|  | 
| 
 | |||||||
| Plagegeister aller Art und deren Bekämpfung: Programme ruckeln stark und laufen instabil.Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. | 
|  | 
|  13.07.2014, 11:23 | #1 | 
|   |   Programme ruckeln stark und laufen instabil. Viele meiner leistungsfordernden Programme wie Computerspiele laufen nach einiger Zeit sehr instabil und fangen an zuruckeln. Auch die Geschwindigkeit beim surfen im Internet ist nicht optimal. Ich habe im Verdacht das sich Schadsoftware auf meinem Rechner befindet und bräuchte Expertenhilfe. Ich habe die Laufwerksemulation mithilfe vom defogger bereits abgeschaltet. Ich werde das addition log als Anhang mit einfügen, da die mail sonst zu lang wird. Gmer.txt Code: 
  ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-07-13 11:58:39
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 SAMSUNG_ rev.2AJ1 596,17GB
Running: Gmer-19357.exe; Driver: C:\Users\Daniel\AppData\Local\Temp\uwdyrpod.sys
---- Kernel code sections - GMER 2.1 ----
.text    C:\WINDOWS\System32\win32k.sys!W32pServiceTable                                                                                                                                                                        fffff96000191c00 7 bytes [00, 12, 81, 01, 00, 1B, F2]
.text    C:\WINDOWS\System32\win32k.sys!W32pServiceTable + 8                                                                                                                                                                    fffff96000191c08 7 bytes [01, 18, C0, FF, 00, D7, DA]
---- User code sections - GMER 2.1 ----
.text    C:\WINDOWS\system32\csrss.exe[660] C:\WINDOWS\SYSTEM32\kernel32.dll!GetBinaryTypeW + 163                                                                                                                               000007fb0243f817 1 byte [62]
.text    C:\WINDOWS\system32\wininit.exe[768] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                                                             000007fb0243f817 1 byte [62]
.text    C:\WINDOWS\system32\csrss.exe[784] C:\WINDOWS\SYSTEM32\kernel32.dll!GetBinaryTypeW + 163                                                                                                                               000007fb0243f817 1 byte [62]
.text    C:\WINDOWS\system32\winlogon.exe[840] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                                                            000007fb0243f817 1 byte [62]
.text    C:\WINDOWS\system32\services.exe[864] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                                                            000007fb0243f817 1 byte [62]
.text    C:\WINDOWS\system32\lsass.exe[884] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                                                               000007fb0243f817 1 byte [62]
.text    C:\WINDOWS\system32\svchost.exe[988] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                                                             000007fb0243f817 1 byte [62]
.text    C:\WINDOWS\system32\nvvsvc.exe[376] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                                                              000007fb0243f817 1 byte [62]
.text    C:\WINDOWS\system32\svchost.exe[416] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                                                             000007fb0243f817 1 byte [62]
.text    C:\WINDOWS\System32\svchost.exe[500] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                                                             000007fb0243f817 1 byte [62]
.text    C:\WINDOWS\system32\svchost.exe[668] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                                                             000007fb0243f817 1 byte [62]
.text    C:\WINDOWS\system32\svchost.exe[788] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                                                             000007fb0243f817 1 byte [62]
.text    C:\WINDOWS\system32\dwm.exe[444] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                                                                 000007fb0243f817 1 byte [62]
.text    C:\WINDOWS\system32\dwm.exe[444] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 306                                                                                                                          000007fb01bc177a 4 bytes [BC, 01, FB, 07]
.text    C:\WINDOWS\system32\dwm.exe[444] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 314                                                                                                                          000007fb01bc1782 4 bytes [BC, 01, FB, 07]
.text    C:\WINDOWS\System32\svchost.exe[1036] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                                                            000007fb0243f817 1 byte [62]
.text    C:\PROGRAM FILES\NVIDIA CORPORATION\DISPLAY\NVXDSYNC.EXE[1140] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                                   000007fb0243f817 1 byte [62]
.text    C:\PROGRAM FILES\NVIDIA CORPORATION\DISPLAY\NVXDSYNC.EXE[1140] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 690                                                                                                      000007faff671532 4 bytes [67, FF, FA, 07]
.text    C:\PROGRAM FILES\NVIDIA CORPORATION\DISPLAY\NVXDSYNC.EXE[1140] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 698                                                                                                      000007faff67153a 4 bytes [67, FF, FA, 07]
.text    C:\PROGRAM FILES\NVIDIA CORPORATION\DISPLAY\NVXDSYNC.EXE[1140] C:\WINDOWS\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                                                                                                    000007faff67165a 4 bytes [67, FF, FA, 07]
.text    C:\WINDOWS\system32\nvvsvc.exe[1148] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                                                             000007fb0243f817 1 byte [62]
.text    C:\WINDOWS\system32\nvvsvc.exe[1148] C:\WINDOWS\system32\MSIMG32.dll!GradientFill + 690                                                                                                                                000007faff671532 4 bytes [67, FF, FA, 07]
.text    C:\WINDOWS\system32\nvvsvc.exe[1148] C:\WINDOWS\system32\MSIMG32.dll!GradientFill + 698                                                                                                                                000007faff67153a 4 bytes [67, FF, FA, 07]
.text    C:\WINDOWS\system32\nvvsvc.exe[1148] C:\WINDOWS\system32\MSIMG32.dll!TransparentBlt + 246                                                                                                                              000007faff67165a 4 bytes [67, FF, FA, 07]
.text    C:\WINDOWS\system32\nvvsvc.exe[1148] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 306                                                                                                                      000007fb01bc177a 4 bytes [BC, 01, FB, 07]
.text    C:\WINDOWS\system32\nvvsvc.exe[1148] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 314                                                                                                                      000007fb01bc1782 4 bytes [BC, 01, FB, 07]
.text    C:\WINDOWS\system32\svchost.exe[1296] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                                                            000007fb0243f817 1 byte [62]
.text    C:\WINDOWS\system32\svchost.exe[1344] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                                                            000007fb0243f817 1 byte [62]
.text    C:\WINDOWS\System32\spoolsv.exe[1740] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                                                            000007fb0243f817 1 byte [62]
.text    C:\WINDOWS\system32\svchost.exe[672] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                                                             000007fb0243f817 1 byte [62]
.text    C:\Program Files (x86)\ArchiCrypt\ArchiCrypt Shredder 6\ArchiCryptInjector64.exe[2356] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                           000007fb0243f817 1 byte [62]
.text    C:\WINDOWS\system32\BtwRSupportService.exe[2404] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                                                 000007fb0243f817 1 byte [62]
.text    C:\WINDOWS\system32\BtwRSupportService.exe[2404] C:\WINDOWS\system32\MSIMG32.dll!GradientFill + 690                                                                                                                    000007faff671532 4 bytes [67, FF, FA, 07]
.text    C:\WINDOWS\system32\BtwRSupportService.exe[2404] C:\WINDOWS\system32\MSIMG32.dll!GradientFill + 698                                                                                                                    000007faff67153a 4 bytes [67, FF, FA, 07]
.text    C:\WINDOWS\system32\BtwRSupportService.exe[2404] C:\WINDOWS\system32\MSIMG32.dll!TransparentBlt + 246                                                                                                                  000007faff67165a 4 bytes [67, FF, FA, 07]
.text    C:\WINDOWS\system32\svchost.exe[2480] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                                                            000007fb0243f817 1 byte [62]
.text    C:\WINDOWS\system32\dashost.exe[2552] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                                                            000007fb0243f817 1 byte [62]
.text    C:\WINDOWS\system32\mqsvc.exe[2564] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                                                              000007fb0243f817 1 byte [62]
.text    C:\WINDOWS\system32\mqsvc.exe[2564] C:\WINDOWS\system32\WSOCK32.dll!recvfrom + 742                                                                                                                                     000007faf95c1b32 4 bytes [5C, F9, FA, 07]
.text    C:\WINDOWS\system32\mqsvc.exe[2564] C:\WINDOWS\system32\WSOCK32.dll!recvfrom + 750                                                                                                                                     000007faf95c1b3a 4 bytes [5C, F9, FA, 07]
.text    C:\WINDOWS\System32\svchost.exe[2620] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                                                            000007fb0243f817 1 byte [62]
.text    C:\WINDOWS\System32\svchost.exe[2620] c:\windows\system32\WSOCK32.dll!recvfrom + 742                                                                                                                                   000007faf95c1b32 4 bytes [5C, F9, FA, 07]
.text    C:\WINDOWS\System32\svchost.exe[2620] c:\windows\system32\WSOCK32.dll!recvfrom + 750                                                                                                                                   000007faf95c1b3a 4 bytes [5C, F9, FA, 07]
.text    C:\WINDOWS\System32\svchost.exe[2948] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                                                            000007fb0243f817 1 byte [62]
.text    C:\WINDOWS\System32\svchost.exe[2948] c:\windows\system32\WSOCK32.dll!recvfrom + 742                                                                                                                                   000007faf95c1b32 4 bytes [5C, F9, FA, 07]
.text    C:\WINDOWS\System32\svchost.exe[2948] c:\windows\system32\WSOCK32.dll!recvfrom + 750                                                                                                                                   000007faf95c1b3a 4 bytes [5C, F9, FA, 07]
.text    C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe[2432] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                                   000007fb0243f817 1 byte [62]
.text    C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe[2432] C:\WINDOWS\system32\psapi.dll!GetProcessImageFileNameA + 306                                                                                            000007fb01bc177a 4 bytes [BC, 01, FB, 07]
.text    C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe[2432] C:\WINDOWS\system32\psapi.dll!GetProcessImageFileNameA + 314                                                                                            000007fb01bc1782 4 bytes [BC, 01, FB, 07]
.text    C:\WINDOWS\system32\svchost.exe[2128] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                                                            000007fb0243f817 1 byte [62]
.text    C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe[3088] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                  000007fb0243f817 1 byte [62]
.text    C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe[3088] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 306                                                                           000007fb01bc177a 4 bytes [BC, 01, FB, 07]
.text    C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe[3088] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 314                                                                           000007fb01bc1782 4 bytes [BC, 01, FB, 07]
.text    C:\WINDOWS\system32\svchost.exe[3112] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                                                            000007fb0243f817 1 byte [62]
.text    C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe[3340] C:\WINDOWS\system32\KERNEL32.dll!GetBinaryTypeW + 163                                                                                              000007fb0243f817 1 byte [62]
.text    C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe[3740] C:\WINDOWS\system32\KERNEL32.dll!GetBinaryTypeW + 163                                                                                              000007fb0243f817 1 byte [62]
.text    C:\WINDOWS\system32\svchost.exe[4056] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                                                            000007fb0243f817 1 byte [62]
.text    C:\WINDOWS\system32\svchost.exe[3376] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                                                            000007fb0243f817 1 byte [62]
.text    C:\WINDOWS\system32\wbem\wmiprvse.exe[4152] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                                                      000007fb0243f817 1 byte [62]
.text    C:\WINDOWS\system32\taskhostex.exe[4248] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                                                         000007fb0243f817 1 byte [62]
.text    C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe[4456] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                      000007fb0243f817 1 byte [62]
.text    C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe[4456] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 306                                                                               000007fb01bc177a 4 bytes [BC, 01, FB, 07]
.text    C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe[4456] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 314                                                                               000007fb01bc1782 4 bytes [BC, 01, FB, 07]
.text    C:\WINDOWS\Explorer.EXE[4204] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                                                                    000007fb0243f817 1 byte [62]
.text    C:\WINDOWS\Explorer.EXE[4204] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 306                                                                                                                             000007fb01bc177a 4 bytes [BC, 01, FB, 07]
.text    C:\WINDOWS\Explorer.EXE[4204] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 314                                                                                                                             000007fb01bc1782 4 bytes [BC, 01, FB, 07]
.text    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[5060] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                                     000007fb0243f817 1 byte [62]
.text    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[5060] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 690                                                                                                        000007faff671532 4 bytes [67, FF, FA, 07]
.text    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[5060] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 698                                                                                                        000007faff67153a 4 bytes [67, FF, FA, 07]
.text    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[5060] C:\WINDOWS\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                                                                                                      000007faff67165a 4 bytes [67, FF, FA, 07]
.text    C:\WINDOWS\system32\SearchIndexer.exe[3820] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                                                      000007fb0243f817 1 byte [62]
.text    C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe[4432] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                              000007fb0243f817 1 byte [62]
.text    C:\WINDOWS\system32\wbem\unsecapp.exe[4664] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                                                      000007fb0243f817 1 byte [62]
.text    C:\WINDOWS\system32\taskhost.exe[4392] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                                                           000007fb0243f817 1 byte [62]
.text    C:\WINDOWS\system32\AUDIODG.EXE[64] C:\WINDOWS\SYSTEM32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                                                              000007fb0243f817 1 byte [62]
.text    C:\Program Files\McAfee Security Scan\3.8.130\McUicnt.exe[6128] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 163                                                                                                  000007fb0243f817 1 byte [62]
.text    C:\Program Files\McAfee Security Scan\3.8.130\McUicnt.exe[6128] C:\WINDOWS\system32\psapi.dll!GetProcessImageFileNameA + 306                                                                                           000007fb01bc177a 4 bytes [BC, 01, FB, 07]
.text    C:\Program Files\McAfee Security Scan\3.8.130\McUicnt.exe[6128] C:\WINDOWS\system32\psapi.dll!GetProcessImageFileNameA + 314                                                                                           000007fb01bc1782 4 bytes [BC, 01, FB, 07]
---- Threads - GMER 2.1 ----
Thread   C:\WINDOWS\system32\csrss.exe [784:1544]                                                                                                                                                                               fffff960008905e8
---- Processes - GMER 2.1 ----
Library  C:\Users\Daniel\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll (*** suspicious ***) @ C:\Users\Daniel\AppData\Roaming\Dropbox\bin\Dropbox.exe [5252](2014-01-03 01:09:26)                                                0000000003fa0000
Library  c:\users\daniel\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpx7o2o7.dll (*** suspicious ***) @ C:\Users\Daniel\AppData\Roaming\Dropbox\bin\Dropbox.exe [5252](2014-07-13 05:04:55)  0000000003ea0000
Library  C:\Users\Daniel\AppData\Roaming\Dropbox\bin\libcef.dll (*** suspicious ***) @ C:\Users\Daniel\AppData\Roaming\Dropbox\bin\Dropbox.exe [5252](2013-08-23 19:01:44)                                                      0000000067080000
Library  C:\Users\Daniel\AppData\Roaming\Dropbox\bin\icudt.dll (*** suspicious ***) @ C:\Users\Daniel\AppData\Roaming\Dropbox\bin\Dropbox.exe [5252] (ICU Data DLL/The ICU Project)(2013-08-23 19:01:42)                        00000000666f0000
---- Registry - GMER 2.1 ----
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed                                                                                                                                      -245425283
Reg      HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\b4749f66f08d                                                                                                                                            
Reg      HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Upgrade\LocalRadioSettings                                                                                                                                              
---- Disk sectors - GMER 2.1 ----
Disk     \Device\Harddisk0\DR0                                                                                                                                                                                                  unknown MBR code
---- EOF - GMER 2.1 ----
         FRST Logfile: Code: 
  ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-07-2014
Ran by Daniel (administrator) on DANIEL-PC on 13-07-2014 11:36:27
Running from C:\Users\Daniel\Desktop\Schutz software
Platform: Windows 8 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Softwareentwicklung Remus - ArchiCrypt) C:\Program Files (x86)\ArchiCrypt\ArchiCrypt Shredder 6\ArchiCryptInjector64.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(BillP Studios) C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
(Audible, Inc.) C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Dropbox, Inc.) C:\Users\Daniel\AppData\Roaming\Dropbox\bin\Dropbox.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2817872 2012-04-25] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11106408 2010-08-04] (Realtek Semiconductor)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2777736 2013-04-03] (Crawler.com)
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [3684488 2013-04-03] (Crawler.com)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-03] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-07-04] (AVAST Software)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [455512 2014-05-28] (DivX, LLC)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
HKLM\...\Policies\Explorer: [HideRunAsVerb] 0
HKLM\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1252512109-3750120672-4145686215-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272840 2014-03-31] (Microsoft Corporation)
HKU\S-1-5-21-1252512109-3750120672-4145686215-1001\...\Run: [WinPatrol] => C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe [496192 2014-02-25] (BillP Studios)
HKU\S-1-5-21-1252512109-3750120672-4145686215-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2014-02-17] (Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Audible Download Manager.lnk
ShortcutTarget: Audible Download Manager.lnk -> C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe (Audible, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com?fr=hp-avast&type=avastbcl
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKCU - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: WEB.DE MailCheck BHO - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll ()
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM-x32 - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll ()
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - No Name - {D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} -  No File
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll ()
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ckgp53fe.default
FF DefaultSearchEngine: Yahoo! (Avast)
FF SearchEngineOrder.1: Yahoo! (Avast)
FF SelectedSearchEngine: Yahoo! (Avast)
FF Homepage: https://de.yahoo.com?fr=hp-avast&type=avastbcl
FF Keyword.URL: https://de.search.yahoo.com/yhs/search
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @real.com/nppl3260;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ckgp53fe.default\searchplugins\yahoo-avast.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: WOT - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ckgp53fe.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-12-29]
FF Extension: NoScript - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ckgp53fe.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-12-29]
FF Extension: Adblock Plus - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ckgp53fe.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-29]
FF HKLM-x32\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-06-11]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-06-21]
Chrome: 
=======
CHR HomePage: https://de.yahoo.com?fr=hp-avast&type=avastbcl
CHR StartupUrls: "https://de.yahoo.com?fr=hp-avast&type=avastbcl"
CHR Extension: (Google Docs) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-17]
CHR Extension: (Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-17]
CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-17]
CHR Extension: (Google-Suche) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-17]
CHR Extension: (avast! Online Security) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-03-13]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2014-02-17]
CHR Extension: (Skype Click to Call) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-02-17]
CHR Extension: (Google Wallet) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-17]
CHR Extension: (Google Mail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-17]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-04]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-06-11]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-10-02]
CHR HKLM-x32\...\Chrome\Extension: [ommhmgednjnodcljhlljkaiidghdmikk] - C:\Users\Daniel\AppData\Local\Temp\ccex.crx [2012-10-02]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 ArchiCrypt Sichere Loeschzonen; C:\Program Files (x86)\ArchiCrypt\ArchiCrypt Shredder 6\ArchiCryptInjector64.exe [320600 2013-10-21] (Softwareentwicklung Remus - ArchiCrypt)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-04] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [106488 2014-07-04] (AVAST Software)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2255064 2013-10-28] (Broadcom Corporation.)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [25088 2012-07-26] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S4 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2014-01-27] ()
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1149104 2013-04-03] (Crawler.com)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2412344 2014-01-28] (TuneUp Software)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [471552 2012-07-26] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-04] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-07-04] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-04] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [448400 2014-07-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-04] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-04] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-04] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-04] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-04] ()
S4 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [30568 2012-11-08] (AVG Technologies)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-10-28] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation)
R1 HssDRV6; C:\Windows\system32\DRIVERS\hssdrv6.sys [44744 2014-02-28] (AnchorFree Inc.)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [185856 2012-07-26] (Microsoft Corporation)
S3 rtport; C:\Windows\SysWOW64\drivers\rtport.sys [15144 2011-04-06] (Windows (R) 2003 DDK 3790 provider)
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2013-07-28] (Windows (R) Win 7 DDK provider)
R3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2014-02-28] (Anchorfree Inc.)
