Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Verbraucher gehen plötzlich aus und wieder an...Firefox öffnet verdächtiege Seiten

Verbraucher gehen plötzlich aus und wieder an...Firefox öffnet verdächtiege Seiten


Plagegeister aller Art und deren Bekämpfung: Verbraucher gehen plötzlich aus und wieder an...Firefox öffnet verdächtiege Seiten

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 1 von 2 1 2
Alt 11.04.2013, 11:41   #1
Nexus633
 
Verbraucher gehen plötzlich aus und wieder an...Firefox öffnet verdächtiege Seiten - Beitrag

Verbraucher gehen plötzlich aus und wieder an...Firefox öffnet verdächtiege Seiten


Hallo liebes Team,
vor einigen Tagen hatte ich einen Trojaner gefunden...Ich war leichtsinnig und habe den versucht selber zu entfernen was auch nach meinem Empfinden geklappt hat...Falsch gedacht. Seit dem ich das Problem "enfernt" habe wurde das ganze noch schlimmer. Ich kann euch den Namen des Trojaners Leider nicht mehr nennen aber die Symptome.

1. Firefox wurde mit einer Startseite geöffnet... search.".......".de
2. Meine Verbraucher "Maus, Tastatur" gingen an und aus. (Das machen Sie immer noch)
3. Der PC wurde zunehmend Langsamer. Hing öfters.
4. Mehrere Toolbar´s wurde Installiert.
5. Es werden alle 10min ca irgendwelche Seiten geöffnet die mein Malwarebytes Anti-Malware sperrt.

Zudem bin ich auch auf Spyhunter 4 reingefallen da dieses Programm bei Google sehr angepreist wird...Nach weiteren Recherche ist mir dann aufgefallen das das eine Malware schleuder ist.

Dieses Problem wurde auch hier im Forum schon beschrieben daher habe ich auf eigene Faust gehandelt.Zu meinem Nachteil. Ich habe mir nun Die Regelungen Durchgelesen und verstanden lieber einmal mehr nachzufragen bevor ich Handel.

EDIT: Nun stürzt mein Firefox Explorer immer ab...Er lässt sich nicht mehr öffnen. Meldung ( Firefox hat ein Problem festgestellt und muss beendet werden ) dann kommt die Report Meldung ob ich den Fehler senden möchte.

Ich hoffe Ihr könnt mir bei diesen Problem Helfen.

Mit freundlichem Gruß
Nexus633
Geändert von Nexus633 (11.04.2013 um 12:15 Uhr) Grund: Weiters Problem Festgestellt.

Alt 11.04.2013, 13:02   #2
aharonov
/// TB-Ausbilder
 
Verbraucher gehen plötzlich aus und wieder an...Firefox öffnet verdächtiege Seiten - Standard

Verbraucher gehen plötzlich aus und wieder an...Firefox öffnet verdächtiege Seiten


Hi,

Zitat:
vor einigen Tagen hatte ich einen Trojaner gefunden...Ich war leichtsinnig und habe den versucht selber zu entfernen
Gibt es noch irgendwelche Logfiles vom Antivirenprogramm, welches diesen Fund dokumentiert? Siehe hier: http://www.trojaner-board.de/125889-...en-posten.html

Schauen wir mal rein:


Schritt 1

Downloade dir bitte defogger (von jpshortstuff) auf deinen Desktop.
  • Starte das Tool mit Doppelklick.
  • Klicke nun auf den Disable Button.
  • Bestätige diese Sicherheitsabfrage mit Ja.
  • Wenn der Scan beendet wurde (Finished), klicke auf OK.
  • Falls Defogger zu einem Neustart auffordert, bestätige dies mit OK.
  • Defogger erstellt auf dem Desktop eine Logdatei mit dem Namen defogger_disable.txt.
  • Nur falls Probleme aufgetreten sind, poste deren Inhalt mit deiner nächsten Antwort.
Klicke den Re-enable Button nicht ohne Anweisung!



Schritt 2

Lade dir Gmer herunter (auf den Button Download EXE drücken) und speichere das Programm auf den Desktop.
  • Deaktiviere alle Antivirenprogramme und Malware/Spyware Scanner.
  • Trenne alle bestehenden Verbindungen zu einem Netzwerk/Internet (WLAN nicht vergessen).
  • Schliesse bitte alle anderen Programme.
  • Starte gmer.exe (die Datei hat einen zufälligen Dateinamen).
    Vista und Win7 User mit Rechtsklick "als Administrator starten".
  • Sollte sich ein Fenster mit folgender Warnung öffnen
    WARNING !!!
    GMER has found system modification, which might have been caused by ROOTKIT activity.
    Do you want to fully scan your system ?
    dann klicke unbedingt auf No.
  • Entferne rechts den Haken bei:
    • IAT/EAT
    • Show all
  • Setze rechts den Haken bei deiner Systempartition (normalerweise C:\).
  • Starte den Scan mit einem Klick auf Scan.
  • Mache gar nichts am Computer, während der Scan läuft!
  • Wenn der Scan fertig ist, klicke auf Save und speichere das Logfile unter Gmer.txt auf deinen Desktop.
  • Schliesse dann GMER und führe unmittelbar einen Neustart des Computers durch.
  • Füge bitte den Inhalt des Logfiles hier in deine Thread ein.
Antiviren-Programm und sonstige Scanner wieder einschalten, bevor du ins Netz gehst.



Schritt 3

Lade dir bitte OTL (von Oldtimer) herunter und speichere es auf deinen Desktop.
  • Doppelklick auf die OTL.exe.
  • Unter Extra Registry, wähle bitte Use SafeList.
  • Setze den Haken bei Scan all Users.
  • Klicke nun auf Run Scan.
  • Wenn der Scan beendet ist, werden 2 Logfiles (OTL.txt und Extras.txt) erstellt.
  • Poste den Inhalt dieser Logfiles hier in den Thread.



Bitte poste in deiner nächsten Antwort:
  • Log von Gmer
  • Logs von OTL
__________________

__________________
Alt 11.04.2013, 14:55   #3
Nexus633
 
Verbraucher gehen plötzlich aus und wieder an...Firefox öffnet verdächtiege Seiten - Standard

Verbraucher gehen plötzlich aus und wieder an...Firefox öffnet verdächtiege Seiten


So ich habe nun die Schritte erledigt.

Nein leider habe ich keine logs mehr.

Im 1 schritt hatte ich allerdings Probleme. Wehrend des Scans ist meine Maus und Meine Tastatur ausgefallen somit konnte ich nichts mehr machen...Ich konnte Die Logs somit nicht erstellen.Den Rechner musste ich Neustarten.


[QUOTE]OLT LogOTL Logfile:
Code:
ATTFilter
OTL logfile created on: 11.04.2013 15:43:43 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\********\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
8,00 Gb Total Physical Memory | 5,91 Gb Available Physical Memory | 73,91% Memory free
16,00 Gb Paging File | 13,50 Gb Available in Paging File | 84,41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,79 Gb Total Space | 154,29 Gb Free Space | 66,28% Space Free | Partition Type: NTFS
Drive D: | 232,88 Gb Total Space | 209,84 Gb Free Space | 90,11% Space Free | Partition Type: NTFS
 
Computer Name: ********-PC | User Name: ******** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.04.11 15:43:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\********\Downloads\OTL.exe
PRC - [2013.04.09 10:57:09 | 001,312,720 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013.04.07 22:10:59 | 000,990,896 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe
PRC - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013.04.04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013.03.12 20:31:51 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013.02.28 04:58:42 | 000,661,744 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech Gaming Software\Applets\LCDMedia.exe
PRC - [2012.12.18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.12.11 03:52:44 | 003,147,384 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgui.exe
PRC - [2012.12.10 11:11:44 | 001,342,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
PRC - [2012.11.15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
PRC - [2012.10.22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.04.09 10:57:07 | 000,390,096 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
MOD - [2013.04.09 10:57:06 | 013,130,704 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
MOD - [2013.04.09 10:57:05 | 004,050,896 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll
MOD - [2013.04.09 10:56:15 | 000,598,480 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\libglesv2.dll
MOD - [2013.04.09 10:56:14 | 000,124,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\libegl.dll
MOD - [2013.04.09 10:56:13 | 001,606,096 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2012.12.19 21:56:00 | 000,240,640 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012.12.19 16:32:12 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2012.08.23 11:31:22 | 000,036,216 | ---- | M] (AVG) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2000.01.01 02:00:00 | 000,027,768 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\Windows\SysNative\ViakaraokeSrv.exe -- (VIAKaraokeService)
SRV - [2013.04.08 01:09:54 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.04.08 00:32:25 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.04.07 22:10:59 | 000,990,896 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe -- (vToolbarUpdater15.0.0)
SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013.03.29 21:53:56 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.03.12 20:31:51 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013.03.06 17:30:43 | 003,560,288 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013.02.28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.01.27 12:34:32 | 000,379,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013.01.27 12:34:32 | 000,022,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012.12.18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.12.10 11:11:44 | 001,342,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgfws.exe -- (avgfws)
SRV - [2012.11.15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012.10.22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2012.08.23 11:31:24 | 002,148,216 | ---- | M] (AVG) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012.08.23 11:31:22 | 000,029,560 | ---- | M] (AVG) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2012.02.21 08:01:02 | 000,151,648 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Programme\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE -- (EPSON_PM_RPCV4_04)
SRV - [2011.06.01 14:09:02 | 000,609,904 | ---- | M] (VMware, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe -- (VMUSBArbService)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.09 22:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV:64bit: - [2013.04.08 22:11:41 | 000,034,032 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\seehcri.sys -- (seehcri)
DRV:64bit: - [2013.04.08 06:24:55 | 000,014,456 | ---- | M] (GFI Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\gfibto.sys -- (gfibto)
DRV:64bit: - [2013.04.08 00:03:27 | 000,016,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SWDUMon.sys -- (SWDUMon)
DRV:64bit: - [2013.04.07 22:11:00 | 000,039,768 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2013.04.04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013.04.01 15:52:16 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013.01.20 16:59:04 | 000,130,008 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2013.01.17 22:15:12 | 000,066,800 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys -- (LGSHidFilt)
DRV:64bit: - [2012.12.19 22:48:48 | 011,278,336 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.12.19 21:32:54 | 000,552,960 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012.11.15 23:33:24 | 000,111,968 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2012.11.06 13:11:52 | 000,096,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012.10.22 13:02:44 | 000,154,464 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2012.10.15 03:48:50 | 000,063,328 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2012.10.02 03:30:38 | 000,185,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2012.09.21 03:46:04 | 000,200,032 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2012.09.21 03:46:00 | 000,225,120 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2012.09.14 03:05:18 | 000,040,800 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2012.09.04 10:39:32 | 000,050,296 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgfwd6a.sys -- (Avgfwfd)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.11.25 15:04:40 | 000,027,760 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc)
DRV:64bit: - [2011.11.25 15:04:40 | 000,014,448 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt)
DRV:64bit: - [2011.09.02 08:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011.09.02 08:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011.06.01 14:09:00 | 000,040,048 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.08.12 13:07:50 | 000,350,952 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2009.11.24 03:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009.11.24 03:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009.08.24 11:14:30 | 000,054,784 | ---- | M] (AzureWave Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\azvusb.sys -- (azvusb)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007.10.19 11:37:56 | 000,543,232 | ---- | M] (LITEON) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Ltn_stk7070P_64.sys -- (Ltn_stk7070P_64)
DRV:64bit: - [2007.10.19 11:37:56 | 000,016,256 | ---- | M] (LITEON) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Ltn_stkrc_64.sys -- (Ltn_stkrc_64)
DRV:64bit: - [2000.01.01 02:00:00 | 002,206,864 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2012.07.04 15:26:12 | 000,011,880 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2012.04.09 10:13:58 | 000,057,472 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.2)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F0 E4 13 9A 86 1A CE 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: %7B5D3F3872-91E9-4d59-AD9F-AA174A3145DD%7D:4.00.33
FF - prefs.js..extensions.enabledAddons: %7BF53C93F1-07D5-430c-86D4-C9531B27DFAF%7D:1.0.0.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0
FF - prefs.js..keyword.URL: " 	  hxxp://www.google.com/search?sourceid=navclient&hl=de&q="
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.3: C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@vmware.com/vmrc,version=2.5.0.00000: C:\Program Files (x86)\Common Files\VMware\VMware VMRC Plug-in\Firefox\np-vmware-vmrc.dll (VMware, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{5D3F3872-91E9-4d59-AD9F-AA174A3145DD}: C:\Program Files\Logitech\FlowScroll\LogiSmoothFirefoxExt [2013.04.08 13:54:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.08 06:25:54 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.08 06:25:54 | 000,000,000 | ---D | M]
 
