.auto - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{03EB0E9C-7A91-4381-A220-9B52B641CDB1} - (no file)
URLSearchHooks-{00000000-6E41-4FD3-8538-502F5495E5FC} - (no file)
BHO-{9fdfb66c-713b-4201-83a6-5b78ae227b41} - (no file)
BHO-{e66f4171-0f28-4599-a595-58b840522f7e} - (no file)
BHO-{F443A627-5009-4323-9C1D-7FD598D0D712} - (no file)
Toolbar-{f4e6547e-325b-403c-a3bb-ad29ed37a92f} - (no file)
Toolbar-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
Toolbar-{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - (no file)
Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
Toolbar-{9fdfb66c-713b-4201-83a6-5b78ae227b41} - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Toolbar-{03EB0E9C-7A91-4381-A220-9B52B641CDB1} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MsDepSvc]
"ImagePath"="\"c:\program files\IIS\Microsoft Web Deploy\MsDepSvc.exe\" -runService:MsDepSvc"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,de,cb,bb,71,0a,8b,7f,4d,a0,59,1e,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,de,cb,bb,71,0a,8b,7f,4d,a0,59,1e,\
.
[HKEY_USERS\S-1-5-21-3467081931-4053979440-1662789119-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9fdfb66c-713b-4201-83a6-5b78ae227b41}]
@Denied: (A 2) (Administrators)
@Denied: (A 2) (S-1-5-21-3467081931-4053979440-1662789119-1000)
"Flags"=dword:00000400
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_174_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_174_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_174_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_174_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_174.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_174.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_174.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_174.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\Rundll32.exe
c:\program files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
c:\program files (x86)\IObit\Driver Booster\AutoUpdate.exe
c:\program files (x86)\TeamViewer\Version5\TeamViewer.exe
c:\windows\SysWOW64\WerFault.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-06-09  21:04:18 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-06-09 19:04
ComboFix2.txt  2013-02-19 02:57
ComboFix3.txt  2012-10-26 00:03
ComboFix4.txt  2012-10-20 18:49
.
Vor Suchlauf: 24 Verzeichnis(se), 292.389.736.448 Bytes frei
Nach Suchlauf: 27 Verzeichnis(se), 292.312.702.976 Bytes frei
.
- - End Of File - - 8A98A6026BAEEC5C5FBE39CF20243914
A36C5E4F47E84449FF07ED3517B43A31
         
Gruß und erstmal besten Dank
Physik_Rocks

PS: Kannst du für Mitleser und u.a. mich erläutern was diese Programme gemacht haben, oder ich bis jetzt ?

Alt 10.06.2014, 14:29   #9
schrauber
/// the machine
/// TB-Ausbilder
 

Verschiedene Browser öffnen nur Facebook, Google & YouTube - Standard

Verschiedene Browser öffnen nur Facebook, Google & YouTube



Wir haben jetzt angefangen zu entfernen, jetzt packen wir noch die Adware-keule aus

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 11.06.2014, 02:45   #10
Physik_Rocks
 
Verschiedene Browser öffnen nur Facebook, Google & YouTube - Beitrag

Verschiedene Browser öffnen nur Facebook, Google & YouTube



so Hallo,

zu meiner letzten Nachricht, natürlich meinte ich anstatt von aktiviert deaktiviert, weiß auch nicht wie mir das unterlaufen ist -.-.

Zu dem ersten, also Malwarebytes- Anti- Malware:
Statt Aktion anwenden, habe ich einfach alles in Quarantäne vershcieben ankegklickt ich hoffe das hatte den selben Effekt ..
Nun den zu den Logs, da habe ich nun zweierlei, einerlei nach deiner Anleitung und zweierlei nach der der bebilderten Anleitung.

Zuerst, wie du es gesagt hast:
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org


Protection, 10.06.2014 17:19:27, SYSTEM, MARK, Protection, Malware Protection, Starting, 
Protection, 10.06.2014 17:19:27, SYSTEM, MARK, Protection, Malware Protection, Started, 
Protection, 10.06.2014 17:19:27, SYSTEM, MARK, Protection, Malicious Website Protection, Starting, 
Update, 10.06.2014 17:19:46, SYSTEM, MARK, Manual, Rootkit Database, 2014.2.20.1, 2014.6.2.1, 
Protection, 10.06.2014 17:19:46, SYSTEM, MARK, Protection, Malicious Website Protection, Started, 
Update, 10.06.2014 17:19:50, SYSTEM, MARK, Manual, Malware Database, 2014.3.4.9, 2014.6.10.4, 
Protection, 10.06.2014 17:19:51, SYSTEM, MARK, Protection, Refresh, Starting, 
Protection, 10.06.2014 17:19:51, SYSTEM, MARK, Protection, Malicious Website Protection, Stopping, 
Protection, 10.06.2014 17:19:51, SYSTEM, MARK, Protection, Malicious Website Protection, Stopped, 
Protection, 10.06.2014 17:19:57, SYSTEM, MARK, Protection, Refresh, Success, 
Protection, 10.06.2014 17:19:57, SYSTEM, MARK, Protection, Malicious Website Protection, Starting, 
Protection, 10.06.2014 17:19:57, SYSTEM, MARK, Protection, Malicious Website Protection, Started, 
Update, 10.06.2014 18:16:51, SYSTEM, MARK, Scheduler, Malware Database, 2014.6.10.4, 2014.6.10.5, 
Protection, 10.06.2014 18:17:00, SYSTEM, MARK, Protection, Refresh, Starting, 
Protection, 10.06.2014 18:17:00, SYSTEM, MARK, Protection, Malicious Website Protection, Stopping, 
Protection, 10.06.2014 18:17:00, SYSTEM, MARK, Protection, Malicious Website Protection, Stopped, 
Protection, 10.06.2014 18:17:20, SYSTEM, MARK, Protection, Refresh, Success, 
Protection, 10.06.2014 18:17:20, SYSTEM, MARK, Protection, Malicious Website Protection, Starting, 
Protection, 10.06.2014 18:17:22, SYSTEM, MARK, Protection, Malicious Website Protection, Started, 
Update, 10.06.2014 19:08:45, SYSTEM, MARK, Scheduler, Malware Database, 2014.6.10.5, 2014.6.10.6, 
Protection, 10.06.2014 19:09:13, SYSTEM, MARK, Protection, Refresh, Starting, 
Protection, 10.06.2014 19:09:13, SYSTEM, MARK, Protection, Malicious Website Protection, Stopping, 
Protection, 10.06.2014 19:09:14, SYSTEM, MARK, Protection, Malicious Website Protection, Stopped, 
Protection, 10.06.2014 19:09:32, SYSTEM, MARK, Protection, Refresh, Success, 
Protection, 10.06.2014 19:09:33, SYSTEM, MARK, Protection, Malicious Website Protection, Starting, 
Protection, 10.06.2014 19:09:38, SYSTEM, MARK, Protection, Malicious Website Protection, Started, 
Detection, 10.06.2014 19:10:27, SYSTEM, MARK, Protection, Malware Protection, File, PUP.Optional.Spigot.A, C:\Program Files (x86)\Common Files\Spigot\Search Settings\wth176.dll, Quarantine, [fcd29adca9d2cf670995553b27dbd729]
Detection, 10.06.2014 19:10:48, SYSTEM, MARK, Protection, Malware Protection, File, PUP.Optional.Spigot.A, C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe, Quarantine, [3e905224f388b77fbae448484cb68b75]
Detection, 10.06.2014 20:21:39, SYSTEM, MARK, Protection, Malware Protection, File, PUP.Optional.Spigot.A, c:\program files (x86)\common files\spigot\search settings\wth176.dll, Quarantine, [fcd29adca9d2cf670995553b27dbd729]
Protection, 10.06.2014 20:21:40, SYSTEM, MARK, Protection, SDKQuarantine, 2, Failed, c:\program files (x86)\common files\spigot\search settings\wth176.dll, 
Error, 10.06.2014 20:21:40, SYSTEM, MARK, Protection, SDKQuarantine, 2, Failed, c:\program files (x86)\common files\spigot\search settings\wth176.dll, 
Detection, 10.06.2014 20:21:40, SYSTEM, MARK, Protection, Malware Protection, File, PUP.Optional.Spigot.A, c:\program files (x86)\common files\spigot\search settings\searchsettings.exe, Quarantine, [3e905224f388b77fbae448484cb68b75]
Protection, 10.06.2014 20:21:41, SYSTEM, MARK, Protection, SDKQuarantine, 2, Failed, c:\program files (x86)\common files\spigot\search settings\searchsettings.exe, 
Error, 10.06.2014 20:21:41, SYSTEM, MARK, Protection, SDKQuarantine, 2, Failed, c:\program files (x86)\common files\spigot\search settings\searchsettings.exe, 
Detection, 10.06.2014 20:24:56, SYSTEM, MARK, Protection, Malware Protection, File, PUP.Optional.Spigot.A, c:\program files (x86)\common files\spigot\search settings\wth176.dll, Quarantine, [fcd29adca9d2cf670995553b27dbd729]
Detection, 10.06.2014 20:24:56, SYSTEM, MARK, Protection, Malware Protection, File, PUP.Optional.Spigot.A, c:\program files (x86)\common files\spigot\search settings\searchsettings.exe, Quarantine, [3e905224f388b77fbae448484cb68b75]
Protection, 10.06.2014 20:24:56, SYSTEM, MARK, Protection, SDKQuarantine, 2, Failed, c:\program files (x86)\common files\spigot\search settings\searchsettings.exe, 
Error, 10.06.2014 20:24:56, SYSTEM, MARK, Protection, SDKQuarantine, 2, Failed, c:\program files (x86)\common files\spigot\search settings\searchsettings.exe, 
Error, 10.06.2014 20:24:56, SYSTEM, MARK, Protection, SDKQuarantine, 2, Failed, c:\program files (x86)\common files\spigot\search settings\wth176.dll, 
Detection, 10.06.2014 20:34:57, SYSTEM, MARK, Protection, Malware Protection, File, PUP.Optional.Spigot.A, c:\program files (x86)\common files\spigot\search settings\wth176.dll, Quarantine, [fcd29adca9d2cf670995553b27dbd729]
Detection, 10.06.2014 20:34:57, SYSTEM, MARK, Protection, Malware Protection, File, PUP.Optional.Spigot.A, c:\program files (x86)\common files\spigot\search settings\searchsettings.exe, Quarantine, [3e905224f388b77fbae448484cb68b75]
Protection, 10.06.2014 20:34:57, SYSTEM, MARK, Protection, SDKQuarantine, 2, Failed, c:\program files (x86)\common files\spigot\search settings\wth176.dll, 
Protection, 10.06.2014 20:34:57, SYSTEM, MARK, Protection, SDKQuarantine, 2, Failed, c:\program files (x86)\common files\spigot\search settings\searchsettings.exe, 
Error, 10.06.2014 20:34:57, SYSTEM, MARK, Protection, SDKQuarantine, 2, Failed, c:\program files (x86)\common files\spigot\search settings\wth176.dll, 
Error, 10.06.2014 20:34:57, SYSTEM, MARK, Protection, SDKQuarantine, 2, Failed, c:\program files (x86)\common files\spigot\search settings\searchsettings.exe, 
Detection, 10.06.2014 20:44:59, SYSTEM, MARK, Protection, Malware Protection, File, PUP.Optional.Spigot.A, c:\program files (x86)\common files\spigot\search settings\wth176.dll, Quarantine, [fcd29adca9d2cf670995553b27dbd729]
Detection, 10.06.2014 20:44:59, SYSTEM, MARK, Protection, Malware Protection, File, PUP.Optional.Spigot.A, c:\program files (x86)\common files\spigot\search settings\searchsettings.exe, Quarantine, [3e905224f388b77fbae448484cb68b75]
Protection, 10.06.2014 20:44:59, SYSTEM, MARK, Protection, SDKQuarantine, 2, Failed, c:\program files (x86)\common files\spigot\search settings\wth176.dll, 
Protection, 10.06.2014 20:44:59, SYSTEM, MARK, Protection, SDKQuarantine, 2, Failed, c:\program files (x86)\common files\spigot\search settings\searchsettings.exe, 
Error, 10.06.2014 20:44:59, SYSTEM, MARK, Protection, SDKQuarantine, 2, Failed, c:\program files (x86)\common files\spigot\search settings\wth176.dll, 
Error, 10.06.2014 20:44:59, SYSTEM, MARK, Protection, SDKQuarantine, 2, Failed, c:\program files (x86)\common files\spigot\search settings\searchsettings.exe, 
Detection, 10.06.2014 20:56:39, SYSTEM, MARK, Protection, Malware Protection, File, PUP.Optional.Spigot.A, c:\program files (x86)\common files\spigot\search settings\wth176.dll, Quarantine, [fcd29adca9d2cf670995553b27dbd729]
Detection, 10.06.2014 20:56:39, SYSTEM, MARK, Protection, Malware Protection, File, PUP.Optional.Spigot.A, c:\program files (x86)\common files\spigot\search settings\searchsettings.exe, Quarantine, [3e905224f388b77fbae448484cb68b75]
Protection, 10.06.2014 20:56:39, SYSTEM, MARK, Protection, SDKQuarantine, 2, Failed, c:\program files (x86)\common files\spigot\search settings\wth176.dll, 
Protection, 10.06.2014 20:56:39, SYSTEM, MARK, Protection, SDKQuarantine, 2, Failed, c:\program files (x86)\common files\spigot\search settings\searchsettings.exe, 
Error, 10.06.2014 20:56:40, SYSTEM, MARK, Protection, SDKQuarantine, 2, Failed, c:\program files (x86)\common files\spigot\search settings\wth176.dll, 
Error, 10.06.2014 20:56:40, SYSTEM, MARK, Protection, SDKQuarantine, 2, Failed, c:\program files (x86)\common files\spigot\search settings\searchsettings.exe, 
Detection, 10.06.2014 21:05:04, SYSTEM, MARK, Protection, Malware Protection, File, PUP.Optional.Spigot.A, c:\program files (x86)\common files\spigot\search settings\searchsettings.exe, Quarantine, [3e905224f388b77fbae448484cb68b75]
Protection, 10.06.2014 21:05:04, SYSTEM, MARK, Protection, SDKQuarantine, 2, Failed, c:\program files (x86)\common files\spigot\search settings\wth176.dll, 
Protection, 10.06.2014 21:05:04, SYSTEM, MARK, Protection, SDKQuarantine, 2, Failed, c:\program files (x86)\common files\spigot\search settings\searchsettings.exe, 
Error, 10.06.2014 21:05:04, SYSTEM, MARK, Protection, SDKQuarantine, 2, Failed, c:\program files (x86)\common files\spigot\search settings\wth176.dll, 
Error, 10.06.2014 21:05:04, SYSTEM, MARK, Protection, SDKQuarantine, 2, Failed, c:\program files (x86)\common files\spigot\search settings\searchsettings.exe, 
Detection, 10.06.2014 21:10:33, SYSTEM, MARK, Protection, Malware Protection, File, PUP.Optional.Spigot.A, c:\program files (x86)\common files\spigot\search settings\wth176.dll, Quarantine, [fcd29adca9d2cf670995553b27dbd729]
Detection, 10.06.2014 21:10:33, SYSTEM, MARK, Protection, Malware Protection, File, PUP.Optional.Spigot.A, c:\program files (x86)\common files\spigot\search settings\searchsettings.exe, Quarantine, [3e905224f388b77fbae448484cb68b75]
Protection, 10.06.2014 21:10:34, SYSTEM, MARK, Protection, SDKQuarantine, 2, Failed, c:\program files (x86)\common files\spigot\search settings\wth176.dll, 
Protection, 10.06.2014 21:10:34, SYSTEM, MARK, Protection, SDKQuarantine, 2, Failed, c:\program files (x86)\common files\spigot\search settings\searchsettings.exe, 
Error, 10.06.2014 21:10:34, SYSTEM, MARK, Protection, SDKQuarantine, 2, Failed, c:\program files (x86)\common files\spigot\search settings\wth176.dll, 
Error, 10.06.2014 21:10:34, SYSTEM, MARK, Protection, SDKQuarantine, 2, Failed, c:\program files (x86)\common files\spigot\search settings\searchsettings.exe, 
Protection, 10.06.2014 21:28:45, SYSTEM, MARK, Protection, Malware Protection, Starting, 
Protection, 10.06.2014 21:28:45, SYSTEM, MARK, Protection, Malware Protection, Started, 
Protection, 10.06.2014 21:28:45, SYSTEM, MARK, Protection, Malicious Website Protection, Starting, 
Protection, 10.06.2014 21:29:28, SYSTEM, MARK, Protection, Malicious Website Protection, Started, 

(end)
         
Und dann nach der bebilderten Anleitung:
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 10.06.2014
Suchlauf-Zeit: 17:21:13
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.06.10.04
Rootkit Datenbank: v2014.06.02.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Marki