S3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-09-19] (TuneUp Software)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13832 2010-04-16] ()
S3 wmbclass; C:\Windows\system32\DRIVERS\wmbclass.sys [230912 2013-04-09] (Microsoft Corporation)
R3 yukonw8; C:\Windows\system32\DRIVERS\yk63x64.sys [287232 2012-06-02] (Marvell)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U3 idsvc; 
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-13 11:35 - 2014-07-13 11:36 - 00000000 ____D () C:\FRST
2014-07-13 11:34 - 2014-07-13 11:34 - 00050477 _____ () C:\Users\Daniel\Downloads\Defogger.exe
2014-07-13 11:34 - 2014-07-13 11:34 - 00000474 _____ () C:\Users\Daniel\Downloads\defogger_disable.log
2014-07-13 11:34 - 2014-07-13 11:34 - 00000000 _____ () C:\Users\Daniel\defogger_reenable
2014-07-11 10:36 - 2014-07-11 10:36 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-07-11 10:36 - 2014-07-11 10:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-11 10:35 - 2014-07-11 10:36 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-11 10:35 - 2014-07-11 10:36 - 00000000 ____D () C:\Program Files\iTunes
2014-07-11 10:35 - 2014-07-11 10:36 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-07-11 10:35 - 2014-07-11 10:35 - 00000000 ____D () C:\Program Files\iPod
2014-07-10 04:41 - 2014-07-10 04:41 - 00000751 _____ () C:\Users\Daniel\Desktop\JRT.txt
2014-07-10 04:23 - 2014-07-10 04:23 - 01348263 _____ () C:\Users\Daniel\Downloads\adwcleaner_3.215.exe
2014-07-10 04:11 - 2014-05-29 06:04 - 00094552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2014-07-10 04:11 - 2014-05-08 03:34 - 00328024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-07-10 03:53 - 2014-07-10 03:53 - 00445632 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-07-09 06:42 - 2014-07-09 06:42 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-08 22:58 - 2014-06-18 01:27 - 01440256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-07-08 22:58 - 2014-06-18 01:24 - 01557504 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-07-08 22:58 - 2014-06-11 06:18 - 04038144 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-07-08 22:58 - 2014-06-03 00:33 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2014-07-08 22:58 - 2014-05-03 08:34 - 06974808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-07-08 22:58 - 2014-05-03 08:33 - 01824808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-07-08 22:58 - 2014-05-03 06:51 - 01408976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-07-08 22:58 - 2014-05-02 00:37 - 01023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-07-08 22:58 - 2014-04-30 00:32 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-07-08 22:58 - 2014-04-30 00:32 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2014-07-08 22:58 - 2014-04-24 01:51 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-07-08 22:58 - 2014-04-24 01:51 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-08 22:58 - 2014-04-24 01:38 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-07-08 22:58 - 2014-04-24 01:38 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-08 22:58 - 2014-02-08 06:34 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-07-08 22:57 - 2014-07-01 00:42 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-07-08 22:57 - 2014-07-01 00:42 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-07-08 22:57 - 2014-07-01 00:42 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-07-08 22:57 - 2014-06-28 05:35 - 00556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-07-08 22:57 - 2014-06-19 04:12 - 02239488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-07-08 22:57 - 2014-06-19 04:12 - 01366528 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-07-08 22:57 - 2014-06-19 04:12 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2014-07-08 22:57 - 2014-06-19 04:12 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-07-08 22:57 - 2014-06-19 04:12 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-07-08 22:57 - 2014-06-19 04:11 - 19277312 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-07-08 22:57 - 2014-06-19 04:11 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-07-08 22:57 - 2014-06-19 04:11 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-07-08 22:57 - 2014-06-19 04:10 - 15369728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-07-08 22:57 - 2014-06-19 04:10 - 03959296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-07-08 22:57 - 2014-06-19 04:10 - 02650624 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-07-08 22:57 - 2014-06-19 04:10 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-07-08 22:57 - 2014-06-19 04:10 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-07-08 22:57 - 2014-06-19 04:10 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-07-08 22:57 - 2014-06-19 04:10 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-07-08 22:57 - 2014-06-19 04:10 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-07-08 22:57 - 2014-06-19 04:10 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2014-07-08 22:57 - 2014-06-19 04:10 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-07-08 22:57 - 2014-06-19 04:10 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-07-08 22:57 - 2014-06-19 04:10 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-07-08 22:57 - 2014-06-19 04:09 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-07-08 22:57 - 2014-06-19 02:53 - 14368768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-07-08 22:57 - 2014-06-19 02:53 - 01766400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-07-08 22:57 - 2014-06-19 02:53 - 01141760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-07-08 22:57 - 2014-06-19 02:53 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-07-08 22:57 - 2014-06-19 02:53 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-07-08 22:57 - 2014-06-19 02:53 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-07-08 22:57 - 2014-06-19 02:53 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-07-08 22:57 - 2014-06-19 02:52 - 13732352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-07-08 22:57 - 2014-06-19 02:52 - 02863616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-07-08 22:57 - 2014-06-19 02:52 - 02051072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-07-08 22:57 - 2014-06-19 02:52 - 01440768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-07-08 22:57 - 2014-06-19 02:52 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-07-08 22:57 - 2014-06-19 02:52 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-07-08 22:57 - 2014-06-19 02:52 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-07-08 22:57 - 2014-06-19 02:52 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-07-08 22:57 - 2014-06-19 02:52 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2014-07-08 22:57 - 2014-06-19 02:52 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-07-08 22:57 - 2014-06-19 02:52 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-07-08 22:57 - 2014-06-19 02:52 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-07-08 22:57 - 2014-06-19 02:33 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-07-08 22:57 - 2014-06-19 02:30 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-07-08 22:57 - 2014-06-19 00:05 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2014-07-08 22:57 - 2014-05-30 01:31 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2014-07-08 22:57 - 2014-05-30 01:03 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-07-08 22:57 - 2014-05-30 01:02 - 01281536 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-07-08 22:57 - 2014-05-30 01:02 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2014-07-08 22:56 - 2014-06-06 16:06 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-07-08 22:56 - 2014-06-06 12:17 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-07-08 22:56 - 2014-05-30 00:24 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-07-05 13:17 - 2014-07-13 11:30 - 00001161 _____ () C:\Users\Daniel\Desktop\CoreTemp.ini
2014-07-05 07:17 - 2014-07-13 07:05 - 00000000 ___RD () C:\Users\Daniel\Dropbox
2014-07-05 07:17 - 2014-07-05 11:36 - 00001021 _____ () C:\Users\Daniel\Desktop\Dropbox.lnk
2014-07-05 07:06 - 2014-07-13 07:05 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\DropboxMaster
2014-07-05 07:06 - 2014-07-05 11:36 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-07-05 07:03 - 2014-07-13 07:05 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Dropbox
2014-07-04 20:14 - 2014-07-04 20:14 - 00448400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNdisFlt.sys
2014-07-04 20:14 - 2014-07-04 20:14 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-06-23 18:14 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
2014-06-23 18:03 - 2014-06-23 18:03 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-06-23 18:03 - 2014-06-23 18:03 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Apple
2014-06-23 18:03 - 2014-06-23 18:03 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-06-23 18:02 - 2014-06-23 18:02 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-06-23 17:43 - 2014-06-23 17:44 - 112616784 _____ (Apple Inc.) C:\Users\Daniel\Downloads\iTunes64Setup.exe
2014-06-19 16:01 - 2014-07-13 07:03 - 00068248 _____ () C:\WINDOWS\setupact.log
2014-06-19 16:01 - 2014-06-19 16:01 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-06-19 16:00 - 2014-07-10 04:26 - 00012098 _____ () C:\WINDOWS\PFRO.log
2014-06-19 05:59 - 2014-06-19 20:53 - 00000041 _____ () C:\Users\Daniel\Desktop\Kennwort Netzwerk Home.txt
2014-06-18 19:12 - 2014-06-18 19:12 - 02347384 _____ (ESET) C:\Users\Daniel\Downloads\esetsmartinstaller_deu.exe
2014-06-18 19:02 - 2014-06-18 19:02 - 01016261 _____ (Thisisu) C:\Users\Daniel\Downloads\JRT_6.1.4(1).exe
2014-06-18 03:53 - 2014-06-18 03:53 - 00000000 ____H () C:\Users\Daniel\AppData\Local\BIT189E.tmp
2014-06-18 03:51 - 2014-06-18 03:51 - 00000000 _____ () C:\Users\Daniel\AppData\Local\{CED4D30C-A6BD-47C4-8937-F29FE156C14E}
2014-06-15 08:17 - 2014-06-15 08:17 - 00313256 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-06-15 08:17 - 2014-06-15 08:17 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-06-15 08:17 - 2014-06-15 08:17 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-06-15 08:17 - 2014-06-15 08:17 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2014-06-13 18:52 - 2014-06-13 18:52 - 00000014 _____ () C:\Users\Daniel\Desktop\apple reklamation.txt
==================== One Month Modified Files and Folders =======
2014-07-13 11:37 - 2014-02-17 07:02 - 00001130 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-13 11:36 - 2014-07-13 11:35 - 00000000 ____D () C:\FRST
2014-07-13 11:36 - 2013-12-24 14:01 - 00000000 ____D () C:\Users\Daniel\Desktop\Schutz software
2014-07-13 11:34 - 2014-07-13 11:34 - 00050477 _____ () C:\Users\Daniel\Downloads\Defogger.exe
2014-07-13 11:34 - 2014-07-13 11:34 - 00000474 _____ () C:\Users\Daniel\Downloads\defogger_disable.log
2014-07-13 11:34 - 2014-07-13 11:34 - 00000000 _____ () C:\Users\Daniel\defogger_reenable
2014-07-13 11:34 - 2012-11-16 21:30 - 00000000 ____D () C:\Users\Daniel
2014-07-13 11:30 - 2014-07-05 13:17 - 00001161 _____ () C:\Users\Daniel\Desktop\CoreTemp.ini
2014-07-13 11:24 - 2012-01-07 11:03 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-13 11:20 - 2013-06-23 13:46 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-07-13 11:00 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-07-13 11:00 - 2012-03-30 10:02 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Skyrim
2014-07-13 10:11 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-07-13 10:09 - 2014-03-23 15:15 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Battle.net
2014-07-13 10:09 - 2014-03-23 15:15 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-07-13 07:36 - 2014-03-15 13:37 - 01764622 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-13 07:05 - 2014-07-05 07:17 - 00000000 ___RD () C:\Users\Daniel\Dropbox
2014-07-13 07:05 - 2014-07-05 07:06 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\DropboxMaster
2014-07-13 07:05 - 2014-07-05 07:03 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Dropbox
2014-07-13 07:04 - 2014-02-17 07:02 - 00001126 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-13 07:04 - 2014-01-03 07:32 - 00000000 ____D () C:\Users\Daniel\Tracing
2014-07-13 07:03 - 2014-06-19 16:01 - 00068248 _____ () C:\WINDOWS\setupact.log
2014-07-13 07:03 - 2012-07-26 09:22 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-12 09:17 - 2013-08-28 15:44 - 00000000 ____D () C:\Program Files (x86)\JoWooD
2014-07-12 09:17 - 2011-11-09 19:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JoWooD
2014-07-11 10:36 - 2014-07-11 10:36 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-07-11 10:36 - 2014-07-11 10:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-11 10:36 - 2014-07-11 10:35 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-11 10:36 - 2014-07-11 10:35 - 00000000 ____D () C:\Program Files\iTunes
2014-07-11 10:36 - 2014-07-11 10:35 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-07-11 10:36 - 2014-05-17 12:17 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-11 10:35 - 2014-07-11 10:35 - 00000000 ____D () C:\Program Files\iPod
2014-07-11 10:24 - 2013-06-21 16:09 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-07-10 05:03 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\rescache
2014-07-10 04:41 - 2014-07-10 04:41 - 00000751 _____ () C:\Users\Daniel\Desktop\JRT.txt
2014-07-10 04:26 - 2014-06-19 16:00 - 00012098 _____ () C:\WINDOWS\PFRO.log
2014-07-10 04:25 - 2014-01-01 19:51 - 00000000 ____D () C:\AdwCleaner
2014-07-10 04:25 - 2012-07-26 07:26 - 00008192 _____ () C:\WINDOWS\system32\config\BBI
2014-07-10 04:23 - 2014-07-10 04:23 - 01348263 _____ () C:\Users\Daniel\Downloads\adwcleaner_3.215.exe
2014-07-10 04:13 - 2013-12-10 19:36 - 00001131 _____ () C:\Users\Public\Desktop\DivX Converter.lnk
2014-07-10 04:13 - 2013-12-10 19:36 - 00001066 _____ () C:\Users\Public\Desktop\DivX Player.lnk
2014-07-10 04:13 - 2013-12-10 19:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2014-07-10 04:13 - 2013-06-22 19:15 - 00001615 _____ () C:\Users\Daniel\Desktop\DivX Movies.lnk
2014-07-10 04:13 - 2012-04-08 10:24 - 00000000 ____D () C:\Program Files\DivX
2014-07-10 04:13 - 2012-04-08 10:24 - 00000000 ____D () C:\Program Files (x86)\DivX
2014-07-10 04:13 - 2012-04-08 10:23 - 00000000 ____D () C:\ProgramData\DivX
2014-07-10 04:11 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-07-10 03:53 - 2014-07-10 03:53 - 00445632 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-07-09 16:34 - 2012-07-26 12:27 - 00879766 _____ () C:\WINDOWS\system32\perfh007.dat
2014-07-09 16:34 - 2012-07-26 12:27 - 00203372 _____ () C:\WINDOWS\system32\perfc007.dat
2014-07-09 16:34 - 2012-07-26 09:28 - 02069876 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-09 06:42 - 2014-07-09 06:42 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-09 06:42 - 2012-07-26 12:29 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-09 06:42 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-09 06:42 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-09 06:42 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\WinStore
2014-07-09 06:31 - 2011-10-01 17:13 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-09 06:30 - 2013-08-14 07:42 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-07-09 06:24 - 2012-07-26 07:26 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-07-09 06:24 - 2011-09-26 06:40 - 96441528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-07-08 19:20 - 2013-06-23 13:46 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-07-08 04:04 - 2013-07-13 07:44 - 00002563 _____ () C:\Users\Public\Desktop\Free System Utilities.lnk
2014-07-07 19:48 - 2010-10-25 03:50 - 00000000 ____D () C:\ProgramData\Temp
2014-07-07 19:37 - 2013-08-01 06:12 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2014-07-05 13:10 - 2014-03-23 15:55 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-07-05 11:36 - 2014-07-05 07:17 - 00001021 _____ () C:\Users\Daniel\Desktop\Dropbox.lnk
2014-07-05 11:36 - 2014-07-05 07:06 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-07-04 20:15 - 2013-12-29 20:17 - 00001972 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-07-04 20:15 - 2013-06-21 16:09 - 00427360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-07-04 20:14 - 2014-07-04 20:14 - 00448400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNdisFlt.sys
2014-07-04 20:14 - 2014-07-04 20:14 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-07-04 20:14 - 2014-04-21 18:33 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-07-04 20:14 - 2013-12-22 17:54 - 00092008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
2014-07-04 20:14 - 2013-07-08 08:06 - 00028184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2014-07-04 20:14 - 2013-06-21 16:09 - 01041168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2014-07-04 20:14 - 2013-06-21 16:09 - 00307344 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-07-04 20:14 - 2013-06-21 16:09 - 00224896 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-07-04 20:14 - 2013-06-21 16:09 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-07-04 20:14 - 2013-06-21 16:09 - 00079184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-07-04 20:14 - 2013-06-21 16:09 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-07-01 00:42 - 2014-07-08 22:57 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-07-01 00:42 - 2014-07-08 22:57 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-07-01 00:42 - 2014-07-08 22:57 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-06-28 12:10 - 2013-09-19 06:46 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\vlc
2014-06-28 07:19 - 2013-07-27 07:17 - 00000000 ____D () C:\Users\Daniel\Downloads\backups
2014-06-28 05:35 - 2014-07-08 22:57 - 00556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-06-26 22:53 - 2013-09-12 05:55 - 00703968 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-06-26 22:53 - 2013-09-12 05:55 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-23 18:33 - 2012-11-16 22:07 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1252512109-3750120672-4145686215-1001
2014-06-23 18:13 - 2012-12-13 19:17 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-06-23 18:03 - 2014-06-23 18:03 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-06-23 18:03 - 2014-06-23 18:03 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Apple
2014-06-23 18:03 - 2014-06-23 18:03 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-06-23 18:02 - 2014-06-23 18:02 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-06-23 18:02 - 2012-12-13 19:16 - 00000000 ____D () C:\ProgramData\Apple
2014-06-23 17:44 - 2014-06-23 17:43 - 112616784 _____ (Apple Inc.) C:\Users\Daniel\Downloads\iTunes64Setup.exe
2014-06-23 17:32 - 2014-02-17 07:02 - 00004102 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-23 17:32 - 2014-02-17 07:02 - 00003866 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-23 05:46 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-06-20 06:29 - 2014-02-17 07:03 - 00002163 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-20 06:29 - 2013-12-30 19:26 - 00001139 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-20 06:29 - 2013-12-30 19:26 - 00001139 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-20 06:29 - 2011-09-24 11:45 - 00001383 _____ () C:\Users\Daniel\Desktop\Internet Explorer.lnk
2014-06-19 20:53 - 2014-06-19 05:59 - 00000041 _____ () C:\Users\Daniel\Desktop\Kennwort Netzwerk Home.txt
2014-06-19 16:01 - 2014-06-19 16:01 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-06-19 04:12 - 2014-07-08 22:57 - 02239488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-06-19 04:12 - 2014-07-08 22:57 - 01366528 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-06-19 04:12 - 2014-07-08 22:57 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2014-06-19 04:12 - 2014-07-08 22:57 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-06-19 04:12 - 2014-07-08 22:57 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-06-19 04:11 - 2014-07-08 22:57 - 19277312 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-06-19 04:11 - 2014-07-08 22:57 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-06-19 04:11 - 2014-07-08 22:57 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-06-19 04:10 - 2014-07-08 22:57 - 15369728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-06-19 04:10 - 2014-07-08 22:57 - 03959296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-06-19 04:10 - 2014-07-08 22:57 - 02650624 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-06-19 04:10 - 2014-07-08 22:57 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-06-19 04:10 - 2014-07-08 22:57 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-06-19 04:10 - 2014-07-08 22:57 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-06-19 04:10 - 2014-07-08 22:57 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-06-19 04:10 - 2014-07-08 22:57 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-06-19 04:10 - 2014-07-08 22:57 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2014-06-19 04:10 - 2014-07-08 22:57 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-06-19 04:10 - 2014-07-08 22:57 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-06-19 04:10 - 2014-07-08 22:57 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-06-19 04:09 - 2014-07-08 22:57 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-06-19 03:12 - 2014-04-21 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2014-06-19 03:12 - 2014-03-20 19:51 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\TS3Client