[2013.03.06 21:04:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\********\AppData\Roaming\mozilla\Extensions
[2013.04.08 20:57:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\********\AppData\Roaming\mozilla\Firefox\Profiles\usbmt5kw.default-1365434795045\extensions
[2013.04.08 20:12:35 | 000,000,000 | ---D | M] (AVG Do Not Track) -- C:\Users\********\AppData\Roaming\mozilla\Firefox\Profiles\usbmt5kw.default-1365434795045\extensions\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}
[2013.04.08 20:57:13 | 000,000,000 | ---D | M] (Firefox OS Simulator) -- C:\Users\********\AppData\Roaming\mozilla\Firefox\Profiles\usbmt5kw.default-1365434795045\extensions\r2d2b2g@mozilla.org
[2013.04.08 20:57:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\********\AppData\Roaming\mozilla\Firefox\Profiles\usbmt5kw.default-1365434795045\extensions\r2d2b2g@mozilla.org\profile\extensions
[2013.04.03 16:42:24 | 000,047,172 | ---- | M] () (No name found) -- C:\Users\********\AppData\Roaming\mozilla\firefox\profiles\usbmt5kw.default-1365434795045\extensions\r2d2b2g@mozilla.org\profile\extensions\b2g-prosthesis@mozilla.org.xpi
[2013.04.03 16:42:28 | 000,236,108 | ---- | M] () (No name found) -- C:\Users\********\AppData\Roaming\mozilla\firefox\profiles\usbmt5kw.default-1365434795045\extensions\r2d2b2g@mozilla.org\resources\r2d2b2g\data\win32\b2g\modules\XPIProvider.jsm
[2013.04.03 16:42:28 | 000,065,503 | ---- | M] () (No name found) -- C:\Users\********\AppData\Roaming\mozilla\firefox\profiles\usbmt5kw.default-1365434795045\extensions\r2d2b2g@mozilla.org\resources\r2d2b2g\data\win32\b2g\modules\XPIProviderUtils.js
[2013.04.08 17:38:13 | 000,002,400 | ---- | M] () -- C:\Users\********\AppData\Roaming\mozilla\firefox\profiles\usbmt5kw.default-1365434795045\searchplugins\google-deutschland.xml
[2013.04.08 01:09:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.04.08 13:54:55 | 000,000,000 | ---D | M] (Logitech Flow Scroll) -- C:\PROGRAM FILES\LOGITECH\FLOWSCROLL\LOGISMOOTHFIREFOXEXT
[2013.04.08 01:09:55 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.02.16 06:15:47 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.02.16 06:15:47 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013.02.16 06:15:47 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2013.02.16 06:15:47 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.02.16 06:15:47 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.02.16 06:15:47 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: hxxp://www.google.de/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - Extension: Angry Birds = C:\Users\********\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Google Drive = C:\Users\********\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: WOT = C:\Users\********\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.4.11_0\
CHR - Extension: YouTube = C:\Users\********\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Users\********\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\
CHR - Extension: Google-Suche = C:\Users\********\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Neon Glow Red = C:\Users\********\AppData\Local\Google\Chrome\User Data\Default\Extensions\eibejcdolcflnmmbojgegkcmbjcgnkff\1.0_0\
CHR - Extension: Logitech Flow Scroll = C:\Users\********\AppData\Local\Google\Chrome\User Data\Default\Extensions\geooogfhpjdpeiphckpbgkhpbeobcaoi\4.0.33_0\
CHR - Extension: World Time Buddy = C:\Users\********\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdhpjomiingppeefgnohkiapmnaeakoj\10_0\
CHR - Extension: Sand 2 = C:\Users\********\AppData\Local\Google\Chrome\User Data\Default\Extensions\klicmgamjpclmbhppmdeamffedflmkcn\1.1_0\
CHR - Extension: Google Mail-Checker = C:\Users\********\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: Plants vs Zombies = C:\Users\********\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina\1.0.5_0\
CHR - Extension: Google Mail = C:\Users\********\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2013.04.08 06:54:30 | 000,000,862 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 validation.sls.microsoft.com
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Logitech Flow Scroll) - {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Programme\Logitech\FlowScroll\LogiSmooth.dll (Logitech, Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Logitech Flow Scroll) - {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Programme\Logitech\FlowScroll\32-bit\LogiSmooth.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [LogiScrollApp] C:\Programme\Logitech\FlowScroll\KhalScroll.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [RunDLLEntry] C:\Windows\SysNative\AmbRunE.DLL (Creative Technology Ltd.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [LiveZilla] C:\Program Files (x86)\LiveZilla\LiveZilla.exe (LiveZilla GmbH)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: []  File not found
O4 - HKCU..\Run: [Steam] D:\Steam\Steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 181
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousUserGroupPolicy = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousMachineGroupPolicy = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPath = 1
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{461BF70E-4558-4312-A721-475E8BBF38D5}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\System32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013.04.08 01:16:55 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.04.11 13:45:06 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Roaming\EPSON
[2013.04.10 23:06:28 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.04.10 23:06:28 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.04.10 23:06:27 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.04.10 23:06:26 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.04.10 23:06:26 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.04.10 23:06:26 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.04.10 23:06:26 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.04.10 23:06:26 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.04.10 23:06:26 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.04.10 23:06:26 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.04.10 23:06:26 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.04.10 23:06:25 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.04.10 23:06:23 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.04.10 23:06:23 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.04.10 23:06:22 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.04.10 12:49:32 | 005,550,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.04.10 12:49:31 | 003,968,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.04.10 12:49:31 | 003,913,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.04.10 12:49:30 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2013.04.10 12:49:30 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013.04.10 12:49:30 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2013.04.09 01:21:10 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Roaming\ERoot
[2013.04.09 00:24:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Ericsson
[2013.04.09 00:24:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony Ericsson
[2013.04.08 22:37:05 | 000,000,000 | ---D | C] -- C:\mozilla-build
[2013.04.08 22:19:37 | 000,000,000 | ---D | C] -- C:\Users\********\Desktop\Firefox OS
[2013.04.08 22:13:20 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sony Mobile
[2013.04.08 22:11:41 | 000,034,032 | ---- | C] (Sony Ericsson Mobile Communications) -- C:\Windows\SysNative\drivers\seehcri.sys
[2013.04.08 22:10:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony Mobile
[2013.04.08 20:26:35 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Local\Lookeen
[2013.04.08 20:26:29 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Local\assembly
[2013.04.08 20:23:29 | 000,000,000 | ---D | C] -- C:\Users\********\Documents\Add-in Express
[2013.04.08 19:55:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IKARUS
[2013.04.08 17:26:40 | 000,000,000 | ---D | C] -- C:\Users\********\Desktop\Alte Firefox-Daten
[2013.04.08 13:44:25 | 000,000,000 | ---D | C] -- C:\Users\********\.android
[2013.04.08 13:14:40 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech
[2013.04.08 09:31:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013.04.08 09:28:11 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Local\Secunia PSI
[2013.04.08 09:25:35 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.04.08 09:19:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013.04.08 09:19:18 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.04.08 09:19:08 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.04.08 09:19:08 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.04.08 09:19:08 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.04.08 09:18:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2013.04.08 08:45:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.04.08 08:45:26 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.04.08 08:45:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.04.08 06:58:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013.04.08 06:58:04 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.04.08 06:27:46 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Roaming\LavasoftStatistics
[2013.04.08 06:27:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Antivirus
[2013.04.08 06:26:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2013.04.08 06:25:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations
[2013.04.08 06:25:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Toolbar Cleaner
[2013.04.08 06:24:56 | 000,014,456 | ---- | C] (GFI Software) -- C:\Windows\SysNative\drivers\gfibto.sys
[2013.04.08 06:24:51 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Roaming\Ad-Aware Antivirus
[2013.04.08 06:17:17 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Roaming\DriverCure
[2013.04.08 06:16:40 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedyPC Software
[2013.04.08 05:32:37 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Roaming\Anvisoft
[2013.04.08 05:31:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Anvisoft
[2013.04.08 05:31:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Anvisoft
[2013.04.08 02:28:08 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Roaming\Malwarebytes
[2013.04.08 02:27:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.04.08 02:13:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Logitech
[2013.04.08 02:12:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LogiShrd
[2013.04.08 01:58:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013.04.08 01:58:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2013.04.08 01:25:03 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Local\LogiShrd
[2013.04.08 01:24:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\LogiShrd
[2013.04.08 01:23:56 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\LogiShrd
[2013.04.08 01:15:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2013.04.08 01:09:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.04.08 01:07:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2013.04.08 00:09:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VIA
[2013.04.08 00:09:02 | 000,000,000 | ---D | C] -- C:\Program Files\VIA
[2013.04.08 00:09:01 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SRSLabs
[2013.04.08 00:07:56 | 002,206,864 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\drivers\viahduaa.sys
[2013.04.08 00:07:56 | 000,025,600 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\drivers\VMfilt64.sys
[2013.04.08 00:07:55 | 002,080,120 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib64.dll
[2013.04.08 00:07:55 | 000,074,240 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\VMWRP64.DLL
[2013.04.08 00:07:55 | 000,070,776 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\VtSrdAPO.dll
[2013.04.08 00:07:54 | 000,879,616 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\VMAPO64.DLL
[2013.04.08 00:07:54 | 000,739,328 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\VMAPO32.DLL
[2013.04.08 00:07:54 | 000,683,640 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\VIASysFx.dll
[2013.04.08 00:07:54 | 000,619,520 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\VMTHX64.DLL
[2013.04.08 00:07:54 | 000,554,496 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\VMTHX32.DLL
[2013.04.08 00:07:54 | 000,057,856 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\VMPPLD64.DLL
[2013.04.08 00:07:54 | 000,053,760 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\VMPPCN64.DLL
[2013.04.08 00:07:53 | 002,994,808 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\VIAPropPageExt.dll
[2013.04.08 00:07:52 | 001,161,336 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\ViaKaraokeApo.dll
[2013.04.08 00:07:52 | 001,119,352 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\ViaMicArrayAPO.dll
[2013.04.08 00:07:52 | 000,123,512 | ---- | C] (VIA Technologies,Inc.) -- C:\Windows\SysNative\ViaKaraokePropPageExt.dll
[2013.04.08 00:07:52 | 000,095,352 | ---- | C] (VIA Technologies,Inc.) -- C:\Windows\SysNative\ViaMicArrayPropPageExt.dll
[2013.04.08 00:07:46 | 003,141,496 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioVIA64.dll
[2013.04.08 00:07:46 | 000,860,024 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
[2013.04.08 00:07:46 | 000,086,016 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\SysNative\nQPropPageExt.dll
[2013.04.08 00:07:46 | 000,083,968 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\SysNative\nQAPO.dll
[2013.04.08 00:07:46 | 000,055,416 | ---- | C] (TODO: <Company name>) -- C:\Windows\SysNative\PropPageExt.dll
[2013.04.08 00:07:45 | 007,163,744 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\EEP64H.dll
[2013.04.08 00:07:45 | 000,394,104 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll
[2013.04.08 00:07:44 | 007,163,744 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\EEP64A.dll
[2013.04.08 00:07:43 | 000,137,056 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\EEL64H.dll
[2013.04.08 00:07:43 | 000,137,056 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\EEL64A.dll
[2013.04.08 00:07:42 | 000,433,504 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\EED64H.dll
[2013.04.08 00:07:42 | 000,433,504 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\EED64A.dll
[2013.04.08 00:07:42 | 000,075,104 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\EEG64H.dll
[2013.04.08 00:07:42 | 000,075,104 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\EEG64A.dll
[2013.04.08 00:07:41 | 000,248,952 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\Dts2APO.dll
[2013.04.08 00:07:41 | 000,120,160 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\EEA64H.dll
[2013.04.08 00:07:41 | 000,120,160 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\EEA64A.dll
[2013.04.08 00:07:41 | 000,092,280 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\Dts2PropPageExt.dll
[2013.04.08 00:07:41 | 000,027,768 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\ViakaraokeSrv.exe
[2013.04.08 00:03:23 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Local\SlimWare Utilities Inc
[2013.04.08 00:03:16 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Downloaded Installers
[2013.04.07 23:22:30 | 000,029,560 | ---- | C] (AVG) -- C:\Windows\SysWow64\uxtuneup.dll
[2013.04.07 23:22:29 | 000,036,216 | ---- | C] (AVG) -- C:\Windows\SysNative\uxtuneup.dll
[2013.04.07 23:06:42 | 000,035,192 | ---- | C] (AVG) -- C:\Windows\SysNative\TURegOpt.exe
[2013.04.07 23:06:41 | 000,026,488 | ---- | C] (AVG) -- C:\Windows\SysNative\authuitu.dll
[2013.04.07 23:06:41 | 000,021,880 | ---- | C] (AVG) -- C:\Windows\SysWow64\authuitu.dll
[2013.04.07 23:06:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp
[2013.04.07 22:21:05 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Roaming\AVG
[2013.04.07 22:20:25 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG
[2013.04.07 22:20:19 | 000,000,000 | -HSD | C] -- C:\ProgramData\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
[2013.04.07 22:12:22 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Roaming\AVG2013
[2013.04.07 22:11:43 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Roaming\TuneUp Software
[2013.04.07 22:11:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2013.04.07 22:11:26 | 000,039,768 | ---- | C] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2013.04.07 22:11:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search
[2013.04.07 22:09:00 | 000,000,000 | -H-D | C] -- C:\$AVG
[2013.04.07 22:08:59 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013
[2013.04.07 22:08:44 | 000,000,000 | ---D | C] -- C:\Users\********\Documents\Office Crack
[2013.04.07 22:08:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2013.04.07 22:03:45 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013.04.07 22:03:45 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Local\MFAData
[2013.04.07 22:03:45 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2013.04.07 22:03:45 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Local\Avg2013
[2013.04.07 21:59:48 | 000,693,976 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.04.07 21:59:48 | 000,073,432 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.04.07 21:58:46 | 000,310,688 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2013.04.07 21:58:38 | 000,188,832 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2013.04.07 21:58:38 | 000,188,320 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2013.04.07 21:58:38 | 000,108,448 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2013.04.07 21:58:26 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013.04.05 14:24:54 | 000,000,000 | ---D | C] -- C:\Users\********\Documents\GamerzHost
[2013.04.02 20:00:55 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Local\PokerStars.EU
[2013.04.02 20:00:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars.EU
[2013.04.02 20:00:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PokerStars.EU
[2013.04.01 15:57:45 | 000,000,000 | ---D | C] -- C:\Users\********\Documents\My Games
[2013.04.01 15:52:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2013.04.01 15:52:16 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2013.04.01 15:52:14 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Roaming\DAEMON Tools Lite
[2013.04.01 15:52:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2013.04.01 15:50:34 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2013.04.01 14:30:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
[2013.04.01 14:29:55 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Roaming\uTorrent
[2013.03.29 16:03:03 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Local\Microsoft Games
[2013.03.29 16:02:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games
[2013.03.29 13:59:55 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013.03.29 13:59:55 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013.03.29 13:59:55 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013.03.29 13:59:55 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013.03.29 13:59:55 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013.03.29 13:59:55 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013.03.29 13:59:55 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013.03.29 13:59:55 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013.03.29 13:59:55 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.03.29 13:59:54 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013.03.29 13:59:54 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.03.29 13:59:54 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013.03.29 13:59:54 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013.03.29 13:59:54 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013.03.29 13:59:54 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013.03.29 13:59:54 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013.03.29 13:59:54 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013.03.29 13:59:54 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013.03.29 13:59:54 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013.03.29 13:59:53 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.03.29 13:59:53 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013.03.29 13:59:53 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013.03.29 13:59:53 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013.03.29 13:59:53 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013.03.29 13:59:53 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013.03.29 13:59:53 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013.03.29 13:59:53 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013.03.29 13:59:53 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.03.29 13:59:53 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013.03.29 13:59:53 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013.03.29 13:59:53 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013.03.29 13:59:53 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013.03.29 13:59:52 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.03.29 13:59:52 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013.03.29 13:59:52 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.03.29 13:59:52 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.03.29 13:59:52 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.03.29 13:59:52 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013.03.29 13:59:52 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013.03.29 13:59:52 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013.03.29 13:59:52 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013.03.29 13:59:52 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013.03.29 13:59:52 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013.03.29 13:59:52 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.03.29 13:59:52 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013.03.29 13:59:52 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013.03.29 13:59:52 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013.03.29 13:59:52 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013.03.29 13:59:52 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013.03.29 13:59:52 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013.03.29 13:59:52 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013.03.29 13:59:52 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013.03.29 13:59:51 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013.03.27 17:16:16 | 000,160,784 | ---- | C] (<Turtle Entertainment>) -- C:\Windows\SysNative\drivers\ESLWireACD.sys
[2013.03.27 17:16:08 | 000,000,000 | ---D | C] -- C:\Program Files\EslWire
[2013.03.27 17:16:01 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Local\Programs
[2013.03.27 11:45:35 | 000,000,000 | ---D | C] -- C:\Users\********\Documents\Sven&Denise
[2013.03.21 19:22:20 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2013.03.21 18:08:04 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Local\PCTV Systems
[2013.03.21 17:59:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
[2013.03.21 17:59:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2013.03.21 17:58:29 | 000,000,000 | ---D | C] -- C:\ProgramData\PCTV Systems
[2013.03.21 17:57:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PCTV Systems
[2013.03.21 17:51:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2013.03.21 17:51:34 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Local\Pando_Temp
[2013.03.21 17:48:04 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Local\Pinnacle
[2013.03.21 17:48:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Pinnacle
[2013.03.21 17:47:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pinnacle
[2013.03.21 17:47:43 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Local\Downloaded Installations
[2013.03.21 17:21:48 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Roaming\DBC2F6FD-3140-41E0-A2A1-D6BAB77D5E21__F893F7CA-8278-41DF-A76F-CAF0437A90CD__
[2013.03.21 17:21:47 | 000,000,000 | ---D | C] -- C:\ProgramData\DBC2F6FD-3140-41E0-A2A1-D6BAB77D5E21__F893F7CA-8278-41DF-A76F-CAF0437A90CD__
[2013.03.21 17:20:33 | 000,000,000 | ---D | C] -- C:\ProgramData\CMUV
[2013.03.21 17:13:18 | 000,000,000 | ---D | C] -- C:\ProgramData\AVS4YOU
[2013.03.21 17:13:13 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Roaming\AVS4YOU
[2013.03.21 17:12:28 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\GdiPlus.dll
[2013.03.21 17:12:28 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc70.dll
[2013.03.21 17:12:28 | 000,413,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg4c32.dll
[2013.03.21 17:12:28 | 000,261,632 | ---- | C] (MainConcept) -- C:\Windows\SysWow64\mcdvd_32.dll
[2013.03.21 17:12:27 | 000,536,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr70d.dll
[2013.03.21 17:12:27 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp70.dll
[2013.03.21 17:12:27 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr70.dll
[2013.03.21 17:12:27 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3a.dll
[2013.03.21 17:12:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVSMedia
[2013.03.21 16:42:52 | 000,543,232 | ---- | C] (LITEON) -- C:\Windows\SysNative\drivers\Ltn_stk7070P_64.sys
[2013.03.21 14:52:41 | 000,000,000 | ---D | C] -- C:\Users\********\Documents\Jana Bewerbung
[2013.03.16 17:07:26 | 000,000,000 | ---D | C] -- C:\Users\********\workspace2
[2013.03.14 22:10:51 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Roaming\VMware
[2013.03.14 22:10:08 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Local\VMware
[2013.03.14 20:00:44 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Roaming\vlc
[2013.03.14 20:00:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013.03.14 20:00:27 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2013.03.14 11:41:58 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2013.03.13 22:42:18 | 000,000,000 | ---D | C] -- C:\Users\********\workspace
[2013.03.13 22:38:57 | 001,085,344 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2013.03.13 22:38:57 | 000,963,488 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2013.03.13 22:34:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2013.03.13 22:34:41 | 000,861,088 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2013.03.13 22:34:41 | 000,782,240 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013.03.13 21:04:25 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
[2013.03.13 21:04:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
[2013.03.13 21:04:23 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Roaming\Notepad++
[2013.03.13 21:04:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Notepad++
[2013.03.12 23:04:44 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Local\QuickPar
[2013.03.12 23:04:26 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QuickPar
[2013.03.12 23:04:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickPar
[2013.03.12 23:04:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickPar
[2013.03.12 22:09:45 | 000,000,000 | ---D | C] -- C:\ProgramData\VMware
[2013.03.12 22:09:43 | 000,040,048 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\hcmon.sys
[2013.03.12 22:09:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
[2013.03.12 22:07:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\VMware
[2013.03.12 22:07:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VMware
[2013.03.12 20:21:01 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Local\PunkBuster
[2013.03.12 20:20:08 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Local\ESN
[2013.03.12 20:20:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battlelog Web Plugins
[2013.03.12 20:19:27 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core
[2013.03.12 20:18:56 | 000,000,000 | ---D | C] -- C:\Users\********\Documents\Battlefield 3
[2013.03.12 20:18:47 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Logs
[2013.03.12 18:22:50 | 000,000,000 | ---D | C] -- C:\Users\********\Documents\LiveZilla
[2013.03.12 18:22:38 | 000,000,000 | ---D | C] -- C:\ProgramData\{B33DA322-24E5-416A-87BB-22AEF439817F}
[2013.03.12 18:22:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LiveZilla
[2013.03.12 18:22:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LiveZilla
 