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 326497
Verstrichene Zeit: 3 Std, 0 Min, 20 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 22
PUP.Optional.Spigot.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Application Updater, In Quarantäne, [b418f18596e52a0ca2a9543019e89d63], 
PUP.Optional.PricePeep.A, HKLM\SOFTWARE\CLASSES\APPID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}, In Quarantäne, [715b7402accf231308ebd69ce9191fe1], 
PUP.Optional.PricePeep.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}, In Quarantäne, [715b7402accf231308ebd69ce9191fe1], 
PUP.Optional.AmazonTB.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{F443A627-5009-4323-9C1D-7FD598D0D712}, In Quarantäne, [c3097ef8aecdd066687f4c270af803fd], 
PUP.Optional.PricePeep.A, HKLM\SOFTWARE\CLASSES\APPID\PricePeep.DLL, In Quarantäne, [eddffd796318290d422f854e2ed535cb], 
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\WOW6432NODE\DataMngr, In Quarantäne, [5379b9bdde9db086eed03b62b44e20e0], 
PUP.Optional.PricePeep.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\PricePeep.DLL, In Quarantäne, [8f3df77f65168caa1f52785b4db6d927], 
PUP.Optional.FunMoods.A, HKLM\SOFTWARE\WOW6432NODE\FUNMOODS\funmoods, In Quarantäne, [913b057148338babbeb07b3041c110f0], 
PUP.Optional.Spigot.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\hbcennhacfaagdopikcegfcobcadeocj, In Quarantäne, [78543a3c4d2e0a2c7905efb557abd729], 
PUP.Optional.Spigot.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\icdlfehblmklkikfigmjhbmmpmkmpooj, In Quarantäne, [daf222547902d5615827baea09f98c74], 
PUP.Optional.Spigot.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\mhkaekfpcppmmioggniknbnbdbcigpkk, In Quarantäne, [b517670f166542f4e89802a2ba48ec14], 
PUP.Optional.Spigot.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\pfndaklgolladniicklehhancnlgocpp, In Quarantäne, [2f9db2c4b8c32115730edfc5ec1632ce], 
PUP.Optional.AmazonTB.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\ALEXA INTERNET\ALEXA9\Amazon, In Quarantäne, [00ccd4a25625132373001cbc857e18e8], 
PUP.Optional.1ClickDownload.A, HKU\S-1-5-21-3467081931-4053979440-1662789119-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\1ClickDownload, In Quarantäne, [2f9d4c2aea911d19b286983b48bb7888], 
PUP.Optional.BabylonToolBar.A, HKU\S-1-5-21-3467081931-4053979440-1662789119-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BabylonToolbar, In Quarantäne, [ece041353c3fc670eaa7fbdade2554ac], 
PUP.Optional.PlusHD.A, HKU\S-1-5-21-3467081931-4053979440-1662789119-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-3.8, In Quarantäne, [f3d9e690a3d8bf773cb33d7105fd54ac], 
PUP.Optional.PriceGong.A, HKU\S-1-5-21-3467081931-4053979440-1662789119-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\PriceGong, In Quarantäne, [c507ccaa6318d75f3409fabcd62c18e8], 
PUP.Optional.PricePeep.A, HKU\S-1-5-21-3467081931-4053979440-1662789119-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\PricePeep, In Quarantäne, [4f7d393d582371c56966b00e4db5ee12], 
PUP.Optional.AlexaTB.A, HKU\S-1-5-21-3467081931-4053979440-1662789119-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DISTROMATIC\Toolbars, In Quarantäne, [a725da9c6516ad89155bf9df5aa9b749], 
PUP.Optional.PlusHD.A, HKU\S-1-5-21-3467081931-4053979440-1662789119-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\Plus HD, In Quarantäne, [715b5e18017a92a418d82e80fa0841bf], 
PUP.Optional.Softonic.A, HKU\S-1-5-21-3467081931-4053979440-1662789119-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, In Quarantäne, [13b994e2007b191de89228821ae8639d], 
PUP.Optional.RegCleanerPro.A, HKU\S-1-5-21-3467081931-4053979440-1662789119-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SYSTWEAK\RegClean Pro, In Quarantäne, [d8f49cda76053303573f7e59c73cb24e], 

Registrierungswerte: 5
PUP.Optional.Spigot.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\SHAREDDLLS|C:\PROGRAM FILES (X86)\APPLICATION UPDATER\APPLICATIONUPDATER.EXE, 1, In Quarantäne, [b418f18596e52a0ca2a9543019e89d63]
PUP.Optional.ConduitTB.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{30F9B915-B755-4826-820B-08FBA6BD249D}, In Quarantäne, [408c77ff572452e4952c95a6b34fd729], 
PUP.Optional.ConduitTB.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{30F9B915-B755-4826-820B-08FBA6BD249D}, Conduit Engine, In Quarantäne, [408c77ff572452e4952c95a6b34fd729]
PUP.Optional.Conduit, HKU\S-1-5-21-3467081931-4053979440-1662789119-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|BackgroundContainer, "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Marki\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun, In Quarantäne, [5d6fe88e0d6ef93ddf254997ca39bf41]
PUP.Optional.Spigot.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\SHAREDDLLS|C:\PROGRAM FILES (X86)\COMMON FILES\SPIGOT\SEARCH SETTINGS\{58D2A791-6199-482F-A9AA-9B725EC61362}.XPI, 1, In Quarantäne, [d7f51f57c5b6300677e9266a976bba46]

Registrierungsdaten: 8
Hijack.SearchPage, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://search.certified-toolbar.com?si=62606&tid=6533&ver=4.7&ts=1379200968509&tguid=62606-6533-1379200968509-3879E0CA1504A1ABDC3713DF9C68B0E1&st=chrome&q=, Gut: (hxxp://www.google.com), Schlecht: (hxxp://search.certified-toolbar.com?si=62606&tid=6533&ver=4.7&ts=1379200968509&tguid=62606-6533-1379200968509-3879E0CA1504A1ABDC3713DF9C68B0E1&st=chrome&q=),Ersetzt,[13b9ed89265546f06e18b8b7f3114cb4]
Hijack.SearchPage, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://search.certified-toolbar.com?si=62606&tid=6533&ver=4.7&ts=1379200968509&tguid=62606-6533-1379200968509-3879E0CA1504A1ABDC3713DF9C68B0E1&st=chrome&q=, Gut: (hxxp://www.google.com), Schlecht: (hxxp://search.certified-toolbar.com?si=62606&tid=6533&ver=4.7&ts=1379200968509&tguid=62606-6533-1379200968509-3879E0CA1504A1ABDC3713DF9C68B0E1&st=chrome&q=),Ersetzt,[d5f72c4a95e65adc8dfb0f60dc2819e7]
Hijack.SearchPage, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, hxxp://search.certified-toolbar.com?si=62606&tid=6533&ver=4.7&ts=1379200968509&tguid=62606-6533-1379200968509-3879E0CA1504A1ABDC3713DF9C68B0E1&st=chrome&q=, Gut: (hxxp://www.google.com), Schlecht: (hxxp://search.certified-toolbar.com?si=62606&tid=6533&ver=4.7&ts=1379200968509&tguid=62606-6533-1379200968509-3879E0CA1504A1ABDC3713DF9C68B0E1&st=chrome&q=),Ersetzt,[379540367efd1c1ae4a3432c2ed633cd]
Hijack.SearchPage, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, hxxp://search.certified-toolbar.com?si=62606&tid=6533&ver=4.7&ts=1379200968509&tguid=62606-6533-1379200968509-3879E0CA1504A1ABDC3713DF9C68B0E1&st=chrome&q=, Gut: (hxxp://www.google.com/), Schlecht: (hxxp://search.certified-toolbar.com?si=62606&tid=6533&ver=4.7&ts=1379200968509&tguid=62606-6533-1379200968509-3879E0CA1504A1ABDC3713DF9C68B0E1&st=chrome&q=),Ersetzt,[b81433437209e74f04852d4220e42cd4]
Hijack.SearchPage, HKU\S-1-5-21-3467081931-4053979440-1662789119-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://search.certified-toolbar.com?si=62606&tid=6533&ver=4.7&ts=1379200968509&tguid=62606-6533-1379200968509-3879E0CA1504A1ABDC3713DF9C68B0E1&st=chrome&q=, Gut: (hxxp://www.google.com), Schlecht: (hxxp://search.certified-toolbar.com?si=62606&tid=6533&ver=4.7&ts=1379200968509&tguid=62606-6533-1379200968509-3879E0CA1504A1ABDC3713DF9C68B0E1&st=chrome&q=),Ersetzt,[bb11274faecd979f453e195652b20bf5]
Hijack.SearchPage, HKU\S-1-5-21-3467081931-4053979440-1662789119-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, hxxp://search.certified-toolbar.com?si=62606&tid=6533&ver=4.7&ts=1379200968509&tguid=62606-6533-1379200968509-3879E0CA1504A1ABDC3713DF9C68B0E1&st=chrome&q=, Gut: (hxxp://www.google.com/), Schlecht: (hxxp://search.certified-toolbar.com?si=62606&tid=6533&ver=4.7&ts=1379200968509&tguid=62606-6533-1379200968509-3879E0CA1504A1ABDC3713DF9C68B0E1&st=chrome&q=),Ersetzt,[903cfb7b6b10f442e3a74f2007fd7d83]
PUP.Optional.SearchCertifiedTB.A, HKU\S-1-5-21-3467081931-4053979440-1662789119-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURI|(Default), hxxp://search.certified-toolbar.com?si=62606&st=bs&tid=6533&ver=4.7&ts=1379200968509&tguid=62606-6533-1379200968509-3879E0CA1504A1ABDC3713DF9C68B0E1&q=%s, Gut: (hxxp://www.google.com), Schlecht: (hxxp://search.certified-toolbar.com?si=62606&st=bs&tid=6533&ver=4.7&ts=1379200968509&tguid=62606-6533-1379200968509-3879E0CA1504A1ABDC3713DF9C68B0E1&q=%s),Ersetzt,[8547e88e2853d462b2f001703aca718f]
PUP.Optional.SearchCertifiedTB.A, HKU\S-1-5-21-3467081931-4053979440-1662789119-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|(Default), hxxp://search.certified-toolbar.com?si=62606&st=bs&tid=6533&ver=4.7&ts=1379200968509&tguid=62606-6533-1379200968509-3879E0CA1504A1ABDC3713DF9C68B0E1&q=%s, Gut: (hxxp://www.google.com/), Schlecht: (hxxp://search.certified-toolbar.com?si=62606&st=bs&tid=6533&ver=4.7&ts=1379200968509&tguid=62606-6533-1379200968509-3879E0CA1504A1ABDC3713DF9C68B0E1&q=%s),Ersetzt,[0fbdc0b687f4d561fda6dc95eb19ff01]

Ordner: 26
PUP.Optional.DownloadGuide.A, C:\Users\Marki\AppData\Local\DownloadGuide, In Quarantäne, [3894fe78f3884de9dc78db02fd0609f7], 
PUP.Optional.DownloadGuide.A, C:\Users\Marki\AppData\Local\DownloadGuide\Offers, In Quarantäne, [3894fe78f3884de9dc78db02fd0609f7], 
PUP.Optional.RegCleanerPro.A, C:\Users\Marki\AppData\Roaming\Systweak\RegClean Pro, In Quarantäne, [bc10c1b5730849edac566323738f5ba5], 
PUP.Optional.RegCleanerPro.A, C:\Users\Marki\AppData\Roaming\Systweak\RegClean Pro\Version 6.1, In Quarantäne, [bc10c1b5730849edac566323738f5ba5], 
PUP.Optional.Conduit.A, C:\ProgramData\Conduit\IE, In Quarantäne, [5b7198dedf9c6acc21ef7e08e41ed42c], 
PUP.Optional.Conduit.A, C:\ProgramData\Conduit\IE\CT3311336, In Quarantäne, [5b7198dedf9c6acc21ef7e08e41ed42c], 
PUP.Optional.Conduit.A, C:\ProgramData\Conduit\IE\CT3311336\UninstallDialog, In Quarantäne, [5b7198dedf9c6acc21ef7e08e41ed42c], 
PUP.Optional.HDVidCodec.A, C:\Program Files (x86)\hdvidcodec.com, In Quarantäne, [77556f0786f52c0ab540fb8b55ade818], 
PUP.Optional.SlickSavings.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj, In Quarantäne, [8646a5d11c5fc2740d2f7515ce34da26], 
PUP.Optional.SlickSavings.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0, In Quarantäne, [8646a5d11c5fc2740d2f7515ce34da26], 
PUP.Optional.SlickSavings.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\css, In Quarantäne, [8646a5d11c5fc2740d2f7515ce34da26], 
PUP.Optional.SlickSavings.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\Img, In Quarantäne, [8646a5d11c5fc2740d2f7515ce34da26], 
PUP.Optional.SlickSavings.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk, In Quarantäne, [2f9d3c3a96e53bfb92ab9bef39c98d73], 
PUP.Optional.SlickSavings.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0, In Quarantäne, [2f9d3c3a96e53bfb92ab9bef39c98d73], 
PUP.Optional.SlickSavings.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\icons, In Quarantäne, [2f9d3c3a96e53bfb92ab9bef39c98d73], 
PUP.Optional.SlickSavings.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\scripts, In Quarantäne, [2f9d3c3a96e53bfb92ab9bef39c98d73], 
PUP.Optional.SlickSavings.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp, In Quarantäne, [309cff7779023ff7112dcfbb2fd3e41c], 
PUP.Optional.SlickSavings.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_0, In Quarantäne, [309cff7779023ff7112dcfbb2fd3e41c], 
PUP.Optional.Spigot.A, C:\Program Files (x86)\Common Files\Spigot\Search Settings, In Quarantäne, [d7f51f57c5b6300677e9266a976bba46], 
PUP.Optional.Spigot.A, C:\Program Files (x86)\Common Files\Spigot\Search Settings\Lang, In Quarantäne, [d7f51f57c5b6300677e9266a976bba46], 
PUP.Optional.Spigot.A, C:\Program Files (x86)\Common Files\Spigot\Search Settings\Res, In Quarantäne, [d7f51f57c5b6300677e9266a976bba46], 
PUP.Optional.Spigot.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj, In Quarantäne, [319b9dd966159e983e74157e71912cd4], 
PUP.Optional.Spigot.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj\1.1_0, In Quarantäne, [319b9dd966159e983e74157e71912cd4], 
PUP.Optional.Spigot.A, C:\Program Files (x86)\Common Files\Spigot\GC, In Quarantäne, [f0dccbabd4a7ef474bb7abee4db50af6], 
PUP.Optional.Spigot.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hbcennhacfaagdopikcegfcobcadeocj, In Quarantäne, [bf0d3244d2a951e51deb1881df23768a], 
PUP.Optional.Spigot.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pfndaklgolladniicklehhancnlgocpp, In Quarantäne, [22aaafc77308e74f44c5abee9c6630d0], 