2014-06-19 03:11 - 2014-04-21 19:44 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-06-19 02:53 - 2014-07-08 22:57 - 14368768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-06-19 02:53 - 2014-07-08 22:57 - 01766400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-06-19 02:53 - 2014-07-08 22:57 - 01141760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-06-19 02:53 - 2014-07-08 22:57 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-06-19 02:53 - 2014-07-08 22:57 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-06-19 02:53 - 2014-07-08 22:57 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-06-19 02:53 - 2014-07-08 22:57 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-06-19 02:52 - 2014-07-08 22:57 - 13732352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-06-19 02:52 - 2014-07-08 22:57 - 02863616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-06-19 02:52 - 2014-07-08 22:57 - 02051072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-06-19 02:52 - 2014-07-08 22:57 - 01440768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-06-19 02:52 - 2014-07-08 22:57 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-06-19 02:52 - 2014-07-08 22:57 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-06-19 02:52 - 2014-07-08 22:57 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-06-19 02:52 - 2014-07-08 22:57 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-06-19 02:52 - 2014-07-08 22:57 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2014-06-19 02:52 - 2014-07-08 22:57 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-06-19 02:52 - 2014-07-08 22:57 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-06-19 02:52 - 2014-07-08 22:57 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-06-19 02:33 - 2014-07-08 22:57 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-06-19 02:30 - 2014-07-08 22:57 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-06-19 00:05 - 2014-07-08 22:57 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2014-06-18 19:12 - 2014-06-18 19:12 - 02347384 _____ (ESET) C:\Users\Daniel\Downloads\esetsmartinstaller_deu.exe
2014-06-18 19:02 - 2014-06-18 19:02 - 01016261 _____ (Thisisu) C:\Users\Daniel\Downloads\JRT_6.1.4(1).exe
2014-06-18 18:40 - 2014-06-04 05:34 - 00003852 _____ () C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1394894571
2014-06-18 18:40 - 2014-03-15 16:42 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-06-18 03:53 - 2014-06-18 03:53 - 00000000 ____H () C:\Users\Daniel\AppData\Local\BIT189E.tmp
2014-06-18 03:51 - 2014-06-18 03:51 - 00000000 _____ () C:\Users\Daniel\AppData\Local\{CED4D30C-A6BD-47C4-8937-F29FE156C14E}
2014-06-18 01:27 - 2014-07-08 22:58 - 01440256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-06-18 01:24 - 2014-07-08 22:58 - 01557504 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-06-16 18:10 - 2013-09-19 06:23 - 00000000 ____D () C:\ProgramData\Oracle
2014-06-16 18:09 - 2013-12-25 19:52 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-06-16 18:09 - 2013-12-25 19:52 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-06-16 18:09 - 2013-12-25 19:52 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-06-16 18:09 - 2013-06-24 17:40 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-06-16 18:09 - 2013-06-24 17:40 - 00000000 ____D () C:\Program Files (x86)\Java
2014-06-15 08:17 - 2014-06-15 08:17 - 00313256 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-06-15 08:17 - 2014-06-15 08:17 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-06-15 08:17 - 2014-06-15 08:17 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-06-15 08:17 - 2014-06-15 08:17 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2014-06-13 18:52 - 2014-06-13 18:52 - 00000014 _____ () C:\Users\Daniel\Desktop\apple reklamation.txt
Some content of TEMP:
====================
C:\Users\Daniel\AppData\Local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpx7o2o7.dll
C:\Users\Daniel\AppData\Local\temp\Quarantine.exe
C:\Users\Daniel\AppData\Local\temp\WEB.DE_Toolbar_IE_Setup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-07-13 07:16
==================== End Of Log ============================
         Danke schon mal im voraus. Mfg LuciLu | 
|  13.07.2014, 12:27 | #2 | 
| /// the machine /// TB-Ausbilder         |   Programme ruckeln stark und laufen instabil. Hi,__________________ Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen. Ich kann auf Arbeit keine Anhänge öffnen, danke.  So funktioniert es: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor: 
 
				__________________ | 
|  13.07.2014, 14:21 | #3 | 
|   |   Programme ruckeln stark und laufen instabil. Okay, sorry. Hier ist der addition.txt.__________________ Code: 
  ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-07-2014
Ran by Daniel at 2014-07-13 11:37:46
Running from C:\Users\Daniel\Desktop\Schutz software
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installed Programs ======================
„Windows Live Essentials“ (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
„Windows Live Mail“ (x32 Version: 16.4.3528.0331 - „Microsoft Corporation“) Hidden
„Windows Live Messenger“ (x32 Version: 16.4.3528.0331 - „Microsoft Corporation“) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adblock IE 2.3 (HKLM\...\{58161756-037B-42CD-B575-AF804A2F0F47}) (Version: 2.3.1756 - MGTEK)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.110 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.82 - WildTangent) Hidden
AIO_CDA_ProductContext (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
AIO_CDA_Software (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
Amazon Kindle (HKCU\...\Amazon Kindle) (Version:  - Amazon)
Amazon MP3-Downloader 1.0.9 (HKLM-x32\...\Amazon MP3-Downloader) (Version:  - )
Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArchiCrypt Shredder Version 6.9.3.5701 (HKLM-x32\...\ACRYSH6_is1) (Version: 6.9.3.5701 - Softwareentwicklung Remus - ArchiCrypt)
Audible Download Manager (HKLM-x32\...\AudibleDownloadManager) (Version: 6.6.0.15 - Audible, Inc.)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 18414980.4759644.48.2008954696 - Audible, Inc.)
avast! Internet Security (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software)
BatteryLifeExtender (HKLM-x32\...\{E308B555-8434-4AF8-B66F-729897C75F93}) (Version: 1.0.6 - Samsung)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
BBI USB WIRELESS CONTROLLER (HKLM-x32\...\{2C38C251-DE7B-40DC-9D26-C54044348DE5}) (Version: 2005.12.02 - )
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Big Fish Games: Game Manager (HKLM-x32\...\BFGC) (Version: 3.0.1.60 - )
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.48.55 - Broadcom Corporation)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Build-a-lot (x32 Version: 2.2.0.82 - WildTangent) Hidden
C5100 (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
c5100_Help (x32 Version: 82.0.256.000 - Hewlett-Packard) Hidden
Casino at bet365 (HKCU\...\bet365casino) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 3.24 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Creation Kit (HKLM-x32\...\Steam App 202480) (Version:  - )
CVE-2012-4969 (HKLM\...\{777afb2a-98e5-4f14-b455-378a925cae15}.sdb) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dark Tales: Das vorzeitige Begräbnis von Edgar Allan Poe Sammleredition (HKLM-x32\...\BFG-Dark Tales - Das vorzeitige Begräbnis von Edgar Allan Poe Sammleredition) (Version:  - )
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5C78021E-3C8E-4EDF-97EA-E9B8D808FD6D}) (Version:  - Microsoft)
Defraggler (HKLM\...\Defraggler) (Version: 2.16 - Piriform)
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.82 - WildTangent) Hidden
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.52 - DivX, LLC)
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
Drakensang - Am Fluss der Zeit (HKLM-x32\...\Drakensang_TRoT_is1) (Version:  - dtp)
Drakensang (HKLM-x32\...\Drakensang_is1) (Version:  - dtp)
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
EasyBatteryManager (HKLM-x32\...\{4A331D24-A9E8-484F-835E-1BA7B139689C}) (Version: 4.0.0.4 - Samsung)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
ETDWare PS/2-X64 10.7.14.12_WHQL (HKLM\...\Elantech) (Version: 10.7.14.12 - ELAN Microelectronic Corp.)
Exact Audio Copy 1.0beta3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.0beta3 - Andre Wiethoff)
Farm Frenzy (x32 Version: 2.2.0.82 - WildTangent) Hidden
Fast Start (HKLM-x32\...\{77F45ECD-FAFC-45A8-8896-CFFB139DAAA3}) (Version: 2.2.0.0 - SAMSUNG)
Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden
Fotoattēlu galerija (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogaléria (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Foto-galerija (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalleri (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalleriet (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FuzeZip (HKCU\...\FuzeZip) (Version: 1.0.0.133556 - Koyote-Lab Inc.) <==== ATTENTION
Galeria de Fotografias (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galeria de Fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerie foto (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerija fotografija (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart All-In-One Driver Software (HKLM\...\{4F6C1178-3FC0-44BB-8F9A-28D8516DFEE2}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Insaniquarium Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
inSSIDer 3 (HKLM-x32\...\{A80CEA4E-74C1-4F9F-806B-E1D9AFC01768}) (Version: 3.0.7.48 - MetaGeek, LLC)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.3.1001 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation)
iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
Java 7 Update 10 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217010F0}) (Version: 7.0.100 - Oracle)
Java 7 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417060FF}) (Version: 7.0.600 - Oracle)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
John Deere Drive Green (x32 Version: 2.2.0.82 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
K-Lite Codec Pack 6.0.4 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 6.0.4 - )
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MarketResearch (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.29.1.3 - Marvell)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.130.10 - McAfee, Inc.)
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0401-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0402-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0404-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0405-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0406-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0408-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-040B-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-040C-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-040D-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-040E-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0410-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0412-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0413-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0414-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0415-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0416-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0418-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0419-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-041A-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-041B-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-041D-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-041E-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-041F-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0424-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0426-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0427-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0804-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0816-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-081A-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0C0A-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft_VC100_CRT_x86 (HKLM-x32\...\{6FDDB201-2CA0-42BD-973F-7B2C4A61EA3F}) (Version: 1.0.0 - Microsoft)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MultimediaPOP (HKLM-x32\...\{331ECF61-69AF-4F57-AC35-AFED610231C3}) (Version: 1.1 - )
Network Stumbler 0.4.0 (remove only) (HKLM-x32\...\Network Stumbler) (Version:  - )
Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden
Netzmanager (Version: 1.071 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
Notebook Hardware Control 2.0 Pre-Release-06 Bugfix (HKLM-x32\...\Notebook Hardware Control) (Version: 2.0 Pre-Release-06 Bugfix - Manfred Jaider)
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0213 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.0213 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0213 - NVIDIA Corporation)
NVIDIA Systemsteuerung 327.02 (Version: 327.02 - NVIDIA Corporation) Hidden
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.14.17 - NVIDIA Corporation) Hidden
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Opera Stable 22.0.1471.70 (HKLM-x32\...\Opera 22.0.1471.70) (Version: 22.0.1471.70 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 8.6.0.357 - Electronic Arts, Inc.)
Peggle (x32 Version: 2.2.0.82 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.82 - WildTangent) Hidden
Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.82 - WildTangent) Hidden
Poczta usługi Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Polar Golfer (x32 Version: 2.2.0.82 - WildTangent) Hidden
Pošta Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Power Tab Editor 1.7 (HKLM-x32\...\{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}) (Version: 1.7.0 - Power Tab Software)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Raccolta foto (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 15.0) (Version: 15.0.4 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6171 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden
Samsung AnyWeb Print (x32 Version: 1.0 - Samsung Electronics Co., Ltd.) Hidden
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
SequoiaView (HKLM-x32\...\SequoiaView) (Version:  - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Skat-Online V9 (HKCU\...\Skat-Online V9) (Version:  - Skat.com, c/o Markus Riehl)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.3.11079 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Spyware Terminator 2012 (HKLM-x32\...\{56736259-613E-4A3B-B428-6235F2E76F44}_is1) (Version: 3.0.0.82 - Crawler.com)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
SRS Premium Sound Control Panel (HKLM\...\{340BE65B-7621-4B0B-B0F9-DBCCD8D70887}) (Version: 1.8.8100 - SRS Labs, Inc.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve)
StoppUhr (HKLM-x32\...\StoppUhr) (Version:  - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
TuneUp Utilities 2013 (HKLM-x32\...\TuneUp Utilities 2013) (Version: 13.0.4000.245 - TuneUp Software)
TuneUp Utilities 2013 (x32 Version: 13.0.4000.245 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 12.0.3600.73 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.4000.245 - TuneUp Software) Hidden
Überwachungstool für die Intel® Turbo-Boost-Technik (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.400.4 - Intel)
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version:  - )
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{C0BDC1DE-C35E-422B-8CBD-C1D555468720}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
Valokuvavalikoima (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
WEB.DE Internet Explorer Addon (HKLM-x32\...\1&1 Mail & Media GmbH 1und1InternetExplorerAddon) (Version: 1.0.1.0 - 1&1 Mail & Media GmbH)
WEB.DE MailCheck für Internet Explorer (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar IE8) (Version: 1.8.1.0 - 1&1 Mail & Media GmbH)
WEB.DE MailCheck für Mozilla Firefox (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 2.1.4.1420 - 1&1 Mail & Media GmbH)
WEB.DE Softwareaktualisierung (HKLM-x32\...\1&1 Mail & Media GmbH 1und1Softwareaktualisierung) (Version: 3.0.0.55 - 1&1 Mail & Media GmbH)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.1.5 - WildTangent)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3528.0331 - společnost Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3528.0331 - společnost Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3528.0331 - Корпорация Майкрософт) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Pošta (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live 메일 (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live 필수 패키지 (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live 软件包 (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Liven peruspaketti (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Liven sähköposti (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
WinPatrol (HKLM\...\{84481A87-2316-4923-8FAB-3BA8CA29323D}) (Version: 30.1.2014 - BillP Studios)
WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WOT für Internet Explorer (HKLM\...\{373B90E1-A28C-434C-92B6-7281AFA6115A}) (Version: 13.9.2.0 - WOT Services Oy)
YouTube Song Downloader (HKLM-x32\...\{4281435C-AD1D-4C8A-B9C0-3961C11EF142}_is1) (Version: 10.1 - Abelssoft)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 16.4.3528.0331 - Корпорация Майкрософт) Hidden
Фотоальбом (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Фотогалерия (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Фотографии (общедоступная версия) (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
גלריית התמונות (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
معرض الصور (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
사진 갤러리 (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
影像中心 (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
照片库 (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
==================== Restore Points  =========================
09-07-2014 04:12:37 Windows Update
12-07-2014 07:16:39 Entfernt Gothic III
==================== Hosts content: ==========================
2012-07-26 07:26 - 2013-12-30 13:26 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {0796AEEB-3240-464E-8BBD-6B21E7B1B098} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-04] (AVAST Software)
Task: {130FFDFE-FCD5-4F00-B08C-B76AE5444053} - System32\Tasks\Real Player-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2012-06-11] (RealNetworks, Inc.)
Task: {16DBA24B-6B6E-4146-AE7A-9ED9AFCACE50} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {185C1432-19CF-48B4-B46C-CC4842ABBFED} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {1D0FCC3C-0165-460A-A651-C9EBC38A4F4A} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2010-08-12] (Samsung Electronics. Co. Ltd.)
Task: {21E0B86E-6852-4584-BA38-867C1EA2DC88} - \Advanced System Protector_startup No Task File <==== ATTENTION
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {298203D1-50FF-43A4-A296-58E8E92BB119} - \Advanced System Protector No Task File <==== ATTENTION
Task: {30A39DFA-DC24-4020-8880-34BEB6ADF6F7} - System32\Tasks\1und1 Konfiguration => C:\ProgramData\1und1InternetExplorerAddon\ConfigTask.exe [2011-04-19] (1und1 Mail und Media GmbH)
Task: {41E8E4EA-87C9-49EF-8AF4-6E15BB88499E} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {4F23E053-9467-4904-A240-CDD89976861E} - \ProtectedSearch\Protected Search No Task File <==== ATTENTION
Task: {51F97A20-E480-425B-AAFF-B3FC0649B56D} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {53A3FFD0-1373-4F23-AAE4-A7BC8FB5B2A0} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\WINDOWS\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: {586BDE07-4055-4467-94E3-F0B501A48D8C} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {64ADFB50-0DA6-4711-A4D2-AE79CACE7A57} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {68564ACC-B1DA-4F44-872B-E57920A6E504} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {6A4A7A4E-EC5D-4A6F-AEC2-F9145042026D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-10-24] (Piriform Ltd)
Task: {6D5030DC-98F9-41D8-AD8E-A9882A100516} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {6F6EAFC6-EB11-4440-A895-771D00D2208C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {70D02B60-8BBA-48EA-B48D-96F54B30258A} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1252512109-3750120672-4145686215-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {7249A781-A1EA-4C17-9DEE-88939D8E8BE2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-17] (Google Inc.)
Task: {7D2E18D2-8AE1-4AA9-8461-3D64D9B87E29} - \Freemium1ClickMaint No Task File <==== ATTENTION
Task: {7E392510-1A4E-42C6-BF0F-A2DCD3969AC4} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-05-07] (Oracle Corporation)
Task: {7FB5A380-8783-4353-8241-DC55159E8A9B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-07-09] (Microsoft Corporation)
Task: {824042B9-125D-434F-8346-9B8855B31547} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe
Task: {85740EB5-5C3D-4EFE-8052-2ED8803E99EA} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {868C21BA-5541-472B-A94C-026E79FB3134} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {88453497-4FA8-4782-9C46-3274391AE15E} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {884B0483-ACC6-482D-9EA0-5BD3733A7196} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {8C4DA8E0-4158-4D6E-9BFC-657A3470C983} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {97221228-A20C-4C39-A64E-91E6BB7DAB03} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {9A77704E-3EC4-4448-A898-C90F56AD8575} - \Scheduled Update for Ask Toolbar No Task File <==== ATTENTION
Task: {A0E16638-6A12-4DD1-BDA8-20A369A3AE02} - System32\Tasks\Registration 1und1 Task => C:\Program Files (x86)\1und1Softwareaktualisierung\cdsupdclient.exe [2013-06-18] (1&1 Mail & Media GmbH)
Task: {A23AA37F-F01C-401D-A293-FAC9F81BF83E} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1252512109-3750120672-4145686215-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {A4C380CB-D8B1-4EC4-992B-5A5097727673} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08] (Adobe Systems Incorporated)
Task: {A6E5FDC1-F8EA-4933-9FBD-E84B6B7BD79A} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {AE26AB62-C098-4417-B6C6-2BCA8A7E7C82} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2010-07-20] (SAMSUNG Electronics co., LTD.)