========== Files - Modified Within 30 Days ==========
 
[2013.04.11 15:40:55 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.04.11 15:40:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.04.11 15:32:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.04.11 15:27:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.04.11 14:26:47 | 000,377,856 | ---- | M] () -- C:\Users\********\Desktop\l464wlq6.exe
[2013.04.11 14:25:53 | 000,000,574 | ---- | M] () -- C:\Users\********\defogger_reenable
[2013.04.11 14:25:41 | 000,050,477 | ---- | M] () -- C:\Users\********\Desktop\Defogger.exe
[2013.04.11 12:02:09 | 000,033,904 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.11 12:02:09 | 000,033,904 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.11 11:54:56 | 000,420,280 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.04.10 22:24:45 | 000,001,105 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.04.09 00:39:18 | 001,640,718 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.04.09 00:39:18 | 000,700,168 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.04.09 00:39:18 | 000,654,880 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.04.09 00:39:18 | 000,148,964 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.04.09 00:39:18 | 000,121,752 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.04.08 23:00:21 | 001,612,484 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.04.08 22:11:41 | 000,034,032 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\Windows\SysNative\drivers\seehcri.sys
[2013.04.08 13:55:09 | 000,018,960 | ---- | M] (Logitech, Inc.) -- C:\Windows\SysNative\drivers\LNonPnP.sys
[2013.04.08 09:19:02 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.04.08 09:19:00 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.04.08 09:19:00 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.04.08 09:18:59 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2013.04.08 09:18:59 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013.04.08 09:18:59 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.04.08 07:14:50 | 000,000,174 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat
[2013.04.08 06:58:07 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.04.08 06:54:30 | 000,000,862 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013.04.08 06:24:55 | 000,014,456 | ---- | M] (GFI Software) -- C:\Windows\SysNative\drivers\gfibto.sys
[2013.04.08 02:18:57 | 000,000,123 | ---- | M] () -- C:\Windows\wininit.ini
[2013.04.08 02:07:22 | 000,446,348 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts1
[2013.04.08 01:24:37 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_LMouFilt_01005.Wdf
[2013.04.08 01:16:55 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2013.04.08 00:48:02 | 000,000,898 | ---- | M] () -- C:\Windows\SysWow64\InstallUtil.InstallLog
[2013.04.08 00:32:24 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.04.08 00:32:24 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.04.08 00:03:27 | 000,016,152 | ---- | M] () -- C:\Windows\SysNative\drivers\SWDUMon.sys
[2013.04.07 23:06:40 | 000,002,221 | ---- | M] () -- C:\Users\Public\Desktop\AVG 1-Klick-Wartung.lnk
[2013.04.07 23:06:40 | 000,002,179 | ---- | M] () -- C:\Users\Public\Desktop\AVG PC TuneUp.lnk
[2013.04.07 22:11:43 | 000,000,981 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2013.04.07 22:11:00 | 000,039,768 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2013.04.07 22:00:03 | 000,315,559 | ---- | M] () -- C:\Windows\SysWow64\EPPRTDRV_001.CAB
[2013.04.07 22:00:03 | 000,078,703 | ---- | M] () -- C:\Windows\SysWow64\EPSMTL32_000.CAB
[2013.04.07 22:00:01 | 000,450,278 | ---- | M] () -- C:\Windows\SysWow64\EPSETUP_001.CAB
[2013.04.07 22:00:00 | 000,315,559 | ---- | M] () -- C:\Windows\SysWow64\EPPRTDRV_000.CAB
[2013.04.07 21:59:59 | 000,780,601 | ---- | M] () -- C:\Windows\SysWow64\EPSTP64U_000.CAB
[2013.04.07 21:59:59 | 000,450,278 | ---- | M] () -- C:\Windows\SysWow64\EPSETUP_000.CAB
[2013.04.07 21:58:32 | 000,108,448 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2013.04.07 21:58:29 | 000,310,688 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2013.04.07 21:58:29 | 000,188,832 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2013.04.07 21:58:29 | 000,188,320 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2013.04.07 21:58:28 | 001,085,344 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2013.04.07 21:58:28 | 000,963,488 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2013.04.05 20:45:00 | 000,000,600 | ---- | M] () -- C:\Users\********\AppData\Local\PUTTY.RND
[2013.04.04 20:56:31 | 000,000,600 | ---- | M] () -- C:\Users\********\AppData\Roaming\winscp.rnd
[2013.04.04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.04.02 20:00:55 | 000,001,080 | ---- | M] () -- C:\Users\Public\Desktop\PokerStars.eu.lnk
[2013.04.01 15:52:16 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2013.04.01 00:02:31 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013.03.31 23:54:34 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUSB_01009.Wdf
[2013.03.31 23:48:12 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ggflt_01009.Wdf
[2013.03.31 23:48:11 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ggsemc_01009.Wdf
[2013.03.29 13:59:55 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013.03.29 13:59:55 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013.03.29 13:59:55 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013.03.29 13:59:55 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013.03.29 13:59:55 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013.03.29 13:59:55 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013.03.29 13:59:55 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013.03.29 13:59:55 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013.03.29 13:59:55 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.03.29 13:59:54 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013.03.29 13:59:54 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.03.29 13:59:54 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013.03.29 13:59:54 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013.03.29 13:59:54 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013.03.29 13:59:54 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013.03.29 13:59:54 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013.03.29 13:59:54 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013.03.29 13:59:54 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013.03.29 13:59:54 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013.03.29 13:59:53 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.03.29 13:59:53 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013.03.29 13:59:53 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013.03.29 13:59:53 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013.03.29 13:59:53 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013.03.29 13:59:53 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013.03.29 13:59:53 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013.03.29 13:59:53 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013.03.29 13:59:53 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.03.29 13:59:53 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013.03.29 13:59:53 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013.03.29 13:59:53 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013.03.29 13:59:53 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013.03.29 13:59:53 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.03.29 13:59:53 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013.03.29 13:59:52 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.03.29 13:59:52 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013.03.29 13:59:52 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.03.29 13:59:52 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.03.29 13:59:52 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.03.29 13:59:52 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013.03.29 13:59:52 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013.03.29 13:59:52 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013.03.29 13:59:52 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013.03.29 13:59:52 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013.03.29 13:59:52 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013.03.29 13:59:52 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.03.29 13:59:52 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013.03.29 13:59:52 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013.03.29 13:59:52 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013.03.29 13:59:52 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013.03.29 13:59:52 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013.03.29 13:59:52 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013.03.29 13:59:52 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013.03.29 13:59:52 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013.03.29 13:59:51 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013.03.21 18:25:44 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2013.03.19 08:04:06 | 005,550,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.03.19 07:46:56 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013.03.19 07:04:13 | 003,968,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.03.19 07:04:10 | 003,913,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.03.19 06:47:50 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2013.03.19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2013.03.13 21:04:25 | 000,001,049 | ---- | M] () -- C:\Users\********\Desktop\Notepad++.lnk
[2013.03.13 19:42:38 | 000,001,090 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
[2013.03.12 22:09:32 | 000,002,440 | ---- | M] () -- C:\Users\Public\Desktop\VMware vSphere Client.lnk
[2013.03.12 21:45:11 | 000,001,456 | ---- | M] () -- C:\Users\********\AppData\Local\Adobe Für Web speichern 11.0 Prefs
[2013.03.12 20:31:51 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013.03.12 20:31:41 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013.03.12 20:31:41 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.03.12 20:28:06 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
 
========== Files Created - No Company Name ==========
 
[2013.04.11 14:27:23 | 000,050,477 | ---- | C] () -- C:\Users\********\Desktop\Defogger.exe
[2013.04.11 14:27:22 | 000,377,856 | ---- | C] () -- C:\Users\********\Desktop\l464wlq6.exe
[2013.04.11 14:25:53 | 000,000,574 | ---- | C] () -- C:\Users\********\defogger_reenable
[2013.04.08 08:45:34 | 000,001,105 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.04.08 07:14:30 | 000,000,174 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat
[2013.04.08 06:58:07 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.04.08 02:18:57 | 000,000,123 | ---- | C] () -- C:\Windows\wininit.ini
[2013.04.08 01:24:37 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_LMouFilt_01005.Wdf
[2013.04.08 01:16:55 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2013.04.08 01:08:24 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013.04.08 00:21:57 | 000,000,898 | ---- | C] () -- C:\Windows\SysWow64\InstallUtil.InstallLog
[2013.04.08 00:03:27 | 000,016,152 | ---- | C] () -- C:\Windows\SysNative\drivers\SWDUMon.sys
[2013.04.07 23:06:40 | 000,002,221 | ---- | C] () -- C:\Users\Public\Desktop\AVG 1-Klick-Wartung.lnk
[2013.04.07 23:06:40 | 000,002,179 | ---- | C] () -- C:\Users\Public\Desktop\AVG PC TuneUp.lnk
[2013.04.07 23:06:39 | 000,002,191 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk
[2013.04.07 22:11:43 | 000,000,981 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2013.04.07 22:00:03 | 000,315,559 | ---- | C] () -- C:\Windows\SysWow64\EPPRTDRV_001.CAB
[2013.04.07 22:00:03 | 000,078,703 | ---- | C] () -- C:\Windows\SysWow64\EPSMTL32_000.CAB
[2013.04.07 22:00:01 | 000,450,278 | ---- | C] () -- C:\Windows\SysWow64\EPSETUP_001.CAB
[2013.04.07 22:00:00 | 000,315,559 | ---- | C] () -- C:\Windows\SysWow64\EPPRTDRV_000.CAB
[2013.04.07 22:00:00 | 000,050,134 | ---- | C] () -- C:\Windows\SysWow64\EPSUI64W_000.dat
[2013.04.07 21:59:59 | 000,780,601 | ---- | C] () -- C:\Windows\SysWow64\EPSTP64U_000.CAB
[2013.04.07 21:59:59 | 000,450,278 | ---- | C] () -- C:\Windows\SysWow64\EPSETUP_000.CAB
[2013.04.07 21:59:49 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.04.05 12:00:26 | 000,420,280 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.04.02 20:00:55 | 000,001,080 | ---- | C] () -- C:\Users\Public\Desktop\PokerStars.eu.lnk
[2013.04.01 00:02:31 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013.03.31 23:54:34 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUSB_01009.Wdf
[2013.03.31 23:48:12 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ggflt_01009.Wdf
[2013.03.31 23:48:11 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ggsemc_01009.Wdf
[2013.03.29 13:59:53 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.03.29 13:59:52 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013.03.21 17:50:57 | 000,000,349 | ---- | C] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2013.03.21 17:12:28 | 000,524,288 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2013.03.21 17:12:28 | 000,139,264 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2013.03.21 17:12:28 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\xvid.ax
[2013.03.13 21:04:25 | 000,001,049 | ---- | C] () -- C:\Users\********\Desktop\Notepad++.lnk
[2013.03.12 22:09:32 | 000,002,440 | ---- | C] () -- C:\Users\Public\Desktop\VMware vSphere Client.lnk
[2013.03.12 21:45:11 | 000,001,456 | ---- | C] () -- C:\Users\********\AppData\Local\Adobe Für Web speichern 11.0 Prefs
[2013.03.12 20:21:05 | 000,291,088 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013.03.11 19:37:05 | 000,291,088 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.03.11 19:37:04 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013.03.08 20:49:15 | 000,000,600 | ---- | C] () -- C:\Users\********\AppData\Roaming\winscp.rnd
[2013.03.06 20:09:05 | 000,000,600 | ---- | C] () -- C:\Users\********\AppData\Local\PUTTY.RND
[2013.03.06 19:19:46 | 001,640,718 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.03.06 18:46:17 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.12.19 21:52:22 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.12.19 21:52:22 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.05.02 14:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 971 bytes -> C:\ProgramData:$SS_DESCRIPTOR_LBP6VPVFLVGVVFB84LTSUTB92PFNPC7BPV4XFJDMNGTFB5V5NBJ5TBBJMT9Y0N96GMP3V0GRUEF39X8XHH0TCFUL44FTBX4MLSWPBXRTF6VEKLFEJK35PNX0WHNGT9LSVEVF1VTVVTVXVVD

< End of report >
--- --- ---


[QUOTE]Extras LogOTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 11.04.2013 15:43:43 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\*********\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
8,00 Gb Total Physical Memory | 5,91 Gb Available Physical Memory | 73,91% Memory free
16,00 Gb Paging File | 13,50 Gb Available in Paging File | 84,41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,79 Gb Total Space | 154,29 Gb Free Space | 66,28% Space Free | Partition Type: NTFS
Drive D: | 232,88 Gb Total Space | 209,84 Gb Free Space | 90,11% Space Free | Partition Type: NTFS
 