Dateien: 103
PUP.Optional.Spigot.A, C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe, In Quarantäne, [b418f18596e52a0ca2a9543019e89d63], 
PUP.Optional.RegCleanerPro, C:\Users\Marki\Downloads\rcpsetup_ad_de_8044_ad_de_8044.exe, In Quarantäne, [55770076bcbf6ec8d1c066a7ed148e72], 
PUP.Optional.Conduit.A, C:\Users\Marki\AppData\Local\Conduit\CT3311336\Freemium_DEAutoUpdateHelper.exe, In Quarantäne, [cefef5811f5c0f27a98b24fa77891fe1], 
PUP.Optional.Conduit.A, C:\Users\Marki\AppData\Local\DownloadGuide\mconduitinstaller.exe, In Quarantäne, [418badc902793cfa04dc6ab4c33d738d], 
Adware.Linkular, C:\Users\Marki\AppData\Local\DownloadGuide\PallySoft_ShoppingChip.exe, In Quarantäne, [74584432592293a3c305771ffe06f808], 
Adware.Linkular, C:\Users\Marki\AppData\Local\DownloadGuide\PallySoft_YouTubeLyrics.exe, In Quarantäne, [6765aacc2b50f93dd2f6672f8a7a2ad6], 
PUP.Optional.CrossRider, C:\Users\Marki\AppData\Local\DownloadGuide\plus-hd-3-8.exe, In Quarantäne, [ebe102746615c96dce050e1648b9df21], 
PUP.Optional.Wajam.A, C:\Users\Marki\AppData\Local\DownloadGuide\wajam_download.exe, In Quarantäne, [7b51c0b64932ba7c55656ed83dc3ab55], 
PUP.Optional.QuickShare.A, C:\Users\Marki\AppData\Local\DownloadGuide\Offers\QuickShare1.exe, In Quarantäne, [1eaec1b5d4a7cc6a37ff150970908b75], 
PUP.Optional.Spigot.A, C:\Windows\Installer\4a1d8.msi, In Quarantäne, [03c9a7cf76050135fb5185ff5fa2926e], 
PUP.Optional.Superfish.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, In Quarantäne, [cdffcda9097294a2e9178f14d42eb34d], 
PUP.Optional.Superfish.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, In Quarantäne, [0dbf670fa2d9b97df20e762d08fa4db3], 
PUP.Optional.Iminent.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage, In Quarantäne, [33995323532860d68647e7bd0df5d828], 
PUP.Optional.PCPerformer.A, C:\Windows\System32\roboot64.exe, In Quarantäne, [527ade98fe7d37ffeed2407542c005fb], 
PUP.Optional.Conduit, C:\Windows\System32\Tasks\BackgroundContainer Startup Task, In Quarantäne, [f7d54b2bd6a516209dc45d7fe32033cd], 
PUP.Optional.DownloadGuide.A, C:\Users\Marki\AppData\Local\DownloadGuide\amazon.ico, In Quarantäne, [3894fe78f3884de9dc78db02fd0609f7], 
PUP.Optional.DownloadGuide.A, C:\Users\Marki\AppData\Local\DownloadGuide\check.ico, In Quarantäne, [3894fe78f3884de9dc78db02fd0609f7], 
PUP.Optional.DownloadGuide.A, C:\Users\Marki\AppData\Local\DownloadGuide\em_64x64.ico, In Quarantäne, [3894fe78f3884de9dc78db02fd0609f7], 
PUP.Optional.DownloadGuide.A, C:\Users\Marki\AppData\Local\DownloadGuide\free-fun-movie-maker_Setup_recommendation_de-DE.exe, In Quarantäne, [3894fe78f3884de9dc78db02fd0609f7], 
PUP.Optional.DownloadGuide.A, C:\Users\Marki\AppData\Local\DownloadGuide\freemium-de.exe, In Quarantäne, [3894fe78f3884de9dc78db02fd0609f7], 
PUP.Optional.DownloadGuide.A, C:\Users\Marki\AppData\Local\DownloadGuide\PallySoft_ShoppingChip.exe, In Quarantäne, [3894fe78f3884de9dc78db02fd0609f7], 
PUP.Optional.DownloadGuide.A, C:\Users\Marki\AppData\Local\DownloadGuide\PallySoft_YouTubeLyrics.exe, In Quarantäne, [3894fe78f3884de9dc78db02fd0609f7], 
PUP.Optional.DownloadGuide.A, C:\Users\Marki\AppData\Local\DownloadGuide\TubeBoxSetup.exe, In Quarantäne, [3894fe78f3884de9dc78db02fd0609f7], 
PUP.Optional.DownloadGuide.A, C:\Users\Marki\AppData\Local\DownloadGuide\tubebox_Setup_recommendation_de-DE.exe, In Quarantäne, [3894fe78f3884de9dc78db02fd0609f7], 
PUP.Optional.DownloadGuide.A, C:\Users\Marki\AppData\Local\DownloadGuide\zalando.ico, In Quarantäne, [3894fe78f3884de9dc78db02fd0609f7], 
PUP.Optional.DownloadGuide.A, C:\Users\Marki\AppData\Local\DownloadGuide\Offers\pinphotozoom.exe, In Quarantäne, [3894fe78f3884de9dc78db02fd0609f7], 
PUP.Optional.PricePeep.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_licjnkifamhpbaefhdpacpmihicfbomb_0.localstorage, In Quarantäne, [0dbf99dd3546b77f2c01935dc83b01ff], 
PUP.Optional.HDVidCodec.A, C:\Program Files (x86)\hdvidcodec.com\uninst.exe, In Quarantäne, [77556f0786f52c0ab540fb8b55ade818], 
PUP.Optional.SlickSavings.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\background.html, In Quarantäne, [8646a5d11c5fc2740d2f7515ce34da26], 
PUP.Optional.SlickSavings.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\background.js, In Quarantäne, [8646a5d11c5fc2740d2f7515ce34da26], 
PUP.Optional.SlickSavings.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\config.json, In Quarantäne, [8646a5d11c5fc2740d2f7515ce34da26], 
PUP.Optional.SlickSavings.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\dea-128.png, In Quarantäne, [8646a5d11c5fc2740d2f7515ce34da26], 
PUP.Optional.SlickSavings.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\dea-48.png, In Quarantäne, [8646a5d11c5fc2740d2f7515ce34da26], 
PUP.Optional.SlickSavings.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\empty-favicon.ico, In Quarantäne, [8646a5d11c5fc2740d2f7515ce34da26], 
PUP.Optional.SlickSavings.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\jquery.js, In Quarantäne, [8646a5d11c5fc2740d2f7515ce34da26], 
PUP.Optional.SlickSavings.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\manifest.json, In Quarantäne, [8646a5d11c5fc2740d2f7515ce34da26], 
PUP.Optional.SlickSavings.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\newtab.html, In Quarantäne, [8646a5d11c5fc2740d2f7515ce34da26], 
PUP.Optional.SlickSavings.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\newtab.js, In Quarantäne, [8646a5d11c5fc2740d2f7515ce34da26], 
PUP.Optional.SlickSavings.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\redirect.html, In Quarantäne, [8646a5d11c5fc2740d2f7515ce34da26], 
PUP.Optional.SlickSavings.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\redirect.js, In Quarantäne, [8646a5d11c5fc2740d2f7515ce34da26], 
PUP.Optional.SlickSavings.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\util.js, In Quarantäne, [8646a5d11c5fc2740d2f7515ce34da26], 
PUP.Optional.SlickSavings.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\css\newtab.css, In Quarantäne, [8646a5d11c5fc2740d2f7515ce34da26], 
PUP.Optional.SlickSavings.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\Img\no_thumb.png, In Quarantäne, [8646a5d11c5fc2740d2f7515ce34da26], 
PUP.Optional.SlickSavings.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\Img\search-icon.png, In Quarantäne, [8646a5d11c5fc2740d2f7515ce34da26], 
PUP.Optional.SlickSavings.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\background.html, In Quarantäne, [2f9d3c3a96e53bfb92ab9bef39c98d73], 
PUP.Optional.SlickSavings.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\config.json, In Quarantäne, [2f9d3c3a96e53bfb92ab9bef39c98d73], 
PUP.Optional.SlickSavings.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\manifest.json, In Quarantäne, [2f9d3c3a96e53bfb92ab9bef39c98d73], 
PUP.Optional.SlickSavings.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\icons\ss-128.png, In Quarantäne, [2f9d3c3a96e53bfb92ab9bef39c98d73], 
PUP.Optional.SlickSavings.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\icons\ss-48.png, In Quarantäne, [2f9d3c3a96e53bfb92ab9bef39c98d73], 
PUP.Optional.SlickSavings.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\scripts\background.js, In Quarantäne, [2f9d3c3a96e53bfb92ab9bef39c98d73], 
PUP.Optional.SlickSavings.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\scripts\loader_1036.js, In Quarantäne, [2f9d3c3a96e53bfb92ab9bef39c98d73], 
PUP.Optional.SlickSavings.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\scripts\utils.js, In Quarantäne, [2f9d3c3a96e53bfb92ab9bef39c98d73], 
PUP.Optional.SlickSavings.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_0\amazon-128.png, In Quarantäne, [309cff7779023ff7112dcfbb2fd3e41c], 
PUP.Optional.SlickSavings.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_0\amazon-19.png, In Quarantäne, [309cff7779023ff7112dcfbb2fd3e41c], 
PUP.Optional.SlickSavings.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_0\amazon-48.png, In Quarantäne, [309cff7779023ff7112dcfbb2fd3e41c], 
PUP.Optional.SlickSavings.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_0\background.js, In Quarantäne, [309cff7779023ff7112dcfbb2fd3e41c], 
PUP.Optional.SlickSavings.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_0\manifest.json, In Quarantäne, [309cff7779023ff7112dcfbb2fd3e41c], 
PUP.Optional.Spigot.A, C:\Program Files (x86)\Common Files\Spigot\Search Settings\baidu_ff.xml, In Quarantäne, [d7f51f57c5b6300677e9266a976bba46], 
PUP.Optional.Spigot.A, C:\Program Files (x86)\Common Files\Spigot\Search Settings\baidu_ie.xml, In Quarantäne, [d7f51f57c5b6300677e9266a976bba46], 
PUP.Optional.Spigot.A, C:\Program Files (x86)\Common Files\Spigot\Search Settings\config.ini, In Quarantäne, [d7f51f57c5b6300677e9266a976bba46], 
PUP.Optional.Spigot.A, C:\Program Files (x86)\Common Files\Spigot\Search Settings\searchcom_ff.xml, In Quarantäne, [d7f51f57c5b6300677e9266a976bba46], 
PUP.Optional.Spigot.A, C:\Program Files (x86)\Common Files\Spigot\Search Settings\searchcom_ie.xml, In Quarantäne, [d7f51f57c5b6300677e9266a976bba46], 
PUP.Optional.Spigot.A, C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings64.exe, In Quarantäne, [d7f51f57c5b6300677e9266a976bba46], 
PUP.Optional.Spigot.A, C:\Program Files (x86)\Common Files\Spigot\Search Settings\wth166.dll.old, In Quarantäne, [d7f51f57c5b6300677e9266a976bba46], 
PUP.Optional.Spigot.A, C:\Program Files (x86)\Common Files\Spigot\Search Settings\wth171.dll.old, In Quarantäne, [d7f51f57c5b6300677e9266a976bba46], 
PUP.Optional.Spigot.A, C:\Program Files (x86)\Common Files\Spigot\Search Settings\wthx166.dll.old, In Quarantäne, [d7f51f57c5b6300677e9266a976bba46], 
PUP.Optional.Spigot.A, C:\Program Files (x86)\Common Files\Spigot\Search Settings\wthx171.dll.old, In Quarantäne, [d7f51f57c5b6300677e9266a976bba46], 
PUP.Optional.Spigot.A, C:\Program Files (x86)\Common Files\Spigot\Search Settings\wthx176.dll, In Quarantäne, [d7f51f57c5b6300677e9266a976bba46], 
PUP.Optional.Spigot.A, C:\Program Files (x86)\Common Files\Spigot\Search Settings\yahoo_ff.xml, In Quarantäne, [d7f51f57c5b6300677e9266a976bba46], 
PUP.Optional.Spigot.A, C:\Program Files (x86)\Common Files\Spigot\Search Settings\yahoo_ie.xml, In Quarantäne, [d7f51f57c5b6300677e9266a976bba46], 
PUP.Optional.Spigot.A, C:\Program Files (x86)\Common Files\Spigot\Search Settings\yandex_ff.xml, In Quarantäne, [d7f51f57c5b6300677e9266a976bba46], 
PUP.Optional.Spigot.A, C:\Program Files (x86)\Common Files\Spigot\Search Settings\yandex_ie.xml, In Quarantäne, [d7f51f57c5b6300677e9266a976bba46], 
PUP.Optional.Spigot.A, C:\Program Files (x86)\Common Files\Spigot\Search Settings\{58d2a791-6199-482f-a9aa-9b725ec61362}.xpi, In Quarantäne, [d7f51f57c5b6300677e9266a976bba46], 
PUP.Optional.Spigot.A, C:\Program Files (x86)\Common Files\Spigot\Search Settings\Lang\res1031.ini, In Quarantäne, [d7f51f57c5b6300677e9266a976bba46], 
PUP.Optional.Spigot.A, C:\Program Files (x86)\Common Files\Spigot\Search Settings\Lang\res1033.ini, In Quarantäne, [d7f51f57c5b6300677e9266a976bba46], 
PUP.Optional.Spigot.A, C:\Program Files (x86)\Common Files\Spigot\Search Settings\Lang\res1034.ini, In Quarantäne, [d7f51f57c5b6300677e9266a976bba46], 
PUP.Optional.Spigot.A, C:\Program Files (x86)\Common Files\Spigot\Search Settings\Lang\res1036.ini, In Quarantäne, [d7f51f57c5b6300677e9266a976bba46], 
PUP.Optional.Spigot.A, C:\Program Files (x86)\Common Files\Spigot\Search Settings\Lang\res1040.ini, In Quarantäne, [d7f51f57c5b6300677e9266a976bba46], 
PUP.Optional.Spigot.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj\1.1_0\background.js, In Quarantäne, [319b9dd966159e983e74157e71912cd4], 
PUP.Optional.Spigot.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj\1.1_0\ebay-128.png, In Quarantäne, [319b9dd966159e983e74157e71912cd4], 
PUP.Optional.Spigot.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj\1.1_0\ebay-19.png, In Quarantäne, [319b9dd966159e983e74157e71912cd4], 
PUP.Optional.Spigot.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj\1.1_0\ebay-48.png, In Quarantäne, [319b9dd966159e983e74157e71912cd4], 
PUP.Optional.Spigot.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj\1.1_0\manifest.json, In Quarantäne, [319b9dd966159e983e74157e71912cd4], 
PUP.Optional.Spigot.A, C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.4.crx, In Quarantäne, [f0dccbabd4a7ef474bb7abee4db50af6], 
PUP.Optional.Spigot.A, C:\Program Files (x86)\Common Files\Spigot\GC\errorassistant_1.1.crx, In Quarantäne, [f0dccbabd4a7ef474bb7abee4db50af6], 
PUP.Optional.Spigot.A, C:\Program Files (x86)\Common Files\Spigot\GC\ErrorAssistant_1.3.crx, In Quarantäne, [f0dccbabd4a7ef474bb7abee4db50af6], 
PUP.Optional.Spigot.A, C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx, In Quarantäne, [f0dccbabd4a7ef474bb7abee4db50af6], 
PUP.Optional.Spigot.A, C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.0.crx, In Quarantäne, [f0dccbabd4a7ef474bb7abee4db50af6], 
PUP.Optional.Spigot.A, C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.1.crx, In Quarantäne, [f0dccbabd4a7ef474bb7abee4db50af6], 
PUP.Optional.Spigot.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hbcennhacfaagdopikcegfcobcadeocj\000005.sst, In Quarantäne, [bf0d3244d2a951e51deb1881df23768a], 
PUP.Optional.Spigot.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hbcennhacfaagdopikcegfcobcadeocj\000020.log, In Quarantäne, [bf0d3244d2a951e51deb1881df23768a], 
PUP.Optional.Spigot.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hbcennhacfaagdopikcegfcobcadeocj\CURRENT, In Quarantäne, [bf0d3244d2a951e51deb1881df23768a], 
PUP.Optional.Spigot.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hbcennhacfaagdopikcegfcobcadeocj\LOCK, In Quarantäne, [bf0d3244d2a951e51deb1881df23768a], 
PUP.Optional.Spigot.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hbcennhacfaagdopikcegfcobcadeocj\LOG, In Quarantäne, [bf0d3244d2a951e51deb1881df23768a], 
PUP.Optional.Spigot.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hbcennhacfaagdopikcegfcobcadeocj\LOG.old, In Quarantäne, [bf0d3244d2a951e51deb1881df23768a], 
PUP.Optional.Spigot.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hbcennhacfaagdopikcegfcobcadeocj\MANIFEST-000019, In Quarantäne, [bf0d3244d2a951e51deb1881df23768a], 
PUP.Optional.Spigot.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pfndaklgolladniicklehhancnlgocpp\000005.sst, In Quarantäne, [22aaafc77308e74f44c5abee9c6630d0], 
PUP.Optional.Spigot.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pfndaklgolladniicklehhancnlgocpp\000020.log, In Quarantäne, [22aaafc77308e74f44c5abee9c6630d0], 
PUP.Optional.Spigot.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pfndaklgolladniicklehhancnlgocpp\CURRENT, In Quarantäne, [22aaafc77308e74f44c5abee9c6630d0], 
PUP.Optional.Spigot.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pfndaklgolladniicklehhancnlgocpp\LOCK, In Quarantäne, [22aaafc77308e74f44c5abee9c6630d0], 
PUP.Optional.Spigot.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pfndaklgolladniicklehhancnlgocpp\LOG, In Quarantäne, [22aaafc77308e74f44c5abee9c6630d0], 
PUP.Optional.Spigot.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pfndaklgolladniicklehhancnlgocpp\LOG.old, In Quarantäne, [22aaafc77308e74f44c5abee9c6630d0], 
PUP.Optional.Spigot.A, C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pfndaklgolladniicklehhancnlgocpp\MANIFEST-000019, In Quarantäne, [22aaafc77308e74f44c5abee9c6630d0], 

Physische Sektoren: 0
(No malicious items detected)


(end)
         
Nun denn weiter zu AdWCleaner, nachdem ersten Mal als ich auf Löschen geklickt habe, reagierte er irgendwie nicht mehr... also neuer Versuch -> hier die Log:

Code:
ATTFilter
# AdwCleaner v3.212 - Bericht erstellt am 10/06/2014 um 22:32:58
# Aktualisiert 05/06/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Marki - MARK
# Gestartet von : C:\Users\Marki\Desktop\adwcleaner_3.212.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : bupService

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Conduit
Ordner Gelöscht : C:\ProgramData\ParetoLogic
Ordner Gelöscht : C:\ProgramData\Uniblue
Ordner Gelöscht : C:\Program Files (x86)\Application Updater
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Program Files (x86)\IObit Apps Toolbar
Ordner Gelöscht : C:\Program Files (x86)\ParetoLogic
Ordner Gelöscht : C:\Program Files (x86)\SoftwareUpdater
Ordner Gelöscht : C:\Program Files (x86)\SearchElf_1.2
Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Ordner Gelöscht : C:\Program Files (x86)\Common Files\ParetoLogic
Ordner Gelöscht : C:\Program Files (x86)\Common Files\Spigot
Ordner Gelöscht : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Ordner Gelöscht : C:\Users\Marki\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Marki\AppData\Local\Pokki
Ordner Gelöscht : C:\Users\Marki\AppData\Local\PutLockerDownloader
Ordner Gelöscht : C:\Users\Marki\AppData\Local\SearchProtect
Ordner Gelöscht : C:\Users\Marki\AppData\Local\Software Updater
Ordner Gelöscht : C:\Users\Marki\AppData\Local\Software_Updater
Ordner Gelöscht : C:\Users\Marki\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Marki\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\Marki\AppData\LocalLow\Search Settings
Ordner Gelöscht : C:\Users\Marki\AppData\LocalLow\Freemium_DE
Ordner Gelöscht : C:\Users\Marki\AppData\LocalLow\MyAshampoo
Ordner Gelöscht : C:\Users\Marki\AppData\LocalLow\SearchElf_1.2
Ordner Gelöscht : C:\Users\Marki\AppData\Roaming\BupSystem
Ordner Gelöscht : C:\Users\Marki\AppData\Roaming\DriverCure
Ordner Gelöscht : C:\Users\Marki\AppData\Roaming\ParetoLogic
Ordner Gelöscht : C:\Users\Marki\AppData\Roaming\PinPhotoZoom
Ordner Gelöscht : C:\Users\Marki\AppData\Roaming\Software Updater
Ordner Gelöscht : C:\Users\Marki\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Marki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HDvidCodec.com
Ordner Gelöscht : C:\Users\Marki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
Ordner Gelöscht : C:\Users\Marki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic
Ordner Gelöscht : C:\Users\Marki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki
Ordner Gelöscht : C:\Users\Marki\AppData\Roaming\Mozilla\Firefox\Profiles\n903b0ks.default-1390833912369\Extensions\adsremoval@adsremoval.net
Ordner Gelöscht : C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam
Datei Gelöscht : C:\Users\Marki\AppData\Roaming\Mozilla\Firefox\Profiles\n903b0ks.default-1390833912369\user.js
Datei Gelöscht : C:\Windows\System32\Tasks\Driver Booster Update
Datei Gelöscht : C:\Windows\Tasks\paretologic registration3.job
Datei Gelöscht : C:\Windows\System32\Tasks\paretologic registration3
Datei Gelöscht : C:\Windows\Tasks\paretologic update version3.job
Datei Gelöscht : C:\Windows\System32\Tasks\paretologic update version3
Datei Gelöscht : C:\Windows\System32\Tasks\RegClean Pro
Datei Gelöscht : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar
Datei Gelöscht : C:\Windows\System32\Tasks\Software Updater Ui
Datei Gelöscht : C:\Windows\System32\Tasks\Software Updater