Task: {AE98152B-61B8-4857-8883-BE617E92A027} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {AEAA601A-FAD6-457B-9AB3-64A548778563} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {B014F3FC-B6B8-482F-8E42-C281CADF1CA3} - \Software Updater No Task File <==== ATTENTION
Task: {B4F82F9E-F1C4-4E5F-BFBF-05D0DD063496} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {B5384700-F6CB-4FCD-91C6-435730A568BA} - System32\Tasks\Opera scheduled Autoupdate 1394894571 => C:\Program Files (x86)\Opera\launcher.exe [2014-06-16] (Opera Software)
Task: {BD890FD7-44D2-4EC0-8EE0-C2331BC7B185} - \Software Updater Ui No Task File <==== ATTENTION
Task: {C40F0EC9-C241-42E2-BCF7-6DF16518D827} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {CA351C29-B5C0-4B80-8395-17ADF7C45E89} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {D46B1456-4888-4FA7-B578-AE972520F114} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {DE2360B8-7E9A-4315-9E6A-C32D81583282} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2010-06-09] (Hewlett-Packard)
Task: {E6CE5B74-6D53-4E69-B3E9-1E91887654D5} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe [2014-01-28] (TuneUp Software)
Task: {EB30C407-F092-4020-BC21-B788E573BB11} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {EBC8F349-FC83-4441-ADA4-0EB1081C1927} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F0FD59BF-8BB9-4AB4-924D-AE06ECF4EA12} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-17] (Google Inc.)
Task: {F5E483E0-2416-4D35-9464-EA6B7DDDF1B8} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-06-29 21:27 - 2013-08-30 00:43 - 00097568 _____ () C:\PROGRAM FILES\NVIDIA CORPORATION\DISPLAY\NvSmartMax64.dll
2011-09-24 11:40 - 2008-06-05 01:53 - 00027648 _____ () C:\WINDOWS\System32\spd__l.dll
2012-02-28 18:14 - 2014-01-27 15:39 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2014-01-28 10:37 - 2014-01-28 10:37 - 00741176 _____ () C:\Program Files (x86)\TuneUp Utilities 2013\avgrepliba.dll
2014-07-04 20:14 - 2014-07-04 20:14 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-07-12 13:17 - 2014-07-12 13:17 - 02792960 _____ () C:\Program Files\AVAST Software\Avast\defs\14071200\algo.dll
2014-07-13 07:03 - 2014-07-13 07:03 - 02792960 _____ () C:\Program Files\AVAST Software\Avast\defs\14071201\algo.dll
2014-07-13 10:07 - 2014-07-13 10:07 - 02792960 _____ () C:\Program Files\AVAST Software\Avast\defs\14071300\algo.dll
2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 16:04 - 2014-04-23 16:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-12-29 12:20 - 2014-02-18 05:46 - 00643948 ____N () C:\Program Files (x86)\BillP Studios\WinPatrol\sqlite3.dll
2014-07-04 20:14 - 2014-07-04 20:14 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-07-13 07:04 - 2014-07-13 07:04 - 00043008 _____ () c:\users\daniel\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpx7o2o7.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\Daniel\AppData\Roaming\Dropbox\bin\libcef.dll
2014-06-11 06:38 - 2014-06-11 06:39 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Temp:07BF512B
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
AlternateDataStreams: C:\ProgramData\Temp:AFC732F7
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
HKLM\...\StartupApproved\StartupFolder: => "SRS Premium Sound.lnk"
HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run: => "SpywareTerminatorShield"
HKLM\...\StartupApproved\Run: => "SpywareTerminatorUpdater"
HKLM\...\StartupApproved\Run32: => "ApnUpdater"
HKLM\...\StartupApproved\Run32: => "MailCheck IE Broker"
HKLM\...\StartupApproved\Run32: => "ROC_roc_dec12"
HKLM\...\StartupApproved\Run32: => "ROC_ROC_JULY_P1"
HKLM\...\StartupApproved\Run32: => "UpdateLBPShortCut"
HKLM\...\StartupApproved\Run32: => "UpdateP2GoShortCut"
HKLM\...\StartupApproved\Run32: => "vProt"
HKLM\...\StartupApproved\Run32: => "RemoteControl8"
HKLM\...\StartupApproved\Run32: => "avgnt"
HKLM\...\StartupApproved\Run32: => "CLMLServer"
HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKLM\...\StartupApproved\Run32: => "PDVD8LanguageShortcut"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "UCam_Menu"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "DivXMediaServer"
HKLM\...\StartupApproved\Run32: => "DivXUpdate"
HKLM\...\StartupApproved\Run32: => "DATAMNGR"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Iminent"
HKLM\...\StartupApproved\Run32: => "IminentMessenger"
HKCU\...\StartupApproved\StartupFolder: => "Netzmanager.lnk"
HKCU\...\StartupApproved\Run: => "Steam"
HKCU\...\StartupApproved\Run: => "KiesAirMessage"
HKCU\...\StartupApproved\Run: => "KiesPreload"
HKCU\...\StartupApproved\Run: => ""
==================== Faulty Device Manager Devices =============
Name: Photosmart C5100 series
Description: Photosmart C5100 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/13/2014 11:36:22 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT)
Description: Die Klassenregistrierungsdatei kann nicht geladen werden.
 DETAIL - Die Datenbank der Konfigurationsregistrierung ist beschädigt.
Error: (07/13/2014 11:36:22 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT-AUTORITÄT)
Description: Die Registrierung konnte nicht geladen werden. Dieses Problem wird oft durch zuwenig Arbeitsspeicher oder nicht ausreichende Sicherheitsberechtigungen verursacht. 
 Details - Die Datenbank der Konfigurationsregistrierung ist beschädigt.
 for C:\Users\Daniel\AppData\Local\Microsoft\Windows\\UsrClass.dat
Error: (07/13/2014 11:36:22 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT)
Description: Die Klassenregistrierungsdatei kann nicht geladen werden.
 DETAIL - Die Datenbank der Konfigurationsregistrierung ist beschädigt.
Error: (07/13/2014 11:36:22 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT-AUTORITÄT)
Description: Die Registrierung konnte nicht geladen werden. Dieses Problem wird oft durch zuwenig Arbeitsspeicher oder nicht ausreichende Sicherheitsberechtigungen verursacht. 
 Details - Die Datenbank der Konfigurationsregistrierung ist beschädigt.
 for C:\Users\Daniel\AppData\Local\Microsoft\Windows\\UsrClass.dat
Error: (07/13/2014 11:36:06 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
Error: (07/13/2014 11:36:03 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
Error: (07/13/2014 11:36:03 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
Error: (07/13/2014 11:35:18 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT)
Description: Die Klassenregistrierungsdatei kann nicht geladen werden.
 DETAIL - Die Datenbank der Konfigurationsregistrierung ist beschädigt.
Error: (07/13/2014 11:35:18 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT-AUTORITÄT)
Description: Die Registrierung konnte nicht geladen werden. Dieses Problem wird oft durch zuwenig Arbeitsspeicher oder nicht ausreichende Sicherheitsberechtigungen verursacht. 
 Details - Die Datenbank der Konfigurationsregistrierung ist beschädigt.
 for C:\Users\Daniel\AppData\Local\Microsoft\Windows\\UsrClass.dat
Error: (07/13/2014 11:35:18 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT)
Description: Die Klassenregistrierungsdatei kann nicht geladen werden.
 DETAIL - Die Datenbank der Konfigurationsregistrierung ist beschädigt.
System errors:
=============
Error: (07/13/2014 10:10:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053
Error: (07/13/2014 10:10:23 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (07/13/2014 07:03:54 AM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT-AUTORITÄT)
Description: Schwerwiegender Hardwarefehler.
Gemeldet von Komponente: Prozessorkern
Fehlerquelle: 3
Fehlertyp: 9
Prozessor-APIC-ID: 0
Die Detailansicht dieses Eintrags beinhaltet weitere Informationen.
Error: (07/13/2014 07:03:53 AM) (Source: Service Control Manager) (EventID: 7005) (User: )
Description: Der Aufruf "LoadUserProfile" ist aufgrund folgenden Fehlers fehlgeschlagen: 
%%1009
Error: (07/13/2014 07:03:36 AM) (Source: Service Control Manager) (EventID: 7005) (User: )
Description: Der Aufruf "LoadUserProfile" ist aufgrund folgenden Fehlers fehlgeschlagen: 
%%1009
Error: (07/13/2014 07:03:31 AM) (Source: Service Control Manager) (EventID: 7005) (User: )
Description: Der Aufruf "LoadUserProfile" ist aufgrund folgenden Fehlers fehlgeschlagen: 
%%1009
Error: (07/13/2014 07:03:28 AM) (Source: Service Control Manager) (EventID: 7005) (User: )
Description: Der Aufruf "LoadUserProfile" ist aufgrund folgenden Fehlers fehlgeschlagen: 
%%1009
Error: (07/13/2014 07:03:27 AM) (Source: Service Control Manager) (EventID: 7005) (User: )
Description: Der Aufruf "LoadUserProfile" ist aufgrund folgenden Fehlers fehlgeschlagen: 
%%1009
Error: (07/13/2014 07:03:27 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "Client Virtualization Handler" ist von folgendem Dienst abhängig: sftlist. Dieser Dienst ist möglicherweise nicht installiert.
Error: (07/13/2014 07:03:12 AM) (Source: Service Control Manager) (EventID: 7005) (User: )
Description: Der Aufruf "LoadUserProfile" ist aufgrund folgenden Fehlers fehlgeschlagen: 
%%1009
Microsoft Office Sessions:
=========================
Error: (07/13/2014 11:36:22 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT)
Description: Die Datenbank der Konfigurationsregistrierung ist beschädigt.
Error: (07/13/2014 11:36:22 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT-AUTORITÄT)
Description: Die Datenbank der Konfigurationsregistrierung ist beschädigt.
C:\Users\Daniel\AppData\Local\Microsoft\Windows\\UsrClass.dat
Error: (07/13/2014 11:36:22 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT)
Description: Die Datenbank der Konfigurationsregistrierung ist beschädigt.
Error: (07/13/2014 11:36:22 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT-AUTORITÄT)
Description: Die Datenbank der Konfigurationsregistrierung ist beschädigt.
C:\Users\Daniel\AppData\Local\Microsoft\Windows\\UsrClass.dat
Error: (07/13/2014 11:36:06 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\Daniel\Downloads\esetsmartinstaller_enu.exe
Error: (07/13/2014 11:36:03 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\Daniel\Downloads\esetsmartinstaller_enu(1).exe
Error: (07/13/2014 11:36:03 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\Daniel\Downloads\esetsmartinstaller_deu.exe
Error: (07/13/2014 11:35:18 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT)
Description: Die Datenbank der Konfigurationsregistrierung ist beschädigt.
Error: (07/13/2014 11:35:18 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT-AUTORITÄT)
Description: Die Datenbank der Konfigurationsregistrierung ist beschädigt.
C:\Users\Daniel\AppData\Local\Microsoft\Windows\\UsrClass.dat
Error: (07/13/2014 11:35:18 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT)
Description: Die Datenbank der Konfigurationsregistrierung ist beschädigt.
CodeIntegrity Errors:
===================================
  Date: 2014-05-31 10:02:20.563
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
  Date: 2014-05-31 10:02:20.048
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
  Date: 2014-05-31 10:02:19.939
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
  Date: 2014-05-31 10:02:18.660
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
  Date: 2014-05-31 10:02:18.410
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
  Date: 2014-05-31 10:02:18.020
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
  Date: 2014-05-17 09:15:39.475
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
  Date: 2014-05-17 09:15:38.976
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
  Date: 2014-05-17 09:15:38.352
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
  Date: 2014-05-17 09:15:37.494
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
==================== Memory info =========================== 
Percentage of memory in use: 29%
Total physical RAM: 6076.41 MB
Available physical RAM: 4261.77 MB
Total Pagefile: 12220.41 MB
Available Pagefile: 10159.12 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:231 GB) (Free:71.56 GB) NTFS
Drive d: () (Fixed) (Total:344.18 GB) (Free:288.92 GB) NTFS
Drive f: (TOSHIBA EXT) (Fixed) (Total:931.41 GB) (Free:763.36 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 596 GB) (Disk ID: 7BA3F2D1)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=231 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=344 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=21 GB) - (Type=12)
========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 932 GB) (Disk ID: 2067C1CD)
Partition 1: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
==================== End Of Log ============================
         LuciLu | 
|  14.07.2014, 12:48 | #4 | 
| /// the machine /// TB-Ausbilder         |   Programme ruckeln stark und laufen instabil. Adware & Co. deinstallieren 
 Solltest Du ein Programm nicht finden oder nicht deinstallieren können, mache bitte mit dem nächsten Schritt weiter: Scan mit Combofix 
 
				__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! | 
|  14.07.2014, 17:24 | #5 | 
|   |   Programme ruckeln stark und laufen instabil. Hi. Ich hab die Programme mit dem Zusatz "Attention" entfernt und combofix durchgeführt. combofix.txt Code: 
  ATTFilter ComboFix 14-07-14.01 - Daniel 14.07.2014  18:05:58.1.8 - x64
Microsoft Windows 8 Pro  6.2.9200.0.1252.49.1031.18.6076.3920 [GMT 2:00]
ausgeführt von:: c:\users\Daniel\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\IsUn0407.exe
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-06-14 bis 2014-07-14  ))))))))))))))))))))))))))))))
.
.
2014-07-14 16:17 . 2014-07-14 16:17	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2014-07-14 16:17 . 2014-07-14 16:17	--------	d-----w-	c:\users\Public\AppData\Local\temp
2014-07-14 16:17 . 2014-07-14 16:17	--------	d-----w-	c:\users\DefaultAppPool\AppData\Local\temp
2014-07-14 16:17 . 2014-07-14 16:17	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-07-14 15:55 . 2014-07-14 15:55	--------	d-----w-	c:\program files (x86)\VS Revo Group
2014-07-13 10:03 . 2014-07-13 10:03	--------	d-----w-	c:\users\Daniel\AppData\Local\ElevatedDiagnostics
2014-07-13 09:35 . 2014-07-13 09:38	--------	d-----w-	C:\FRST
2014-07-11 08:35 . 2014-07-11 08:35	--------	d-----w-	c:\program files\iPod
2014-07-11 08:35 . 2014-07-11 08:36	--------	d-----w-	c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-11 08:35 . 2014-07-11 08:36	--------	d-----w-	c:\program files\iTunes
2014-07-11 08:35 . 2014-07-11 08:36	--------	d-----w-	c:\program files (x86)\iTunes
2014-07-10 02:11 . 2014-05-29 04:04	94552	----a-w-	c:\windows\system32\drivers\mountmgr.sys
2014-07-10 02:11 . 2014-05-08 01:34	328024	----a-w-	c:\windows\system32\drivers\Classpnp.sys
2014-07-09 04:42 . 2014-07-09 04:42	--------	d-s---w-	c:\windows\system32\CompatTel
2014-07-08 20:57 . 2014-05-29 23:03	588288	----a-w-	c:\windows\system32\SHCore.dll
2014-07-08 20:56 . 2014-06-06 14:06	596480	----a-w-	c:\windows\system32\qedit.dll
2014-07-08 20:56 . 2014-06-06 10:17	497152	----a-w-	c:\windows\SysWow64\qedit.dll
2014-07-08 20:56 . 2014-05-29 22:24	576512	----a-w-	c:\windows\system32\drivers\afd.sys
2014-07-05 05:17 . 2014-07-14 06:36	--------	d-----r-	c:\users\Daniel\Dropbox
2014-07-05 05:03 . 2014-07-14 06:36	--------	d-----w-	c:\users\Daniel\AppData\Roaming\Dropbox
2014-07-04 18:29 . 2014-04-23 09:50	1031560	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{3A54DDF0-3069-4939-A352-58A09E8B6867}\gapaengine.dll
2014-07-04 18:29 . 2014-02-17 12:30	1031560	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\NISBackup\gapaengine.dll
2014-07-04 18:29 . 2014-06-17 00:57	10779000	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{79B99DE7-CB3A-4B05-A928-441826EA6761}\mpengine.dll
2014-07-04 18:14 . 2014-07-04 18:14	43152	----a-w-	c:\windows\avastSS.scr
2014-07-04 18:14 . 2014-07-04 18:14	448400	----a-w-	c:\windows\system32\drivers\aswNdisFlt.sys
2014-06-23 16:14 . 2012-08-21 11:01	33240	----a-w-	c:\windows\system32\drivers\GEARAspiWDM.sys
2014-06-23 16:03 . 2014-06-23 16:03	--------	d-----w-	c:\program files (x86)\Apple Software Update
2014-06-23 16:02 . 2014-06-23 16:02	--------	d-----w-	c:\program files\Common Files\Apple
2014-06-23 16:02 . 2014-07-11 08:35	--------	d-----w-	c:\program files (x86)\Common Files\Apple
2014-06-18 01:53 . 2014-06-18 01:53	0	---ha-w-	c:\users\Daniel\AppData\Local\BIT189E.tmp
2014-06-15 06:17 . 2014-06-15 06:17	313256	----a-w-	c:\windows\system32\javaws.exe
2014-06-15 06:17 . 2014-06-15 06:17	111016	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2014-06-15 06:17 . 2014-06-15 06:17	189352	----a-w-	c:\windows\system32\javaw.exe
2014-06-15 06:17 . 2014-06-15 06:17	189352	----a-w-	c:\windows\system32\java.exe
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-14 16:02 . 2014-05-17 10:17	122584	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-07-14 06:34 . 2012-11-16 19:29	4194304	----a-w-	c:\windows\ServiceProfiles\NetworkService\msmqlog.bin
2014-07-09 04:24 . 2011-09-26 04:40	96441528	----a-w-	c:\windows\system32\MRT.exe
2014-07-04 18:15 . 2013-06-21 14:09	427360	----a-w-	c:\windows\system32\drivers\aswsp.sys
2014-07-04 18:14 . 2014-04-21 16:33	29208	----a-w-	c:\windows\system32\drivers\aswHwid.sys
2014-07-04 18:14 . 2013-12-22 15:54	92008	----a-w-	c:\windows\system32\drivers\aswstm.sys
2014-07-04 18:14 . 2013-06-21 14:09	93568	----a-w-	c:\windows\system32\drivers\aswRdr2.sys
2014-07-04 18:14 . 2013-06-21 14:09	79184	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2014-07-04 18:14 . 2013-06-21 14:09	65776	----a-w-	c:\windows\system32\drivers\aswRvrt.sys
2014-07-04 18:14 . 2013-06-21 14:09	307344	----a-w-	c:\windows\system32\aswBoot.exe
2014-07-04 18:14 . 2013-06-21 14:09	224896	----a-w-	c:\windows\system32\drivers\aswVmm.sys
2014-07-04 18:14 . 2013-06-21 14:09	1041168	----a-w-	c:\windows\system32\drivers\aswsnx.sys
2014-07-04 18:14 . 2013-07-08 06:06	28184	----a-w-	c:\windows\system32\drivers\aswKbd.sys
2014-06-26 20:53 . 2013-09-12 03:55	703968	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-06-26 20:53 . 2013-09-12 03:55	105440	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-06-16 16:09 . 2013-06-24 15:40	98216	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-05-16 07:53 . 2014-05-16 07:53	341848	----a-w-	c:\windows\SysWow64\DivXControlPanelApplet.cpl
2014-05-12 05:26 . 2014-05-17 10:16	64216	----a-w-	c:\windows\system32\drivers\mwac.sys
2014-05-12 05:26 . 2014-05-17 10:16	91352	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2014-05-12 05:25 . 2013-07-27 17:47	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2014-05-03 05:47 . 2014-06-12 04:44	3246592	----a-w-	c:\windows\system32\rdpcorets.dll
2014-05-03 03:34 . 2014-06-12 04:44	235520	----a-w-	c:\windows\system32\rdpudd.dll
2014-04-29 22:32 . 2014-06-12 04:44	1301504	----a-w-	c:\windows\system32\gdi32.dll
2014-04-29 22:22 . 2014-06-12 04:44	1023488	----a-w-	c:\windows\SysWow64\gdi32.dll
2014-04-21 18:13 . 2014-04-21 18:13	22528	----a-w-	c:\windows\system32\drivers\nhcDriver.sys
2014-04-19 09:39 . 2014-05-06 16:21	628024	----a-w-	c:\windows\system32\NotificationUI.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinPatrol"="c:\program files (x86)\BillP Studios\WinPatrol\winpatrol.exe" [2014-02-25 496192]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2014-02-17 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-07-03 43816]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-07-04 4086432]
"DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2014-05-28 455512]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-05-07 256896]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2014-01-10 1861968]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-07-08 152392]
.