Computer Name: *********-PC | User Name: ********* | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0C1E6C70-5B1A-4478-A857-F0D44E6FE6CB}" = rport=138 | protocol=17 | dir=out | app=system | 
"{1916957E-37A7-4F92-AF98-AD54834EF7E6}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{1E38313C-033B-4DD4-BE78-7D629B0CB972}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{216F9582-EF1A-4F88-9924-58749B0B3068}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{23DF12AA-F1C9-4084-A4C3-C92D816EF23B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{3185F4A8-9033-4331-BB33-2D468EDF3F9B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{3245B9CF-5C76-4F67-BFE9-B9AB03D5ADA4}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{379C3816-5ECE-49D0-B058-36C9B78AB0BC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{3BA28102-86EB-4C0F-9F89-AC6D26910B58}" = lport=445 | protocol=6 | dir=in | app=system | 
"{3E397137-072F-4BA3-8400-46CE6548CA84}" = lport=2869 | protocol=6 | dir=in | name=upnp device discovery (tcp 2869) | 
"{453FE7AF-62BB-4938-8156-4C005473AB40}" = lport=139 | protocol=6 | dir=in | app=system | 
"{486B1F9D-0C72-458C-8BC2-A37B6C998E93}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{592D80C0-833E-4687-B918-54E64FA6257F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{64A71DD0-CC8F-4E74-A760-76CAC5FC0DF5}" = rport=139 | protocol=6 | dir=out | app=system | 
"{68CD4B47-84C6-40C8-A997-62B7F6607447}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{6B6BC262-AA91-4998-83BE-5771430C2D7C}" = lport=137 | protocol=17 | dir=in | app=system | 
"{6E8F92AD-D134-47A5-90AB-D00A2E3C838A}" = rport=137 | protocol=17 | dir=out | app=system | 
"{76BFFC94-2A4A-4445-AAFD-EC1ADEBCC983}" = lport=1900 | protocol=17 | dir=in | name=upnp device discovery (udp 1900) | 
"{7C259033-0706-4CE4-B0E0-05BCF1AB1CA9}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{7D53D9F2-A2E9-41A7-ADED-0B1C8582BC10}" = lport=138 | protocol=17 | dir=in | app=system | 
"{94B85FA7-3ACE-4A71-8432-5F33E937579B}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{9CAC8B4D-6467-48E2-BFAD-2C9B878E285A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{BDE6D423-062D-463D-80DC-60855E7508D9}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe | 
"{EC6221AE-124A-46EB-B016-A837D6006513}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{F152DBB5-9385-4C0C-8E81-47BED02A3D7E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{FF059831-2588-45F0-A967-51E34EBA4255}" = rport=445 | protocol=6 | dir=out | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03CD47BD-9E29-4091-8207-88E974ACFEF9}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe | 
"{09A3D684-72D5-4CA6-B97A-8D8D4D9B4697}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{0A68973C-B10B-4DF3-AA62-2B0504683A6F}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{10E1C8A5-C57E-4276-8A00-EB219B6DFCAA}" = protocol=6 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe | 
"{12F9748D-983F-4CC2-84FA-C4EB2F2BBB56}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe | 
"{207839C6-7FC8-4043-B41C-F20DBBE8C4AF}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{2676DF20-FB32-4CA1-9D4E-49CE1F6F63BF}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe | 
"{27EE47C4-2DD7-4E08-A17E-1FE508694C7B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{32C293F2-5011-491D-B9CF-60EA74CD4407}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{34BBF16B-652F-48A2-96D2-3EB6F9481979}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{3BA6AF3F-B387-4205-81B9-D8E72472C8BD}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{3CD51E4D-14E2-4E77-ACE6-41449CC75A2B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{3EB1D03F-88CC-4045-A13F-A217114091C2}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{3EBB0ABC-677A-4E9B-BF11-6458A53ABB38}" = protocol=17 | dir=in | app=d:\diablo iii\diablo iii.exe | 
"{46B23A78-5F76-4B79-A7F5-28DB52257491}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\counter-strike global offensive\csgo.exe | 
"{47A0DA57-29E4-439B-BB78-604D0A68B674}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{47E1422F-FA98-490C-9303-B4F5DA473F1B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{48C3CE5D-6D9B-44BA-A20D-2676CCBB309A}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe | 
"{4C8A0D77-4DD9-4560-BFB4-1E3923FF6C0D}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe | 
"{4F260063-C12E-4792-B577-5689CEFEA035}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe | 
"{54B37C16-D07A-461E-922B-6DA99AE065D6}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe | 
"{5682805D-06EF-4C05-AD5D-AC2D759CED91}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe | 
"{56ABF72F-38DA-4205-81A4-7D318D6B10CF}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | 
"{59091490-9604-4ABF-BB21-2908BDFFEE93}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe | 
"{5B2D0AEB-5AC7-4B49-BAB0-0A48C5C29BD2}" = protocol=6 | dir=in | app=d:\diablo iii\diablo iii.exe | 
"{6063FF10-0794-424A-B4E3-26C18304C6A6}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{612726F8-1983-4EE6-8F0F-D0BD5C4B9779}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{614E2718-1D08-4219-9D69-65CB164D31AF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{626769F0-20B9-4CE3-BC60-5507FB5D12C5}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\counter-strike global offensive\csgo.exe | 
"{62F431E0-362E-44C5-947D-966E3AFEE307}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe | 
"{68357729-E5A7-4A36-9172-30DEE6B80198}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | 
"{6E9F0267-D64E-44A3-B930-64EC38230392}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{72F4EA24-DD1D-497F-9DB6-9AE3FBDB312B}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe | 
"{7338E590-1231-42F9-AB2C-A99D014BEECA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{7459964D-97B6-4415-B804-F3F799B12EB9}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe | 
"{74CFD120-F651-456F-A29F-D2E0FB72E3AB}" = protocol=6 | dir=out | app=system | 
"{7A7768AF-C346-4438-8FEA-77D41F6E7781}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | 
"{86CC3BF8-1466-4223-A86D-1574D78C79D3}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{87D4D335-8DDE-43A9-B46D-AE5CCAE8E7E6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{8FBF2496-7ABF-4F8C-8C76-76C237926387}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{9D59A1DF-69B3-4231-97C5-C9D3DD78F677}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe | 
"{A02BC632-436A-4C53-A7D4-AC19CAA7A69C}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe | 
"{A7B340EC-C0A8-4731-9AEB-424DBD075C3B}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe | 
"{ADEAA56B-CD5B-462F-9A7C-8D3F1655083D}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe | 
"{B596DE16-F407-47A3-8043-DD8C1CDA97BB}" = protocol=17 | dir=in | app=d:\steam\steamapps\baltasaa208\counter-strike source\hl2.exe | 
"{B7C78B4A-83EF-432E-8973-9D91BF0DA54D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{BA5BB57B-D476-4EB7-92E5-BF332FCDBB0D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{BE0D12A4-37B8-4F50-9873-7C81E941583B}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe | 
"{C35ABC74-1FF1-4461-8A7A-F1D6E2ECA4B7}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe | 
"{C521C58F-DE64-4E84-992B-88BA0D1BD59F}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{C55E5F57-5C71-4621-8783-1BF28609159C}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{CA60F7A4-4CEA-4C71-B1D6-7A0A7154F856}" = protocol=17 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe | 
"{DB716EBC-792C-4715-9A22-5871FF443E22}" = protocol=17 | dir=in | app=d:\steam\steam.exe | 
"{E8CD6B4D-80E3-440C-9AEB-102DB29E4BD7}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{F856B597-5925-42D3-9B41-9873CF13226B}" = protocol=6 | dir=in | app=d:\steam\steamapps\baltasaa208\counter-strike source\hl2.exe | 
"{F8BDAF81-F387-4711-B7CA-A02BD6028A01}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | 
"{F8CB79C5-1C35-44D7-A737-10BF315D84B3}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{FA83C4AD-55E8-40D8-9722-78595493A0C9}" = protocol=6 | dir=in | app=d:\steam\steam.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{26A24AE4-039D-4CA4-87B4-2F86417017FF}" = Java 7 Update 17 (64-bit)
"{3145731D-C578-70ED-899F-7A670D2A6662}" = AMD Fuel
"{44610EE0-C908-D8F1-425D-914A5B745DEA}" = AMD Drag and Drop Transcoding
"{4975DE61-6BF6-B9BC-1FDE-C04C5EC78E4C}" = AMD Media Foundation Decoders
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5E03A267-415E-5383-FA8F-3CE4145663B9}" = AMD Catalyst Install Manager
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{690285C2-2481-44FB-8402-162EA970A6DD}" = Logitech Gaming Software
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89EE4A30-080F-2C95-6F78-C98D18FBD74D}" = AMD Accelerated Video Transcoding
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{9CF11D16-ECEB-90A5-A028-CA9E068D848B}" = ccc-utility64
"{AD27BE4B-A261-4F0A-AB5A-476C83EDAED2}" = AVG 2013
"{B0A5A6EE-F8BA-48B1-BB32-BAC17E96C2B4}" = Microsoft Visual J# 2.0 Redistributable Package - SE (x64)
"{D954C6C2-544B-4091-A47F-11E77162883E}" = Microsoft Security Client
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{F5AA006A-1ABE-4F16-B6E1-FEE1F7D38102}" = AVG 2013
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"AVG" = AVG 2013
"CCleaner" = CCleaner
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"EPSON SX130 Series" = EPSON SX130 Series Printer Uninstall
"Logitech Gaming Software" = Logitech Gaming Software 8.45
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"Microsoft Visual J# 2.0 Redistributable Package - SE (x64)" = Microsoft Visual J# 2.0 Redistributable Package - SE (x64)
"NVIDIA Drivers" = NVIDIA Drivers
"Sn1" = Logitech Flow Scroll 4.0
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"VLC media player" = VLC media player 2.0.5
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{017F8447-2A1D-0DDB-B5D7-CA2BFACE2886}" = CCC Help French
"{04805AB6-F757-496A-8D56-37A0FC5FF6F3}" = VMware vSphere Client 5.0
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{054E9A1C-3EA2-C657-E787-FD8DCF5C3D3B}" = CCC Help Czech
"{1DE2BD51-0300-772D-5E18-F337D95D5687}" = CCC Help German
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{224E8FEB-5C1F-077F-6FC5-602AC1AE644D}" = CCC Help Danish
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{275E9C49-C72F-D754-DEB7-77F10A9C00D8}" = CCC Help Japanese
"{2D9F8079-7D50-3EFD-B3BD-ED642E4EE756}" = Microsoft Visual Basic PowerPacks 10.0
"{30049739-BE95-6591-B504-E6D7057D49CC}" = CCC Help Spanish
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = er100LT
"{3F1EB155-F96E-EB7B-2EF2-7375490E0FA9}" = CCC Help English
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B023D7B-9E67-795D-FB31-B5E1F6DCA451}" = CCC Help Italian
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{55F6C486-8C75-2A72-DAFE-CE78A624C9F7}" = CCC Help Russian
"{5AF23993-7152-1620-E43F-1B4542FB4F84}" = CCC Help Thai
"{5AF4B3C4-C393-48D7-AC7E-8E7615579548}" = Adobe AIR
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{63326924-3CAF-C858-3A8F-8598C87019D7}" = AMD VISION Engine Control Center
"{63822E89-11AA-F8EC-D433-F72A85799EC0}" = CCC Help Greek
"{66361420-4905-AEB8-17AE-172FDD164A7E}" = CCC Help Polish
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7451FD2D-1A23-4E67-92CD-8EDDD1846917}" = AVG PC TuneUp Language Pack (de-DE)
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{769F2A4B-84A3-9486-ADD2-9E5AB4B4E1E3}" = Catalyst Control Center InstallProxy
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{8773DD1C-5FB2-95B5-5A93-0EFEAC900A4D}" = CCC Help Norwegian
"{8CCBB0BF-9CC1-1A65-BB93-56012A460EE6}" = CCC Help Portuguese
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0A3CE05-96CB-52E9-434E-074F3BB7807E}" = CCC Help Turkish
"{A231A6F2-2C80-6203-ED35-2CFB96B25A38}" = Application Profiles
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9C64319-932F-D02B-B14C-FFFC3EC49E77}" = CCC Help Chinese Standard
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch
"{C09DB932-7619-7B56-30E3-C0454811D6D7}" = CCC Help Korean
"{C22A4697-BD77-ACB1-744F-1FD0A0BFF798}" = CCC Help Swedish
"{C4C91E02-D4E2-481E-BCBA-7D90CC8D43E1}" = LiveZilla
"{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}" = AVG PC TuneUp
"{D4B457B2-260F-C561-CA87-703BD3B724CA}" = Catalyst Control Center Graphics Previews Common
"{D6CDB506-297D-AE70-0EF6-DE5185F961BE}" = CCC Help Chinese Traditional
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{ECFD508E-68A2-91B2-46DD-1D03D783D94B}" = Catalyst Control Center Localization All
"{EDE361D5-35A5-DA7D-3462-C3DABD24029B}" = CCC Help Hungarian
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F1E7DD6A-AE2D-D706-BEB3-937F76CA6AE9}" = CCC Help Finnish
"{F56F54DD-BCB2-1221-2CB7-E983A5CF9D15}" = CCC Help Dutch
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Alt.Binz" = Alt.Binz 0.25.0
"AVG PC TuneUp" = AVG PC TuneUp
"Battlelog Web Plugins" = Battlelog Web Plugins
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DAEMON Tools Lite" = DAEMON Tools Lite
"Diablo III" = Diablo III
"EPSON Scanner" = EPSON Scan
"ESN Sonar-0.70.4" = ESN Sonar
"Google Chrome" = Google Chrome
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"LiveZilla" = LiveZilla
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Mozilla Firefox 20.0 (x86 de)" = Mozilla Firefox 20.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Notepad++" = Notepad++
"Office14.SingleImage" = Microsoft Office Professional 2010
"Origin" = Origin
"PokerStars.eu" = PokerStars.eu
"PunkBusterSvc" = PunkBuster Services
"PuTTY_is1" = PuTTY version 0.62
"QuickPar" = QuickPar 0.9
"Steam App 240" = Counter-Strike: Source
"Steam App 730" = Counter-Strike: Global Offensive
"TeamViewer 8" = TeamViewer 8
"Update Engine" = Sony Ericsson Update Engine
"uTorrent" = µTorrent
"winscp3_is1" = WinSCP 5.1.4
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 11.04.2013 05:55:10 | Computer Name = *********-PC | Source = Windows Search Service | ID = 7042
Description = 
 
Error - 11.04.2013 05:55:10 | Computer Name = *********-PC | Source = Windows Search Service | ID = 9002
Description = 
 
Error - 11.04.2013 05:55:10 | Computer Name = *********-PC | Source = Windows Search Service | ID = 3029
Description = 
 
Error - 11.04.2013 05:55:12 | Computer Name = *********-PC | Source = Windows Search Service | ID = 3029
Description = 
 
Error - 11.04.2013 05:55:12 | Computer Name = *********-PC | Source = Windows Search Service | ID = 3028
Description = 
 
Error - 11.04.2013 05:55:12 | Computer Name = *********-PC | Source = Windows Search Service | ID = 3058
Description = 
 
Error - 11.04.2013 05:55:12 | Computer Name = *********-PC | Source = Windows Search Service | ID = 7010
Description = 
 
Error - 11.04.2013 05:55:54 | Computer Name = *********-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 11.04.2013 09:36:06 | Computer Name = *********-PC | Source = Application Hang | ID = 1002
Description = Programm mmc.exe, Version 6.1.7600.16385 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 15dc    Startzeit:
 01ce36b92f4c29ef    Endzeit: 0    Anwendungspfad: C:\Windows\system32\mmc.exe    Berichts-ID:
   
 
Error - 11.04.2013 09:41:42 | Computer Name = *********-PC | Source = WinMgmt | ID = 10
Description = 
 
[ Media Center Events ]
Error - 21.03.2013 11:32:22 | Computer Name = *********-PC | Source = ehRecvr | ID = 3
Description = Auf dem TV-Tuner ist ein Fehler aufgetreten. (0xc0040524) PCTV DiBcom
 BDA Digital Tuner (Dev1 Path0) 
 
[ System Events ]
Error - 10.04.2013 17:09:46 | Computer Name = *********-PC | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
 Fehlers fehlgeschlagen:   %%5
 
Error - 11.04.2013 05:54:44 | Computer Name = *********-PC | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
 Fehlers fehlgeschlagen:   %%5
 
Error - 11.04.2013 05:54:49 | Computer Name = *********-PC | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
 Fehlers fehlgeschlagen:   %%5
 
Error - 11.04.2013 05:55:12 | Computer Name = *********-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem
 Fehler beendet: %%-1073473535.
 
Error - 11.04.2013 05:55:12 | Computer Name = *********-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits
 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt:
 Neustart des Diensts.
 
Error - 11.04.2013 08:44:16 | Computer Name = *********-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 AVGIDSAgent erreicht.
 
Error - 11.04.2013 08:44:16 | Computer Name = *********-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AVGIDSAgent" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%1053
 
Error - 11.04.2013 09:40:29 | Computer Name = *********-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?11.?04.?2013 um 15:39:17 unerwartet heruntergefahren.
 
Error - 11.04.2013 09:40:32 | Computer Name = *********-PC | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
 Fehlers fehlgeschlagen:   %%5
 
Error - 11.04.2013 09:40:42 | Computer Name = *********-PC | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
 Fehlers fehlgeschlagen:   %%5
 
 
< End of report >
--- --- ---
__________________
Geändert von Nexus633 (11.04.2013 um 14:59 Uhr) Grund: Falsch die Logs gepostet

Alt 11.04.2013, 19:06   #4
aharonov
/// TB-Ausbilder
 
Verbraucher gehen plötzlich aus und wieder an...Firefox öffnet verdächtiege Seiten - Standard

Verbraucher gehen plötzlich aus und wieder an...Firefox öffnet verdächtiege Seiten


Hi,

dann mach bitte noch das:


Schritt 1

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinen Desktop.
  • Starte die aswMBR.exe.
    Vista und Win7 User mit Rechtsklick "als Admininstartor ausführen".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von avast! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff aufs Internet zulassen.)
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte, bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere die Datei auf dem Desktop.
Poste mir diese aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung.

Hinweis: Sollte der Scan Button ausgeblendet sein, schliesse das Tool und starte es erneut. Sollte es erneut nicht klappen, teile mir das bitte mit.



Bitte poste in deiner nächsten Antwort:
  • Log von aswMBR
__________________
cheers,
Leo

Alt 11.04.2013, 19:48   #5
Nexus633
 
Verbraucher gehen plötzlich aus und wieder an...Firefox öffnet verdächtiege Seiten - Standard

Verbraucher gehen plötzlich aus und wieder an...Firefox öffnet verdächtiege Seiten


Hey,

Code:
ATTFilter
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-04-11 20:16:41
-----------------------------
20:16:41.622    OS Version: Windows x64 5.1.2600 Service Pack 3
20:16:41.622    Number of processors: 3 586 0x503
20:16:41.623    ComputerName: ******-PC  UserName: ******
20:16:42.598    Initialze error C0000034 - driver not loaded
20:16:54.936    AVAST engine defs: 13041100
20:17:07.566    Service scanning
20:17:39.105    Modules scanning
20:17:39.108    Disk 0 trace - called modules:
20:17:39.109    
20:17:40.143    AVAST engine scan C:\Windows
20:17:42.428    AVAST engine scan C:\Windows\system32
20:22:23.125    AVAST engine scan C:\Windows\system32\drivers
20:22:38.589    AVAST engine scan C:\Users\******
20:44:51.278    AVAST engine scan C:\ProgramData
20:45:31.989    Scan finished successfully
20:46:58.639    The log file has been saved successfully to "C:\Users\Nexus\Desktop\aswMBR.txt"


Alt 11.04.2013, 19:49   #6
aharonov
/// TB-Ausbilder
 
Verbraucher gehen plötzlich aus und wieder an...Firefox öffnet verdächtiege Seiten - Standard

Verbraucher gehen plötzlich aus und wieder an...Firefox öffnet verdächtiege Seiten


Das hat nicht so richtig geklappt.
Hast du das Programm als Administrator ausgeführt?
__________________
--> Verbraucher gehen plötzlich aus und wieder an...Firefox öffnet verdächtiege Seiten

Alt 11.04.2013, 19:52   #7
Nexus633
 
Verbraucher gehen plötzlich aus und wieder an...Firefox öffnet verdächtiege Seiten - Standard

Verbraucher gehen plötzlich aus und wieder an...Firefox öffnet verdächtiege Seiten


Guten Abend,

jawohl das habe ich.

Alt 12.04.2013, 00:18   #8
aharonov
/// TB-Ausbilder
 
Verbraucher gehen plötzlich aus und wieder an...Firefox öffnet verdächtiege Seiten - Standard

Verbraucher gehen plötzlich aus und wieder an...Firefox öffnet verdächtiege Seiten


Hm.


Schritt 1

Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts löschen, sondern nur einen Scan-Report sehen.

Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop.
  • Starte die TDSSKiller.exe.
  • Drücke Start Scan.
  • Warnung: Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und speichere das Logfile.
  • TDSSKiller wird ein Logfile auf deinem Systemlaufwerk speichern (C:\TDSSKiller.<version_date_time>log.txt).
  • Poste bitte den Inhalt dieses Logfiles hier in den Thread.



Bitte poste in deiner nächsten Antwort:
  • Log von TDSSKiller
__________________
cheers,
Leo

Alt 12.04.2013, 10:33   #9
Nexus633
 
Verbraucher gehen plötzlich aus und wieder an...Firefox öffnet verdächtiege Seiten - Standard

Verbraucher gehen plötzlich aus und wieder an...Firefox öffnet verdächtiege Seiten


Keinen befund.