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaabfjnbeinlpljodiajipidiompfl
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\lbbbdmbjkgojacipgefbifkiebpcdjhn
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam
Schlüssel Gelöscht : HKCU\Software\Classes\*\shell\pokki
Schlüssel Gelöscht : HKCU\Software\Classes\Folder\shell\pokki
Schlüssel Gelöscht : HKCU\Software\Classes\pokki
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\conduit.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\wajam.com
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\HomeTab.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Movie2KDownloader
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wtb.NotificationSource
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wtb.NotificationSource.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\facemoods_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\facemoods_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\HomeTab_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\HomeTab_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Movie2KDownloader_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Movie2KDownloader_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchSettings]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT3311336
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader41998_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader41998_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1F02FB61-2BE5-4C16-8199-AEAA16EB0342}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C17DC5CF-54FF-4E63-8AC7-94335D6DA231}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D14D0EE2-2DD1-4230-BE70-3F3AD6172C40}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A928E66C-F501-4E66-9953-855C712F93B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E871EFD1-2572-4BFC-937D-F2D90EB13C94}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{061F450C-37B9-4330-9235-0F25D9F75B33}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDFB66C-713B-4201-83A6-5B78AE227B41}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E66F4171-0F28-4599-A595-58B840522F7E}
[#] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9FDFB66C-713B-4201-83A6-5B78AE227B41}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E871EFD1-2572-4BFC-937D-F2D90EB13C94}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AE7F56EB-4A16-42E0-9B86-E7F97E3A13AB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5F2EA817-BFAD-4726-BC2A-A2945C0237D4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C17DC5CF-54FF-4E63-8AC7-94335D6DA231}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D14D0EE2-2DD1-4230-BE70-3F3AD6172C40}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E57091A7-B5F0-4C42-9329-72ED3E59ED31}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F994E0D9-8335-48F1-99C2-A712C21F8D5F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2A4AA5BE-ADA8-41D7-8D1F-B538EE3DC6AF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D4A3EFC0-708F-470C-8E98-A2FDAA1EBD8A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CDA30C7F-60DA-4B81-9C54-AC8EF6A43ABE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{08DB3631-7F1B-4FF6-928E-147EF26E2401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F846AE5A-34C6-4C3D-9C24-4861B48FCB7A}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{9FDFB66C-713B-4201-83A6-5B78AE227B41}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{F4E6547E-325B-403C-A3BB-AD29ED37A92F}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{F4E6547E-325B-403C-A3BB-AD29ED37A92F}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{E66F4171-0F28-4599-A595-58B840522F7E}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0923E315-2D8B-48CE-A37C-AE9A42F9711C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1A1BBE49-C6F1-40EA-9D2F-262F0AF6DDE3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2022154E-7E3E-4809-871E-1B45A6FC7058}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{292ECB89-350E-45D2-816F-52C15305B144}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{36CC2180-B6BF-4951-9578-6B0C40044AAA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{44A36944-22C6-4A08-BC7C-161F3E540DBF}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6247DD2C-8CF9-4041-A235-93691D71B8B4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{835BED79-DF7E-4096-B355-ED43FA2EA87B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8E863BD6-50DE-47D0-A6F1-3C1F6DB72451}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9DD36F1E-5111-41C5-ADED-A2A11A2FF3E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A2FB8217-E320-434E-BA79-513E357AD54F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A9CEBBF4-9129-479A-9231-E833ED3D3A8F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{AFD4D1F9-167C-4884-95AE-B5A9797B0D16}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C47788B1-9604-4D7A-A684-F4D450F2D7D2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{CA3B41D0-D4C1-4808-B248-75DA27238828}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D4A2FF6C-087F-4D40-8DFE-92AAD484BFB8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D88B9D5C-A9CF-4C69-906D-1CCA5D85A2EF}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F83AF01C-AA2F-469F-8BE7-D178FB15FD07}
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\distromatic
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\installedbrowserextensions
Schlüssel Gelöscht : HKCU\Software\ParetoLogic
Schlüssel Gelöscht : HKCU\Software\Pokki
Schlüssel Gelöscht : HKCU\Software\Search Settings
Schlüssel Gelöscht : HKCU\Software\simplytech
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\AskToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\BackgroundContainer
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\conduitEngine
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\MyAshampoo\toolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Search Settings
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\simplytech
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Freemium_DE
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\MyAshampoo
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SearchElf_1.2
Schlüssel Gelöscht : HKLM\Software\Application Updater
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\covus freemium gmbh
Schlüssel Gelöscht : HKLM\Software\Funmoods
Schlüssel Gelöscht : HKLM\Software\MyAshampoo\toolbar
Schlüssel Gelöscht : HKLM\Software\ParetoLogic
Schlüssel Gelöscht : HKLM\Software\Search Settings
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKLM\Software\Freemium_DE
Schlüssel Gelöscht : HKLM\Software\MyAshampoo
Schlüssel Gelöscht : HKLM\Software\SearchElf_1.2
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchElf_1.2 Toolbar
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17041

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Search Bar]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Search Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Bar]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)]

-\\ Mozilla Firefox v29.0.1 (de)

[ Datei : C:\Users\Marki\AppData\Roaming\Mozilla\Firefox\Profiles\n903b0ks.default-1390833912369\prefs.js ]


-\\ Google Chrome v35.0.1916.114

*************************

AdwCleaner[R0].txt - [19390 octets] - [10/06/2014 22:29:31]
AdwCleaner[R1].txt - [19479 octets] - [10/06/2014 22:31:33]
AdwCleaner[S0].txt - [350 octets] - [10/06/2014 22:31:18]
AdwCleaner[S1].txt - [17329 octets] - [10/06/2014 22:32:58]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [17390 octets] ##########
         
Und nun das Junkware Removal Tool, - unter Beenden, ging ich mal davon aus ,dass du deaktivieren meintest- also hier auch die Log :
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Marki on 10.06.2014 at 22:42:56,36
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3467081931-4053979440-1662789119-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{5812BF44-8A36-405F-A7D3-9641EE6E5AA0}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{BB93D0AB-13CF-423E-ADAC-A809CBA75D3C}



~~~ Files

Successfully deleted: [File] "C:\Users\Marki\appdata\locallow\microsoft\silverlight\outofbrowser\index\portal.qtrax.com"



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Marki\AppData\Roaming\software informer"
Successfully deleted: [Folder] "C:\Users\Marki\appdata\locallow\boost_interprocess"
Successfully deleted: [Folder] "C:\Program Files (x86)\software informer"



~~~ FireFox

Successfully deleted: [File] C:\user.js
Emptied folder: C:\Users\Marki\AppData\Roaming\mozilla\firefox\profiles\n903b0ks.default-1390833912369\minidumps [24 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10.06.2014 at 23:19:48,70
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
FRST siehe nächste Nachricht ;D

Alt 11.06.2014, 02:52   #11
Physik_Rocks
 
Verschiedene Browser öffnen nur Facebook, Google & YouTube - Beitrag

Verschiedene Browser öffnen nur Facebook, Google & YouTube



also hier noch die FRST:


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-06-2014
Ran by Marki (administrator) on MARK on 11-06-2014 03:46:41
Running from C:\Users\Marki\Desktop\FRST64
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
() C:\Program Files (x86)\Ashampoo\Ashampoo Anti-Malware\AAMW_Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
() C:\Program Files (x86)\Tether\TBService.exe
(Team MediaPortal) C:\Program Files (x86)\Team MediaPortal\MediaPortal TV Server\TvService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Spotify Ltd) C:\Users\Marki\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
() C:\Program Files (x86)\Ashampoo\Ashampoo Anti-Malware\AAMW_WSC_Service_Vista.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2008-10-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Ashampoo Anti-Malware Guard] => C:\Program Files (x86)\Ashampoo\Ashampoo Anti-Malware\AAMW_Guard.exe [3314176 2010-08-26] (Ashampoo Development GmbH & Co. KG)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-04-17] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1225920 2014-04-30] (NVIDIA Corporation)
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [36864 2007-03-20] ()
HKLM-x32\...\Run: [SSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [1596224 2014-04-17] (IObit)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5180432 2014-04-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll] - "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll",DllRegisterServer [194432 2011-12-12] (DivX, LLC)
HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1
HKU\.DEFAULT\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_8_800_174_ActiveX.exe [815496 2013-09-15] (Adobe Systems Incorporated)
HKU\S-1-5-21-3467081931-4053979440-1662789119-1000\...\Run: [Spotify Web Helper] => C:\Users\Marki\APPDATA\ROAMING\SPOTIFY\Data\SpotifyWebHelper.exe [1140736 2013-10-21] (Spotify Ltd)
HKU\S-1-5-21-3467081931-4053979440-1662789119-1000\...\Run: [Advanced SystemCare 7] => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2288928 2014-02-11] (IObit)
HKU\S-1-5-21-3467081931-4053979440-1662789119-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3467081931-4053979440-1662789119-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify Web Helper] => C:\Users\Marki\APPDATA\ROAMING\SPOTIFY\Data\SpotifyWebHelper.exe [1140736 2013-10-21] (Spotify Ltd)
HKU\S-1-5-21-3467081931-4053979440-1662789119-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Advanced SystemCare 7] => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2288928 2014-02-11] (IObit)
HKU\S-1-5-21-3467081931-4053979440-1662789119-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
Startup: C:\Users\Marki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.search.yahoo.com/?type=198484&fr=spigot-yhp-ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1D22DD6489C9CB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.msn.de/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {C9113DF5-0320-424F-B87D-DC1C2B8482AF} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=198484&p={searchTerms}
SearchScopes: HKCU - {D9BC1EC7-AECE-4A27-8A92-03A6A14D9F60} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=402027&p={searchTerms}
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Ads Removal - {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} - C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll (Adblock)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll File Not found ()
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{16F52067-879E-43D0-B67F-9344FC2AB5D5}: [NameServer]208.67.222.222,208.67.220.220

FireFox:
========
FF ProfilePath: C:\Users\Marki\AppData\Roaming\Mozilla\Firefox\Profiles\n903b0ks.default-1390833912369
FF DefaultSearchEngine: Yahoo!
FF SelectedSearchEngine: Yahoo!
FF Keyword.URL: hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=402027&p=
FF Keyword.URL: hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=402027&p=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.40.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Users\Marki\Videos\Freewareprogramme\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc;version=0.8.6i - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN Team)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Marki\AppData\Roaming\mozilla\plugins\np-mswmp.dll (Microsoft Corporation)
FF SearchPlugin: C:\Users\Marki\AppData\Roaming\Mozilla\Firefox\Profiles\n903b0ks.default-1390833912369\searchplugins\yahoo_ff.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo_ff.xml
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Marki\AppData\Roaming\Mozilla\Firefox\Profiles\n903b0ks.default-1390833912369\Extensions\ascsurfingprotection@iobit.com [2014-04-25]
FF Extension: Protegere - C:\Users\Marki\AppData\Roaming\Mozilla\Firefox\Profiles\n903b0ks.default-1390833912369\Extensions\security@protegere.org [2014-04-17]
FF Extension: WOT - C:\Users\Marki\AppData\Roaming\Mozilla\Firefox\Profiles\n903b0ks.default-1390833912369\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-01-27]
FF Extension: FindBar Tweak - C:\Users\Marki\AppData\Roaming\Mozilla\Firefox\Profiles\n903b0ks.default-1390833912369\Extensions\fbt@quicksaver.xpi [2014-01-27]
FF Extension: Save My Tabs - C:\Users\Marki\AppData\Roaming\Mozilla\Firefox\Profiles\n903b0ks.default-1390833912369\Extensions\savemytabs@dmitriy.khudorozhkov.xpi [2014-01-27]
FF Extension: Adblock Plus - C:\Users\Marki\AppData\Roaming\Mozilla\Firefox\Profiles\n903b0ks.default-1390833912369\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-27]
FF Extension: DownThemAll! - C:\Users\Marki\AppData\Roaming\Mozilla\Firefox\Profiles\n903b0ks.default-1390833912369\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2014-01-27]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-02-09]

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (Autodesk 123D Design) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\adcpobnhinigjfgdjponlboohbhigoml [2013-09-15]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [2014-04-25]
CHR Extension: (AutoCAD 360) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcjeclnkejmbepoibfnamioojinoopln [2013-09-15]
CHR Extension: (No Name) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddkeieaieohnceanbhdeijclgemgjjkf [2014-04-16]
CHR Extension: (Daum Equation Editor) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\dinfmiceliiomokeofbocegmacmagjhe [2013-09-15]
CHR Extension: (Ultimate Flash Sonic Smash Brothers) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\doldmgjebloaondlfkambkkofpnfgmfk [2013-09-15]
CHR Extension: (Autodesk ForceEffect) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekbaidcchahkpedbhdenlmleimihkcim [2013-09-15]
CHR Extension: (Ads Removal) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopdddcinljmpmioaklghcalngfhbaen [2014-02-25]
CHR Extension: (Math Anywhere) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebhifiddmaaeecbaiemfpejghjdjmhc [2013-09-15]
CHR Extension: (Autodesk 123D Catch) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjmccldlkdbjakaebbpiojpfbambiphj [2013-09-15]
CHR Extension: (GmailTeX) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjnmclkoadjdljnfmbnnhaahilafoeji [2013-09-15]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2014-01-21]
CHR Extension: (Fiabee HTML5 Viewer) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngmmpodmhlhciagihcjpdggoihakcahf [2013-09-15]
CHR Extension: (Graph.tk) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkhkaamdeplibnmodcgodlkghphdbahk [2013-09-15]
CHR Extension: (Google Wallet) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-20]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-09-15]
CHR Extension: (No Name) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2013-09-15]
CHR Extension: (Autodesk 123D Make) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcbnagfoedaclggcfcoodicggmnlhajl [2013-09-15]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AAMWService; C:\Program Files (x86)\Ashampoo\Ashampoo Anti-Malware\AAMW_Service.exe [1313184 2011-09-13] ()
R2 AAMW_WSC_Service_Vista; C:\Program Files (x86)\Ashampoo\Ashampoo Anti-Malware\AAMW_WSC_Service_Vista.exe [52616 2010-03-02] ()
R2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [881952 2014-01-14] (IObit)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3645456 2014-04-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [291912 2014-03-27] (AVG Technologies CZ, s.r.o.)
S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2013\DfsdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany) [File not signed]
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [342336 2014-01-24] (IObit)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 MsDepSvc; C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe [63304 2011-02-04] (Microsoft Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [58345832 2011-09-22] (Microsoft Corporation)
R2 MySQL; C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe [7599616 2009-08-18] () [File not signed]
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1618888 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21009352 2014-04-30] (NVIDIA Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [87040 2012-03-23] () [File not signed]
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [431464 2011-09-22] (Microsoft Corporation)
R2 Tether; C:\Program Files (x86)\Tether\TBService.exe [52664 2011-09-29] ()
R2 TVService; C:\Program Files (x86)\Team MediaPortal\MediaPortal TV Server\TVService.exe [192512 2010-04-13] (Team MediaPortal) [File not signed]
S3 watchmi; C:\Program Files (x86)\watchmi\TvdService.exe [70144 2011-10-07] () [File not signed]
S2 wupdsrvc; C:\Windows\SysWOW64\wupdsrvc.exe [57344 2010-12-20] (VWP) [File not signed]