c:\users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Daniel\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-5-20 33322312]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
Audible Download Manager.lnk - c:\program files (x86)\Audible\Bin\AudibleDownloadHelper.exe /Startup [2011-3-14 2125472]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.130\SSScheduler.exe [2013-9-6 324320]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableSecureUIAPath"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideRunAsVerb"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer5"=wdmaud.drv
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 btwampfl;btwampfl;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.130\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.130\McCHSvc.exe [x]
R3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
R3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
R3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
R3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
R3 TelekomNM6;Telekom Netzmanager Packet Filter Driver;c:\program files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys;c:\program files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\System32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 wmbclass;Generischer Adapter für das mobile Breitband;c:\windows\system32\DRIVERS\wmbclass.sys;c:\windows\SYSNATIVE\DRIVERS\wmbclass.sys [x]
R3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
R4 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
R4 Netzmanager Service;Netzmanager Infrastruktur Informationssystem Dienst;c:\program files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe ;c:\program files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe  [x]
R4 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R4 TurboBoost;Intel(R) Turbo Boost Technology Monitor;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R4 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S0 aswNdisFlt;Avast! Firewall Driver;c:\windows\system32\DRIVERS\aswNdisFlt.sys;c:\windows\SYSNATIVE\DRIVERS\aswNdisFlt.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\DRIVERS\hssdrv6.sys;c:\windows\SYSNATIVE\DRIVERS\hssdrv6.sys [x]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys;c:\windows\SYSNATIVE\Drivers\SABI.sys [x]
S2 ArchiCrypt Sichere Loeschzonen;ArchiCrypt Shredder - Sichere Löschzonen Hilfsservice;c:\program files (x86)\ArchiCrypt\ArchiCrypt Shredder 6\ArchiCryptInjector64.exe;c:\program files (x86)\ArchiCrypt\ArchiCrypt Shredder 6\ArchiCryptInjector64.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe;c:\program files\AVAST Software\Avast\afwServ.exe [x]
S2 BcmBtRSupport;Bluetooth Driver Management Service;c:\windows\system32\BtwRSupportService.exe;c:\windows\SYSNATIVE\BtwRSupportService.exe [x]
S2 sp_rsdrv2;Spyware Terminator Driver Filter;c:\windows\system32\DRIVERS\stflt.sys;c:\windows\SYSNATIVE\DRIVERS\stflt.sys [x]
S2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files (x86)\Spyware Terminator\st_rsser64.exe;c:\program files (x86)\Spyware Terminator\st_rsser64.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S3 bcbtums;Bluetooth USB LD Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\System32\drivers\ETD.sys;c:\windows\SYSNATIVE\drivers\ETD.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\System32\drivers\HECIx64.sys;c:\windows\SYSNATIVE\drivers\HECIx64.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [x]
S3 yukonw8;NDIS 6.3-Miniporttreiber für Marvell Yukon-Ethernetcontroller;c:\windows\system32\DRIVERS\yk63x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk63x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
apphost	REG_MULTI_SZ   	apphostsvc
iissvcs	REG_MULTI_SZ   	w3svc was
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-06-13 21:32	1091912	----a-w-	c:\program files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-07-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-17 17:20]
.
2014-07-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-17 05:02]
.
2014-07-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-17 05:02]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-07-04 18:14	634872	----a-w-	c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-08-04 11106408]
"IntelTBRunOnce"="wscript.exe" [2012-07-26 160256]
"SpywareTerminatorShield"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorShield.exe" [2013-04-03 2777736]
"SpywareTerminatorUpdater"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" [2013-04-03 3684488]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl
mStart Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl
mLocal Page = c:\windows\SYSTEM32\blank.htm
mDefault_Page_URL = hxxp://www.google.com
uInternet Settings,ProxyOverride = <local>
mSearchAssistant = hxxp://www.google.com
mCustomizeSearch = hxxp://www.google.com
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ckgp53fe.default\
FF - prefs.js: browser.search.defaulturl - hxxps://de.search.yahoo.com/yhs/search
FF - prefs.js: browser.search.selectedEngine - Yahoo! (Avast)
FF - prefs.js: browser.startup.homepage - hxxps://de.yahoo.com?fr=hp-avast&type=avastbcl
FF - prefs.js: keyword.URL - hxxps://de.search.yahoo.com/yhs/search
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
ShellIconOverlayIdentifiers-{F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
ShellIconOverlayIdentifiers-{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
ShellIconOverlayIdentifiers-{BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
WebBrowser-{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - (no file)
ShellIconOverlayIdentifiers-{F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
ShellIconOverlayIdentifiers-{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
ShellIconOverlayIdentifiers-{BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Zeit der Fertigstellung: 2014-07-14  18:20:58
ComboFix-quarantined-files.txt  2014-07-14 16:20
.
Vor Suchlauf: 24 Verzeichnis(se), 76.189.769.728 Bytes frei
Nach Suchlauf: 26 Verzeichnis(se), 75.622.641.664 Bytes frei
.
- - End Of File - - 7528F2CB218582B21F92590042043456
         LuciLu | 
|  14.07.2014, 18:17 | #6 | 
| /// the machine /// TB-Ausbilder         |   Programme ruckeln stark und laufen instabil. Downloade Dir bitte   Malwarebytes Anti-Malware 
 Downloade Dir bitte  AdwCleaner auf deinen Desktop. 
 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu   vermeiden. 
 und ein frisches FRST log bitte. 
				__________________ --> Programme ruckeln stark und laufen instabil. | 
|  14.07.2014, 19:52 | #7 | 
|   |   Programme ruckeln stark und laufen instabil. Okay hier sind sie. Viel steht in den logs aber nicht drin, da ich die 3 Programme in letzter Zeit schon einmal angewendet habe.  Malware Code: 
  ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 14.07.2014 Suchlauf-Zeit: 20:00:16 Logdatei: mbam.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.07.14.08 Rootkit Datenbank: v2014.07.09.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Self-protection: Deaktiviert Betriebssystem: Windows 8 CPU: x64 Dateisystem: NTFS Benutzer: Daniel Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 427372 Verstrichene Zeit: 21 Min, 33 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristics: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 0 (No malicious items detected) Registrierungswerte: 0 (No malicious items detected) Registrierungsdaten: 0 (No malicious items detected) Ordner: 0 (No malicious items detected) Dateien: 0 (No malicious items detected) Physische Sektoren: 0 (No malicious items detected) (end) Code: 
  ATTFilter # AdwCleaner v3.215 - Bericht erstellt am 14/07/2014 um 20:25:38
# Aktualisiert 09/07/2014 von Xplode
# Betriebssystem : Windows 8 Pro  (64 bits)
# Benutzername : Daniel - DANIEL-PC
# Gestartet von : C:\Users\Daniel\Desktop\adwcleaner_3.215.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Datei Gelöscht : C:\WINDOWS\System32\Tasks\ProtectedSearch
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
-\\ Internet Explorer v10.0.9200.17028
-\\ Mozilla Firefox v30.0 (de)
[ Datei : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ckgp53fe.default\prefs.js ]
-\\ Google Chrome v35.0.1916.153
[ Datei : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [1725 octets] - [01/01/2014 19:51:40]
AdwCleaner[R10].txt - [3543 octets] - [10/07/2014 04:23:50]
AdwCleaner[R11].txt - [2302 octets] - [14/07/2014 20:24:12]
AdwCleaner[R1].txt - [1212 octets] - [06/01/2014 09:11:20]
AdwCleaner[R2].txt - [1320 octets] - [17/01/2014 14:46:36]
AdwCleaner[R3].txt - [1508 octets] - [01/03/2014 10:33:59]
AdwCleaner[R4].txt - [1823 octets] - [15/03/2014 16:43:27]
AdwCleaner[R5].txt - [7925 octets] - [14/04/2014 20:17:15]
AdwCleaner[R6].txt - [1747 octets] - [21/04/2014 18:25:22]
AdwCleaner[R7].txt - [2221 octets] - [10/05/2014 13:50:24]
AdwCleaner[R8].txt - [1999 octets] - [30/05/2014 16:23:25]
AdwCleaner[R9].txt - [2235 octets] - [18/06/2014 18:57:28]
AdwCleaner[S0].txt - [1743 octets] - [01/01/2014 19:52:48]
AdwCleaner[S10].txt - [3483 octets] - [10/07/2014 04:25:17]
AdwCleaner[S11].txt - [1683 octets] - [14/07/2014 20:25:38]
AdwCleaner[S1].txt - [1273 octets] - [06/01/2014 09:12:03]
AdwCleaner[S2].txt - [1383 octets] - [17/01/2014 14:47:20]
AdwCleaner[S3].txt - [1571 octets] - [01/03/2014 10:34:54]
AdwCleaner[S4].txt - [1773 octets] - [15/03/2014 16:44:12]
AdwCleaner[S5].txt - [7898 octets] - [14/04/2014 20:18:42]
AdwCleaner[S6].txt - [1810 octets] - [21/04/2014 18:26:37]
AdwCleaner[S7].txt - [2282 octets] - [10/05/2014 13:51:43]
AdwCleaner[S8].txt - [2060 octets] - [30/05/2014 16:26:41]
AdwCleaner[S9].txt - [2296 octets] - [18/06/2014 18:58:37]
########## EOF - C:\AdwCleaner\AdwCleaner[S11].txt - [2284 octets] ##########
         Code: 
  ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8 Pro x64
Ran by Daniel on 14.07.2014 at 20:32:27,10
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14.07.2014 at 20:41:53,39
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         FRST Logfile: Code: 
  ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-07-2014
Ran by Daniel (administrator) on DANIEL-PC on 14-07-2014 20:43:38
Running from C:\Users\Daniel\Desktop\Schutz software
Platform: Windows 8 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Softwareentwicklung Remus - ArchiCrypt) C:\Program Files (x86)\ArchiCrypt\ArchiCrypt Shredder 6\ArchiCryptInjector64.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(BillP Studios) C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
(Audible, Inc.) C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Dropbox, Inc.) C:\Users\Daniel\AppData\Roaming\Dropbox\bin\Dropbox.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2817872 2012-04-25] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11106408 2010-08-04] (Realtek Semiconductor)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2777736 2013-04-03] (Crawler.com)
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [3684488 2013-04-03] (Crawler.com)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-03] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-07-04] (AVAST Software)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [455512 2014-05-28] (DivX, LLC)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
HKLM\...\Policies\Explorer: [HideRunAsVerb] 0
HKLM\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1252512109-3750120672-4145686215-1001\...\Run: [WinPatrol] => C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe [496192 2014-02-25] (BillP Studios)
HKU\S-1-5-21-1252512109-3750120672-4145686215-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2014-02-17] (Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Audible Download Manager.lnk
ShortcutTarget: Audible Download Manager.lnk -> C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe (Audible, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKCU - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: WEB.DE MailCheck BHO - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll ()
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM-x32 - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll ()
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - No Name - {D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} -  No File
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll ()
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ckgp53fe.default
FF DefaultSearchEngine: Yahoo! (Avast)
FF SearchEngineOrder.1: Yahoo! (Avast)
FF SelectedSearchEngine: Yahoo! (Avast)
FF Homepage: https://de.yahoo.com?fr=hp-avast&type=avastbcl
FF Keyword.URL: https://de.search.yahoo.com/yhs/search
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @real.com/nppl3260;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ckgp53fe.default\searchplugins\yahoo-avast.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: WOT - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ckgp53fe.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-12-29]
FF Extension: NoScript - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ckgp53fe.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-12-29]
FF Extension: Adblock Plus - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ckgp53fe.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-29]
FF HKLM-x32\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-06-11]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-06-21]
Chrome: 
=======
CHR HomePage: https://de.yahoo.com?fr=hp-avast&type=avastbcl
CHR StartupUrls: "https://de.yahoo.com?fr=hp-avast&type=avastbcl"
CHR Extension: (Google Docs) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-17]
CHR Extension: (Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-17]
CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-17]
CHR Extension: (Google-Suche) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-17]
CHR Extension: (avast! Online Security) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-03-13]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2014-02-17]
CHR Extension: (Skype Click to Call) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-02-17]
CHR Extension: (Google Wallet) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-17]
CHR Extension: (Google Mail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-17]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-04]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-06-11]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-10-02]
CHR HKLM-x32\...\Chrome\Extension: [ommhmgednjnodcljhlljkaiidghdmikk] - C:\Users\Daniel\AppData\Local\Temp\ccex.crx [2012-10-02]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 ArchiCrypt Sichere Loeschzonen; C:\Program Files (x86)\ArchiCrypt\ArchiCrypt Shredder 6\ArchiCryptInjector64.exe [320600 2013-10-21] (Softwareentwicklung Remus - ArchiCrypt)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-04] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [106488 2014-07-04] (AVAST Software)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2255064 2013-10-28] (Broadcom Corporation.)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [25088 2012-07-26] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S4 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2014-01-27] ()
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1149104 2013-04-03] (Crawler.com)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2412344 2014-01-28] (TuneUp Software)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [471552 2012-07-26] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-04] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-07-04] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-04] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [448400 2014-07-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-04] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-04] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-04] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-04] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-04] ()
S4 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [30568 2012-11-08] (AVG Technologies)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-10-28] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation)
R1 HssDRV6; C:\Windows\system32\DRIVERS\hssdrv6.sys [44744 2014-02-28] (AnchorFree Inc.)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-14] (Malwarebytes Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [185856 2012-07-26] (Microsoft Corporation)
S3 rtport; C:\Windows\SysWOW64\drivers\rtport.sys [15144 2011-04-06] (Windows (R) 2003 DDK 3790 provider)
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2013-07-28] (Windows (R) Win 7 DDK provider)
R3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2014-02-28] (Anchorfree Inc.)