Code:
ATTFilter
11:32:53.0640 4940  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
11:32:53.0937 4940  ============================================================
11:32:53.0937 4940  Current date / time: 2013/04/12 11:32:53.0937
11:32:53.0937 4940  SystemInfo:
11:32:53.0937 4940  
11:32:53.0937 4940  OS Version: 6.1.7601 ServicePack: 1.0
11:32:53.0937 4940  Product type: Workstation
11:32:53.0937 4940  ComputerName: *********-PC
11:32:53.0937 4940  UserName: *********
11:32:53.0937 4940  Windows directory: C:\Windows
11:32:53.0937 4940  System windows directory: C:\Windows
11:32:53.0937 4940  Running under WOW64
11:32:53.0937 4940  Processor architecture: Intel x64
11:32:53.0937 4940  Number of processors: 3
11:32:53.0937 4940  Page size: 0x1000
11:32:53.0937 4940  Boot type: Normal boot
11:32:53.0937 4940  ============================================================
11:32:58.0812 4940  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x67813E, SectorsPerTrack: 0x4, TracksPerCylinder: 0x12, Type 'K0', Flags 0x00000040
11:32:58.0953 4940  Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:32:58.0968 4940  ============================================================
11:32:58.0968 4940  \Device\Harddisk0\DR0:
11:32:59.0015 4940  MBR partitions:
11:32:59.0015 4940  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
11:32:59.0015 4940  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D192800
11:32:59.0015 4940  \Device\Harddisk1\DR1:
11:32:59.0015 4940  MBR partitions:
11:32:59.0015 4940  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D1C4800
11:32:59.0015 4940  ============================================================
11:32:59.0265 4940  C: <-> \Device\Harddisk0\DR0\Partition2
11:32:59.0593 4940  D: <-> \Device\Harddisk1\DR1\Partition1
11:32:59.0593 4940  ============================================================
11:32:59.0593 4940  Initialize success
11:32:59.0593 4940  ============================================================
11:33:01.0921 4944  ============================================================
11:33:01.0921 4944  Scan started
11:33:01.0921 4944  Mode: Manual; 
11:33:01.0921 4944  ============================================================
11:33:04.0031 4944  ================ Scan system memory ========================
11:33:04.0031 4944  System memory - ok
11:33:04.0031 4944  ================ Scan services =============================
11:33:04.0671 4944  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
11:33:04.0687 4944  1394ohci - ok
11:33:04.0750 4944  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
11:33:04.0781 4944  ACPI - ok
11:33:04.0796 4944  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
11:33:04.0812 4944  AcpiPmi - ok
11:33:04.0953 4944  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:33:04.0968 4944  AdobeARMservice - ok
11:33:05.0437 4944  [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:33:05.0453 4944  AdobeFlashPlayerUpdateSvc - ok
11:33:05.0578 4944  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
11:33:05.0593 4944  adp94xx - ok
11:33:05.0703 4944  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
11:33:05.0718 4944  adpahci - ok
11:33:05.0890 4944  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
11:33:05.0890 4944  adpu320 - ok
11:33:06.0015 4944  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
11:33:06.0031 4944  AeLookupSvc - ok
11:33:06.0437 4944  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
11:33:06.0484 4944  AFD - ok
11:33:06.0531 4944  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
11:33:06.0609 4944  agp440 - ok
11:33:06.0781 4944  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
11:33:06.0796 4944  ALG - ok
11:33:07.0031 4944  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
11:33:07.0031 4944  aliide - ok
11:33:07.0468 4944  [ 4EAAAAB8759644D572522FBCDD196A13 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
11:33:07.0562 4944  AMD External Events Utility - ok
11:33:07.0640 4944  AMD FUEL Service - ok
11:33:07.0750 4944  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
11:33:07.0812 4944  amdide - ok
11:33:07.0937 4944  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
11:33:08.0046 4944  AmdK8 - ok
11:33:09.0609 4944  [ 22A14DF59FB8D0BE918C597988AF4296 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
11:33:10.0296 4944  amdkmdag - ok
11:33:10.0375 4944  [ EE22D3ED6D55A855E709F811CCCA97ED ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
11:33:10.0375 4944  amdkmdap - ok
11:33:10.0453 4944  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
11:33:10.0468 4944  AmdPPM - ok
11:33:10.0531 4944  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
11:33:10.0546 4944  amdsata - ok
11:33:10.0625 4944  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
11:33:10.0656 4944  amdsbs - ok
11:33:10.0750 4944  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
11:33:10.0765 4944  amdxata - ok
11:33:11.0031 4944  [ 5A528A540B1AEE8B1C77ED65094E8CDF ] AODDriver4.2    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
11:33:11.0031 4944  AODDriver4.2 - ok
11:33:11.0109 4944  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
11:33:11.0140 4944  AppID - ok
11:33:11.0156 4944  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
11:33:11.0171 4944  AppIDSvc - ok
11:33:11.0187 4944  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
11:33:11.0187 4944  Appinfo - ok
11:33:11.0312 4944  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
11:33:11.0328 4944  AppMgmt - ok
11:33:11.0375 4944  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
11:33:11.0390 4944  arc - ok
11:33:11.0437 4944  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
11:33:11.0437 4944  arcsas - ok
11:33:11.0640 4944  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:33:12.0046 4944  aspnet_state - ok
11:33:12.0140 4944  AsrCDDrv - ok
11:33:12.0187 4944  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
11:33:12.0234 4944  AsyncMac - ok
11:33:12.0265 4944  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
11:33:12.0281 4944  atapi - ok
11:33:12.0343 4944  [ 437F55435623D4D54D36197F5AD8B435 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
11:33:12.0375 4944  AtiHDAudioService - ok
11:33:12.0468 4944  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:33:12.0484 4944  AudioEndpointBuilder - ok
11:33:12.0562 4944  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
11:33:12.0562 4944  AudioSrv - ok
11:33:12.0703 4944  [ 3D1FFAA3358CA0D8A298DEA8BECFC468 ] Avgfwfd         C:\Windows\system32\DRIVERS\avgfwd6a.sys
11:33:12.0703 4944  Avgfwfd - ok
11:33:13.0015 4944  [ D0BE22C910E46550C6308D50DDA76B94 ] avgfws          C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
11:33:13.0031 4944  avgfws - ok
11:33:13.0203 4944  [ 4AFC14AFA58878FAA1D249E7E90EA54B ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
11:33:13.0218 4944  AVGIDSAgent - ok
11:33:13.0296 4944  [ 388056EBD5FE6718FE669078DBE37897 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
11:33:13.0296 4944  AVGIDSDriver - ok
11:33:13.0328 4944  [ 550E981747D6A6C55078C77346FFC2C6 ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
11:33:13.0343 4944  AVGIDSHA - ok
11:33:13.0359 4944  [ 5989592A91A17587799792A81E1541D4 ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
11:33:13.0359 4944  Avgldx64 - ok
11:33:13.0437 4944  [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga         C:\Windows\system32\DRIVERS\avgloga.sys
11:33:13.0453 4944  Avgloga - ok
11:33:13.0468 4944  [ 841C40C193889730848849AC220D9242 ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
11:33:13.0484 4944  Avgmfx64 - ok
11:33:13.0515 4944  [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
11:33:13.0546 4944  Avgrkx64 - ok
11:33:13.0562 4944  [ 6E634525613D48A1D1657FB21F21F3B2 ] Avgtdia         C:\Windows\system32\DRIVERS\avgtdia.sys
11:33:13.0562 4944  Avgtdia - ok
11:33:13.0609 4944  [ 76DCA54A83A34CCBBBDCE7ADA01E0068 ] avgtp           C:\Windows\system32\drivers\avgtpx64.sys
11:33:13.0609 4944  avgtp - ok
11:33:13.0671 4944  [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd           C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
11:33:13.0687 4944  avgwd - ok
11:33:13.0843 4944  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
11:33:13.0843 4944  AxInstSV - ok
11:33:13.0890 4944  [ 9F4320BA8E7CE2342517B182A2F2C0E6 ] azvusb          C:\Windows\system32\DRIVERS\azvusb.sys
11:33:13.0921 4944  azvusb - ok
11:33:14.0031 4944  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
11:33:14.0062 4944  b06bdrv - ok
11:33:14.0125 4944  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
11:33:14.0125 4944  b57nd60a - ok
11:33:14.0171 4944  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
11:33:14.0171 4944  BDESVC - ok
11:33:14.0187 4944  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
11:33:14.0203 4944  Beep - ok
11:33:14.0234 4944  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
11:33:14.0250 4944  BFE - ok
11:33:14.0328 4944  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
11:33:14.0343 4944  BITS - ok
11:33:14.0390 4944  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
11:33:14.0406 4944  blbdrive - ok
11:33:14.0468 4944  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
11:33:14.0468 4944  bowser - ok
11:33:14.0515 4944  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
11:33:14.0531 4944  BrFiltLo - ok
11:33:14.0546 4944  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
11:33:14.0562 4944  BrFiltUp - ok
11:33:14.0625 4944  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
11:33:14.0640 4944  Browser - ok
11:33:14.0765 4944  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
11:33:14.0843 4944  Brserid - ok
11:33:14.0875 4944  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
11:33:14.0890 4944  BrSerWdm - ok
11:33:14.0906 4944  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
11:33:14.0906 4944  BrUsbMdm - ok
11:33:14.0921 4944  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
11:33:14.0921 4944  BrUsbSer - ok
11:33:14.0937 4944  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
11:33:14.0953 4944  BTHMODEM - ok
11:33:14.0984 4944  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
11:33:15.0000 4944  bthserv - ok
11:33:15.0015 4944  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
11:33:15.0062 4944  cdfs - ok
11:33:15.0078 4944  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
11:33:15.0109 4944  cdrom - ok
11:33:15.0140 4944  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
11:33:15.0156 4944  CertPropSvc - ok
11:33:15.0156 4944  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
11:33:15.0171 4944  circlass - ok
11:33:15.0187 4944  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
11:33:15.0187 4944  CLFS - ok
11:33:15.0265 4944  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:33:15.0296 4944  clr_optimization_v2.0.50727_32 - ok
11:33:15.0343 4944  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:33:15.0359 4944  clr_optimization_v2.0.50727_64 - ok
11:33:15.0484 4944  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:33:15.0656 4944  clr_optimization_v4.0.30319_32 - ok
11:33:15.0781 4944  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:33:15.0890 4944  clr_optimization_v4.0.30319_64 - ok
11:33:15.0937 4944  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
11:33:15.0953 4944  CmBatt - ok
11:33:15.0968 4944  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
11:33:15.0968 4944  cmdide - ok
11:33:16.0000 4944  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys
11:33:16.0015 4944  CNG - ok
11:33:16.0031 4944  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
11:33:16.0046 4944  Compbatt - ok
11:33:16.0062 4944  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
11:33:16.0078 4944  CompositeBus - ok
11:33:16.0093 4944  COMSysApp - ok
11:33:16.0093 4944  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
11:33:16.0093 4944  crcdisk - ok
11:33:16.0140 4944  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
11:33:16.0156 4944  CryptSvc - ok
11:33:16.0234 4944  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
11:33:16.0312 4944  CSC - ok
11:33:16.0421 4944  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
11:33:16.0421 4944  CscService - ok
11:33:16.0484 4944  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
11:33:16.0515 4944  DcomLaunch - ok
11:33:16.0562 4944  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
11:33:16.0578 4944  defragsvc - ok
11:33:16.0593 4944  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
11:33:16.0609 4944  DfsC - ok
11:33:16.0640 4944  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
11:33:16.0656 4944  Dhcp - ok
11:33:16.0734 4944  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
11:33:16.0750 4944  discache - ok
11:33:16.0906 4944  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
11:33:16.0906 4944  Disk - ok
11:33:17.0000 4944  [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
11:33:17.0031 4944  dmvsc - ok
11:33:17.0078 4944  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
11:33:17.0093 4944  Dnscache - ok
11:33:17.0328 4944  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
11:33:17.0343 4944  dot3svc - ok
11:33:17.0406 4944  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
11:33:17.0421 4944  DPS - ok
11:33:17.0500 4944  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
11:33:17.0562 4944  drmkaud - ok
11:33:17.0640 4944  [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
11:33:17.0640 4944  dtsoftbus01 - ok
11:33:17.0875 4944  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
11:33:17.0890 4944  DXGKrnl - ok
11:33:17.0937 4944  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
11:33:17.0937 4944  EapHost - ok
11:33:18.0265 4944  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
11:33:18.0375 4944  ebdrv - ok
11:33:18.0390 4944  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
11:33:18.0406 4944  EFS - ok
11:33:18.0500 4944  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
11:33:18.0515 4944  ehRecvr - ok
11:33:18.0531 4944  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
11:33:18.0546 4944  ehSched - ok
11:33:18.0625 4944  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
11:33:18.0625 4944  elxstor - ok
11:33:18.0812 4944  [ 194E8100D57FC13BEF88129BAAD07E46 ] EPSON_PM_RPCV4_04 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
11:33:18.0828 4944  EPSON_PM_RPCV4_04 - ok
11:33:18.0859 4944  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
11:33:18.0859 4944  ErrDev - ok
11:33:18.0906 4944  esgiguard - ok
11:33:18.0968 4944  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
11:33:18.0968 4944  EventSystem - ok
11:33:19.0000 4944  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
11:33:19.0031 4944  exfat - ok
11:33:19.0078 4944  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
11:33:19.0109 4944  fastfat - ok
11:33:19.0218 4944  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
11:33:19.0265 4944  Fax - ok
11:33:19.0281 4944  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
11:33:19.0296 4944  fdc - ok
11:33:19.0312 4944  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
11:33:19.0328 4944  fdPHost - ok
11:33:19.0328 4944  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
11:33:19.0343 4944  FDResPub - ok
11:33:19.0359 4944  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
11:33:19.0359 4944  FileInfo - ok
11:33:19.0375 4944  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
11:33:19.0390 4944  Filetrace - ok
11:33:19.0406 4944  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
11:33:19.0406 4944  flpydisk - ok
11:33:19.0453 4944  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
11:33:19.0453 4944  FltMgr - ok
11:33:19.0531 4944  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
11:33:19.0562 4944  FontCache - ok
11:33:19.0609 4944  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:33:19.0625 4944  FontCache3.0.0.0 - ok
11:33:19.0640 4944  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
11:33:19.0656 4944  FsDepends - ok
11:33:19.0734 4944  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
11:33:19.0734 4944  Fs_Rec - ok
11:33:19.0796 4944  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
11:33:19.0796 4944  fvevol - ok
11:33:19.0828 4944  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
11:33:19.0843 4944  gagp30kx - ok
11:33:19.0921 4944  [ 14908F4F9005C29DE8F5587E271390EE ] gfibto          C:\Windows\system32\drivers\gfibto.sys
11:33:19.0921 4944  gfibto - ok
11:33:19.0953 4944  [ 16C2A6BCDDA8952C2035DEC861492A19 ] ggflt           C:\Windows\system32\DRIVERS\ggflt.sys
11:33:19.0953 4944  ggflt - ok
11:33:19.0968 4944  [ 6B503DF845EABF3457E49FBBDA26C10E ] ggsemc          C:\Windows\system32\DRIVERS\ggsemc.sys
11:33:19.0968 4944  ggsemc - ok
11:33:20.0000 4944  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
11:33:20.0015 4944  gpsvc - ok
11:33:20.0062 4944  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:33:20.0062 4944  gupdate - ok
11:33:20.0062 4944  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:33:20.0062 4944  gupdatem - ok
11:33:20.0093 4944  [ 1D19918788921253843F2B669F4C7F52 ] hcmon           C:\Windows\system32\drivers\hcmon.sys
11:33:20.0093 4944  hcmon - ok
11:33:20.0140 4944  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
11:33:20.0171 4944  hcw85cir - ok
11:33:20.0234 4944  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:33:20.0296 4944  HdAudAddService - ok
11:33:20.0343 4944  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
11:33:20.0359 4944  HDAudBus - ok
11:33:20.0406 4944  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
11:33:20.0421 4944  HidBatt - ok
11:33:20.0437 4944  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
11:33:20.0468 4944  HidBth - ok
11:33:20.0468 4944  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
11:33:20.0484 4944  HidIr - ok
11:33:20.0515 4944  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
11:33:20.0531 4944  hidserv - ok
11:33:20.0578 4944  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
11:33:20.0593 4944  HidUsb - ok
11:33:20.0625 4944  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
11:33:20.0640 4944  hkmsvc - ok
11:33:20.0750 4944  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:33:20.0765 4944  HomeGroupListener - ok
11:33:20.0843 4944  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:33:20.0859 4944  HomeGroupProvider - ok
11:33:20.0890 4944  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
11:33:20.0906 4944  HpSAMD - ok
11:33:21.0031 4944  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
11:33:21.0031 4944  HTTP - ok
11:33:21.0062 4944  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
11:33:21.0062 4944  hwpolicy - ok
11:33:21.0078 4944  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
11:33:21.0078 4944  i8042prt - ok
11:33:21.0125 4944  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
11:33:21.0140 4944  iaStorV - ok
11:33:21.0187 4944  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:33:21.0203 4944  idsvc - ok
11:33:21.0218 4944  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
11:33:21.0218 4944  iirsp - ok
11:33:21.0250 4944  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
11:33:21.0281 4944  IKEEXT - ok
11:33:21.0296 4944  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
11:33:21.0296 4944  intelide - ok
11:33:21.0328 4944  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
11:33:21.0343 4944  intelppm - ok
11:33:21.0359 4944  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
11:33:21.0359 4944  IPBusEnum - ok
11:33:21.0390 4944  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:33:21.0390 4944  IpFilterDriver - ok
11:33:21.0421 4944  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
11:33:21.0437 4944  iphlpsvc - ok
11:33:21.0437 4944  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
11:33:21.0453 4944  IPMIDRV - ok
11:33:21.0453 4944  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
11:33:21.0468 4944  IPNAT - ok
11:33:21.0484 4944  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
11:33:21.0500 4944  IRENUM - ok
11:33:21.0500 4944  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
11:33:21.0500 4944  isapnp - ok
11:33:21.0531 4944  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
11:33:21.0531 4944  iScsiPrt - ok
11:33:21.0546 4944  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
11:33:21.0546 4944  kbdclass - ok
11:33:21.0578 4944  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
11:33:21.0609 4944  kbdhid - ok
11:33:21.0625 4944  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
11:33:21.0625 4944  KeyIso - ok
11:33:21.0640 4944  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
11:33:21.0671 4944  KSecDD - ok
11:33:21.0734 4944  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
11:33:21.0750 4944  KSecPkg - ok
11:33:21.0781 4944  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
11:33:21.0796 4944  ksthunk - ok
11:33:22.0218 4944  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
11:33:22.0234 4944  KtmRm - ok
11:33:22.0265 4944  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
11:33:22.0281 4944  LanmanServer - ok
11:33:22.0312 4944  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:33:22.0328 4944  LanmanWorkstation - ok
11:33:22.0375 4944  [ FA529FB35694C24BF98A9EF67C1CD9D0 ] LGBusEnum       C:\Windows\system32\drivers\LGBusEnum.sys
11:33:22.0375 4944  LGBusEnum - ok
11:33:22.0453 4944  [ CDDC07D414B08FECD48E4940C29F483F ] LGSHidFilt      C:\Windows\system32\DRIVERS\LGSHidFilt.Sys
11:33:22.0468 4944  LGSHidFilt - ok
11:33:22.0484 4944  [ 94B29CE153765E768F004FB3440BE2B0 ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
11:33:22.0500 4944  LGVirHid - ok
11:33:22.0515 4944  [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
11:33:22.0531 4944  LHidFilt - ok
11:33:22.0546 4944  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
11:33:22.0562 4944  lltdio - ok
11:33:22.0578 4944  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
11:33:22.0593 4944  lltdsvc - ok
11:33:22.0609 4944  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
11:33:22.0625 4944  lmhosts - ok
11:33:22.0656 4944  [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
11:33:22.0656 4944  LMouFilt - ok
11:33:22.0734 4944  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
11:33:22.0750 4944  LSI_FC - ok
11:33:22.0765 4944  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
11:33:22.0765 4944  LSI_SAS - ok
11:33:22.0781 4944  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
11:33:22.0796 4944  LSI_SAS2 - ok
11:33:22.0796 4944  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
11:33:22.0796 4944  LSI_SCSI - ok
11:33:22.0906 4944  [ 639D24E769BDBEC6145E4C1921669B73 ] Ltn_stk7070P_64 C:\Windows\system32\DRIVERS\Ltn_stk7070P_64.sys
11:33:22.0968 4944  Ltn_stk7070P_64 - ok
11:33:23.0031 4944  [ E028DF5A96827A87898D4D7EB768E3AB ] Ltn_stkrc_64    C:\Windows\system32\DRIVERS\Ltn_stkrc_64.sys
11:33:23.0062 4944  Ltn_stkrc_64 - ok
11:33:23.0125 4944  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
11:33:23.0140 4944  luafv - ok
11:33:23.0218 4944  [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
11:33:23.0218 4944  MBAMProtector - ok
11:33:23.0359 4944  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
11:33:23.0359 4944  MBAMScheduler - ok
11:33:23.0375 4944  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
11:33:23.0390 4944  MBAMService - ok
11:33:23.0406 4944  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
11:33:23.0421 4944  Mcx2Svc - ok
11:33:23.0453 4944  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
11:33:23.0453 4944  megasas - ok
11:33:23.0468 4944  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
11:33:23.0468 4944  MegaSR - ok
11:33:23.0500 4944  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
11:33:23.0515 4944  MMCSS - ok
11:33:23.0531 4944  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
11:33:23.0546 4944  Modem - ok
11:33:23.0562 4944  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
11:33:23.0578 4944  monitor - ok
11:33:23.0593 4944  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
11:33:23.0593 4944  mouclass - ok
11:33:23.0625 4944  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
11:33:23.0625 4944  mouhid - ok
11:33:23.0640 4944  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
11:33:23.0640 4944  mountmgr - ok
11:33:23.0687 4944  [ 1C9B83F6A2D1F414F0ACD28D75605607 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:33:23.0687 4944  MozillaMaintenance - ok
11:33:23.0734 4944  [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
11:33:23.0750 4944  MpFilter - ok
11:33:23.0765 4944  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
11:33:23.0765 4944  mpio - ok
11:33:23.0796 4944  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
11:33:23.0796 4944  mpsdrv - ok
11:33:23.0843 4944  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
11:33:23.0859 4944  MpsSvc - ok
11:33:23.0859 4944  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
11:33:23.0875 4944  MRxDAV - ok
11:33:23.0906 4944  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
11:33:23.0906 4944  mrxsmb - ok
11:33:23.0921 4944  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:33:23.0937 4944  mrxsmb10 - ok
11:33:23.0953 4944  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:33:23.0968 4944  mrxsmb20 - ok
11:33:23.0968 4944  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
11:33:23.0968 4944  msahci - ok
11:33:23.0984 4944  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
11:33:23.0984 4944  msdsm - ok
11:33:24.0000 4944  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
11:33:24.0015 4944  MSDTC - ok
11:33:24.0031 4944  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
11:33:24.0046 4944  Msfs - ok
11:33:24.0062 4944  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
11:33:24.0078 4944  mshidkmdf - ok
11:33:24.0078 4944  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
11:33:24.0093 4944  msisadrv - ok
11:33:24.0125 4944  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
11:33:24.0125 4944  MSiSCSI - ok
11:33:24.0140 4944  msiserver - ok
11:33:24.0156 4944  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
11:33:24.0156 4944  MSKSSRV - ok
11:33:24.0203 4944  [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
11:33:24.0218 4944  MsMpSvc - ok
11:33:24.0218 4944  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
11:33:24.0234 4944  MSPCLOCK - ok
11:33:24.0250 4944  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
11:33:24.0250 4944  MSPQM - ok
11:33:24.0265 4944  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
11:33:24.0281 4944  MsRPC - ok
11:33:24.0296 4944  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