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [237336 2014-04-18] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192792 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [236824 2014-03-27] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [324376 2014-03-27] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [130840 2014-03-31] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [32536 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-03-31] (AVG Technologies CZ, s.r.o.)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2008-10-28] (AVM Berlin)
R3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2008-10-28] (AVM GmbH)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-10] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S1 mbmiodrvr; C:\Windows\syswow64\mbmiodrvr.sys [4608 2004-04-10] (cansoft@livewiredev.com) [File not signed]
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R0 nvamacpi; C:\Windows\System32\DRIVERS\NVAMACPI.sys [28192 2009-07-17] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19744 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2013-11-19] (IObit.com)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R1 SLEE_18_DRIVER; C:\Windows\Sleen1864.sys [108648 2012-07-24] (Softwareentwicklung Remus - ArchiCrypt - )
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2013-12-24] (IObit)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2011-01-17] (Duplex Secure Ltd.)
R3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-11-19] (IObit.com)
R3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [254976 2010-01-17] (Jungo)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz134; \??\C:\Users\Marki\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-10 23:19 - 2014-06-10 23:19 - 00001791 _____ () C:\Users\Marki\Desktop\JRT.txt
2014-06-10 22:42 - 2014-06-10 22:42 - 01016261 _____ (Thisisu) C:\Users\Marki\Desktop\JRT.exe
2014-06-10 22:42 - 2014-06-10 22:42 - 00000000 ____D () C:\Windows\ERUNT
2014-06-10 22:30 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-10 22:29 - 2014-06-10 22:33 - 00000000 ____D () C:\AdwCleaner
2014-06-10 22:26 - 2014-06-10 22:26 - 01333465 _____ () C:\Users\Marki\Desktop\adwcleaner_3.212.exe
2014-06-10 22:23 - 2014-06-10 22:23 - 00010661 _____ () C:\Users\Marki\Desktop\mbamtxt.txt
2014-06-10 21:19 - 2014-06-10 21:19 - 00032808 _____ () C:\Users\Marki\Desktop\mbam.txt
2014-06-10 17:19 - 2014-06-10 23:55 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-10 17:19 - 2014-06-10 17:19 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-10 17:19 - 2014-06-10 17:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-06-10 17:18 - 2014-06-10 17:19 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-06-10 17:18 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-10 17:18 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-10 17:18 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-10 17:17 - 2014-06-10 17:17 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Marki\Desktop\mbam-setup-2.0.2.1012.exe
2014-06-09 21:04 - 2014-06-09 21:04 - 00051735 _____ () C:\ComboFix.txt
2014-06-09 21:04 - 2014-06-09 21:04 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\temp
2014-06-09 21:04 - 2014-06-09 21:04 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-06-09 21:04 - 2014-06-09 21:04 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-06-09 21:04 - 2014-06-09 21:04 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-06-09 20:41 - 2014-06-09 21:04 - 00000000 ____D () C:\ComboFix
2014-06-09 20:38 - 2014-06-09 20:39 - 05205664 ____R (Swearware) C:\Users\Marki\Desktop\ComboFix.exe
2014-06-09 20:27 - 2014-06-09 20:27 - 00001268 _____ () C:\Users\Marki\Desktop\Revo Uninstaller.lnk
2014-06-09 20:27 - 2014-06-09 20:27 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-06-09 20:26 - 2014-06-09 20:26 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Marki\Desktop\revosetup95.exe
2014-06-08 15:25 - 2014-06-10 22:36 - 00001008 _____ () C:\Windows\setupact.log
2014-06-08 15:25 - 2014-06-10 22:35 - 00049618 _____ () C:\Windows\PFRO.log
2014-06-08 15:25 - 2014-06-08 15:25 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-08 15:23 - 2014-06-08 15:23 - 00000000 _____ () C:\asc_rdflag
2014-06-06 23:37 - 2014-06-11 03:46 - 00000000 ____D () C:\FRST
2014-06-06 23:34 - 2014-06-11 03:46 - 00000000 ____D () C:\Users\Marki\Desktop\FRST64
2014-06-02 19:31 - 2014-06-03 08:52 - 00000108 _____ () C:\Users\Marki\Desktop\Namen.txt
2014-06-01 23:25 - 2014-06-01 23:25 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-01 23:25 - 2014-06-01 23:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-01 23:25 - 2014-06-01 23:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-01 23:25 - 2014-06-01 23:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-01 23:25 - 2014-06-01 23:25 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-01 23:25 - 2014-06-01 23:25 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-01 23:14 - 2014-06-01 23:14 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-06-01 23:14 - 2014-06-01 23:14 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-06-01 23:11 - 2014-06-01 23:11 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-06-01 23:11 - 2014-06-01 23:11 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-06-01 23:11 - 2014-06-01 23:11 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-06-01 23:11 - 2014-06-01 23:11 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-06-01 23:11 - 2014-06-01 23:11 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-06-01 23:10 - 2014-06-01 23:10 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-06-01 23:10 - 2014-06-01 23:10 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-06-01 23:10 - 2014-06-01 23:10 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-06-01 23:10 - 2014-06-01 23:10 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-06-01 23:10 - 2014-06-01 23:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-06-01 23:10 - 2014-06-01 23:10 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-06-01 23:10 - 2014-06-01 23:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-06-01 22:26 - 2014-06-01 22:26 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-06-01 22:22 - 2014-05-15 01:49 - 03774821 _____ () C:\Windows\system32\nvcoproc.bin
2014-06-01 22:15 - 2014-05-20 04:44 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-06-01 22:15 - 2014-05-20 04:44 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-06-01 22:15 - 2014-05-20 04:44 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-06-01 22:15 - 2014-05-20 04:44 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-06-01 22:15 - 2014-05-20 04:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-06-01 22:15 - 2014-05-20 04:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-06-01 22:15 - 2014-05-20 04:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-06-01 22:15 - 2014-05-20 04:44 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-06-01 22:15 - 2014-05-20 04:44 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-06-01 22:15 - 2014-05-20 04:44 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-06-01 22:15 - 2014-05-20 04:44 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-06-01 22:14 - 2014-05-20 04:44 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-06-01 22:14 - 2014-05-20 04:44 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-06-01 22:14 - 2014-05-20 04:44 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-06-01 22:14 - 2014-05-20 04:44 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-06-01 22:14 - 2014-05-20 04:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-06-01 22:14 - 2014-05-20 04:44 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-06-01 22:14 - 2014-05-20 04:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-06-01 22:14 - 2014-05-20 04:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-06-01 22:14 - 2014-05-20 04:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-06-01 21:18 - 2014-03-31 18:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-06-01 21:18 - 2014-03-31 18:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-06-01 20:46 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-01 20:46 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-01 20:32 - 2014-06-01 20:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-27 23:48 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-27 23:48 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-27 23:48 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-27 23:48 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-27 23:48 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-27 23:48 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-27 23:48 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-27 23:48 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-27 21:35 - 2014-05-27 21:35 - 00000000 _____ () C:\ProgramData\rebootpending.txt
2014-05-27 20:57 - 2014-05-27 20:57 - 00003140 _____ () C:\Windows\System32\Tasks\{3B52FDD0-CC2B-4E61-BF64-DE3E218ED6AF}
2014-05-27 17:48 - 2014-05-27 21:36 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-05-27 15:32 - 2014-06-06 23:34 - 00058316 _____ () C:\Users\Marki\Desktop\opentabs-MARK-20140527-1429.txt
2014-05-14 23:45 - 2014-05-14 23:47 - 121274322 _____ () C:\Users\Marki\Desktop\Bilder_vom_Fußball_Team_Sheldon.zip

==================== One Month Modified Files and Folders =======

2014-06-11 03:47 - 2010-03-08 03:09 - 00000000 ____D () C:\Users\Marki\AppData\Local\Temp
2014-06-11 03:46 - 2014-06-06 23:37 - 00000000 ____D () C:\FRST
2014-06-11 03:46 - 2014-06-06 23:34 - 00000000 ____D () C:\Users\Marki\Desktop\FRST64
2014-06-11 03:45 - 2010-10-18 00:35 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-11 03:21 - 2010-03-29 22:40 - 00003914 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{A3EDA87D-FFDA-4248-8FCA-7324950DEDAF}
2014-06-11 03:00 - 2014-01-27 02:58 - 01551073 _____ () C:\Windows\WindowsUpdate.log
2014-06-10 23:55 - 2014-06-10 17:19 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-10 23:19 - 2014-06-10 23:19 - 00001791 _____ () C:\Users\Marki\Desktop\JRT.txt
2014-06-10 22:45 - 2009-07-14 06:45 - 00015808 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-10 22:45 - 2009-07-14 06:45 - 00015808 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-10 22:42 - 2014-06-10 22:42 - 01016261 _____ (Thisisu) C:\Users\Marki\Desktop\JRT.exe
2014-06-10 22:42 - 2014-06-10 22:42 - 00000000 ____D () C:\Windows\ERUNT
2014-06-10 22:36 - 2014-06-08 15:25 - 00001008 _____ () C:\Windows\setupact.log
2014-06-10 22:36 - 2010-10-18 00:35 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-10 22:36 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-10 22:35 - 2014-06-08 15:25 - 00049618 _____ () C:\Windows\PFRO.log
2014-06-10 22:33 - 2014-06-10 22:29 - 00000000 ____D () C:\AdwCleaner
2014-06-10 22:26 - 2014-06-10 22:26 - 01333465 _____ () C:\Users\Marki\Desktop\adwcleaner_3.212.exe
2014-06-10 22:23 - 2014-06-10 22:23 - 00010661 _____ () C:\Users\Marki\Desktop\mbamtxt.txt
2014-06-10 21:19 - 2014-06-10 21:19 - 00032808 _____ () C:\Users\Marki\Desktop\mbam.txt
2014-06-10 17:55 - 2012-03-17 00:53 - 00000000 ____D () C:\ProgramData\MFAData
2014-06-10 17:19 - 2014-06-10 17:19 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-10 17:19 - 2014-06-10 17:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-06-10 17:19 - 2014-06-10 17:18 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-06-10 17:18 - 2013-02-08 17:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-10 17:17 - 2014-06-10 17:17 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Marki\Desktop\mbam-setup-2.0.2.1012.exe
2014-06-10 01:08 - 2010-04-03 23:57 - 00000000 ____D () C:\Users\Marki\AppData\Local\Apps\2.0
2014-06-09 21:04 - 2014-06-09 21:04 - 00051735 _____ () C:\ComboFix.txt
2014-06-09 21:04 - 2014-06-09 21:04 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\temp
2014-06-09 21:04 - 2014-06-09 21:04 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-06-09 21:04 - 2014-06-09 21:04 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-06-09 21:04 - 2014-06-09 21:04 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-06-09 21:04 - 2014-06-09 20:41 - 00000000 ____D () C:\ComboFix
2014-06-09 21:04 - 2012-10-20 19:40 - 00000000 ____D () C:\Qoobox
2014-06-09 20:57 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-06-09 20:39 - 2014-06-09 20:38 - 05205664 ____R (Swearware) C:\Users\Marki\Desktop\ComboFix.exe
2014-06-09 20:27 - 2014-06-09 20:27 - 00001268 _____ () C:\Users\Marki\Desktop\Revo Uninstaller.lnk
2014-06-09 20:27 - 2014-06-09 20:27 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-06-09 20:26 - 2014-06-09 20:26 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Marki\Desktop\revosetup95.exe
2014-06-09 20:07 - 2013-11-05 20:33 - 00000000 ____D () C:\ProgramData\ProductData
2014-06-09 14:31 - 2013-11-11 21:31 - 00000000 ____D () C:\Users\Marki\Desktop\Datenabbilder
2014-06-08 15:25 - 2014-06-08 15:25 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-08 15:24 - 2014-03-09 05:12 - 119029760 _____ () C:\Windows\system32\config\software.iodefrag.bak
2014-06-08 15:24 - 2014-03-09 05:12 - 06979584 _____ () C:\Windows\system32\config\default.iodefrag.bak
2014-06-08 15:24 - 2014-03-09 05:12 - 00065536 _____ () C:\Windows\system32\config\sam.iodefrag.bak
2014-06-08 15:24 - 2014-03-09 05:12 - 00032768 _____ () C:\Windows\system32\config\security.iodefrag.bak
2014-06-08 15:23 - 2014-06-08 15:23 - 00000000 _____ () C:\asc_rdflag
2014-06-08 15:23 - 2010-03-08 03:09 - 00000000 ____D () C:\Users\Marki
2014-06-06 23:49 - 2014-01-26 23:33 - 00190976 ___SH () C:\Users\Marki\Desktop\Thumbs.db
2014-06-06 23:34 - 2014-05-27 15:32 - 00058316 _____ () C:\Users\Marki\Desktop\opentabs-MARK-20140527-1429.txt
2014-06-03 08:52 - 2014-06-02 19:31 - 00000108 _____ () C:\Users\Marki\Desktop\Namen.txt
2014-06-02 12:23 - 2014-01-26 23:33 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-02 12:21 - 2010-03-08 03:09 - 00000000 ___RD () C:\Users\Marki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-02 12:21 - 2010-03-08 03:09 - 00000000 ___RD () C:\Users\Marki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-06-02 09:01 - 2014-03-13 10:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-06-02 09:01 - 2014-02-26 03:05 - 00000981 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-06-02 05:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-02 04:04 - 2014-04-29 23:11 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-02 03:40 - 2010-06-03 00:45 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-02 03:33 - 2013-09-15 03:28 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-02 03:13 - 2010-04-04 20:28 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-01 23:25 - 2014-06-01 23:25 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-01 23:25 - 2014-06-01 23:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-01 23:25 - 2014-06-01 23:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-01 23:25 - 2014-06-01 23:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-01 23:25 - 2014-06-01 23:25 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-01 23:25 - 2014-06-01 23:25 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-01 23:14 - 2014-06-01 23:14 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-06-01 23:14 - 2014-06-01 23:14 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-06-01 23:11 - 2014-06-01 23:11 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-06-01 23:11 - 2014-06-01 23:11 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-06-01 23:11 - 2014-06-01 23:11 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-06-01 23:11 - 2014-06-01 23:11 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-06-01 23:11 - 2014-06-01 23:11 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-06-01 23:10 - 2014-06-01 23:10 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-06-01 23:10 - 2014-06-01 23:10 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-06-01 23:10 - 2014-06-01 23:10 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-06-01 23:10 - 2014-06-01 23:10 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-06-01 23:10 - 2014-06-01 23:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-06-01 23:10 - 2014-06-01 23:10 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-06-01 23:10 - 2014-06-01 23:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-06-01 22:26 - 2014-06-01 22:26 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-06-01 22:26 - 2010-11-07 16:01 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-06-01 22:23 - 2010-03-12 01:57 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-01 20:33 - 2014-06-01 20:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-01 20:29 - 2011-06-21 19:25 - 00000004 _____ () C:\Windows\SysWOW64\wupdsrvc.cfg
2014-05-27 21:36 - 2014-05-27 17:48 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-05-27 21:35 - 2014-05-27 21:35 - 00000000 _____ () C:\ProgramData\rebootpending.txt
2014-05-27 21:34 - 2012-10-20 20:57 - 00000000 ____D () C:\ProgramData\Avira
2014-05-27 20:57 - 2014-05-27 20:57 - 00003140 _____ () C:\Windows\System32\Tasks\{3B52FDD0-CC2B-4E61-BF64-DE3E218ED6AF}
2014-05-27 20:51 - 2010-10-18 21:13 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-27 20:38 - 2013-11-05 20:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7
2014-05-27 20:38 - 2013-09-15 01:13 - 00000000 ____D () C:\Users\Marki\AppData\Local\NVIDIA
2014-05-27 20:38 - 2012-09-26 01:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-05-27 20:38 - 2011-04-01 00:50 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-05-27 20:38 - 2011-03-05 09:51 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-05-27 20:38 - 2010-10-18 21:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-27 20:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-27 20:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2014-05-27 20:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2014-05-27 20:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-05-27 20:29 - 2010-05-02 19:07 - 00000000 ____D () C:\ProgramData\MySQL
2014-05-27 20:28 - 2012-01-11 21:55 - 00000000 ____D () C:\ProgramData\IObit
2014-05-27 14:39 - 2014-03-14 05:37 - 41512960 _____ () C:\Windows\system32\config\components.iodefrag.bak
2014-05-27 00:07 - 2014-04-06 21:38 - 00000000 ____D () C:\Users\Marki\Desktop\Physik_4.Semester
2014-05-26 21:32 - 2014-04-21 23:02 - 00000000 ____D () C:\Users\Marki\AppData\Local\NVIDIA Corporation
2014-05-21 02:18 - 2014-04-29 23:46 - 00000000 ____D () C:\Users\Marki\Desktop\Experimentelle_Methoden_der_Physik
2014-05-20 04:44 - 2014-06-01 22:15 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-05-20 04:44 - 2014-06-01 22:15 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-05-20 04:44 - 2014-06-01 22:15 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-05-20 04:44 - 2014-06-01 22:15 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-05-20 04:44 - 2014-06-01 22:15 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-05-20 04:44 - 2014-06-01 22:15 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-05-20 04:44 - 2014-06-01 22:15 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-05-20 04:44 - 2014-06-01 22:15 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-05-20 04:44 - 2014-06-01 22:15 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-05-20 04:44 - 2014-06-01 22:15 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-05-20 04:44 - 2014-06-01 22:15 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-05-20 04:44 - 2014-06-01 22:14 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-05-20 04:44 - 2014-06-01 22:14 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-05-20 04:44 - 2014-06-01 22:14 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-05-20 04:44 - 2014-06-01 22:14 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-05-20 04:44 - 2014-06-01 22:14 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-05-20 04:44 - 2014-06-01 22:14 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-05-20 04:44 - 2014-06-01 22:14 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-05-20 04:44 - 2014-06-01 22:14 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-05-20 04:44 - 2014-06-01 22:14 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-05-20 04:44 - 2013-11-05 21:12 - 16003912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-05-20 04:44 - 2013-11-05 21:12 - 14434704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-05-20 04:44 - 2013-02-26 00:32 - 18531568 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-05-20 04:44 - 2013-02-26 00:32 - 02730208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-05-20 04:44 - 2012-10-10 22:23 - 03109248 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-05-20 04:44 - 2012-02-27 20:59 - 00026069 _____ () C:\Windows\system32\nvinfo.pb
2014-05-20 03:25 - 2012-01-11 19:30 - 03514144 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-05-20 03:25 - 2012-01-11 19:30 - 02560968 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-05-20 03:25 - 2012-01-11 19:30 - 00927520 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-05-20 03:25 - 2012-01-11 19:30 - 00062808 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-05-20 03:25 - 2012-01-11 19:29 - 06769096 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-05-20 03:25 - 2012-01-11 19:29 - 00387528 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-05-18 04:34 - 2014-05-07 02:23 - 00038969 ____H () C:\Users\Marki\Desktop\~WRL0003.tmp
2014-05-17 01:38 - 2011-03-03 00:56 - 00000000 ____D () C:\Users\Marki\Desktop\Ich..... auf Fotos
2014-05-17 01:34 - 2011-10-01 19:54 - 00000000 ____D () C:\Users\Marki\AppData\Local\Paint.NET
2014-05-15 01:49 - 2014-06-01 22:22 - 03774821 _____ () C:\Windows\system32\nvcoproc.bin
2014-05-14 23:47 - 2014-05-14 23:45 - 121274322 _____ () C:\Users\Marki\Desktop\Bilder_vom_Fußball_Team_Sheldon.zip
2014-05-12 07:26 - 2014-06-10 17:18 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-06-10 17:18 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-06-10 17:18 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

Some content of TEMP:
====================
C:\Users\Marki\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-10 21:52

==================== End Of Log ============================
         
--- --- ---

--- --- ---


jetzt ist die alte FRST jedoch verloren, die neue hat ungefragt die alte ersetzt...
Und was bedeutet nun ... Whitelisted... ?

Viele Grüße,
Physik_Rocks

Alt 11.06.2014, 20:21   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Verschiedene Browser öffnen nur Facebook, Google & YouTube - Standard

Verschiedene Browser öffnen nur Facebook, Google & YouTube



Zitat:
Und was bedeutet nun ... Whitelisted... ?
Im FRST Log? Das bedeutet nur das ne Whitelist benutzt wird, damit as Log nit aus allen Nähten platzt



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 16.06.2014, 21:52   #13
Physik_Rocks
 
Verschiedene Browser öffnen nur Facebook, Google & YouTube - Daumen hoch

Verschiedene Browser öffnen nur Facebook, Google & YouTube



Hey,

auch jetzt kam ich wieder dazu...
Nun denn den ESET online Scanner hab ich alles nach Anleitung durchgeführt jedoch habe ich nur die Firewall deaktiviert, AVG und iobit- Malwarefighter, Microsoft Security Essentials und alle anderen Programme dich ich unter Ihrer Anweisung istalliert habe, jedoch nicht... ich hoffe das macht nichts aus..