S3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-09-19] (TuneUp Software)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13832 2010-04-16] ()
S3 wmbclass; C:\Windows\system32\DRIVERS\wmbclass.sys [230912 2013-04-09] (Microsoft Corporation)
R3 yukonw8; C:\Windows\system32\DRIVERS\yk63x64.sys [287232 2012-06-02] (Marvell)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U3 idsvc; 
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-14 20:41 - 2014-07-14 20:41 - 00000617 _____ () C:\Users\Daniel\Desktop\JRT.txt
2014-07-14 20:30 - 2014-07-14 20:30 - 01016261 _____ (Thisisu) C:\Users\Daniel\Desktop\JRT_6.1.4(2).exe
2014-07-14 20:29 - 2014-07-14 20:29 - 00002365 _____ () C:\Users\Daniel\Desktop\AdwCleaner[S11].txt
2014-07-14 20:23 - 2014-07-14 20:23 - 00001145 _____ () C:\Users\Daniel\Desktop\mbam.txt
2014-07-14 18:20 - 2014-07-14 18:20 - 00019148 _____ () C:\ComboFix.txt
2014-07-14 18:03 - 2014-07-14 18:21 - 00000000 ____D () C:\Qoobox
2014-07-14 18:03 - 2011-06-26 08:45 - 00256000 _____ () C:\WINDOWS\PEV.exe
2014-07-14 18:03 - 2010-11-07 19:20 - 00208896 _____ () C:\WINDOWS\MBR.exe
2014-07-14 18:03 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2014-07-14 18:03 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2014-07-14 18:03 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2014-07-14 18:03 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2014-07-14 18:03 - 2000-08-31 02:00 - 00098816 _____ () C:\WINDOWS\sed.exe
2014-07-14 18:03 - 2000-08-31 02:00 - 00080412 _____ () C:\WINDOWS\grep.exe
2014-07-14 18:03 - 2000-08-31 02:00 - 00068096 _____ () C:\WINDOWS\zip.exe
2014-07-14 18:00 - 2014-07-14 18:00 - 05219590 ____R (Swearware) C:\Users\Daniel\Desktop\ComboFix.exe
2014-07-14 17:55 - 2014-07-14 17:55 - 00001268 _____ () C:\Users\Daniel\Desktop\Revo Uninstaller.lnk
2014-07-14 17:55 - 2014-07-14 17:55 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-13 11:35 - 2014-07-14 20:43 - 00000000 ____D () C:\FRST
2014-07-13 11:34 - 2014-07-13 11:34 - 00050477 _____ () C:\Users\Daniel\Downloads\Defogger.exe
2014-07-13 11:34 - 2014-07-13 11:34 - 00000474 _____ () C:\Users\Daniel\Downloads\defogger_disable.log
2014-07-13 11:34 - 2014-07-13 11:34 - 00000000 _____ () C:\Users\Daniel\defogger_reenable
2014-07-11 10:36 - 2014-07-11 10:36 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-07-11 10:36 - 2014-07-11 10:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-11 10:35 - 2014-07-11 10:36 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-11 10:35 - 2014-07-11 10:36 - 00000000 ____D () C:\Program Files\iTunes
2014-07-11 10:35 - 2014-07-11 10:36 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-07-11 10:35 - 2014-07-11 10:35 - 00000000 ____D () C:\Program Files\iPod
2014-07-10 04:23 - 2014-07-10 04:23 - 01348263 _____ () C:\Users\Daniel\Desktop\adwcleaner_3.215.exe
2014-07-10 04:11 - 2014-05-29 06:04 - 00094552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2014-07-10 04:11 - 2014-05-08 03:34 - 00328024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-07-10 03:53 - 2014-07-10 03:53 - 00445632 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-07-09 06:42 - 2014-07-09 06:42 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-08 22:58 - 2014-06-18 01:27 - 01440256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-07-08 22:58 - 2014-06-18 01:24 - 01557504 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-07-08 22:58 - 2014-06-11 06:18 - 04038144 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-07-08 22:58 - 2014-06-03 00:33 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2014-07-08 22:58 - 2014-05-03 08:34 - 06974808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-07-08 22:58 - 2014-05-03 08:33 - 01824808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-07-08 22:58 - 2014-05-03 06:51 - 01408976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-07-08 22:58 - 2014-05-02 00:37 - 01023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-07-08 22:58 - 2014-04-30 00:32 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-07-08 22:58 - 2014-04-30 00:32 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2014-07-08 22:58 - 2014-04-24 01:51 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-07-08 22:58 - 2014-04-24 01:51 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-08 22:58 - 2014-04-24 01:38 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-07-08 22:58 - 2014-04-24 01:38 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-08 22:58 - 2014-02-08 06:34 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-07-08 22:57 - 2014-07-01 00:42 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-07-08 22:57 - 2014-07-01 00:42 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-07-08 22:57 - 2014-07-01 00:42 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-07-08 22:57 - 2014-06-28 05:35 - 00556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-07-08 22:57 - 2014-06-19 04:12 - 02239488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-07-08 22:57 - 2014-06-19 04:12 - 01366528 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-07-08 22:57 - 2014-06-19 04:12 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2014-07-08 22:57 - 2014-06-19 04:12 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-07-08 22:57 - 2014-06-19 04:12 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-07-08 22:57 - 2014-06-19 04:11 - 19277312 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-07-08 22:57 - 2014-06-19 04:11 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-07-08 22:57 - 2014-06-19 04:11 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-07-08 22:57 - 2014-06-19 04:10 - 15369728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-07-08 22:57 - 2014-06-19 04:10 - 03959296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-07-08 22:57 - 2014-06-19 04:10 - 02650624 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-07-08 22:57 - 2014-06-19 04:10 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-07-08 22:57 - 2014-06-19 04:10 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-07-08 22:57 - 2014-06-19 04:10 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-07-08 22:57 - 2014-06-19 04:10 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-07-08 22:57 - 2014-06-19 04:10 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-07-08 22:57 - 2014-06-19 04:10 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2014-07-08 22:57 - 2014-06-19 04:10 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-07-08 22:57 - 2014-06-19 04:10 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-07-08 22:57 - 2014-06-19 04:10 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-07-08 22:57 - 2014-06-19 04:09 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-07-08 22:57 - 2014-06-19 02:53 - 14368768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-07-08 22:57 - 2014-06-19 02:53 - 01766400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-07-08 22:57 - 2014-06-19 02:53 - 01141760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-07-08 22:57 - 2014-06-19 02:53 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-07-08 22:57 - 2014-06-19 02:53 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-07-08 22:57 - 2014-06-19 02:53 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-07-08 22:57 - 2014-06-19 02:53 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-07-08 22:57 - 2014-06-19 02:52 - 13732352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-07-08 22:57 - 2014-06-19 02:52 - 02863616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-07-08 22:57 - 2014-06-19 02:52 - 02051072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-07-08 22:57 - 2014-06-19 02:52 - 01440768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-07-08 22:57 - 2014-06-19 02:52 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-07-08 22:57 - 2014-06-19 02:52 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-07-08 22:57 - 2014-06-19 02:52 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-07-08 22:57 - 2014-06-19 02:52 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-07-08 22:57 - 2014-06-19 02:52 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2014-07-08 22:57 - 2014-06-19 02:52 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-07-08 22:57 - 2014-06-19 02:52 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-07-08 22:57 - 2014-06-19 02:52 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-07-08 22:57 - 2014-06-19 02:33 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-07-08 22:57 - 2014-06-19 02:30 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-07-08 22:57 - 2014-06-19 00:05 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2014-07-08 22:57 - 2014-05-30 01:31 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2014-07-08 22:57 - 2014-05-30 01:03 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-07-08 22:57 - 2014-05-30 01:02 - 01281536 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-07-08 22:57 - 2014-05-30 01:02 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2014-07-08 22:56 - 2014-06-06 16:06 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-07-08 22:56 - 2014-06-06 12:17 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-07-08 22:56 - 2014-05-30 00:24 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-07-05 13:17 - 2014-07-14 20:09 - 00001161 _____ () C:\Users\Daniel\Desktop\CoreTemp.ini
2014-07-05 07:17 - 2014-07-14 20:28 - 00000000 ___RD () C:\Users\Daniel\Dropbox
2014-07-05 07:17 - 2014-07-05 11:36 - 00001021 _____ () C:\Users\Daniel\Desktop\Dropbox.lnk
2014-07-05 07:06 - 2014-07-14 20:28 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\DropboxMaster
2014-07-05 07:06 - 2014-07-05 11:36 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-07-05 07:03 - 2014-07-14 20:28 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Dropbox
2014-07-04 20:14 - 2014-07-04 20:14 - 00448400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNdisFlt.sys
2014-07-04 20:14 - 2014-07-04 20:14 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-06-23 18:14 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
2014-06-23 18:03 - 2014-06-23 18:03 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-06-23 18:03 - 2014-06-23 18:03 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Apple
2014-06-23 18:03 - 2014-06-23 18:03 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-06-23 18:02 - 2014-06-23 18:02 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-06-23 17:43 - 2014-06-23 17:44 - 112616784 _____ (Apple Inc.) C:\Users\Daniel\Downloads\iTunes64Setup.exe
2014-06-19 16:01 - 2014-07-14 20:26 - 00074808 _____ () C:\WINDOWS\setupact.log
2014-06-19 16:01 - 2014-06-19 16:01 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-06-19 16:00 - 2014-07-14 20:26 - 00014162 _____ () C:\WINDOWS\PFRO.log
2014-06-19 05:59 - 2014-06-19 20:53 - 00000041 _____ () C:\Users\Daniel\Desktop\Kennwort Netzwerk Home.txt
2014-06-18 19:12 - 2014-06-18 19:12 - 02347384 _____ (ESET) C:\Users\Daniel\Downloads\esetsmartinstaller_deu.exe
2014-06-18 19:02 - 2014-06-18 19:02 - 01016261 _____ (Thisisu) C:\Users\Daniel\Downloads\JRT_6.1.4(1).exe
2014-06-18 03:53 - 2014-06-18 03:53 - 00000000 ____H () C:\Users\Daniel\AppData\Local\BIT189E.tmp
2014-06-18 03:51 - 2014-06-18 03:51 - 00000000 _____ () C:\Users\Daniel\AppData\Local\{CED4D30C-A6BD-47C4-8937-F29FE156C14E}
2014-06-15 08:17 - 2014-06-15 08:17 - 00313256 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-06-15 08:17 - 2014-06-15 08:17 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-06-15 08:17 - 2014-06-15 08:17 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-06-15 08:17 - 2014-06-15 08:17 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
==================== One Month Modified Files and Folders =======
2014-07-14 20:43 - 2014-07-13 11:35 - 00000000 ____D () C:\FRST
2014-07-14 20:43 - 2013-12-24 14:01 - 00000000 ____D () C:\Users\Daniel\Desktop\Schutz software
2014-07-14 20:41 - 2014-07-14 20:41 - 00000617 _____ () C:\Users\Daniel\Desktop\JRT.txt
2014-07-14 20:37 - 2014-02-17 07:02 - 00001130 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-14 20:30 - 2014-07-14 20:30 - 01016261 _____ (Thisisu) C:\Users\Daniel\Desktop\JRT_6.1.4(2).exe
2014-07-14 20:29 - 2014-07-14 20:29 - 00002365 _____ () C:\Users\Daniel\Desktop\AdwCleaner[S11].txt
2014-07-14 20:28 - 2014-07-05 07:17 - 00000000 ___RD () C:\Users\Daniel\Dropbox
2014-07-14 20:28 - 2014-07-05 07:06 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\DropboxMaster
2014-07-14 20:28 - 2014-07-05 07:03 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Dropbox
2014-07-14 20:28 - 2014-03-15 13:37 - 01912362 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-14 20:27 - 2014-02-17 07:02 - 00001126 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-14 20:26 - 2014-06-19 16:01 - 00074808 _____ () C:\WINDOWS\setupact.log
2014-07-14 20:26 - 2014-06-19 16:00 - 00014162 _____ () C:\WINDOWS\PFRO.log
2014-07-14 20:26 - 2012-07-26 09:22 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-14 20:25 - 2014-01-01 19:51 - 00000000 ____D () C:\AdwCleaner
2014-07-14 20:23 - 2014-07-14 20:23 - 00001145 _____ () C:\Users\Daniel\Desktop\mbam.txt
2014-07-14 20:20 - 2013-06-23 13:46 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-07-14 20:09 - 2014-07-05 13:17 - 00001161 _____ () C:\Users\Daniel\Desktop\CoreTemp.ini
2014-07-14 20:02 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-07-14 20:00 - 2014-05-17 12:17 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-14 18:43 - 2012-01-07 11:03 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-14 18:21 - 2014-07-14 18:03 - 00000000 ____D () C:\Qoobox
2014-07-14 18:20 - 2014-07-14 18:20 - 00019148 _____ () C:\ComboFix.txt
2014-07-14 18:17 - 2012-07-26 07:26 - 00000215 _____ () C:\WINDOWS\system.ini
2014-07-14 18:02 - 2013-12-24 00:39 - 00000000 ____D () C:\WINDOWS\erdnt
2014-07-14 18:00 - 2014-07-14 18:00 - 05219590 ____R (Swearware) C:\Users\Daniel\Desktop\ComboFix.exe
2014-07-14 17:57 - 2013-08-30 10:31 - 00000000 ____D () C:\Users\Daniel\AppData\Local\FuzeZip
2014-07-14 17:55 - 2014-07-14 17:55 - 00001268 _____ () C:\Users\Daniel\Desktop\Revo Uninstaller.lnk
2014-07-14 17:55 - 2014-07-14 17:55 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-14 08:35 - 2014-01-03 07:32 - 00000000 ____D () C:\Users\Daniel\Tracing
2014-07-13 12:03 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-07-13 11:34 - 2014-07-13 11:34 - 00050477 _____ () C:\Users\Daniel\Downloads\Defogger.exe
2014-07-13 11:34 - 2014-07-13 11:34 - 00000474 _____ () C:\Users\Daniel\Downloads\defogger_disable.log
2014-07-13 11:34 - 2014-07-13 11:34 - 00000000 _____ () C:\Users\Daniel\defogger_reenable
2014-07-13 11:34 - 2012-11-16 21:30 - 00000000 ____D () C:\Users\Daniel
2014-07-13 11:00 - 2012-03-30 10:02 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Skyrim
2014-07-13 10:09 - 2014-03-23 15:15 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Battle.net
2014-07-13 10:09 - 2014-03-23 15:15 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-07-12 09:17 - 2013-08-28 15:44 - 00000000 ____D () C:\Program Files (x86)\JoWooD
2014-07-12 09:17 - 2011-11-09 19:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JoWooD
2014-07-11 10:36 - 2014-07-11 10:36 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-07-11 10:36 - 2014-07-11 10:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-11 10:36 - 2014-07-11 10:35 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-11 10:36 - 2014-07-11 10:35 - 00000000 ____D () C:\Program Files\iTunes
2014-07-11 10:36 - 2014-07-11 10:35 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-07-11 10:35 - 2014-07-11 10:35 - 00000000 ____D () C:\Program Files\iPod
2014-07-11 10:24 - 2013-06-21 16:09 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-07-10 05:03 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\rescache
2014-07-10 04:25 - 2012-07-26 07:26 - 00008192 _____ () C:\WINDOWS\system32\config\BBI
2014-07-10 04:23 - 2014-07-10 04:23 - 01348263 _____ () C:\Users\Daniel\Desktop\adwcleaner_3.215.exe
2014-07-10 04:13 - 2013-12-10 19:36 - 00001131 _____ () C:\Users\Public\Desktop\DivX Converter.lnk
2014-07-10 04:13 - 2013-12-10 19:36 - 00001066 _____ () C:\Users\Public\Desktop\DivX Player.lnk
2014-07-10 04:13 - 2013-12-10 19:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2014-07-10 04:13 - 2013-06-22 19:15 - 00001615 _____ () C:\Users\Daniel\Desktop\DivX Movies.lnk
2014-07-10 04:13 - 2012-04-08 10:24 - 00000000 ____D () C:\Program Files\DivX
2014-07-10 04:13 - 2012-04-08 10:24 - 00000000 ____D () C:\Program Files (x86)\DivX
2014-07-10 04:13 - 2012-04-08 10:23 - 00000000 ____D () C:\ProgramData\DivX
2014-07-10 04:11 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-07-10 03:53 - 2014-07-10 03:53 - 00445632 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-07-09 16:34 - 2012-07-26 12:27 - 00879766 _____ () C:\WINDOWS\system32\perfh007.dat
2014-07-09 16:34 - 2012-07-26 12:27 - 00203372 _____ () C:\WINDOWS\system32\perfc007.dat
2014-07-09 16:34 - 2012-07-26 09:28 - 02069876 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-09 06:42 - 2014-07-09 06:42 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-09 06:42 - 2012-07-26 12:29 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-09 06:42 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-09 06:42 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-09 06:42 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\WinStore
2014-07-09 06:31 - 2011-10-01 17:13 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-09 06:30 - 2013-08-14 07:42 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-07-09 06:24 - 2012-07-26 07:26 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-07-09 06:24 - 2011-09-26 06:40 - 96441528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-07-08 19:20 - 2013-06-23 13:46 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-07-08 04:04 - 2013-07-13 07:44 - 00002563 _____ () C:\Users\Public\Desktop\Free System Utilities.lnk
2014-07-07 19:48 - 2010-10-25 03:50 - 00000000 ____D () C:\ProgramData\Temp
2014-07-07 19:37 - 2013-08-01 06:12 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2014-07-05 13:10 - 2014-03-23 15:55 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-07-05 11:36 - 2014-07-05 07:17 - 00001021 _____ () C:\Users\Daniel\Desktop\Dropbox.lnk
2014-07-05 11:36 - 2014-07-05 07:06 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-07-04 20:15 - 2013-12-29 20:17 - 00001972 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-07-04 20:15 - 2013-06-21 16:09 - 00427360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-07-04 20:14 - 2014-07-04 20:14 - 00448400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNdisFlt.sys
2014-07-04 20:14 - 2014-07-04 20:14 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-07-04 20:14 - 2014-04-21 18:33 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-07-04 20:14 - 2013-12-22 17:54 - 00092008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
2014-07-04 20:14 - 2013-07-08 08:06 - 00028184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2014-07-04 20:14 - 2013-06-21 16:09 - 01041168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2014-07-04 20:14 - 2013-06-21 16:09 - 00307344 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-07-04 20:14 - 2013-06-21 16:09 - 00224896 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-07-04 20:14 - 2013-06-21 16:09 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-07-04 20:14 - 2013-06-21 16:09 - 00079184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-07-04 20:14 - 2013-06-21 16:09 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-07-01 00:42 - 2014-07-08 22:57 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-07-01 00:42 - 2014-07-08 22:57 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-07-01 00:42 - 2014-07-08 22:57 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-06-28 12:10 - 2013-09-19 06:46 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\vlc
2014-06-28 07:19 - 2013-07-27 07:17 - 00000000 ____D () C:\Users\Daniel\Downloads\backups
2014-06-28 05:35 - 2014-07-08 22:57 - 00556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-06-26 22:53 - 2013-09-12 05:55 - 00703968 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-06-26 22:53 - 2013-09-12 05:55 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-23 18:33 - 2012-11-16 22:07 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1252512109-3750120672-4145686215-1001
2014-06-23 18:13 - 2012-12-13 19:17 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-06-23 18:03 - 2014-06-23 18:03 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-06-23 18:03 - 2014-06-23 18:03 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Apple
2014-06-23 18:03 - 2014-06-23 18:03 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-06-23 18:02 - 2014-06-23 18:02 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-06-23 18:02 - 2012-12-13 19:16 - 00000000 ____D () C:\ProgramData\Apple
2014-06-23 17:44 - 2014-06-23 17:43 - 112616784 _____ (Apple Inc.) C:\Users\Daniel\Downloads\iTunes64Setup.exe
2014-06-23 17:32 - 2014-02-17 07:02 - 00004102 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-23 17:32 - 2014-02-17 07:02 - 00003866 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-23 05:46 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-06-20 06:29 - 2014-02-17 07:03 - 00002163 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-20 06:29 - 2013-12-30 19:26 - 00001139 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-20 06:29 - 2013-12-30 19:26 - 00001139 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-20 06:29 - 2011-09-24 11:45 - 00001383 _____ () C:\Users\Daniel\Desktop\Internet Explorer.lnk
2014-06-19 20:53 - 2014-06-19 05:59 - 00000041 _____ () C:\Users\Daniel\Desktop\Kennwort Netzwerk Home.txt
2014-06-19 16:01 - 2014-06-19 16:01 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-06-19 04:12 - 2014-07-08 22:57 - 02239488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-06-19 04:12 - 2014-07-08 22:57 - 01366528 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-06-19 04:12 - 2014-07-08 22:57 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2014-06-19 04:12 - 2014-07-08 22:57 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-06-19 04:12 - 2014-07-08 22:57 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-06-19 04:11 - 2014-07-08 22:57 - 19277312 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-06-19 04:11 - 2014-07-08 22:57 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-06-19 04:11 - 2014-07-08 22:57 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-06-19 04:10 - 2014-07-08 22:57 - 15369728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-06-19 04:10 - 2014-07-08 22:57 - 03959296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-06-19 04:10 - 2014-07-08 22:57 - 02650624 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-06-19 04:10 - 2014-07-08 22:57 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-06-19 04:10 - 2014-07-08 22:57 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-06-19 04:10 - 2014-07-08 22:57 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-06-19 04:10 - 2014-07-08 22:57 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-06-19 04:10 - 2014-07-08 22:57 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-06-19 04:10 - 2014-07-08 22:57 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2014-06-19 04:10 - 2014-07-08 22:57 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-06-19 04:10 - 2014-07-08 22:57 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-06-19 04:10 - 2014-07-08 22:57 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-06-19 04:09 - 2014-07-08 22:57 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-06-19 03:12 - 2014-04-21 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2014-06-19 03:12 - 2014-03-20 19:51 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\TS3Client
2014-06-19 03:11 - 2014-04-21 19:44 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-06-19 02:53 - 2014-07-08 22:57 - 14368768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-06-19 02:53 - 2014-07-08 22:57 - 01766400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-06-19 02:53 - 2014-07-08 22:57 - 01141760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-06-19 02:53 - 2014-07-08 22:57 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-06-19 02:53 - 2014-07-08 22:57 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-06-19 02:53 - 2014-07-08 22:57 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-06-19 02:53 - 2014-07-08 22:57 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-06-19 02:52 - 2014-07-08 22:57 - 13732352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-06-19 02:52 - 2014-07-08 22:57 - 02863616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-06-19 02:52 - 2014-07-08 22:57 - 02051072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-06-19 02:52 - 2014-07-08 22:57 - 01440768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-06-19 02:52 - 2014-07-08 22:57 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-06-19 02:52 - 2014-07-08 22:57 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-06-19 02:52 - 2014-07-08 22:57 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-06-19 02:52 - 2014-07-08 22:57 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-06-19 02:52 - 2014-07-08 22:57 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2014-06-19 02:52 - 2014-07-08 22:57 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-06-19 02:52 - 2014-07-08 22:57 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-06-19 02:52 - 2014-07-08 22:57 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-06-19 02:33 - 2014-07-08 22:57 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-06-19 02:30 - 2014-07-08 22:57 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-06-19 00:05 - 2014-07-08 22:57 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2014-06-18 19:12 - 2014-06-18 19:12 - 02347384 _____ (ESET) C:\Users\Daniel\Downloads\esetsmartinstaller_deu.exe
2014-06-18 19:02 - 2014-06-18 19:02 - 01016261 _____ (Thisisu) C:\Users\Daniel\Downloads\JRT_6.1.4(1).exe
2014-06-18 18:40 - 2014-06-04 05:34 - 00003852 _____ () C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1394894571
2014-06-18 18:40 - 2014-03-15 16:42 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-06-18 03:53 - 2014-06-18 03:53 - 00000000 ____H () C:\Users\Daniel\AppData\Local\BIT189E.tmp
2014-06-18 03:51 - 2014-06-18 03:51 - 00000000 _____ () C:\Users\Daniel\AppData\Local\{CED4D30C-A6BD-47C4-8937-F29FE156C14E}
2014-06-18 01:27 - 2014-07-08 22:58 - 01440256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-06-18 01:24 - 2014-07-08 22:58 - 01557504 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-06-16 18:10 - 2013-09-19 06:23 - 00000000 ____D () C:\ProgramData\Oracle
2014-06-16 18:09 - 2013-12-25 19:52 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-06-16 18:09 - 2013-12-25 19:52 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-06-16 18:09 - 2013-12-25 19:52 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-06-16 18:09 - 2013-06-24 17:40 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-06-16 18:09 - 2013-06-24 17:40 - 00000000 ____D () C:\Program Files (x86)\Java
2014-06-15 08:17 - 2014-06-15 08:17 - 00313256 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-06-15 08:17 - 2014-06-15 08:17 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-06-15 08:17 - 2014-06-15 08:17 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-06-15 08:17 - 2014-06-15 08:17 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
Some content of TEMP:
====================
C:\Users\Daniel\AppData\Local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfxzh1d.dll
C:\Users\Daniel\AppData\Local\temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-07-14 20:39
==================== End Of Log ============================
         Grüße LuciLu | 
|  15.07.2014, 19:22 | #8 | 
| /// the machine /// TB-Ausbilder         |   Programme ruckeln stark und laufen instabil.ESET Online Scanner 
 Downloade Dir bitte  SecurityCheck und: 
 und ein frisches FRST log bitte. Noch Probleme?   