11:33:24.0296 4944  mssmbios - ok
11:33:24.0312 4944  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
11:33:24.0328 4944  MSTEE - ok
11:33:24.0328 4944  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
11:33:24.0343 4944  MTConfig - ok
11:33:24.0359 4944  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
11:33:24.0359 4944  Mup - ok
11:33:24.0406 4944  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
11:33:24.0421 4944  napagent - ok
11:33:24.0453 4944  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
11:33:24.0453 4944  NativeWifiP - ok
11:33:24.0484 4944  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
11:33:24.0500 4944  NDIS - ok
11:33:24.0515 4944  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
11:33:24.0515 4944  NdisCap - ok
11:33:24.0531 4944  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
11:33:24.0546 4944  NdisTapi - ok
11:33:24.0546 4944  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
11:33:24.0562 4944  Ndisuio - ok
11:33:24.0578 4944  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
11:33:24.0578 4944  NdisWan - ok
11:33:24.0593 4944  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
11:33:24.0609 4944  NDProxy - ok
11:33:24.0609 4944  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
11:33:24.0625 4944  NetBIOS - ok
11:33:24.0640 4944  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
11:33:24.0656 4944  NetBT - ok
11:33:24.0687 4944  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
11:33:24.0687 4944  Netlogon - ok
11:33:24.0734 4944  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
11:33:24.0750 4944  Netman - ok
11:33:24.0765 4944  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:33:24.0781 4944  NetMsmqActivator - ok
11:33:24.0781 4944  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:33:24.0796 4944  NetPipeActivator - ok
11:33:24.0812 4944  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
11:33:24.0812 4944  netprofm - ok
11:33:24.0828 4944  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:33:24.0828 4944  NetTcpActivator - ok
11:33:24.0828 4944  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:33:24.0828 4944  NetTcpPortSharing - ok
11:33:24.0843 4944  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
11:33:24.0843 4944  nfrd960 - ok
11:33:24.0875 4944  [ 162100E0BC8377710F9D170631921C03 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
11:33:24.0890 4944  NisDrv - ok
11:33:24.0906 4944  [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
11:33:24.0906 4944  NisSrv - ok
11:33:24.0921 4944  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
11:33:24.0937 4944  NlaSvc - ok
11:33:24.0937 4944  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
11:33:24.0953 4944  Npfs - ok
11:33:24.0968 4944  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
11:33:24.0968 4944  nsi - ok
11:33:24.0984 4944  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
11:33:24.0984 4944  nsiproxy - ok
11:33:25.0031 4944  [ B8965FB53551B5455630A4B804D0791F ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
11:33:25.0046 4944  Ntfs - ok
11:33:25.0078 4944  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
11:33:25.0078 4944  Null - ok
11:33:25.0125 4944  [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD        C:\Windows\system32\DRIVERS\nvm62x64.sys
11:33:25.0125 4944  NVENETFD - ok
11:33:25.0171 4944  [ 0AD267A4674805B61A5D7B911D2A978A ] NVNET           C:\Windows\system32\DRIVERS\nvmf6264.sys
11:33:25.0171 4944  NVNET - ok
11:33:25.0203 4944  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
11:33:25.0203 4944  nvraid - ok
11:33:25.0234 4944  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
11:33:25.0250 4944  nvstor - ok
11:33:25.0265 4944  [ 662A129CEBB4C0B01F95612A7F6DCC9A ] nvstor64        C:\Windows\system32\DRIVERS\nvstor64.sys
11:33:25.0265 4944  nvstor64 - ok
11:33:25.0296 4944  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
11:33:25.0296 4944  nv_agp - ok
11:33:25.0312 4944  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
11:33:25.0312 4944  ohci1394 - ok
11:33:25.0375 4944  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:33:25.0375 4944  ose - ok
11:33:25.0734 4944  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:33:25.0812 4944  osppsvc - ok
11:33:25.0875 4944  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
11:33:25.0890 4944  p2pimsvc - ok
11:33:25.0921 4944  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
11:33:25.0937 4944  p2psvc - ok
11:33:26.0000 4944  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
11:33:26.0000 4944  Parport - ok
11:33:26.0031 4944  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
11:33:26.0031 4944  partmgr - ok
11:33:26.0046 4944  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
11:33:26.0062 4944  PcaSvc - ok
11:33:26.0078 4944  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
11:33:26.0078 4944  pci - ok
11:33:26.0093 4944  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
11:33:26.0093 4944  pciide - ok
11:33:26.0109 4944  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
11:33:26.0125 4944  pcmcia - ok
11:33:26.0125 4944  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
11:33:26.0140 4944  pcw - ok
11:33:26.0171 4944  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
11:33:26.0187 4944  PEAUTH - ok
11:33:26.0218 4944  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
11:33:26.0234 4944  PeerDistSvc - ok
11:33:26.0312 4944  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
11:33:26.0328 4944  PerfHost - ok
11:33:26.0375 4944  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
11:33:26.0390 4944  pla - ok
11:33:26.0437 4944  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
11:33:26.0453 4944  PlugPlay - ok
11:33:26.0468 4944  PnkBstrA - ok
11:33:26.0484 4944  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
11:33:26.0500 4944  PNRPAutoReg - ok
11:33:26.0515 4944  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
11:33:26.0515 4944  PNRPsvc - ok
11:33:26.0546 4944  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
11:33:26.0562 4944  PolicyAgent - ok
11:33:26.0593 4944  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
11:33:26.0609 4944  Power - ok
11:33:26.0640 4944  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
11:33:26.0656 4944  PptpMiniport - ok
11:33:26.0687 4944  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
11:33:26.0703 4944  Processor - ok
11:33:26.0734 4944  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
11:33:26.0734 4944  ProfSvc - ok
11:33:26.0750 4944  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:33:26.0750 4944  ProtectedStorage - ok
11:33:26.0781 4944  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
11:33:26.0781 4944  Psched - ok
11:33:26.0812 4944  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
11:33:26.0828 4944  ql2300 - ok
11:33:26.0843 4944  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
11:33:26.0843 4944  ql40xx - ok
11:33:26.0859 4944  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
11:33:26.0875 4944  QWAVE - ok
11:33:26.0890 4944  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
11:33:26.0890 4944  QWAVEdrv - ok
11:33:26.0890 4944  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
11:33:26.0906 4944  RasAcd - ok
11:33:26.0937 4944  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
11:33:26.0953 4944  RasAgileVpn - ok
11:33:26.0953 4944  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
11:33:26.0968 4944  RasAuto - ok
11:33:26.0984 4944  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
11:33:27.0000 4944  Rasl2tp - ok
11:33:27.0000 4944  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
11:33:27.0015 4944  RasMan - ok
11:33:27.0031 4944  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
11:33:27.0046 4944  RasPppoe - ok
11:33:27.0062 4944  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
11:33:27.0062 4944  RasSstp - ok
11:33:27.0078 4944  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
11:33:27.0093 4944  rdbss - ok
11:33:27.0109 4944  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
11:33:27.0109 4944  rdpbus - ok
11:33:27.0125 4944  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
11:33:27.0125 4944  RDPCDD - ok
11:33:27.0156 4944  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
11:33:27.0171 4944  RDPDR - ok
11:33:27.0187 4944  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
11:33:27.0187 4944  RDPENCDD - ok
11:33:27.0203 4944  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
11:33:27.0218 4944  RDPREFMP - ok
11:33:27.0234 4944  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:33:27.0250 4944  RdpVideoMiniport - ok
11:33:27.0281 4944  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
11:33:27.0281 4944  RDPWD - ok
11:33:27.0312 4944  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
11:33:27.0328 4944  rdyboost - ok
11:33:27.0359 4944  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
11:33:27.0359 4944  RemoteAccess - ok
11:33:27.0390 4944  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
11:33:27.0406 4944  RemoteRegistry - ok
11:33:27.0421 4944  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
11:33:27.0421 4944  RpcEptMapper - ok
11:33:27.0437 4944  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
11:33:27.0453 4944  RpcLocator - ok
11:33:27.0468 4944  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
11:33:27.0468 4944  RpcSs - ok
11:33:27.0484 4944  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
11:33:27.0500 4944  rspndr - ok
11:33:27.0531 4944  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
11:33:27.0546 4944  s3cap - ok
11:33:27.0562 4944  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
11:33:27.0562 4944  SamSs - ok
11:33:27.0578 4944  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
11:33:27.0578 4944  sbp2port - ok
11:33:27.0593 4944  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
11:33:27.0593 4944  SCardSvr - ok
11:33:27.0609 4944  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
11:33:27.0625 4944  scfilter - ok
11:33:27.0656 4944  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
11:33:27.0671 4944  Schedule - ok
11:33:27.0718 4944  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
11:33:27.0718 4944  SCPolicySvc - ok
11:33:27.0734 4944  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
11:33:27.0734 4944  SDRSVC - ok
11:33:27.0765 4944  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
11:33:27.0781 4944  secdrv - ok
11:33:27.0781 4944  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
11:33:27.0796 4944  seclogon - ok
11:33:27.0828 4944  [ EDE7A1D2715AAC2190D51DC07AFD44E3 ] seehcri         C:\Windows\system32\DRIVERS\seehcri.sys
11:33:27.0828 4944  seehcri - ok
11:33:27.0843 4944  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
11:33:27.0859 4944  SENS - ok
11:33:27.0875 4944  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
11:33:27.0875 4944  SensrSvc - ok
11:33:27.0890 4944  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
11:33:27.0890 4944  Serenum - ok
11:33:27.0906 4944  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
11:33:27.0921 4944  Serial - ok
11:33:27.0937 4944  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
11:33:27.0937 4944  sermouse - ok
11:33:27.0968 4944  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
11:33:27.0968 4944  SessionEnv - ok
11:33:27.0984 4944  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
11:33:28.0000 4944  sffdisk - ok
11:33:28.0015 4944  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
11:33:28.0031 4944  sffp_mmc - ok
11:33:28.0031 4944  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
11:33:28.0046 4944  sffp_sd - ok
11:33:28.0062 4944  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
11:33:28.0078 4944  sfloppy - ok
11:33:28.0125 4944  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
11:33:28.0140 4944  SharedAccess - ok
11:33:28.0156 4944  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:33:28.0156 4944  ShellHWDetection - ok
11:33:28.0171 4944  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
11:33:28.0187 4944  SiSRaid2 - ok
11:33:28.0218 4944  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
11:33:28.0218 4944  SiSRaid4 - ok
11:33:28.0265 4944  [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
11:33:28.0265 4944  SkypeUpdate - ok
11:33:28.0296 4944  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
11:33:28.0312 4944  Smb - ok
11:33:28.0359 4944  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
11:33:28.0359 4944  SNMPTRAP - ok
11:33:28.0375 4944  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
11:33:28.0375 4944  spldr - ok
11:33:28.0437 4944  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
11:33:28.0453 4944  Spooler - ok
11:33:28.0703 4944  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
11:33:28.0765 4944  sppsvc - ok
11:33:28.0781 4944  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
11:33:28.0781 4944  sppuinotify - ok
11:33:28.0812 4944  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
11:33:28.0828 4944  srv - ok
11:33:28.0843 4944  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
11:33:28.0859 4944  srv2 - ok
11:33:28.0875 4944  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
11:33:28.0890 4944  srvnet - ok
11:33:28.0937 4944  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
11:33:28.0937 4944  SSDPSRV - ok
11:33:28.0953 4944  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
11:33:28.0968 4944  SstpSvc - ok
11:33:28.0984 4944  Steam Client Service - ok
11:33:29.0000 4944  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
11:33:29.0000 4944  stexstor - ok
11:33:29.0046 4944  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
11:33:29.0062 4944  stisvc - ok
11:33:29.0093 4944  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
11:33:29.0109 4944  storflt - ok
11:33:29.0125 4944  [ C40841817EF57D491F22EB103DA587CC ] StorSvc         C:\Windows\system32\storsvc.dll
11:33:29.0140 4944  StorSvc - ok
11:33:29.0171 4944  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
11:33:29.0171 4944  storvsc - ok
11:33:29.0187 4944  [ 0857B76E4F95E2B0CDFF575762158AB2 ] SWDUMon         C:\Windows\system32\DRIVERS\SWDUMon.sys
11:33:29.0218 4944  SWDUMon - ok
11:33:29.0234 4944  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
11:33:29.0234 4944  swenum - ok
11:33:29.0281 4944  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
11:33:29.0296 4944  swprv - ok
11:33:29.0328 4944  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
11:33:29.0359 4944  SysMain - ok
11:33:29.0359 4944  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:33:29.0375 4944  TabletInputService - ok
11:33:29.0390 4944  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
11:33:29.0406 4944  TapiSrv - ok
11:33:29.0421 4944  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
11:33:29.0437 4944  TBS - ok
11:33:29.0484 4944  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
11:33:29.0500 4944  Tcpip - ok
11:33:29.0531 4944  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
11:33:29.0546 4944  TCPIP6 - ok
11:33:29.0578 4944  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
11:33:29.0578 4944  tcpipreg - ok
11:33:29.0609 4944  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
11:33:29.0609 4944  TDPIPE - ok
11:33:29.0640 4944  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
11:33:29.0640 4944  TDTCP - ok
11:33:29.0687 4944  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
11:33:29.0687 4944  tdx - ok
11:33:29.0812 4944  [ 6B1B2F8D62D606B200C2072564090104 ] TeamViewer8     C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
11:33:29.0843 4944  TeamViewer8 - ok
11:33:29.0859 4944  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
11:33:29.0859 4944  TermDD - ok
11:33:29.0890 4944  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
11:33:29.0906 4944  TermService - ok
11:33:29.0921 4944  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
11:33:29.0937 4944  Themes - ok
11:33:29.0953 4944  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
11:33:29.0953 4944  THREADORDER - ok
11:33:29.0984 4944  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
11:33:30.0000 4944  TrkWks - ok
11:33:30.0046 4944  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:33:30.0046 4944  TrustedInstaller - ok
11:33:30.0062 4944  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
11:33:30.0078 4944  tssecsrv - ok
11:33:30.0109 4944  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
11:33:30.0125 4944  TsUsbFlt - ok
11:33:30.0140 4944  [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
11:33:30.0156 4944  TsUsbGD - ok
11:33:30.0250 4944  [ DD296C78B0D2C3F5E42DC0D2972CD992 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
11:33:30.0281 4944  TuneUp.UtilitiesSvc - ok
11:33:30.0296 4944  [ 7BC3381C0713F613B31ACDE38B71CB53 ] TuneUpUtilitiesDrv C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys
11:33:30.0312 4944  TuneUpUtilitiesDrv - ok
11:33:30.0343 4944  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
11:33:30.0343 4944  tunnel - ok
11:33:30.0375 4944  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
11:33:30.0375 4944  uagp35 - ok
11:33:30.0375 4944  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
11:33:30.0390 4944  udfs - ok
11:33:30.0421 4944  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
11:33:30.0437 4944  UI0Detect - ok
11:33:30.0437 4944  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
11:33:30.0437 4944  uliagpkx - ok
11:33:30.0468 4944  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
11:33:30.0468 4944  umbus - ok
11:33:30.0484 4944  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
11:33:30.0500 4944  UmPass - ok
11:33:30.0515 4944  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
11:33:30.0531 4944  UmRdpService - ok
11:33:30.0546 4944  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
11:33:30.0562 4944  upnphost - ok
11:33:30.0578 4944  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
11:33:30.0609 4944  usbccgp - ok
11:33:30.0625 4944  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
11:33:30.0625 4944  usbcir - ok
11:33:30.0640 4944  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
11:33:30.0656 4944  usbehci - ok
11:33:30.0718 4944  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
11:33:30.0781 4944  usbhub - ok
11:33:30.0796 4944  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
11:33:30.0812 4944  usbohci - ok
11:33:30.0812 4944  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
11:33:30.0828 4944  usbprint - ok
11:33:30.0906 4944  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
11:33:30.0921 4944  usbscan - ok
11:33:30.0953 4944  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:33:30.0968 4944  USBSTOR - ok
11:33:30.0984 4944  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
11:33:31.0015 4944  usbuhci - ok
11:33:31.0046 4944  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
11:33:31.0062 4944  UxSms - ok
11:33:31.0109 4944  [ 654199E55A188BF2C6DA1A08A73EB46D ] UxTuneUp        C:\Windows\System32\uxtuneup.dll
11:33:31.0125 4944  UxTuneUp - ok
11:33:31.0140 4944  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
11:33:31.0140 4944  VaultSvc - ok
11:33:31.0187 4944  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
11:33:31.0187 4944  vdrvroot - ok
11:33:31.0218 4944  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
11:33:31.0234 4944  vds - ok
11:33:31.0250 4944  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
11:33:31.0265 4944  vga - ok
11:33:31.0281 4944  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
11:33:31.0281 4944  VgaSave - ok
11:33:31.0281 4944  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
11:33:31.0296 4944  vhdmp - ok
11:33:31.0375 4944  [ 0AE6B10B700689681A9892E67EE7B00B ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
11:33:31.0375 4944  VIAHdAudAddService - ok
11:33:31.0390 4944  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
11:33:31.0390 4944  viaide - ok
11:33:31.0437 4944  [ 265ABC06AD6BD64AFBFB61B3E57839A1 ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
11:33:31.0437 4944  VIAKaraokeService - ok
11:33:31.0453 4944  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
11:33:31.0453 4944  vmbus - ok
11:33:31.0468 4944  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
11:33:31.0484 4944  VMBusHID - ok
11:33:31.0546 4944  [ 6C551C8B0672C926B80FA8199C8682E7 ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
11:33:31.0546 4944  VMUSBArbService - ok
11:33:31.0562 4944  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
11:33:31.0578 4944  volmgr - ok
11:33:31.0593 4944  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
11:33:31.0593 4944  volmgrx - ok
11:33:31.0609 4944  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
11:33:31.0609 4944  volsnap - ok
11:33:31.0625 4944  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
11:33:31.0640 4944  vsmraid - ok
11:33:31.0687 4944  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
11:33:31.0703 4944  VSS - ok
11:33:31.0750 4944  [ E2CA898E105C3F2B62DB130F28C73322 ] vToolbarUpdater15.0.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe
11:33:31.0765 4944  vToolbarUpdater15.0.0 - ok
11:33:31.0781 4944  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
11:33:31.0796 4944  vwifibus - ok
11:33:31.0812 4944  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
11:33:31.0828 4944  W32Time - ok
11:33:31.0843 4944  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
11:33:31.0859 4944  WacomPen - ok
11:33:31.0890 4944  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
11:33:31.0890 4944  WANARP - ok
11:33:31.0906 4944  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
11:33:31.0906 4944  Wanarpv6 - ok
11:33:31.0937 4944  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
11:33:31.0968 4944  wbengine - ok
11:33:31.0984 4944  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
11:33:32.0000 4944  WbioSrvc - ok
11:33:32.0015 4944  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
11:33:32.0031 4944  wcncsvc - ok
11:33:32.0031 4944  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:33:32.0046 4944  WcsPlugInService - ok
11:33:32.0062 4944  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
11:33:32.0062 4944  Wd - ok
11:33:32.0093 4944  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
11:33:32.0109 4944  Wdf01000 - ok
11:33:32.0125 4944  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
11:33:32.0140 4944  WdiServiceHost - ok
11:33:32.0140 4944  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
11:33:32.0140 4944  WdiSystemHost - ok
11:33:32.0171 4944  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
11:33:32.0171 4944  WebClient - ok
11:33:32.0187 4944  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
11:33:32.0187 4944  Wecsvc - ok
11:33:32.0203 4944  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
11:33:32.0218 4944  wercplsupport - ok
11:33:32.0250 4944  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
11:33:32.0250 4944  WerSvc - ok
11:33:32.0281 4944  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
11:33:32.0296 4944  WfpLwf - ok
11:33:32.0296 4944  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
11:33:32.0312 4944  WIMMount - ok
11:33:32.0328 4944  WinDefend - ok
11:33:32.0343 4944  WinHttpAutoProxySvc - ok
11:33:32.0390 4944  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
11:33:32.0390 4944  Winmgmt - ok
11:33:32.0468 4944  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
11:33:32.0484 4944  WinRM - ok
11:33:32.0531 4944  [ FE88B288356E7B47B74B13372ADD906D ] WinUSB          C:\Windows\system32\DRIVERS\WinUSB.sys
11:33:32.0546 4944  WinUSB - ok
11:33:32.0578 4944  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
11:33:32.0593 4944  Wlansvc - ok
11:33:32.0625 4944  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
11:33:32.0625 4944  WmiAcpi - ok
11:33:32.0656 4944  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
11:33:32.0671 4944  wmiApSrv - ok
11:33:32.0703 4944  WMPNetworkSvc - ok
11:33:32.0718 4944  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
11:33:32.0734 4944  WPCSvc - ok
11:33:32.0765 4944  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
11:33:32.0765 4944  WPDBusEnum - ok
11:33:32.0781 4944  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
11:33:32.0796 4944  ws2ifsl - ok
11:33:32.0796 4944  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
11:33:32.0812 4944  wscsvc - ok
11:33:32.0812 4944  WSearch - ok
11:33:32.0875 4944  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
11:33:32.0890 4944  wuauserv - ok
11:33:32.0906 4944  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
11:33:32.0921 4944  WudfPf - ok
11:33:32.0937 4944  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
11:33:32.0937 4944  WUDFRd - ok
11:33:32.0968 4944  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
11:33:32.0984 4944  wudfsvc - ok
11:33:33.0000 4944  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
11:33:33.0015 4944  WwanSvc - ok
11:33:33.0031 4944  ================ Scan global ===============================
11:33:33.0046 4944  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
11:33:33.0093 4944  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
11:33:33.0109 4944  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
11:33:33.0140 4944  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
11:33:33.0187 4944  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
11:33:33.0187 4944  [Global] - ok
11:33:33.0187 4944  ================ Scan MBR ==================================
11:33:33.0203 4944  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:33:33.0671 4944  \Device\Harddisk0\DR0 - ok
11:33:34.0000 4944  [ 0792F22BCC85CFD3B28324561FFFCABB ] \Device\Harddisk1\DR1
11:33:35.0671 4944  \Device\Harddisk1\DR1 - ok
11:33:35.0671 4944  ================ Scan VBR ==================================
11:33:35.0687 4944  [ 12C7CA54381783FB9EFA78DE6A1EDD9E ] \Device\Harddisk0\DR0\Partition1
11:33:35.0687 4944  \Device\Harddisk0\DR0\Partition1 - ok
11:33:35.0703 4944  [ 0EA778D36DF2E2A8264E44B6389B8357 ] \Device\Harddisk0\DR0\Partition2
11:33:35.0703 4944  \Device\Harddisk0\DR0\Partition2 - ok
11:33:35.0703 4944  [ 5F32BEB298044A8EADEB6F7854ADE688 ] \Device\Harddisk1\DR1\Partition1
11:33:35.0703 4944  \Device\Harddisk1\DR1\Partition1 - ok
11:33:35.0703 4944  ============================================================
11:33:35.0703 4944  Scan finished
11:33:35.0703 4944  ============================================================
11:33:35.0718 6072  Detected object count: 0
11:33:35.0718 6072  Actual detected object count: 0
11:33:41.0953 3312  Deinitialize success
Geändert von Nexus633 (12.04.2013 um 10:35 Uhr) Grund: Code befehl nicht gesetzt