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=90f1ae5e6e36d249a5909b46fe96b110
# engine=18735
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-06-16 06:35:10
# local_time=2014-06-16 08:35:10 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='AVG AntiVirus Free Edition 2014'
# compatibility_mode=1051 16777213 100 100 31018 90077694 0 0
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 5621539 25924104 0 0
# scanned=490720
# found=80
# cleaned=0
# scan_time=29948
sh=1D697D523A1DA282A28A5FCB76FE2AA94FC92F4B ft=1 fh=b9ee1b33b2ee31fc vn="Win32/Toolbar.Babylon.T evtl. unerwünschte Anwendung" ac=I fn="C:\TRANSLATE"
sh=359D977D432E4F90FE627B2717144AE873990AC4 ft=1 fh=63c7b0ee3e7f229d vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DVDVideoSoft\TB\DVDVideoSoftTB.exe.vir"
sh=01413710FA3F1EA501B7184DC02A616E75285BDE ft=1 fh=09384cd7b5397cb9 vn="Win32/Toolbar.Widgi.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\Spigot\SlickSavings\SlickSavingsSetup.exe.vir"
sh=6A142BC7EDC6905E82F7B562B9B5A8046F6F0823 ft=1 fh=08a890fb375ec1e2 vn="Variante von Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\IObit Apps Toolbar\FF\components\iobitappsToolbarFF.dll.vir"
sh=419716F712489099B040AB846B565D808119B5E8 ft=1 fh=562d50baf79e8eca vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchElf_1.2\tbSear.dll.vir"
sh=D86451022DDD8348105C1D52FBFD2ADB1E2DCC30 ft=1 fh=d3e706a6307522ba vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Marki\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll.vir"
sh=314F703F0F190BF70F0386509C10998D4E2BD10B ft=1 fh=2f9f46df1834d950 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Marki\AppData\Local\Conduit\BackgroundContainer\TBUpdaterLogic_1.0.0.1.dll.vir"
sh=D3CBDD7C6ED2C9D81DA4FCF9AF57CDD5D3711ED3 ft=1 fh=86dbe26399c3d0fa vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Marki\AppData\Local\Conduit\BackgroundContainer\TBUpdaterLogic_1.0.0.2.dll.vir"
sh=0DDC9EFBCBB739ECBC9645E0D81144ACB0DC139F ft=1 fh=2cd04407df9b26ee vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Marki\AppData\Local\Conduit\CT2475029\MyAshampooAutoUpdaterHelper.exe.vir"
sh=FFF3C2BE9689FC673B1433CC45C3FFA506D7149F ft=1 fh=046cc4cab2431136 vn="Variante von MSIL/DownloadGuide.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Marki\AppData\Local\Software Updater\Downloads\DLG_free-fun-movie-maker_recommendation_de-DE.exe.vir"
sh=F9504F44FCC933B4603B172B9A6AD9663E1D7F64 ft=1 fh=70a681e3ff9b0cd0 vn="Variante von MSIL/DownloadGuide.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Marki\AppData\Local\Software Updater\Downloads\DLG_tubebox_recommendation_de-DE.exe.vir"
sh=A911724EDBBE2289ECAB3393CBAA1B00C65514F6 ft=1 fh=821ec392c11a178e vn="Variante von MSIL/DownloadGuide.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Marki\AppData\Local\Software Updater\Downloads\DLG_tubebox_update_de-DE.exe.vir"
sh=BE40C0251D66829CF63FD4341CACA785CAF5CD73 ft=1 fh=afd5085e605741b5 vn="Win64/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Marki\AppData\LocalLow\Freemium_DE\hk64tbFre0.dll.vir"
sh=ECAAC2B22C5DF388FA3847749C931AEF458384B8 ft=1 fh=2876dfec7d92aded vn="Variante von Win64/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Marki\AppData\LocalLow\Freemium_DE\hk64tbFree.dll.vir"
sh=0F7B6B96202643D88E6428C62CA0BADC6D38D140 ft=1 fh=3507b93dfe419462 vn="Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Marki\AppData\LocalLow\Freemium_DE\hktbFre0.dll.vir"
sh=C325F9A28C049D03E23060686A70B398531CDB05 ft=1 fh=742ed93f69aeb6e1 vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Marki\AppData\LocalLow\Freemium_DE\hktbFree.dll.vir"
sh=547EF42FB35708E8C39FE6D04DBF3DEDD91E73DB ft=1 fh=99fdcb8395eefb1c vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Marki\AppData\LocalLow\Freemium_DE\ldrtbFre0.dll.vir"
sh=EFB534D515903744B9755391A417051902C16DE2 ft=1 fh=e331f9a91891a78b vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Marki\AppData\LocalLow\Freemium_DE\ldrtbFree.dll.vir"
sh=6C02BC376864DF0440DE70DED3A65938D6295795 ft=1 fh=965e2f365cb21a83 vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Marki\AppData\LocalLow\Freemium_DE\tbFre0.dll.vir"
sh=BE144F65AA4ADF3D2100746839B6728914F947AE ft=1 fh=c557c62982098975 vn="Variante von Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Marki\AppData\LocalLow\Freemium_DE\tbFre1.dll.vir"
sh=19C0679FA65F480C9A0BC5C43396D2ADEC8BCAF9 ft=1 fh=bca908a16a338e6a vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Marki\AppData\LocalLow\Freemium_DE\tbFree.dll.vir"
sh=B5C93DA0C608B26C9487ABC49CCB643C9A15ED33 ft=1 fh=75f1c65aa8a331ed vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Marki\AppData\LocalLow\Freemium_DE\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.6.12\bin\PriceGongIE.dll.vir"
sh=AF2A09062B79711D5D92F58251EE238DF2E5E9F9 ft=1 fh=ea86b3a42b031233 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Marki\AppData\LocalLow\MyAshampoo\tbMyA0.dll.vir"
sh=3664B7B546B41FBFB469128DEA194DBA1AF556AC ft=1 fh=532d857584187cdc vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Marki\AppData\LocalLow\MyAshampoo\tbMyA1.dll.vir"
sh=57CD8DEAF43DF3A2F4703E5219A69935B119D0DB ft=1 fh=311781f1ea21501f vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Marki\AppData\LocalLow\MyAshampoo\tbMyA2.dll.vir"
sh=7A5B168BB2B8C06B2A9134B656BBF195830D21C2 ft=1 fh=55d4f387d8566cf4 vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Marki\AppData\LocalLow\MyAshampoo\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.1.1\bin\PriceGongIE.dll.vir"
sh=7A5B168BB2B8C06B2A9134B656BBF195830D21C2 ft=1 fh=55d4f387d8566cf4 vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Marki\AppData\LocalLow\SearchElf_1.2\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.1.1\bin\PriceGongIE.dll.vir"
sh=F351C4C8AFF3024EE6890D48CDFBA08BEAB4A539 ft=1 fh=6f88bd045227c891 vn="Variante von MSIL/DownloadGuide.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Marki\AppData\Roaming\Software Updater\Downloads\dg_tubebox_update.exe.vir"
sh=32627CAE465CEB1AAE3AEBA5BDA226FBE8B7CC13 ft=1 fh=4027605dba0857e9 vn="Win32/ELEX.AH evtl. unerwünschte Anwendung" ac=I fn="C:\Downloads\Software\asc52-setup.exe"
sh=D13EB124C11AD9017A627AF8C24686CD31467A95 ft=1 fh=3896a2582fba092c vn="Variante von Win32/Toolbar.Visicom.A evtl. unerwünschte Anwendung" ac=I fn="C:\Downloads\Software\FastestFreeYouTubeDownloader-Setup-4.2.exe"
sh=B8767E9EF373460894A671DB975218087E6CF222 ft=1 fh=43fa8ac3f5d048ff vn="Win32/SoftonicDownloader.D evtl. unerwünschte Anwendung" ac=I fn="C:\Downloads\Software\SoftonicDownloader_fuer_fastest-free-youtube-downloader-to-mp3-converter.exe"
sh=C7D849EDEE73EECF3ECB72C0AE697B57746D452D ft=1 fh=85b97f33eca0525f vn="Win32/Toolbar.Funmoods evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\Funmoods\funmoods\1.5.19.3\escortShld.dll.vir"
sh=9D7E00EC736140394D5885417303D94D44553A41 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\extensionData\plugins\194_retargeting_bi_m.js.js.vir"
sh=A944448CDA1CE5AA918107104D3B42C171DC810C ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.26.139_0\extensionData\plugins\91_monetizationLoader.js.js.vir"
sh=8E404BAFA9CEAC0628F089B4F1AA879EB5A3404E ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marki\Desktop\Datenabbilder\Alte Firefox-Daten\zrhu7ax4.default\extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\101_cortica_m.js"
sh=957E505E027C2F899F844C27AC8B82EF94AEBB68 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marki\Desktop\Datenabbilder\Alte Firefox-Daten\zrhu7ax4.default\extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\102_dealply_m.js"
sh=91A6607DBD508E202138D84D346DE82921F06C9B ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marki\Desktop\Datenabbilder\Alte Firefox-Daten\zrhu7ax4.default\extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\103_intext_5_m.js"
sh=EB047CB7862459E0F74832AEF6A7954A3663373F ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marki\Desktop\Datenabbilder\Alte Firefox-Daten\zrhu7ax4.default\extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\104_jollywallet_m.js"
sh=F2126D68553053F0A5A411866DEC205E27283EDA ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marki\Desktop\Datenabbilder\Alte Firefox-Daten\zrhu7ax4.default\extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\105_corticas_m.js"
sh=A69DBD3502EA9C4EDD7DEAFB23A8FC1C97BAB232 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marki\Desktop\Datenabbilder\Alte Firefox-Daten\zrhu7ax4.default\extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\107_coupish_m.js"
sh=6FD52BE8732402A681159484442B6AA0351C4243 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marki\Desktop\Datenabbilder\Alte Firefox-Daten\zrhu7ax4.default\extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\108_icm_m.js"
sh=5C5A008E55F177D6F69D40492574390E4EADCF7B ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marki\Desktop\Datenabbilder\Alte Firefox-Daten\zrhu7ax4.default\extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\116_ads_only_5_m.js"
sh=2CAA8A9B9F1D7D41CAD7CD1DE9C253EF4411A15E ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marki\Desktop\Datenabbilder\Alte Firefox-Daten\zrhu7ax4.default\extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\117_coupons_intext_ads_5_m.js"
sh=9495814AE107F6739D62A09B1829E5A2DCDA1354 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marki\Desktop\Datenabbilder\Alte Firefox-Daten\zrhu7ax4.default\extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\119_similar_web_m.js"
sh=D10EA105AB5DB329186B0B6F10541DD58058AEB8 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marki\Desktop\Datenabbilder\Alte Firefox-Daten\zrhu7ax4.default\extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\120_luck_m.js"
sh=4E356A3537E9A4B3814169EBE549D1C2AB3EC78F ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marki\Desktop\Datenabbilder\Alte Firefox-Daten\zrhu7ax4.default\extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\123_intext_adv_m.js"
sh=EAAF312959AC9CCF5138825927B5E2D38F57E2E1 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marki\Desktop\Datenabbilder\Alte Firefox-Daten\zrhu7ax4.default\extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\124_superfish_no_search_no_coupons_m.js"
sh=62B063E0D121966E9A83C9AB518DADAE47423555 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marki\Desktop\Datenabbilder\Alte Firefox-Daten\zrhu7ax4.default\extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\125_arcadi2_m.js"
sh=E254E0BD5C202A441B4F7415C762F7D537A79E24 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marki\Desktop\Datenabbilder\Alte Firefox-Daten\zrhu7ax4.default\extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\126_revizer_ws_m.js"
sh=5B79E1012732BA64F2D1FDF7DBF44CAD28FE7CDD ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marki\Desktop\Datenabbilder\Alte Firefox-Daten\zrhu7ax4.default\extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\127_revizer_p_m.js"
sh=4A86247BDE5D2225473389037FA942819FD677CF ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marki\Desktop\Datenabbilder\Alte Firefox-Daten\zrhu7ax4.default\extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\128_superfish_pricora_m.js"
sh=D9E89F57D3A13498640961F3B9954D67D7EA1039 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marki\Desktop\Datenabbilder\Alte Firefox-Daten\zrhu7ax4.default\extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\129_widdit_m.js"
sh=B9CFC11B067C54952D592C618BD391AA26B3393B ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marki\Desktop\Datenabbilder\Alte Firefox-Daten\zrhu7ax4.default\extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\135_arcadi3_m.js"
sh=17483832BF1FA23335B7C1E04A0530AB60CBEDC6 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marki\Desktop\Datenabbilder\Alte Firefox-Daten\zrhu7ax4.default\extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\138_getdeal_m.js"
sh=90A4F559561CF603A203F93D56C80B17B8152325 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marki\Desktop\Datenabbilder\Alte Firefox-Daten\zrhu7ax4.default\extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\141_corticas_ru_m.js.js"
sh=8395A2B6D59D2F3EDDCFC863DDA2F674396DC74C ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marki\Desktop\Datenabbilder\Alte Firefox-Daten\zrhu7ax4.default\extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\142_intext_fa_m.js"
sh=786B0C8D3A9F6EFBCDB103B0FA7F9460D38C5D7B ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marki\Desktop\Datenabbilder\Alte Firefox-Daten\zrhu7ax4.default\extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\155_ibario_pops_m.js"
sh=CB95B247FABF95831A2974B87B334DBE4597CEB2 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marki\Desktop\Datenabbilder\Alte Firefox-Daten\zrhu7ax4.default\extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\91_monetizationLoader.js.js"
sh=93022F69189E8D2F1B4B8717522CA1AFFA59F708 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marki\Desktop\Datenabbilder\Alte Firefox-Daten\zrhu7ax4.default\extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\92_superfish_m.js"
sh=9200578E0A1027E0EE00111B9545601BC953C1A7 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marki\Desktop\Datenabbilder\Alte Firefox-Daten\zrhu7ax4.default\extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\93_superfish_no_coupons_m.js"
sh=789D2BB33D1B95D8E1D90850B4F739DA3B8FA896 ft=1 fh=b98afa7e2a313fa7 vn="Variante von MSIL/Spy.Keylogger.ADP Trojaner" ac=I fn="C:\Users\Marki\Desktop\Verbatim\Programme\globalhook_src_test\GlobalHookDemo.exe"
sh=5A57010EA3C1E61AE84AA45A2551DBBD9649D692 ft=1 fh=86b596c4c976ff4c vn="Variante von Win32/CNETInstaller.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marki\Downloads\cbsidlm-cbsi5_4_0_104-Wise_Data_Recovery-BP-75715872.exe"
sh=5A57010EA3C1E61AE84AA45A2551DBBD9649D692 ft=1 fh=86b596c4c976ff4c vn="Variante von Win32/CNETInstaller.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marki\Downloads\cbsidlm-cbsi5_4_0_104-Wise_Disk_Cleaner-BP-10613345.exe"
sh=5A57010EA3C1E61AE84AA45A2551DBBD9649D692 ft=1 fh=86b596c4c976ff4c vn="Variante von Win32/CNETInstaller.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marki\Downloads\cbsidlm-cbsi5_4_0_104-Wise_Folder_Hider-BP-75713475.exe"
sh=5A57010EA3C1E61AE84AA45A2551DBBD9649D692 ft=1 fh=86b596c4c976ff4c vn="Variante von Win32/CNETInstaller.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marki\Downloads\cbsidlm-cbsi5_4_0_104-Wise_Program_Uninstaller-ORG-75798277.exe"
sh=E57F41FFB9A9AC03AE151621B2B19A93EB9D8510 ft=1 fh=5f30f8877618efb6 vn="Variante von Win32/Toolbar.Conduit.H evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marki\Downloads\MixPad_Music.exe"
sh=59FA8E18D23A4C4D67D29137135BEB30F87E36C7 ft=1 fh=39d6cc7b0d43e811 vn="Win32/Toolbar.Babylon.T evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marki\Downloads\ReimageRepairNU.exe"
sh=C9EAEE6842F08EB67671434057F5451056C87C20 ft=1 fh=23638320af944a88 vn="Variante von Win32/InstallCore.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marki\Downloads\TubeBox_Setup.exe"
sh=2AA4601BDAB14EC1247AE619CA201405E4E020E7 ft=1 fh=680edb294da2952c vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marki\Downloads\Setups!\alcohol_120_1_9_8_7421.exe"
sh=BE8D4115958FCCD0B23ADAD93DBC96655F1E3B35 ft=1 fh=2cf0b652cda889c8 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marki\Downloads\Setups!\bsplayer257.1051_clip.exe"
sh=8600C80C496C83AB83DD7BFD7AC340664BB8B847 ft=1 fh=b7c89cd003623318 vn="möglicherweise Variante von Win32/FreeNew evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marki\Downloads\Setups!\FreeApp.exe"
sh=0A3ECA177C874ECD2E535DDAE0BB2E590703FA6C ft=1 fh=6efcb81b5623f509 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marki\Downloads\Setups!\icytower14_install.exe"
sh=67B7BFDCD36F995C45CDF286D8002EA610347184 ft=1 fh=250ea66904e33871 vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marki\Downloads\Setups!\SoftonicDownloader41998.exe"
sh=CA85EA91820A82B8154298F6C7DEF7F311E1DD65 ft=1 fh=70d1c284edbe14ef vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marki\Downloads\Setups!\ashampoo\ashampoo_anti-malware_1.21_8338.exe"
sh=15A0E6A982BD0A0183AB4FBB1FE96FEA9E70CCF9 ft=1 fh=4915c2ca1985ceeb vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marki\Downloads\Setups!\ashampoo\ashampoo_burning_studio_2010_advanced_9.25_8339.exe"
sh=E5EDEA5B70EA19DDFF0B4309B3FCD8176A33E525 ft=1 fh=0edb4e2d6fd2a06c vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marki\Downloads\Setups!\ashampoo\ashampoo_home_designer_1.0.0_8340.exe"
sh=E114695EA01C813286E5DB0DF18C72B6E5E4224D ft=1 fh=af764cb8d905c298 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marki\Downloads\Setups!\ashampoo\ashampoo_photo_commander_7_7.60_8341.exe"
sh=1003BE5213D672D5E0762FF9FD2EDD9F828BDA92 ft=1 fh=1f0b7409a5ecee44 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marki\Downloads\Setups!\ashampoo\ashampoo_snap_3_3.50_8342.exe"
sh=4CC06B792A56269A611177BCA5AF8B5A054B8A5D ft=1 fh=a2a0580dc2b6960a vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marki\Freeware aus dem www\Audacity 1.3 Beta (Unicode)\Softonic_Deutsch_audacity-win-unicode-1.3.12.exe"
sh=9400A4130F2D47B51F9B1F2D18A4A56BC7A624F5 ft=1 fh=170569123b5960e6 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Marki\Freeware aus dem www\Free Studio\FreeStudio.exe"
         
Als ich den Security Check durchlaufen ließ, habe ich die deaktivierten wieder aktiviert, da hierzu nichts angegeben war, da hoffe ich ebenfalls, dass das nichts ausgemacht hat..