				__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! | 
|  17.07.2014, 08:55 | #9 | 
|   |   Programme ruckeln stark und laufen instabil. Der Rechner läuft besser als vorher. Ich habe aber mittlerweile gemerkt das die CPU, trotz funktionierenden Kühlers, stark erhitzt. Vieleicht kommt daher die Instabilität in den Programmen? Der Eset online scanner hat 6 eventuell unerwünschte Programme gefunden, welche aber noch auf dem Rechner verblieben sind, da ich das entsprechende Häkchen im Kontrollkästchen nicht makiert habe. Sind die Programme ein Problem oder stören die nicht weiter? Eset Code: 
  ATTFilter ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=18642e6d5d40174faad58a65a98a7f79
# engine=19205
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-07-16 03:58:27
# local_time=2014-07-16 05:58:27 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='avast! Internet Security'
# compatibility_mode=781 16777213 100 97 990597 169946797 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 989988 9917196 0 0
# scanned=10440
# found=4
# cleaned=0
# scan_time=112
sh=A39C55E362199542330244B280735468B730D9E2 ft=1 fh=349dd8a04a8f8b58 vn="Variante von MSIL/AdvancedSystemProtector.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe.vir"
sh=22D2DDD066089C7CE3D77251A17EE75198A1342B ft=1 fh=da73685930070287 vn="Variante von MSIL/AdvancedSystemProtector.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced System Protector\AspManager.exe.vir"
sh=866698A8AC36996FDF5AB67F502FEA5955C7C450 ft=1 fh=181b648461105be7 vn="Variante von MSIL/AdvancedSystemProtector.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced System Protector\filetypehelper.exe.vir"
sh=70F105875DE6420CEDC5674F3F3C0ED9D4BE5728 ft=1 fh=43fda2c9df0909f5 vn="Variante von MSIL/AdvancedSystemProtector.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced System Protector\scandll.dll.vir"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=18642e6d5d40174faad58a65a98a7f79
# engine=19214
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-07-17 07:33:03
# local_time=2014-07-17 09:33:03 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='avast! Internet Security'
# compatibility_mode=781 16777213 100 97 1046673 170002873 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 1046064 9973272 0 0
# scanned=382585
# found=6
# cleaned=0
# scan_time=10193
sh=A39C55E362199542330244B280735468B730D9E2 ft=1 fh=349dd8a04a8f8b58 vn="Variante von MSIL/AdvancedSystemProtector.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe.vir"
sh=22D2DDD066089C7CE3D77251A17EE75198A1342B ft=1 fh=da73685930070287 vn="Variante von MSIL/AdvancedSystemProtector.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced System Protector\AspManager.exe.vir"
sh=866698A8AC36996FDF5AB67F502FEA5955C7C450 ft=1 fh=181b648461105be7 vn="Variante von MSIL/AdvancedSystemProtector.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced System Protector\filetypehelper.exe.vir"
sh=70F105875DE6420CEDC5674F3F3C0ED9D4BE5728 ft=1 fh=43fda2c9df0909f5 vn="Variante von MSIL/AdvancedSystemProtector.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced System Protector\scandll.dll.vir"
sh=DD059BE71DAED56C064CB4E40B8D647742431C91 ft=1 fh=361afbacca4ef025 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Daniel\Downloads\WiseConvert (1).exe"
sh=DD059BE71DAED56C064CB4E40B8D647742431C91 ft=1 fh=361afbacca4ef025 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Daniel\Downloads\WiseConvert.exe"
         Code: 
  ATTFilter  Results of screen317's Security Check version 0.99.85  
   x64 (UAC is enabled)  
 Internet Explorer 10 Out of date! 
``````````````Antivirus/Firewall Check:`````````````` 
Windows Defender   
avast! Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 SpywareBlaster 5.0    
 Spyware Terminator 2012   
 TuneUp Utilities 2013   
 TuneUp Utilities Language Pack (de-DE) 
 Java 7 Update 60  
 Java 7 Update 10  
 Adobe Flash Player 	14.0.0.145  
 Adobe Reader XI  
 Mozilla Firefox (30.0) 
 Google Chrome 35.0.1916.114  
 Google Chrome 35.0.1916.153  
````````Process Check: objlist.exe by Laurent````````  
 WinPatrol winpatrol.exe 
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast afwServ.exe  
 AVAST Software Avast AvastUI.exe  
 BillP Studios WinPatrol WinPatrol.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
         FRST Logfile: FRST Logfile: FRST Logfile: Code: 
  ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-07-2014
Ran by Daniel (administrator) on DANIEL-PC on 17-07-2014 09:42:04
Running from C:\Users\Daniel\Desktop\Schutz software
Platform: Windows 8 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Softwareentwicklung Remus - ArchiCrypt) C:\Program Files (x86)\ArchiCrypt\ArchiCrypt Shredder 6\ArchiCryptInjector64.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(BillP Studios) C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
(Audible, Inc.) C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Dropbox, Inc.) C:\Users\Daniel\AppData\Roaming\Dropbox\bin\Dropbox.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2817872 2012-04-25] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11106408 2010-08-04] (Realtek Semiconductor)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2777736 2013-04-03] (Crawler.com)
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [3684488 2013-04-03] (Crawler.com)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-03] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-07-04] (AVAST Software)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [455512 2014-05-28] (DivX, LLC)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
HKLM\...\Policies\Explorer: [HideRunAsVerb] 0
HKLM\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1252512109-3750120672-4145686215-1001\...\Run: [WinPatrol] => C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe [496192 2014-02-25] (BillP Studios)
HKU\S-1-5-21-1252512109-3750120672-4145686215-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2014-02-17] (Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Audible Download Manager.lnk
ShortcutTarget: Audible Download Manager.lnk -> C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe (Audible, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKCU - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: WEB.DE MailCheck BHO - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll ()
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM-x32 - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll ()
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - No Name - {D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} -  No File
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll ()
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ckgp53fe.default
FF DefaultSearchEngine: Yahoo! (Avast)
FF SearchEngineOrder.1: Yahoo! (Avast)
FF SelectedSearchEngine: Yahoo! (Avast)
FF Homepage: https://de.yahoo.com?fr=hp-avast&type=avastbcl
FF Keyword.URL: https://de.search.yahoo.com/yhs/search
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @real.com/nppl3260;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ckgp53fe.default\searchplugins\yahoo-avast.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: WOT - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ckgp53fe.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-12-29]
FF Extension: NoScript - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ckgp53fe.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-12-29]
FF Extension: Adblock Plus - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\ckgp53fe.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-29]
FF HKLM-x32\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-06-11]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-06-21]
Chrome: 
=======
CHR HomePage: https://de.yahoo.com?fr=hp-avast&type=avastbcl
CHR StartupUrls: "https://de.yahoo.com?fr=hp-avast&type=avastbcl"
CHR Extension: (Google Docs) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-17]
CHR Extension: (Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-17]
CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-17]
CHR Extension: (Google-Suche) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-17]
CHR Extension: (avast! Online Security) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-03-13]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2014-02-17]
CHR Extension: (Skype Click to Call) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-02-17]
CHR Extension: (Google Wallet) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-17]
CHR Extension: (Google Mail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-17]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-04]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-06-11]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-10-02]
CHR HKLM-x32\...\Chrome\Extension: [ommhmgednjnodcljhlljkaiidghdmikk] - C:\Users\Daniel\AppData\Local\Temp\ccex.crx [2012-10-02]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 ArchiCrypt Sichere Loeschzonen; C:\Program Files (x86)\ArchiCrypt\ArchiCrypt Shredder 6\ArchiCryptInjector64.exe [320600 2013-10-21] (Softwareentwicklung Remus - ArchiCrypt)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-04] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [106488 2014-07-04] (AVAST Software)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2255064 2013-10-28] (Broadcom Corporation.)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [25088 2012-07-26] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S4 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2014-01-27] ()
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1149104 2013-04-03] (Crawler.com)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2412344 2014-01-28] (TuneUp Software)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [471552 2012-07-26] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-04] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-07-04] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-04] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [448400 2014-07-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-04] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-04] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-04] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-04] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-04] ()
S4 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [30568 2012-11-08] (AVG Technologies)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-10-28] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation)
R1 HssDRV6; C:\Windows\system32\DRIVERS\hssdrv6.sys [44744 2014-02-28] (AnchorFree Inc.)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-14] (Malwarebytes Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [185856 2012-07-26] (Microsoft Corporation)
S3 rtport; C:\Windows\SysWOW64\drivers\rtport.sys [15144 2011-04-06] (Windows (R) 2003 DDK 3790 provider)
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2013-07-28] (Windows (R) Win 7 DDK provider)
R3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2014-02-28] (Anchorfree Inc.)
S3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-09-19] (TuneUp Software)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13832 2010-04-16] ()
S3 wmbclass; C:\Windows\system32\DRIVERS\wmbclass.sys [230912 2013-04-09] (Microsoft Corporation)
R3 yukonw8; C:\Windows\system32\DRIVERS\yk63x64.sys [287232 2012-06-02] (Marvell)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U3 idsvc; 
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-14 20:41 - 2014-07-14 20:41 - 00000617 _____ () C:\Users\Daniel\Desktop\JRT.txt
2014-07-14 20:30 - 2014-07-14 20:30 - 01016261 _____ (Thisisu) C:\Users\Daniel\Desktop\JRT_6.1.4(2).exe
2014-07-14 20:29 - 2014-07-14 20:47 - 00002365 _____ () C:\Users\Daniel\Desktop\AdwCleaner[S11].txt
2014-07-14 20:23 - 2014-07-14 20:23 - 00001145 _____ () C:\Users\Daniel\Desktop\mbam.txt
2014-07-14 18:20 - 2014-07-14 18:20 - 00019148 _____ () C:\ComboFix.txt
2014-07-14 18:03 - 2014-07-14 18:21 - 00000000 ____D () C:\Qoobox
2014-07-14 18:03 - 2011-06-26 08:45 - 00256000 _____ () C:\WINDOWS\PEV.exe
2014-07-14 18:03 - 2010-11-07 19:20 - 00208896 _____ () C:\WINDOWS\MBR.exe
2014-07-14 18:03 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2014-07-14 18:03 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2014-07-14 18:03 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2014-07-14 18:03 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2014-07-14 18:03 - 2000-08-31 02:00 - 00098816 _____ () C:\WINDOWS\sed.exe
2014-07-14 18:03 - 2000-08-31 02:00 - 00080412 _____ () C:\WINDOWS\grep.exe
2014-07-14 18:03 - 2000-08-31 02:00 - 00068096 _____ () C:\WINDOWS\zip.exe
2014-07-14 18:00 - 2014-07-14 18:00 - 05219590 ____R (Swearware) C:\Users\Daniel\Desktop\ComboFix.exe
2014-07-14 17:55 - 2014-07-14 17:55 - 00001268 _____ () C:\Users\Daniel\Desktop\Revo Uninstaller.lnk
2014-07-14 17:55 - 2014-07-14 17:55 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-13 11:35 - 2014-07-17 09:42 - 00000000 ____D () C:\FRST
2014-07-13 11:34 - 2014-07-13 11:34 - 00050477 _____ () C:\Users\Daniel\Downloads\Defogger.exe
2014-07-13 11:34 - 2014-07-13 11:34 - 00000474 _____ () C:\Users\Daniel\Downloads\defogger_disable.log
2014-07-13 11:34 - 2014-07-13 11:34 - 00000000 _____ () C:\Users\Daniel\defogger_reenable
2014-07-11 10:36 - 2014-07-11 10:36 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-07-11 10:36 - 2014-07-11 10:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-11 10:35 - 2014-07-11 10:36 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-11 10:35 - 2014-07-11 10:36 - 00000000 ____D () C:\Program Files\iTunes
2014-07-11 10:35 - 2014-07-11 10:36 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-07-11 10:35 - 2014-07-11 10:35 - 00000000 ____D () C:\Program Files\iPod
2014-07-10 04:23 - 2014-07-10 04:23 - 01348263 _____ () C:\Users\Daniel\Desktop\adwcleaner_3.215.exe
2014-07-10 04:11 - 2014-05-29 06:04 - 00094552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2014-07-10 04:11 - 2014-05-08 03:34 - 00328024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-07-10 03:53 - 2014-07-10 03:53 - 00445632 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-07-09 06:42 - 2014-07-09 06:42 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-08 22:58 - 2014-06-18 01:27 - 01440256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-07-08 22:58 - 2014-06-18 01:24 - 01557504 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-07-08 22:58 - 2014-06-11 06:18 - 04038144 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-07-08 22:58 - 2014-06-03 00:33 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2014-07-08 22:58 - 2014-05-03 08:34 - 06974808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-07-08 22:58 - 2014-05-03 08:33 - 01824808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-07-08 22:58 - 2014-05-03 06:51 - 01408976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-07-08 22:58 - 2014-05-02 00:37 - 01023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-07-08 22:58 - 2014-04-30 00:32 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-07-08 22:58 - 2014-04-30 00:32 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2014-07-08 22:58 - 2014-04-24 01:51 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-07-08 22:58 - 2014-04-24 01:51 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-08 22:58 - 2014-04-24 01:38 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-07-08 22:58 - 2014-04-24 01:38 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-08 22:58 - 2014-02-08 06:34 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-07-08 22:57 - 2014-07-01 00:42 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-07-08 22:57 - 2014-07-01 00:42 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-07-08 22:57 - 2014-07-01 00:42 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-07-08 22:57 - 2014-06-28 05:35 - 00556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-07-08 22:57 - 2014-06-19 04:12 - 02239488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-07-08 22:57 - 2014-06-19 04:12 - 01366528 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-07-08 22:57 - 2014-06-19 04:12 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2014-07-08 22:57 - 2014-06-19 04:12 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-07-08 22:57 - 2014-06-19 04:12 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-07-08 22:57 - 2014-06-19 04:11 - 19277312 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-07-08 22:57 - 2014-06-19 04:11 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-07-08 22:57 - 2014-06-19 04:11 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-07-08 22:57 - 2014-06-19 04:10 - 15369728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-07-08 22:57 - 2014-06-19 04:10 - 03959296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-07-08 22:57 - 2014-06-19 04:10 - 02650624 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-07-08 22:57 - 2014-06-19 04:10 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-07-08 22:57 - 2014-06-19 04:10 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-07-08 22:57 - 2014-06-19 04:10 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-07-08 22:57 - 2014-06-19 04:10 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-07-08 22:57 - 2014-06-19 04:10 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-07-08 22:57 - 2014-06-19 04:10 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2014-07-08 22:57 - 2014-06-19 04:10 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-07-08 22:57 - 2014-06-19 04:10 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-07-08 22:57 - 2014-06-19 04:10 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-07-08 22:57 - 2014-06-19 04:09 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-07-08 22:57 - 2014-06-19 02:53 - 14368768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-07-08 22:57 - 2014-06-19 02:53 - 01766400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-07-08 22:57 - 2014-06-19 02:53 - 01141760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-07-08 22:57 - 2014-06-19 02:53 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-07-08 22:57 - 2014-06-19 02:53 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-07-08 22:57 - 2014-06-19 02:53 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-07-08 22:57 - 2014-06-19 02:53 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-07-08 22:57 - 2014-06-19 02:52 - 13732352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-07-08 22:57 - 2014-06-19 02:52 - 02863616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-07-08 22:57 - 2014-06-19 02:52 - 02051072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-07-08 22:57 - 2014-06-19 02:52 - 01440768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-07-08 22:57 - 2014-06-19 02:52 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-07-08 22:57 - 2014-06-19 02:52 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-07-08 22:57 - 2014-06-19 02:52 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-07-08 22:57 - 2014-06-19 02:52 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-07-08 22:57 - 2014-06-19 02:52 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2014-07-08 22:57 - 2014-06-19 02:52 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-07-08 22:57 - 2014-06-19 02:52 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-07-08 22:57 - 2014-06-19 02:52 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-07-08 22:57 - 2014-06-19 02:33 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-07-08 22:57 - 2014-06-19 02:30 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-07-08 22:57 - 2014-06-19 00:05 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2014-07-08 22:57 - 2014-05-30 01:31 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2014-07-08 22:57 - 2014-05-30 01:03 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-07-08 22:57 - 2014-05-30 01:02 - 01281536 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-07-08 22:57 - 2014-05-30 01:02 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2014-07-08 22:56 - 2014-06-06 16:06 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-07-08 22:56 - 2014-06-06 12:17 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-07-08 22:56 - 2014-05-30 00:24 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-07-05 13:17 - 2014-07-17 09:06 - 00001161 _____ () C:\Users\Daniel\Desktop\CoreTemp.ini