Alt 12.04.2013, 13:21   #10
aharonov
/// TB-Ausbilder
 
Verbraucher gehen plötzlich aus und wieder an...Firefox öffnet verdächtiege Seiten - Standard

Verbraucher gehen plötzlich aus und wieder an...Firefox öffnet verdächtiege Seiten


Ok, weiter:


Schritt 1

Warnung für Mitleser:
Combofix sollte nur dann ausgeführt werden, wenn dies explizit von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix.
  • WICHTIG: Speichere Combofix auf deinen Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft, bitte gar nichts am Computer arbeiten, auch nicht die Maus bewegen!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen (C:\Combofix.txt).
  • Bitte poste den Inhalt dieses Logfiles in deiner nächsten Antwort.

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.



Schritt 2

Starte bitte die OTL.exe.
  • Setze den Haken bei Scan all Users.
  • Drücke auf den Quick Scan Button.
  • Poste den Inhalt von OTL.txt hier in den Thread.



Bitte poste in deiner nächsten Antwort:
  • Log von Combofix
  • Log von OTL
__________________
cheers,
Leo

Alt 12.04.2013, 14:56   #11
Nexus633
 
Verbraucher gehen plötzlich aus und wieder an...Firefox öffnet verdächtiege Seiten - Standard

Verbraucher gehen plötzlich aus und wieder an...Firefox öffnet verdächtiege Seiten


Hey,

OTL LOG
Code:
ATTFilter
OTL logfile created on: 12.04.2013 15:44:51 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\*********\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
8,00 Gb Total Physical Memory | 4,90 Gb Available Physical Memory | 61,30% Memory free
16,00 Gb Paging File | 12,68 Gb Available in Paging File | 79,24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,79 Gb Total Space | 148,87 Gb Free Space | 63,95% Space Free | Partition Type: NTFS
Drive D: | 232,88 Gb Total Space | 209,84 Gb Free Space | 90,11% Space Free | Partition Type: NTFS
 