Code:
ATTFilter
 Results of screen317's Security Check version 0.99.83  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
AVG AntiVirus Free Edition 2014   
Microsoft Security Essentials     
Ashampoo Anti-Malware             
 Antivirus out of date! (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
  Adobe Flash Player 12.0.0.77 Flash Player out of Date!  
 Adobe Reader XI  
 Mozilla Firefox (29.0.1) 
 Google Chrome 35.0.1916.114  
 Google Chrome 35.0.1916.153  
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe 
 Microsoft Security Essentials msseces.exe 
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 AVG avgwdsvc.exe 
 IObit IObit Malware Fighter IMFsrv.exe  
 Ashampoo Ashampoo Anti-Malware AAMW_Service.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
 Ashampoo Ashampoo Anti-Malware AAMW_WSC_Service_Vista.exe  
 IObit IObit Malware Fighter IMF.exe  
 IObit IObit Malware Fighter adsremoval IE\Adblock.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         
Und hier dann noch die neue FRST- Log:


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-06-2014
Ran by Marki (administrator) on MARK on 16-06-2014 22:34:03
Running from C:\Users\Marki\Desktop\FRST64
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
() C:\Program Files (x86)\Ashampoo\Ashampoo Anti-Malware\AAMW_Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
() C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
() C:\Program Files (x86)\Tether\TBService.exe
(Team MediaPortal) C:\Program Files (x86)\Team MediaPortal\MediaPortal TV Server\TvService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
() C:\Program Files (x86)\Ashampoo\Ashampoo Anti-Malware\AAMW_WSC_Service_Vista.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Spotify Ltd) C:\Users\Marki\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe
(IObit) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adblock) C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2008-10-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Ashampoo Anti-Malware Guard] => C:\Program Files (x86)\Ashampoo\Ashampoo Anti-Malware\AAMW_Guard.exe [3314176 2010-08-26] (Ashampoo Development GmbH & Co. KG)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-04-17] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1225920 2014-04-30] (NVIDIA Corporation)
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [36864 2007-03-20] ()
HKLM-x32\...\Run: [SSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [1596224 2014-04-17] (IObit)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5180432 2014-04-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll] - "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll",DllRegisterServer [194432 2011-12-12] (DivX, LLC)
HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1
HKU\.DEFAULT\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_8_800_174_ActiveX.exe [815496 2013-09-15] (Adobe Systems Incorporated)
HKU\S-1-5-21-3467081931-4053979440-1662789119-1000\...\Run: [Spotify Web Helper] => C:\Users\Marki\APPDATA\ROAMING\SPOTIFY\Data\SpotifyWebHelper.exe [1140736 2013-10-21] (Spotify Ltd)
HKU\S-1-5-21-3467081931-4053979440-1662789119-1000\...\Run: [Advanced SystemCare 7] => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2288928 2014-02-11] (IObit)
HKU\S-1-5-21-3467081931-4053979440-1662789119-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
Startup: C:\Users\Marki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
BootExecute: RegistryDefragBootTime.exeautocheck autochk * SmartDefragBootTime.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.search.yahoo.com/?type=198484&fr=spigot-yhp-ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1D22DD6489C9CB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.msn.de/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {C9113DF5-0320-424F-B87D-DC1C2B8482AF} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=198484&p={searchTerms}
SearchScopes: HKCU - {D9BC1EC7-AECE-4A27-8A92-03A6A14D9F60} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=402027&p={searchTerms}
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Ads Removal - {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} - C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll (Adblock)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll File Not found ()
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{16F52067-879E-43D0-B67F-9344FC2AB5D5}: [NameServer]208.67.222.222,208.67.220.220

FireFox:
========
FF ProfilePath: C:\Users\Marki\AppData\Roaming\Mozilla\Firefox\Profiles\n903b0ks.default-1390833912369
FF DefaultSearchEngine: Yahoo!
FF SelectedSearchEngine: Yahoo!
FF Keyword.URL: hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=402027&p=
FF Keyword.URL: hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=402027&p=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.40.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Users\Marki\Videos\Freewareprogramme\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc;version=0.8.6i - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN Team)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Marki\AppData\Roaming\mozilla\plugins\np-mswmp.dll (Microsoft Corporation)
FF SearchPlugin: C:\Users\Marki\AppData\Roaming\Mozilla\Firefox\Profiles\n903b0ks.default-1390833912369\searchplugins\yahoo_ff.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo_ff.xml
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Marki\AppData\Roaming\Mozilla\Firefox\Profiles\n903b0ks.default-1390833912369\Extensions\ascsurfingprotection@iobit.com [2014-04-25]
FF Extension: Protegere - C:\Users\Marki\AppData\Roaming\Mozilla\Firefox\Profiles\n903b0ks.default-1390833912369\Extensions\security@protegere.org [2014-04-17]
FF Extension: WOT - C:\Users\Marki\AppData\Roaming\Mozilla\Firefox\Profiles\n903b0ks.default-1390833912369\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-01-27]
FF Extension: FindBar Tweak - C:\Users\Marki\AppData\Roaming\Mozilla\Firefox\Profiles\n903b0ks.default-1390833912369\Extensions\fbt@quicksaver.xpi [2014-01-27]
FF Extension: Save My Tabs - C:\Users\Marki\AppData\Roaming\Mozilla\Firefox\Profiles\n903b0ks.default-1390833912369\Extensions\savemytabs@dmitriy.khudorozhkov.xpi [2014-01-27]
FF Extension: Adblock Plus - C:\Users\Marki\AppData\Roaming\Mozilla\Firefox\Profiles\n903b0ks.default-1390833912369\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-27]
FF Extension: DownThemAll! - C:\Users\Marki\AppData\Roaming\Mozilla\Firefox\Profiles\n903b0ks.default-1390833912369\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2014-01-27]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-02-09]

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (Autodesk 123D Design) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\adcpobnhinigjfgdjponlboohbhigoml [2013-09-15]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [2014-04-25]
CHR Extension: (AutoCAD 360) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcjeclnkejmbepoibfnamioojinoopln [2013-09-15]
CHR Extension: (No Name) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddkeieaieohnceanbhdeijclgemgjjkf [2014-04-16]
CHR Extension: (Daum Equation Editor) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\dinfmiceliiomokeofbocegmacmagjhe [2013-09-15]
CHR Extension: (Ultimate Flash Sonic Smash Brothers) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\doldmgjebloaondlfkambkkofpnfgmfk [2013-09-15]
CHR Extension: (Autodesk ForceEffect) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekbaidcchahkpedbhdenlmleimihkcim [2013-09-15]
CHR Extension: (Ads Removal) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopdddcinljmpmioaklghcalngfhbaen [2014-02-25]
CHR Extension: (Math Anywhere) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebhifiddmaaeecbaiemfpejghjdjmhc [2013-09-15]
CHR Extension: (Autodesk 123D Catch) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjmccldlkdbjakaebbpiojpfbambiphj [2013-09-15]
CHR Extension: (GmailTeX) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjnmclkoadjdljnfmbnnhaahilafoeji [2013-09-15]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2014-01-21]
CHR Extension: (Fiabee HTML5 Viewer) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngmmpodmhlhciagihcjpdggoihakcahf [2013-09-15]
CHR Extension: (Graph.tk) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkhkaamdeplibnmodcgodlkghphdbahk [2013-09-15]
CHR Extension: (Google Wallet) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-20]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-09-15]
CHR Extension: (No Name) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2013-09-15]
CHR Extension: (Autodesk 123D Make) - C:\Users\Marki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcbnagfoedaclggcfcoodicggmnlhajl [2013-09-15]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AAMWService; C:\Program Files (x86)\Ashampoo\Ashampoo Anti-Malware\AAMW_Service.exe [1313184 2011-09-13] ()
R2 AAMW_WSC_Service_Vista; C:\Program Files (x86)\Ashampoo\Ashampoo Anti-Malware\AAMW_WSC_Service_Vista.exe [52616 2010-03-02] ()
R2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [881952 2014-01-14] (IObit)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3645456 2014-04-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [291912 2014-03-27] (AVG Technologies CZ, s.r.o.)
S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2013\DfsdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany) [File not signed]
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [342336 2014-01-24] (IObit)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 MsDepSvc; C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe [63304 2011-02-04] (Microsoft Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [58345832 2011-09-22] (Microsoft Corporation)
R2 MySQL; C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe [7599616 2009-08-18] () [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1618888 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21009352 2014-04-30] (NVIDIA Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [87040 2012-03-23] () [File not signed]
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [431464 2011-09-22] (Microsoft Corporation)
R2 Tether; C:\Program Files (x86)\Tether\TBService.exe [52664 2011-09-29] ()
R2 TVService; C:\Program Files (x86)\Team MediaPortal\MediaPortal TV Server\TVService.exe [192512 2010-04-13] (Team MediaPortal) [File not signed]
S3 watchmi; C:\Program Files (x86)\watchmi\TvdService.exe [70144 2011-10-07] () [File not signed]
S2 wupdsrvc; C:\Windows\SysWOW64\wupdsrvc.exe [57344 2010-12-20] (VWP) [File not signed]

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [237336 2014-04-18] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192792 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [236824 2014-03-27] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [324376 2014-03-27] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [130840 2014-03-31] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [32536 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-03-31] (AVG Technologies CZ, s.r.o.)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2008-10-28] (AVM Berlin)
R3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2008-10-28] (AVM GmbH)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-16] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S1 mbmiodrvr; C:\Windows\syswow64\mbmiodrvr.sys [4608 2004-04-10] (cansoft@livewiredev.com) [File not signed]
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R0 nvamacpi; C:\Windows\System32\DRIVERS\NVAMACPI.sys [28192 2009-07-17] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19744 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2013-11-19] (IObit.com)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R1 SLEE_18_DRIVER; C:\Windows\Sleen1864.sys [108648 2012-07-24] (Softwareentwicklung Remus - ArchiCrypt - )
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2013-12-24] (IObit)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2011-01-17] (Duplex Secure Ltd.)
R3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-11-19] (IObit.com)
R3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [254976 2010-01-17] (Jungo)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz134; \??\C:\Users\Marki\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-16 21:42 - 2014-06-16 21:42 - 00005773 _____ () C:\Users\Marki\Desktop\reduzierte_Sitzung.txt
2014-06-16 21:11 - 2014-06-16 21:11 - 00022475 _____ () C:\Users\Marki\Desktop\eset.txt
2014-06-16 12:21 - 2014-06-16 12:21 - 00854367 _____ () C:\Users\Marki\Desktop\SecurityCheck.exe
2014-06-16 12:10 - 2014-06-16 12:10 - 02347384 _____ (ESET) C:\Users\Marki\Desktop\esetsmartinstaller_deu.exe
2014-06-10 23:19 - 2014-06-10 23:19 - 00001791 _____ () C:\Users\Marki\Desktop\JRT.txt
2014-06-10 22:42 - 2014-06-10 22:42 - 01016261 _____ (Thisisu) C:\Users\Marki\Desktop\JRT.exe
2014-06-10 22:42 - 2014-06-10 22:42 - 00000000 ____D () C:\Windows\ERUNT
2014-06-10 22:30 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-10 22:29 - 2014-06-10 22:33 - 00000000 ____D () C:\AdwCleaner
2014-06-10 22:26 - 2014-06-10 22:26 - 01333465 _____ () C:\Users\Marki\Desktop\adwcleaner_3.212.exe
2014-06-10 22:23 - 2014-06-10 22:23 - 00010661 _____ () C:\Users\Marki\Desktop\mbamtxt.txt
2014-06-10 21:19 - 2014-06-10 21:19 - 00032808 _____ () C:\Users\Marki\Desktop\mbam.txt
2014-06-10 17:19 - 2014-06-16 20:13 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-10 17:19 - 2014-06-10 17:19 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-10 17:19 - 2014-06-10 17:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-06-10 17:18 - 2014-06-10 17:19 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-06-10 17:18 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-10 17:18 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-10 17:18 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-10 17:17 - 2014-06-10 17:17 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Marki\Desktop\mbam-setup-2.0.2.1012.exe
2014-06-09 21:04 - 2014-06-09 21:04 - 00051735 _____ () C:\ComboFix.txt
2014-06-09 21:04 - 2014-06-09 21:04 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\temp
2014-06-09 21:04 - 2014-06-09 21:04 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-06-09 21:04 - 2014-06-09 21:04 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-06-09 21:04 - 2014-06-09 21:04 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-06-09 20:41 - 2014-06-09 21:04 - 00000000 ____D () C:\ComboFix
2014-06-09 20:38 - 2014-06-09 20:39 - 05205664 ____R (Swearware) C:\Users\Marki\Desktop\ComboFix.exe
2014-06-09 20:27 - 2014-06-09 20:27 - 00001268 _____ () C:\Users\Marki\Desktop\Revo Uninstaller.lnk
2014-06-09 20:27 - 2014-06-09 20:27 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-06-09 20:26 - 2014-06-09 20:26 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Marki\Desktop\revosetup95.exe
2014-06-06 23:37 - 2014-06-16 22:34 - 00000000 ____D () C:\FRST
2014-06-06 23:34 - 2014-06-16 22:34 - 00000000 ____D () C:\Users\Marki\Desktop\FRST64
2014-06-02 19:31 - 2014-06-03 08:52 - 00000108 _____ () C:\Users\Marki\Desktop\Namen.txt
2014-06-01 23:25 - 2014-06-01 23:25 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-01 23:25 - 2014-06-01 23:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-01 23:25 - 2014-06-01 23:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-01 23:25 - 2014-06-01 23:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-01 23:25 - 2014-06-01 23:25 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-01 23:25 - 2014-06-01 23:25 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-01 23:14 - 2014-06-01 23:14 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-06-01 23:14 - 2014-06-01 23:14 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-06-01 23:11 - 2014-06-01 23:11 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-06-01 23:11 - 2014-06-01 23:11 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-06-01 23:11 - 2014-06-01 23:11 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-06-01 23:11 - 2014-06-01 23:11 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-06-01 23:11 - 2014-06-01 23:11 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-06-01 23:10 - 2014-06-01 23:10 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-06-01 23:10 - 2014-06-01 23:10 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-06-01 23:10 - 2014-06-01 23:10 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-06-01 23:10 - 2014-06-01 23:10 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-06-01 23:10 - 2014-06-01 23:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-06-01 23:10 - 2014-06-01 23:10 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-06-01 23:10 - 2014-06-01 23:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-06-01 22:26 - 2014-06-01 22:26 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-06-01 22:22 - 2014-05-15 01:49 - 03774821 _____ () C:\Windows\system32\nvcoproc.bin
2014-06-01 22:15 - 2014-05-20 04:44 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-06-01 22:15 - 2014-05-20 04:44 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-06-01 22:15 - 2014-05-20 04:44 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-06-01 22:15 - 2014-05-20 04:44 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-06-01 22:15 - 2014-05-20 04:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-06-01 22:15 - 2014-05-20 04:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-06-01 22:15 - 2014-05-20 04:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-06-01 22:15 - 2014-05-20 04:44 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-06-01 22:15 - 2014-05-20 04:44 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-06-01 22:15 - 2014-05-20 04:44 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-06-01 22:15 - 2014-05-20 04:44 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-06-01 22:14 - 2014-05-20 04:44 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-06-01 22:14 - 2014-05-20 04:44 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-06-01 22:14 - 2014-05-20 04:44 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-06-01 22:14 - 2014-05-20 04:44 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-06-01 22:14 - 2014-05-20 04:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-06-01 22:14 - 2014-05-20 04:44 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-06-01 22:14 - 2014-05-20 04:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-06-01 22:14 - 2014-05-20 04:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-06-01 22:14 - 2014-05-20 04:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-06-01 21:18 - 2014-03-31 18:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-06-01 21:18 - 2014-03-31 18:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-06-01 20:46 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-01 20:46 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-01 20:32 - 2014-06-01 20:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-27 23:48 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-27 23:48 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-27 23:48 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-27 23:48 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-27 23:48 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-27 23:48 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-27 23:48 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-27 23:48 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-27 21:35 - 2014-05-27 21:35 - 00000000 _____ () C:\ProgramData\rebootpending.txt
2014-05-27 20:57 - 2014-05-27 20:57 - 00003140 _____ () C:\Windows\System32\Tasks\{3B52FDD0-CC2B-4E61-BF64-DE3E218ED6AF}
2014-05-27 17:48 - 2014-05-27 21:36 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-05-27 15:32 - 2014-06-16 17:47 - 00060698 _____ () C:\Users\Marki\Desktop\opentabs-MARK-20140527-1429.txt