2014-07-05 07:17 - 2014-07-17 05:30 - 00000000 ___RD () C:\Users\Daniel\Dropbox
2014-07-05 07:17 - 2014-07-05 11:36 - 00001021 _____ () C:\Users\Daniel\Desktop\Dropbox.lnk
2014-07-05 07:06 - 2014-07-17 05:30 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\DropboxMaster
2014-07-05 07:06 - 2014-07-05 11:36 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-07-05 07:03 - 2014-07-17 05:30 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Dropbox
2014-07-04 20:14 - 2014-07-04 20:14 - 00448400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNdisFlt.sys
2014-07-04 20:14 - 2014-07-04 20:14 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-06-23 18:14 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
2014-06-23 18:03 - 2014-06-23 18:03 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-06-23 18:03 - 2014-06-23 18:03 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Apple
2014-06-23 18:03 - 2014-06-23 18:03 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-06-23 18:02 - 2014-06-23 18:02 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-06-23 17:43 - 2014-06-23 17:44 - 112616784 _____ (Apple Inc.) C:\Users\Daniel\Downloads\iTunes64Setup.exe
2014-06-19 16:01 - 2014-07-17 05:27 - 00082680 _____ () C:\WINDOWS\setupact.log
2014-06-19 16:01 - 2014-06-19 16:01 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-06-19 16:00 - 2014-07-17 05:27 - 00014690 _____ () C:\WINDOWS\PFRO.log
2014-06-19 05:59 - 2014-06-19 20:53 - 00000041 _____ () C:\Users\Daniel\Desktop\Kennwort Netzwerk Home.txt
2014-06-18 19:12 - 2014-06-18 19:12 - 02347384 _____ (ESET) C:\Users\Daniel\Downloads\esetsmartinstaller_deu.exe
2014-06-18 19:02 - 2014-06-18 19:02 - 01016261 _____ (Thisisu) C:\Users\Daniel\Downloads\JRT_6.1.4(1).exe
2014-06-18 03:53 - 2014-06-18 03:53 - 00000000 ____H () C:\Users\Daniel\AppData\Local\BIT189E.tmp
2014-06-18 03:51 - 2014-06-18 03:51 - 00000000 _____ () C:\Users\Daniel\AppData\Local\{CED4D30C-A6BD-47C4-8937-F29FE156C14E}
==================== One Month Modified Files and Folders =======
2014-07-17 09:42 - 2014-07-13 11:35 - 00000000 ____D () C:\FRST
2014-07-17 09:42 - 2013-12-24 14:01 - 00000000 ____D () C:\Users\Daniel\Desktop\Schutz software
2014-07-17 09:37 - 2014-02-17 07:02 - 00001130 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-17 09:20 - 2013-06-23 13:46 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-07-17 09:06 - 2014-07-05 13:17 - 00001161 _____ () C:\Users\Daniel\Desktop\CoreTemp.ini
2014-07-17 09:02 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-07-17 08:11 - 2014-03-15 13:37 - 01099432 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-17 05:30 - 2014-07-05 07:17 - 00000000 ___RD () C:\Users\Daniel\Dropbox
2014-07-17 05:30 - 2014-07-05 07:06 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\DropboxMaster
2014-07-17 05:30 - 2014-07-05 07:03 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Dropbox
2014-07-17 05:28 - 2014-02-17 07:02 - 00001126 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-17 05:27 - 2014-06-19 16:01 - 00082680 _____ () C:\WINDOWS\setupact.log
2014-07-17 05:27 - 2014-06-19 16:00 - 00014690 _____ () C:\WINDOWS\PFRO.log
2014-07-17 05:27 - 2012-07-26 09:22 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-16 13:08 - 2014-03-23 15:15 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Battle.net
2014-07-16 13:02 - 2014-03-23 15:15 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-07-14 20:47 - 2014-07-14 20:29 - 00002365 _____ () C:\Users\Daniel\Desktop\AdwCleaner[S11].txt
2014-07-14 20:41 - 2014-07-14 20:41 - 00000617 _____ () C:\Users\Daniel\Desktop\JRT.txt
2014-07-14 20:30 - 2014-07-14 20:30 - 01016261 _____ (Thisisu) C:\Users\Daniel\Desktop\JRT_6.1.4(2).exe
2014-07-14 20:25 - 2014-01-01 19:51 - 00000000 ____D () C:\AdwCleaner
2014-07-14 20:23 - 2014-07-14 20:23 - 00001145 _____ () C:\Users\Daniel\Desktop\mbam.txt
2014-07-14 20:00 - 2014-05-17 12:17 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-14 18:43 - 2012-01-07 11:03 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-14 18:21 - 2014-07-14 18:03 - 00000000 ____D () C:\Qoobox
2014-07-14 18:20 - 2014-07-14 18:20 - 00019148 _____ () C:\ComboFix.txt
2014-07-14 18:17 - 2012-07-26 07:26 - 00000215 _____ () C:\WINDOWS\system.ini
2014-07-14 18:02 - 2013-12-24 00:39 - 00000000 ____D () C:\WINDOWS\erdnt
2014-07-14 18:00 - 2014-07-14 18:00 - 05219590 ____R (Swearware) C:\Users\Daniel\Desktop\ComboFix.exe
2014-07-14 17:57 - 2013-08-30 10:31 - 00000000 ____D () C:\Users\Daniel\AppData\Local\FuzeZip
2014-07-14 17:55 - 2014-07-14 17:55 - 00001268 _____ () C:\Users\Daniel\Desktop\Revo Uninstaller.lnk
2014-07-14 17:55 - 2014-07-14 17:55 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-14 08:35 - 2014-01-03 07:32 - 00000000 ____D () C:\Users\Daniel\Tracing
2014-07-13 12:03 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-07-13 11:34 - 2014-07-13 11:34 - 00050477 _____ () C:\Users\Daniel\Downloads\Defogger.exe
2014-07-13 11:34 - 2014-07-13 11:34 - 00000474 _____ () C:\Users\Daniel\Downloads\defogger_disable.log
2014-07-13 11:34 - 2014-07-13 11:34 - 00000000 _____ () C:\Users\Daniel\defogger_reenable
2014-07-13 11:34 - 2012-11-16 21:30 - 00000000 ____D () C:\Users\Daniel
2014-07-13 11:00 - 2012-03-30 10:02 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Skyrim
2014-07-12 09:17 - 2013-08-28 15:44 - 00000000 ____D () C:\Program Files (x86)\JoWooD
2014-07-12 09:17 - 2011-11-09 19:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JoWooD
2014-07-11 10:36 - 2014-07-11 10:36 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-07-11 10:36 - 2014-07-11 10:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-11 10:36 - 2014-07-11 10:35 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-11 10:36 - 2014-07-11 10:35 - 00000000 ____D () C:\Program Files\iTunes
2014-07-11 10:36 - 2014-07-11 10:35 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-07-11 10:35 - 2014-07-11 10:35 - 00000000 ____D () C:\Program Files\iPod
2014-07-11 10:24 - 2013-06-21 16:09 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-07-10 05:03 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\rescache
2014-07-10 04:25 - 2012-07-26 07:26 - 00008192 _____ () C:\WINDOWS\system32\config\BBI
2014-07-10 04:23 - 2014-07-10 04:23 - 01348263 _____ () C:\Users\Daniel\Desktop\adwcleaner_3.215.exe
2014-07-10 04:13 - 2013-12-10 19:36 - 00001131 _____ () C:\Users\Public\Desktop\DivX Converter.lnk
2014-07-10 04:13 - 2013-12-10 19:36 - 00001066 _____ () C:\Users\Public\Desktop\DivX Player.lnk
2014-07-10 04:13 - 2013-12-10 19:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2014-07-10 04:13 - 2013-06-22 19:15 - 00001615 _____ () C:\Users\Daniel\Desktop\DivX Movies.lnk
2014-07-10 04:13 - 2012-04-08 10:24 - 00000000 ____D () C:\Program Files\DivX
2014-07-10 04:13 - 2012-04-08 10:24 - 00000000 ____D () C:\Program Files (x86)\DivX
2014-07-10 04:13 - 2012-04-08 10:23 - 00000000 ____D () C:\ProgramData\DivX
2014-07-10 04:11 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-07-10 03:53 - 2014-07-10 03:53 - 00445632 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-07-09 16:34 - 2012-07-26 12:27 - 00879766 _____ () C:\WINDOWS\system32\perfh007.dat
2014-07-09 16:34 - 2012-07-26 12:27 - 00203372 _____ () C:\WINDOWS\system32\perfc007.dat
2014-07-09 16:34 - 2012-07-26 09:28 - 02069876 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-09 06:42 - 2014-07-09 06:42 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-09 06:42 - 2012-07-26 12:29 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-09 06:42 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-09 06:42 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-09 06:42 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\WinStore
2014-07-09 06:31 - 2011-10-01 17:13 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-09 06:30 - 2013-08-14 07:42 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-07-09 06:24 - 2012-07-26 07:26 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-07-09 06:24 - 2011-09-26 06:40 - 96441528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-07-08 19:20 - 2013-06-23 13:46 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-07-08 04:04 - 2013-07-13 07:44 - 00002563 _____ () C:\Users\Public\Desktop\Free System Utilities.lnk
2014-07-07 19:48 - 2010-10-25 03:50 - 00000000 ____D () C:\ProgramData\Temp
2014-07-07 19:37 - 2013-08-01 06:12 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2014-07-05 13:10 - 2014-03-23 15:55 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-07-05 11:36 - 2014-07-05 07:17 - 00001021 _____ () C:\Users\Daniel\Desktop\Dropbox.lnk
2014-07-05 11:36 - 2014-07-05 07:06 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-07-04 20:15 - 2013-12-29 20:17 - 00001972 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-07-04 20:15 - 2013-06-21 16:09 - 00427360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-07-04 20:14 - 2014-07-04 20:14 - 00448400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNdisFlt.sys
2014-07-04 20:14 - 2014-07-04 20:14 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-07-04 20:14 - 2014-04-21 18:33 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-07-04 20:14 - 2013-12-22 17:54 - 00092008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
2014-07-04 20:14 - 2013-07-08 08:06 - 00028184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2014-07-04 20:14 - 2013-06-21 16:09 - 01041168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2014-07-04 20:14 - 2013-06-21 16:09 - 00307344 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-07-04 20:14 - 2013-06-21 16:09 - 00224896 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-07-04 20:14 - 2013-06-21 16:09 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-07-04 20:14 - 2013-06-21 16:09 - 00079184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-07-04 20:14 - 2013-06-21 16:09 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-07-01 00:42 - 2014-07-08 22:57 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-07-01 00:42 - 2014-07-08 22:57 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-07-01 00:42 - 2014-07-08 22:57 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-06-28 12:10 - 2013-09-19 06:46 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\vlc
2014-06-28 07:19 - 2013-07-27 07:17 - 00000000 ____D () C:\Users\Daniel\Downloads\backups
2014-06-28 05:35 - 2014-07-08 22:57 - 00556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-06-26 22:53 - 2013-09-12 05:55 - 00703968 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-06-26 22:53 - 2013-09-12 05:55 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-23 18:33 - 2012-11-16 22:07 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1252512109-3750120672-4145686215-1001
2014-06-23 18:13 - 2012-12-13 19:17 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-06-23 18:03 - 2014-06-23 18:03 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-06-23 18:03 - 2014-06-23 18:03 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Apple
2014-06-23 18:03 - 2014-06-23 18:03 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-06-23 18:02 - 2014-06-23 18:02 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-06-23 18:02 - 2012-12-13 19:16 - 00000000 ____D () C:\ProgramData\Apple
2014-06-23 17:44 - 2014-06-23 17:43 - 112616784 _____ (Apple Inc.) C:\Users\Daniel\Downloads\iTunes64Setup.exe
2014-06-23 17:32 - 2014-02-17 07:02 - 00004102 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-23 17:32 - 2014-02-17 07:02 - 00003866 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-23 05:46 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-06-20 06:29 - 2014-02-17 07:03 - 00002163 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-20 06:29 - 2013-12-30 19:26 - 00001139 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-20 06:29 - 2013-12-30 19:26 - 00001139 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-20 06:29 - 2011-09-24 11:45 - 00001383 _____ () C:\Users\Daniel\Desktop\Internet Explorer.lnk
2014-06-19 20:53 - 2014-06-19 05:59 - 00000041 _____ () C:\Users\Daniel\Desktop\Kennwort Netzwerk Home.txt
2014-06-19 16:01 - 2014-06-19 16:01 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-06-19 04:12 - 2014-07-08 22:57 - 02239488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-06-19 04:12 - 2014-07-08 22:57 - 01366528 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-06-19 04:12 - 2014-07-08 22:57 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2014-06-19 04:12 - 2014-07-08 22:57 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-06-19 04:12 - 2014-07-08 22:57 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-06-19 04:11 - 2014-07-08 22:57 - 19277312 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-06-19 04:11 - 2014-07-08 22:57 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-06-19 04:11 - 2014-07-08 22:57 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-06-19 04:10 - 2014-07-08 22:57 - 15369728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-06-19 04:10 - 2014-07-08 22:57 - 03959296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-06-19 04:10 - 2014-07-08 22:57 - 02650624 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-06-19 04:10 - 2014-07-08 22:57 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-06-19 04:10 - 2014-07-08 22:57 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-06-19 04:10 - 2014-07-08 22:57 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-06-19 04:10 - 2014-07-08 22:57 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-06-19 04:10 - 2014-07-08 22:57 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-06-19 04:10 - 2014-07-08 22:57 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2014-06-19 04:10 - 2014-07-08 22:57 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-06-19 04:10 - 2014-07-08 22:57 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-06-19 04:10 - 2014-07-08 22:57 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-06-19 04:09 - 2014-07-08 22:57 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-06-19 03:12 - 2014-04-21 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2014-06-19 03:12 - 2014-03-20 19:51 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\TS3Client
2014-06-19 03:11 - 2014-04-21 19:44 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-06-19 02:53 - 2014-07-08 22:57 - 14368768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-06-19 02:53 - 2014-07-08 22:57 - 01766400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-06-19 02:53 - 2014-07-08 22:57 - 01141760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-06-19 02:53 - 2014-07-08 22:57 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-06-19 02:53 - 2014-07-08 22:57 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-06-19 02:53 - 2014-07-08 22:57 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-06-19 02:53 - 2014-07-08 22:57 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-06-19 02:52 - 2014-07-08 22:57 - 13732352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-06-19 02:52 - 2014-07-08 22:57 - 02863616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-06-19 02:52 - 2014-07-08 22:57 - 02051072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-06-19 02:52 - 2014-07-08 22:57 - 01440768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-06-19 02:52 - 2014-07-08 22:57 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-06-19 02:52 - 2014-07-08 22:57 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-06-19 02:52 - 2014-07-08 22:57 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-06-19 02:52 - 2014-07-08 22:57 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-06-19 02:52 - 2014-07-08 22:57 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2014-06-19 02:52 - 2014-07-08 22:57 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-06-19 02:52 - 2014-07-08 22:57 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-06-19 02:52 - 2014-07-08 22:57 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-06-19 02:33 - 2014-07-08 22:57 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-06-19 02:30 - 2014-07-08 22:57 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-06-19 00:05 - 2014-07-08 22:57 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2014-06-18 19:12 - 2014-06-18 19:12 - 02347384 _____ (ESET) C:\Users\Daniel\Downloads\esetsmartinstaller_deu.exe
2014-06-18 19:02 - 2014-06-18 19:02 - 01016261 _____ (Thisisu) C:\Users\Daniel\Downloads\JRT_6.1.4(1).exe
2014-06-18 18:40 - 2014-06-04 05:34 - 00003852 _____ () C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1394894571
2014-06-18 18:40 - 2014-03-15 16:42 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-06-18 03:53 - 2014-06-18 03:53 - 00000000 ____H () C:\Users\Daniel\AppData\Local\BIT189E.tmp
2014-06-18 03:51 - 2014-06-18 03:51 - 00000000 _____ () C:\Users\Daniel\AppData\Local\{CED4D30C-A6BD-47C4-8937-F29FE156C14E}
2014-06-18 01:27 - 2014-07-08 22:58 - 01440256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-06-18 01:24 - 2014-07-08 22:58 - 01557504 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
Some content of TEMP:
====================
C:\Users\Daniel\AppData\Local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphu3eyj.dll
C:\Users\Daniel\AppData\Local\temp\Quarantine.exe
C:\Users\Daniel\AppData\Local\temp\WEB.DE_Toolbar_IE_Setup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-07-17 05:40
==================== End Of Log ============================
         --- --- --- --- --- --- Grüße LuciLu Geändert von LuciLu (17.07.2014 um 09:19 Uhr) | 
|  17.07.2014, 16:38 | #10 | |
| /// the machine /// TB-Ausbilder         |   Programme ruckeln stark und laufen instabil.Zitat: 
 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code: 
  ATTFilter CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
         Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet). 
 Fertig  Die Reihenfolge ist hier entscheidend. 
 Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun  Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist. 
 Anti- Viren Software 
 Zusätzlicher Schutz 
 Sicheres Browsen 
 Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden. 
 Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts 
 Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann. 
				__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! | 
|  17.07.2014, 17:57 | #11 | 
|   |   Programme ruckeln stark und laufen instabil. Okay, die Kiste läuft wieder wie frisch geölt.  Well done!!! Du kannst das Abo löschen. Nochmals, danke für den Support. Fixlog.txt Code: 
  ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-07-2014
Ran by Daniel at 2014-07-17 18:37:39 Run:1
Running from C:\Users\Daniel\Desktop\Schutz software
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
*****************
'HKLM\SOFTWARE\Policies\Google' => Key deleted successfully.
==== End of Fixlog ====
         Geändert von LuciLu (17.07.2014 um 18:40 Uhr) | 
|  18.07.2014, 04:56 | #12 | 
| /// the machine /// TB-Ausbilder         |   Programme ruckeln stark und laufen instabil. Gern Geschehen    
				__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! | 
|  | 
| Themen zu Programme ruckeln stark und laufen instabil. | 
| adobe, antivirus, avast, avg, chromium, combofix, defender, desktop, downloader, firefox, flash player, google, homepage, iexplore.exe, internet, mozilla, netzwerk, realtek, registry, scan, schutz, security, services.exe, spyware, svchost.exe, system, wscript.exe |