==================== One Month Modified Files and Folders =======

2014-06-16 22:35 - 2010-03-08 03:09 - 00000000 ____D () C:\Users\Marki\AppData\Local\Temp
2014-06-16 22:34 - 2014-06-06 23:37 - 00000000 ____D () C:\FRST
2014-06-16 22:34 - 2014-06-06 23:34 - 00000000 ____D () C:\Users\Marki\Desktop\FRST64
2014-06-16 21:45 - 2010-10-18 00:35 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-16 21:42 - 2014-06-16 21:42 - 00005773 _____ () C:\Users\Marki\Desktop\reduzierte_Sitzung.txt
2014-06-16 21:11 - 2014-06-16 21:11 - 00022475 _____ () C:\Users\Marki\Desktop\eset.txt
2014-06-16 20:13 - 2014-06-10 17:19 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-16 17:47 - 2014-05-27 15:32 - 00060698 _____ () C:\Users\Marki\Desktop\opentabs-MARK-20140527-1429.txt
2014-06-16 13:27 - 2014-01-27 02:58 - 01649216 _____ () C:\Windows\WindowsUpdate.log
2014-06-16 12:21 - 2014-06-16 12:21 - 00854367 _____ () C:\Users\Marki\Desktop\SecurityCheck.exe
2014-06-16 12:10 - 2014-06-16 12:10 - 02347384 _____ (ESET) C:\Users\Marki\Desktop\esetsmartinstaller_deu.exe
2014-06-16 12:05 - 2010-03-08 03:09 - 00000000 ____D () C:\Users\Marki
2014-06-16 12:03 - 2010-03-29 22:40 - 00003914 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{A3EDA87D-FFDA-4248-8FCA-7324950DEDAF}
2014-06-16 12:00 - 2009-07-14 06:45 - 00015808 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-16 12:00 - 2009-07-14 06:45 - 00015808 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-16 11:58 - 2012-03-17 00:53 - 00000000 ____D () C:\ProgramData\MFAData
2014-06-16 11:58 - 2011-06-21 19:25 - 00000004 _____ () C:\Windows\SysWOW64\wupdsrvc.cfg
2014-06-16 11:57 - 2010-10-18 00:35 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-16 11:53 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-13 05:03 - 2010-10-18 21:13 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-12 11:25 - 2014-03-09 05:12 - 119029760 _____ () C:\Windows\system32\config\software.iodefrag.bak
2014-06-12 11:25 - 2014-03-09 05:12 - 06979584 _____ () C:\Windows\system32\config\default.iodefrag.bak
2014-06-12 11:25 - 2014-03-09 05:12 - 00065536 _____ () C:\Windows\system32\config\sam.iodefrag.bak
2014-06-12 11:25 - 2014-03-09 05:12 - 00032768 _____ () C:\Windows\system32\config\security.iodefrag.bak
2014-06-12 06:32 - 2011-03-06 02:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Software Informer
2014-06-10 23:19 - 2014-06-10 23:19 - 00001791 _____ () C:\Users\Marki\Desktop\JRT.txt
2014-06-10 22:42 - 2014-06-10 22:42 - 01016261 _____ (Thisisu) C:\Users\Marki\Desktop\JRT.exe
2014-06-10 22:42 - 2014-06-10 22:42 - 00000000 ____D () C:\Windows\ERUNT
2014-06-10 22:33 - 2014-06-10 22:29 - 00000000 ____D () C:\AdwCleaner
2014-06-10 22:26 - 2014-06-10 22:26 - 01333465 _____ () C:\Users\Marki\Desktop\adwcleaner_3.212.exe
2014-06-10 22:23 - 2014-06-10 22:23 - 00010661 _____ () C:\Users\Marki\Desktop\mbamtxt.txt
2014-06-10 21:19 - 2014-06-10 21:19 - 00032808 _____ () C:\Users\Marki\Desktop\mbam.txt
2014-06-10 17:19 - 2014-06-10 17:19 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-10 17:19 - 2014-06-10 17:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-06-10 17:19 - 2014-06-10 17:18 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-06-10 17:18 - 2013-02-08 17:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-10 17:17 - 2014-06-10 17:17 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Marki\Desktop\mbam-setup-2.0.2.1012.exe
2014-06-10 01:08 - 2010-04-03 23:57 - 00000000 ____D () C:\Users\Marki\AppData\Local\Apps\2.0
2014-06-09 21:04 - 2014-06-09 21:04 - 00051735 _____ () C:\ComboFix.txt
2014-06-09 21:04 - 2014-06-09 21:04 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\temp
2014-06-09 21:04 - 2014-06-09 21:04 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-06-09 21:04 - 2014-06-09 21:04 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-06-09 21:04 - 2014-06-09 21:04 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-06-09 21:04 - 2014-06-09 20:41 - 00000000 ____D () C:\ComboFix
2014-06-09 21:04 - 2012-10-20 19:40 - 00000000 ____D () C:\Qoobox
2014-06-09 20:57 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-06-09 20:39 - 2014-06-09 20:38 - 05205664 ____R (Swearware) C:\Users\Marki\Desktop\ComboFix.exe
2014-06-09 20:27 - 2014-06-09 20:27 - 00001268 _____ () C:\Users\Marki\Desktop\Revo Uninstaller.lnk
2014-06-09 20:27 - 2014-06-09 20:27 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-06-09 20:26 - 2014-06-09 20:26 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Marki\Desktop\revosetup95.exe
2014-06-09 20:07 - 2013-11-05 20:33 - 00000000 ____D () C:\ProgramData\ProductData
2014-06-09 14:31 - 2013-11-11 21:31 - 00000000 ____D () C:\Users\Marki\Desktop\Datenabbilder
2014-06-06 23:49 - 2014-01-26 23:33 - 00190976 ___SH () C:\Users\Marki\Desktop\Thumbs.db
2014-06-03 08:52 - 2014-06-02 19:31 - 00000108 _____ () C:\Users\Marki\Desktop\Namen.txt
2014-06-02 12:23 - 2014-01-26 23:33 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-02 12:21 - 2010-03-08 03:09 - 00000000 ___RD () C:\Users\Marki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-02 12:21 - 2010-03-08 03:09 - 00000000 ___RD () C:\Users\Marki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-06-02 09:01 - 2014-03-13 10:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-06-02 09:01 - 2014-02-26 03:05 - 00000981 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-06-02 05:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-02 04:04 - 2014-04-29 23:11 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-02 03:40 - 2010-06-03 00:45 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-02 03:33 - 2013-09-15 03:28 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-02 03:13 - 2010-04-04 20:28 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-01 23:25 - 2014-06-01 23:25 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-01 23:25 - 2014-06-01 23:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-01 23:25 - 2014-06-01 23:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-01 23:25 - 2014-06-01 23:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-01 23:25 - 2014-06-01 23:25 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-01 23:25 - 2014-06-01 23:25 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-01 23:14 - 2014-06-01 23:14 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-06-01 23:14 - 2014-06-01 23:14 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-06-01 23:11 - 2014-06-01 23:11 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-06-01 23:11 - 2014-06-01 23:11 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-06-01 23:11 - 2014-06-01 23:11 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-06-01 23:11 - 2014-06-01 23:11 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-06-01 23:11 - 2014-06-01 23:11 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-06-01 23:11 - 2014-06-01 23:11 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-06-01 23:10 - 2014-06-01 23:10 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-06-01 23:10 - 2014-06-01 23:10 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-06-01 23:10 - 2014-06-01 23:10 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-06-01 23:10 - 2014-06-01 23:10 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-06-01 23:10 - 2014-06-01 23:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-06-01 23:10 - 2014-06-01 23:10 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-06-01 23:10 - 2014-06-01 23:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-06-01 22:26 - 2014-06-01 22:26 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-06-01 22:26 - 2010-11-07 16:01 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-06-01 22:23 - 2010-03-12 01:57 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-01 20:33 - 2014-06-01 20:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-27 21:36 - 2014-05-27 17:48 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-05-27 21:35 - 2014-05-27 21:35 - 00000000 _____ () C:\ProgramData\rebootpending.txt
2014-05-27 21:34 - 2012-10-20 20:57 - 00000000 ____D () C:\ProgramData\Avira
2014-05-27 20:57 - 2014-05-27 20:57 - 00003140 _____ () C:\Windows\System32\Tasks\{3B52FDD0-CC2B-4E61-BF64-DE3E218ED6AF}
2014-05-27 20:38 - 2013-11-05 20:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7
2014-05-27 20:38 - 2013-09-15 01:13 - 00000000 ____D () C:\Users\Marki\AppData\Local\NVIDIA
2014-05-27 20:38 - 2012-09-26 01:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-05-27 20:38 - 2011-04-01 00:50 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-05-27 20:38 - 2011-03-05 09:51 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-05-27 20:38 - 2010-10-18 21:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-27 20:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-27 20:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2014-05-27 20:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2014-05-27 20:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-05-27 20:29 - 2010-05-02 19:07 - 00000000 ____D () C:\ProgramData\MySQL
2014-05-27 20:28 - 2012-01-11 21:55 - 00000000 ____D () C:\ProgramData\IObit
2014-05-27 14:39 - 2014-03-14 05:37 - 41512960 _____ () C:\Windows\system32\config\components.iodefrag.bak
2014-05-27 00:07 - 2014-04-06 21:38 - 00000000 ____D () C:\Users\Marki\Desktop\Physik_4.Semester
2014-05-26 21:32 - 2014-04-21 23:02 - 00000000 ____D () C:\Users\Marki\AppData\Local\NVIDIA Corporation
2014-05-21 02:18 - 2014-04-29 23:46 - 00000000 ____D () C:\Users\Marki\Desktop\Experimentelle_Methoden_der_Physik
2014-05-20 04:44 - 2014-06-01 22:15 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-05-20 04:44 - 2014-06-01 22:15 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-05-20 04:44 - 2014-06-01 22:15 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-05-20 04:44 - 2014-06-01 22:15 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-05-20 04:44 - 2014-06-01 22:15 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-05-20 04:44 - 2014-06-01 22:15 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-05-20 04:44 - 2014-06-01 22:15 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-05-20 04:44 - 2014-06-01 22:15 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-05-20 04:44 - 2014-06-01 22:15 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-05-20 04:44 - 2014-06-01 22:15 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-05-20 04:44 - 2014-06-01 22:15 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-05-20 04:44 - 2014-06-01 22:14 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-05-20 04:44 - 2014-06-01 22:14 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-05-20 04:44 - 2014-06-01 22:14 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-05-20 04:44 - 2014-06-01 22:14 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-05-20 04:44 - 2014-06-01 22:14 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-05-20 04:44 - 2014-06-01 22:14 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-05-20 04:44 - 2014-06-01 22:14 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-05-20 04:44 - 2014-06-01 22:14 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-05-20 04:44 - 2014-06-01 22:14 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-05-20 04:44 - 2013-11-05 21:12 - 16003912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-05-20 04:44 - 2013-11-05 21:12 - 14434704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-05-20 04:44 - 2013-02-26 00:32 - 18531568 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-05-20 04:44 - 2013-02-26 00:32 - 02730208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-05-20 04:44 - 2012-10-10 22:23 - 03109248 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-05-20 04:44 - 2012-02-27 20:59 - 00026069 _____ () C:\Windows\system32\nvinfo.pb
2014-05-20 03:25 - 2012-01-11 19:30 - 03514144 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-05-20 03:25 - 2012-01-11 19:30 - 02560968 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-05-20 03:25 - 2012-01-11 19:30 - 00927520 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-05-20 03:25 - 2012-01-11 19:30 - 00062808 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-05-20 03:25 - 2012-01-11 19:29 - 06769096 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-05-20 03:25 - 2012-01-11 19:29 - 00387528 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-05-18 04:34 - 2014-05-07 02:23 - 00038969 ____H () C:\Users\Marki\Desktop\~WRL0003.tmp
2014-05-17 01:38 - 2011-03-03 00:56 - 00000000 ____D () C:\Users\Marki\Desktop\Ich..... auf Fotos
2014-05-17 01:34 - 2011-10-01 19:54 - 00000000 ____D () C:\Users\Marki\AppData\Local\Paint.NET

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-10 21:52

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Aso zu der noch Probleme- Frage, mein Internet funktioniert gelegentlich voll und manchmal eben nur diese drei Seiten, so konnte ich die Anweisungen ausführen.
D.h. ich weiss, wenn ich meinen PC neustarte nicht hundertprozentig ob alles in Ordnung ist, glaub ich zumindest.
ALs vorgehensweise, nachdem das Internet eben nicht funktioniert hat, habe ich alle Virenscanner, Malwarescanner und Smart Defrag durchlaufen lassen- manchmal hat es dann auch geklappt..
zudem als ich vorhin die TV- Streaming Seite schoener-fernsehen.de besucht habe, musste ich bei Malwarebytes Antimalware min. 2 Webseiten zulassen und er schickt mir noch non-stop weitere Meldungen, bei denen ich nichts mache.

Viele Grüße und herzlichen Dank,
Physik_Rocks

PS: Was mache ich wieder wenn MalwareBytes- Antimalware abläuft- im Sinne von veraltet- wie schon einmal ?
--- --- ---

Alt 17.06.2014, 09:57   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Verschiedene Browser öffnen nur Facebook, Google & YouTube - Standard

Verschiedene Browser öffnen nur Facebook, Google & YouTube



Zitat:
C:\Users\Marki\Desktop\Datenabbilder\Alte Firefox-Daten
Löschen, ebenso die Downloads im Download Ordner.

MBAM wird irgendwann zur Testversion, ohne Website-Schutz, ausser du kaufst es.

Flash Player deinstallierne und aktuelle Version installieren.


Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Und ich würde dringend anraten den ganzen IOBIT Scheiss zu deinstallieren, vor allem das AV Programm. Das is eine drecks-unseriöse reissack-Firma die nix können wir nur bei andern Firmen Daten klauen!
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 18.06.2014, 19:33   #15
Physik_Rocks
 
Verschiedene Browser öffnen nur Facebook, Google & YouTube - Unglücklich

Verschiedene Browser öffnen nur Facebook, Google & YouTube



Hey,

leider geht inzwischen wieder nur das Internet beschränkt auf diese drei Seiten. .. nun welche Alte Firefox Daten meintest du ich hab einfach mal die zwei aus dem Datenabbilder und das eine vom Desktop gelöscht.

Das mit dem Flash- Player kann ich derzeit nicht ausführen und anstatt Windowstaste + R- Taste zu drücken habe ich bei Start einfach cmd eingegeben ich glaube dahin wolltest du, bei der Tastenkombination sprang die Markierung auf dem Desktop nur zwischen den Dingen die mit R beginnen hin und her.

Das kopieren lief dann über in FB an mich selbst schicken log hier...
Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-06-2014
Ran by Marki at 2014-06-18 20:19:38 Run:1
Running from C:\Users\Marki\Desktop\FRST64
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
*****************

'HKLM\SOFTWARE\Policies\Google' => Key deleted successfully.

==== End of Fixlog ====
         
Dann wollte ich noch gerne wissen welchen Download- Ordner du genau meinst, sind ja schließlich mehrere und was von iobit mit AV ??

Viele Grüße und weiterhin Dankeschön für die Mühe -.-,
Physik_Rocks

Antwort

Themen zu Verschiedene Browser öffnen nur Facebook, Google & YouTube
combofix funktioniert nicht, facebook und youtube funktionieren, hijack.searchpage, keine updates, pup.optional.1clickdownload.a, pup.optional.alexatb.a, pup.optional.amazontb.a, pup.optional.babylontoolbar.a, pup.optional.conduit, pup.optional.conduit.a, pup.optional.conduittb.a, pup.optional.datamangr.a, pup.optional.downloadguide.a, pup.optional.funmoods.a, pup.optional.hdvidcodec.a, pup.optional.plushd.a, pup.optional.pricegong.a, pup.optional.pricepeep.a, pup.optional.regcleanerpro, pup.optional.regcleanerpro.a, pup.optional.searchcertifiedtb.a, pup.optional.slicksavings.a, pup.optional.softonic.a, pup.optional.spigot.a, seitenladefehler




Ähnliche Themen: Verschiedene Browser öffnen nur Facebook, Google & YouTube


  1. Kann nur Facebook, Google, Youtube und Wikipedia öffnen
    Netzwerk und Hardware - 23.07.2015 (3)
  2. Windows 7: Öffnen von Websiten wie Google, Youtube, etc. stößt auf Fehlermeldung
    Log-Analyse und Auswertung - 08.12.2014 (10)
  3. Windows 8: Das Öffnen von Werbungen mit Google/YouTube-Suche
    Log-Analyse und Auswertung - 09.07.2014 (17)
  4. Kann nur noch Facebook Youtube und google öffnen :/
    Plagegeister aller Art und deren Bekämpfung - 04.06.2014 (3)
  5. Sämtliche Browser können nur noch Google und ein Suche öffnen
    Plagegeister aller Art und deren Bekämpfung - 25.02.2014 (21)
  6. Manche Webseiten wie Google, Youtube, Facebook,... von Survey gesperrt
    Plagegeister aller Art und deren Bekämpfung - 19.12.2013 (14)
  7. Kann Google /incl youtube nicht öffnen
    Log-Analyse und Auswertung - 07.12.2013 (13)
  8. Windows 7: Google, Facebook, Youtube laden nicht/ lassen sich nicht öffnen
    Log-Analyse und Auswertung - 19.11.2013 (19)
  9. Google youtube Facebook gesperrt
    Plagegeister aller Art und deren Bekämpfung - 17.11.2013 (8)
  10. Werbung auf Google, Youtube, Facebook, etc.
    Plagegeister aller Art und deren Bekämpfung - 11.06.2013 (14)
  11. Browser öffnen bei Klick auf Google Suchergebnis Werbung
    Plagegeister aller Art und deren Bekämpfung - 19.03.2013 (13)
  12. Facebook, Youtube , Google, etc durch Surveys gesperrt!
    Plagegeister aller Art und deren Bekämpfung - 04.03.2013 (19)
  13. Kein Zugriff mehr auf YouTube, Facebook, Google,Ebay und tumblr
    Plagegeister aller Art und deren Bekämpfung - 12.02.2013 (1)
  14. Seitenladefehler IE,Firefox bei jeglicher anmeldung (GMX, Facebook,youtube,Google)
    Plagegeister aller Art und deren Bekämpfung - 22.01.2012 (1)
  15. Browser-Hijacking - Google-Links öffnen Schund
    Log-Analyse und Auswertung - 24.03.2011 (2)
  16. browser öffnen keine google links!?
    Log-Analyse und Auswertung - 06.09.2009 (2)

Zum Thema Verschiedene Browser öffnen nur Facebook, Google & YouTube - Hey Trojaner- Board- Support, Ich habe folgendes Problem, was vermutlich die Folge von vielen Problemen war... Also: Meine Browser, Firefox als auch IE, öffnen nur 3 Seiten, diese wären alle - Verschiedene Browser öffnen nur Facebook, Google & YouTube...
Archiv
Du betrachtest: Verschiedene Browser öffnen nur Facebook, Google & YouTube auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.