Computer Name: *********-PC | User Name: ********* | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.04.12 12:43:35 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013.04.11 15:43:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\*********\Desktop\OTL.exe
PRC - [2013.04.07 22:10:59 | 000,990,896 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe
PRC - [2013.04.07 21:59:48 | 001,822,424 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
PRC - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013.04.04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013.03.12 20:31:51 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012.12.18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.12.11 03:52:44 | 003,147,384 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgui.exe
PRC - [2012.12.10 11:11:44 | 001,342,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
PRC - [2012.11.15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
PRC - [2012.10.22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
PRC - [2012.10.22 13:04:06 | 000,329,848 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgcfgex.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.04.12 12:43:13 | 003,133,336 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013.04.07 21:59:47 | 014,717,144 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2012.12.19 21:56:00 | 000,240,640 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012.12.19 16:32:12 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2012.08.23 11:31:22 | 000,036,216 | ---- | M] (AVG) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2000.01.01 02:00:00 | 000,027,768 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\Windows\SysNative\ViakaraokeSrv.exe -- (VIAKaraokeService)
SRV - [2013.04.12 12:43:34 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.04.08 00:32:25 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.04.07 22:10:59 | 000,990,896 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe -- (vToolbarUpdater15.0.0)
SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013.03.29 21:53:56 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.03.12 20:31:51 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013.03.06 17:30:43 | 003,560,288 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013.02.28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.01.27 12:34:32 | 000,379,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013.01.27 12:34:32 | 000,022,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012.12.18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.12.10 11:11:44 | 001,342,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgfws.exe -- (avgfws)
SRV - [2012.11.15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012.10.22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2012.08.23 11:31:24 | 002,148,216 | ---- | M] (AVG) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012.08.23 11:31:22 | 000,029,560 | ---- | M] (AVG) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2012.02.21 08:01:02 | 000,151,648 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Programme\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE -- (EPSON_PM_RPCV4_04)
SRV - [2011.06.01 14:09:02 | 000,609,904 | ---- | M] (VMware, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe -- (VMUSBArbService)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.09 22:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV:64bit: - [2013.04.08 22:11:41 | 000,034,032 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\seehcri.sys -- (seehcri)
DRV:64bit: - [2013.04.08 06:24:55 | 000,014,456 | ---- | M] (GFI Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\gfibto.sys -- (gfibto)
DRV:64bit: - [2013.04.08 00:03:27 | 000,016,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SWDUMon.sys -- (SWDUMon)
DRV:64bit: - [2013.04.07 22:11:00 | 000,039,768 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2013.04.04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013.04.01 15:52:16 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013.01.20 16:59:04 | 000,130,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2013.01.17 22:15:12 | 000,066,800 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys -- (LGSHidFilt)
DRV:64bit: - [2012.12.19 22:48:48 | 011,278,336 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.12.19 21:32:54 | 000,552,960 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012.11.15 23:33:24 | 000,111,968 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2012.11.06 13:11:52 | 000,096,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012.10.22 13:02:44 | 000,154,464 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2012.10.15 03:48:50 | 000,063,328 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2012.10.02 03:30:38 | 000,185,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2012.09.21 03:46:04 | 000,200,032 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2012.09.21 03:46:00 | 000,225,120 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2012.09.14 03:05:18 | 000,040,800 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2012.09.04 10:39:32 | 000,050,296 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgfwd6a.sys -- (Avgfwfd)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.11.25 15:04:40 | 000,027,760 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc)
DRV:64bit: - [2011.11.25 15:04:40 | 000,014,448 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt)
DRV:64bit: - [2011.09.02 08:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011.09.02 08:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011.06.01 14:09:00 | 000,040,048 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.08.12 13:07:50 | 000,350,952 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2009.11.24 03:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009.11.24 03:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009.08.24 11:14:30 | 000,054,784 | ---- | M] (AzureWave Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\azvusb.sys -- (azvusb)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007.10.19 11:37:56 | 000,543,232 | ---- | M] (LITEON) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Ltn_stk7070P_64.sys -- (Ltn_stk7070P_64)
DRV:64bit: - [2007.10.19 11:37:56 | 000,016,256 | ---- | M] (LITEON) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Ltn_stkrc_64.sys -- (Ltn_stkrc_64)
DRV:64bit: - [2000.01.01 02:00:00 | 002,206,864 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2012.07.04 15:26:12 | 000,011,880 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2012.04.09 10:13:58 | 000,057,472 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.2)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-3083064164-38292864-500763091-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = about:blank
IE - HKU\S-1-5-21-3083064164-38292864-500763091-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-3083064164-38292864-500763091-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-3083064164-38292864-500763091-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F0 E4 13 9A 86 1A CE 01  [binary data]
IE - HKU\S-1-5-21-3083064164-38292864-500763091-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3083064164-38292864-500763091-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: %7B5D3F3872-91E9-4d59-AD9F-AA174A3145DD%7D:4.00.33
FF - prefs.js..extensions.enabledAddons: %7BF53C93F1-07D5-430c-86D4-C9531B27DFAF%7D:1.0.0.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - prefs.js..keyword.URL: " 	  hxxp://www.google.com/search?sourceid=navclient&hl=de&q="
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.3: C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@vmware.com/vmrc,version=2.5.0.00000: C:\Program Files (x86)\Common Files\VMware\VMware VMRC Plug-in\Firefox\np-vmware-vmrc.dll (VMware, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{5D3F3872-91E9-4d59-AD9F-AA174A3145DD}: C:\Program Files\Logitech\FlowScroll\LogiSmoothFirefoxExt [2013.04.08 13:54:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.12 12:43:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2013.03.06 21:04:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\*********\AppData\Roaming\mozilla\Extensions
[2013.04.08 20:57:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\*********\AppData\Roaming\mozilla\Firefox\Profiles\usbmt5kw.default-1365434795045\extensions
[2013.04.08 20:12:35 | 000,000,000 | ---D | M] (AVG Do Not Track) -- C:\Users\*********\AppData\Roaming\mozilla\Firefox\Profiles\usbmt5kw.default-1365434795045\extensions\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}
[2013.04.08 20:57:13 | 000,000,000 | ---D | M] (Firefox OS Simulator) -- C:\Users\*********\AppData\Roaming\mozilla\Firefox\Profiles\usbmt5kw.default-1365434795045\extensions\r2d2b2g@mozilla.org
[2013.04.08 20:57:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\*********\AppData\Roaming\mozilla\Firefox\Profiles\usbmt5kw.default-1365434795045\extensions\r2d2b2g@mozilla.org\profile\extensions
[2013.04.03 16:42:24 | 000,047,172 | ---- | M] () (No name found) -- C:\Users\*********\AppData\Roaming\mozilla\firefox\profiles\usbmt5kw.default-1365434795045\extensions\r2d2b2g@mozilla.org\profile\extensions\b2g-prosthesis@mozilla.org.xpi
[2013.04.03 16:42:28 | 000,236,108 | ---- | M] () (No name found) -- C:\Users\*********\AppData\Roaming\mozilla\firefox\profiles\usbmt5kw.default-1365434795045\extensions\r2d2b2g@mozilla.org\resources\r2d2b2g\data\win32\b2g\modules\XPIProvider.jsm
[2013.04.03 16:42:28 | 000,065,503 | ---- | M] () (No name found) -- C:\Users\*********\AppData\Roaming\mozilla\firefox\profiles\usbmt5kw.default-1365434795045\extensions\r2d2b2g@mozilla.org\resources\r2d2b2g\data\win32\b2g\modules\XPIProviderUtils.js
[2013.04.08 17:38:13 | 000,002,400 | ---- | M] () -- C:\Users\*********\AppData\Roaming\mozilla\firefox\profiles\usbmt5kw.default-1365434795045\searchplugins\google-deutschland.xml
[2013.04.12 12:43:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.04.08 13:54:55 | 000,000,000 | ---D | M] (Logitech Flow Scroll) -- C:\PROGRAM FILES\LOGITECH\FLOWSCROLL\LOGISMOOTHFIREFOXEXT
[2013.04.12 12:43:35 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.02.16 06:15:47 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.02.16 06:15:47 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013.02.16 06:15:47 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2013.02.16 06:15:47 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.02.16 06:15:47 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.02.16 06:15:47 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: hxxp://www.google.de/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - Extension: Angry Birds = C:\Users\*********\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Google Drive = C:\Users\*********\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: WOT = C:\Users\*********\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.4.11_0\
CHR - Extension: YouTube = C:\Users\*********\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Users\*********\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\
CHR - Extension: Google-Suche = C:\Users\*********\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Neon Glow Red = C:\Users\*********\AppData\Local\Google\Chrome\User Data\Default\Extensions\eibejcdolcflnmmbojgegkcmbjcgnkff\1.0_0\
CHR - Extension: Logitech Flow Scroll = C:\Users\*********\AppData\Local\Google\Chrome\User Data\Default\Extensions\geooogfhpjdpeiphckpbgkhpbeobcaoi\4.0.33_0\
CHR - Extension: World Time Buddy = C:\Users\*********\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdhpjomiingppeefgnohkiapmnaeakoj\10_0\
CHR - Extension: Sand 2 = C:\Users\*********\AppData\Local\Google\Chrome\User Data\Default\Extensions\klicmgamjpclmbhppmdeamffedflmkcn\1.1_0\
CHR - Extension: Google Mail-Checker = C:\Users\*********\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: Plants vs Zombies = C:\Users\*********\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina\1.0.5_0\
CHR - Extension: Google Mail = C:\Users\*********\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2013.04.12 15:40:00 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Logitech Flow Scroll) - {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Programme\Logitech\FlowScroll\LogiSmooth.dll (Logitech, Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Logitech Flow Scroll) - {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Programme\Logitech\FlowScroll\32-bit\LogiSmooth.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [LogiScrollApp] C:\Programme\Logitech\FlowScroll\KhalScroll.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [RunDLLEntry] C:\Windows\SysNative\AmbRunE.DLL (Creative Technology Ltd.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [LiveZilla] C:\Program Files (x86)\LiveZilla\LiveZilla.exe (LiveZilla GmbH)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-3083064164-38292864-500763091-1001..\Run: [Steam] D:\Steam\Steam.exe (Valve Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 181
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousUserGroupPolicy = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousMachineGroupPolicy = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPath = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3083064164-38292864-500763091-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3083064164-38292864-500763091-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{461BF70E-4558-4312-A721-475E8BBF38D5}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\System32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013.04.08 01:16:55 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.04.12 15:42:16 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.04.12 15:33:01 | 000,000,000 | ---D | C] -- C:\ComboFix
[2013.04.12 15:26:12 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013.04.12 15:26:12 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013.04.12 15:26:12 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013.04.12 15:25:36 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.04.12 15:25:19 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.04.12 15:24:28 | 005,053,020 | R--- | C] (Swearware) -- C:\Users\*********\Desktop\ComboFix.exe
[2013.04.12 12:43:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.04.12 11:32:36 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\*********\Desktop\tdsskiller.exe
[2013.04.11 20:13:54 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\*********\Desktop\aswMBR.exe
[2013.04.11 15:43:03 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\*********\Desktop\OTL.exe
[2013.04.11 13:45:06 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Roaming\EPSON
[2013.04.09 01:21:10 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Roaming\ERoot
[2013.04.09 00:24:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Ericsson
[2013.04.09 00:24:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony Ericsson
[2013.04.08 22:37:05 | 000,000,000 | ---D | C] -- C:\mozilla-build
[2013.04.08 22:19:37 | 000,000,000 | ---D | C] -- C:\Users\*********\Desktop\Firefox OS
[2013.04.08 22:13:20 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sony Mobile
[2013.04.08 22:11:41 | 000,034,032 | ---- | C] (Sony Ericsson Mobile Communications) -- C:\Windows\SysNative\drivers\seehcri.sys
[2013.04.08 22:10:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony Mobile
[2013.04.08 20:26:35 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Local\Lookeen
[2013.04.08 20:26:29 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Local\assembly
[2013.04.08 20:23:29 | 000,000,000 | ---D | C] -- C:\Users\*********\Documents\Add-in Express
[2013.04.08 19:55:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IKARUS
[2013.04.08 17:26:40 | 000,000,000 | ---D | C] -- C:\Users\*********\Desktop\Alte Firefox-Daten
[2013.04.08 13:44:25 | 000,000,000 | ---D | C] -- C:\Users\*********\.android
[2013.04.08 13:14:40 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech
[2013.04.08 09:31:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013.04.08 09:28:11 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Local\Secunia PSI
[2013.04.08 09:25:35 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.04.08 09:19:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013.04.08 09:18:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2013.04.08 08:45:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.04.08 08:45:26 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.04.08 08:45:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.04.08 06:58:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013.04.08 06:58:04 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.04.08 06:27:46 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Roaming\LavasoftStatistics
[2013.04.08 06:27:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Antivirus
[2013.04.08 06:26:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2013.04.08 06:25:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations
[2013.04.08 06:25:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Toolbar Cleaner
[2013.04.08 06:24:56 | 000,014,456 | ---- | C] (GFI Software) -- C:\Windows\SysNative\drivers\gfibto.sys
[2013.04.08 06:24:51 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Roaming\Ad-Aware Antivirus
[2013.04.08 06:17:17 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Roaming\DriverCure
[2013.04.08 06:16:40 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedyPC Software
[2013.04.08 05:32:37 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Roaming\Anvisoft
[2013.04.08 05:31:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Anvisoft
[2013.04.08 05:31:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Anvisoft
[2013.04.08 02:28:08 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Roaming\Malwarebytes
[2013.04.08 02:27:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.04.08 02:13:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Logitech
[2013.04.08 02:12:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LogiShrd
[2013.04.08 01:58:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013.04.08 01:58:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2013.04.08 01:25:03 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Local\LogiShrd
[2013.04.08 01:24:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\LogiShrd
[2013.04.08 01:23:56 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\LogiShrd
[2013.04.08 01:15:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2013.04.08 01:07:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2013.04.08 00:09:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VIA
[2013.04.08 00:09:02 | 000,000,000 | ---D | C] -- C:\Program Files\VIA
[2013.04.08 00:09:01 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SRSLabs
[2013.04.08 00:07:55 | 002,080,120 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib64.dll
[2013.04.08 00:07:55 | 000,070,776 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\VtSrdAPO.dll
[2013.04.08 00:07:46 | 003,141,496 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioVIA64.dll
[2013.04.08 00:07:46 | 000,860,024 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
[2013.04.08 00:07:46 | 000,086,016 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\SysNative\nQPropPageExt.dll
[2013.04.08 00:07:46 | 000,083,968 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\SysNative\nQAPO.dll
[2013.04.08 00:07:46 | 000,055,416 | ---- | C] (TODO: <Company name>) -- C:\Windows\SysNative\PropPageExt.dll
[2013.04.08 00:07:45 | 007,163,744 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\EEP64H.dll
[2013.04.08 00:07:45 | 000,394,104 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll
[2013.04.08 00:07:44 | 007,163,744 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\EEP64A.dll
[2013.04.08 00:07:43 | 000,137,056 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\EEL64H.dll
[2013.04.08 00:07:43 | 000,137,056 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\EEL64A.dll
[2013.04.08 00:07:42 | 000,433,504 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\EED64H.dll
[2013.04.08 00:07:42 | 000,433,504 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\EED64A.dll
[2013.04.08 00:07:42 | 000,075,104 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\EEG64H.dll
[2013.04.08 00:07:42 | 000,075,104 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\EEG64A.dll
[2013.04.08 00:07:41 | 000,248,952 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\Dts2APO.dll
[2013.04.08 00:07:41 | 000,120,160 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\EEA64H.dll
[2013.04.08 00:07:41 | 000,120,160 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\EEA64A.dll
[2013.04.08 00:03:23 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Local\SlimWare Utilities Inc
[2013.04.08 00:03:16 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Downloaded Installers
[2013.04.07 23:22:30 | 000,029,560 | ---- | C] (AVG) -- C:\Windows\SysWow64\uxtuneup.dll
[2013.04.07 23:22:29 | 000,036,216 | ---- | C] (AVG) -- C:\Windows\SysNative\uxtuneup.dll
[2013.04.07 23:06:42 | 000,035,192 | ---- | C] (AVG) -- C:\Windows\SysNative\TURegOpt.exe
[2013.04.07 23:06:41 | 000,026,488 | ---- | C] (AVG) -- C:\Windows\SysNative\authuitu.dll
[2013.04.07 23:06:41 | 000,021,880 | ---- | C] (AVG) -- C:\Windows\SysWow64\authuitu.dll
[2013.04.07 23:06:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp
[2013.04.07 22:21:05 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Roaming\AVG
[2013.04.07 22:20:25 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG
[2013.04.07 22:20:19 | 000,000,000 | -HSD | C] -- C:\ProgramData\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
[2013.04.07 22:12:22 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Roaming\AVG2013
[2013.04.07 22:11:43 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Roaming\TuneUp Software
[2013.04.07 22:11:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2013.04.07 22:11:26 | 000,039,768 | ---- | C] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2013.04.07 22:11:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search
[2013.04.07 22:09:00 | 000,000,000 | ---D | C] -- C:\$AVG
[2013.04.07 22:08:59 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013
[2013.04.07 22:08:44 | 000,000,000 | ---D | C] -- C:\Users\*********\Documents\Office Crack
[2013.04.07 22:08:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2013.04.07 22:03:45 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013.04.07 22:03:45 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Local\MFAData
[2013.04.07 22:03:45 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2013.04.07 22:03:45 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Local\Avg2013
[2013.04.07 21:58:26 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013.04.05 14:24:54 | 000,000,000 | ---D | C] -- C:\Users\*********\Documents\GamerzHost
[2013.04.02 20:00:55 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Local\PokerStars.EU
[2013.04.02 20:00:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars.EU
[2013.04.02 20:00:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PokerStars.EU
[2013.04.01 15:57:45 | 000,000,000 | ---D | C] -- C:\Users\*********\Documents\My Games
[2013.04.01 15:52:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2013.04.01 15:52:16 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2013.04.01 15:52:14 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Roaming\DAEMON Tools Lite
[2013.04.01 15:52:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2013.04.01 15:50:34 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2013.04.01 14:30:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
[2013.04.01 14:29:55 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Roaming\uTorrent
[2013.03.29 16:03:03 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Local\Microsoft Games
[2013.03.29 16:02:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games
[2013.03.27 17:16:16 | 000,160,784 | ---- | C] (<Turtle Entertainment>) -- C:\Windows\SysNative\drivers\ESLWireACD.sys
[2013.03.27 17:16:08 | 000,000,000 | ---D | C] -- C:\Program Files\EslWire
[2013.03.27 17:16:01 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Local\Programs
[2013.03.27 11:45:35 | 000,000,000 | ---D | C] -- C:\Users\*********\Documents\Sven&Denise
[2013.03.21 19:22:20 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2013.03.21 18:08:04 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Local\PCTV Systems
[2013.03.21 17:59:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
[2013.03.21 17:59:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2013.03.21 17:58:29 | 000,000,000 | ---D | C] -- C:\ProgramData\PCTV Systems
[2013.03.21 17:57:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PCTV Systems
[2013.03.21 17:51:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2013.03.21 17:51:34 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Local\Pando_Temp
[2013.03.21 17:48:04 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Local\Pinnacle
[2013.03.21 17:48:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Pinnacle
[2013.03.21 17:47:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pinnacle
[2013.03.21 17:47:43 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Local\Downloaded Installations
[2013.03.21 17:21:48 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Roaming\DBC2F6FD-3140-41E0-A2A1-D6BAB77D5E21__F893F7CA-8278-41DF-A76F-CAF0437A90CD__
[2013.03.21 17:21:47 | 000,000,000 | ---D | C] -- C:\ProgramData\DBC2F6FD-3140-41E0-A2A1-D6BAB77D5E21__F893F7CA-8278-41DF-A76F-CAF0437A90CD__
[2013.03.21 17:20:33 | 000,000,000 | ---D | C] -- C:\ProgramData\CMUV
[2013.03.21 17:13:18 | 000,000,000 | ---D | C] -- C:\ProgramData\AVS4YOU
[2013.03.21 17:13:13 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Roaming\AVS4YOU
[2013.03.21 17:12:28 | 000,261,632 | ---- | C] (MainConcept) -- C:\Windows\SysWow64\mcdvd_32.dll
[2013.03.21 17:12:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVSMedia
[2013.03.21 16:42:52 | 000,543,232 | ---- | C] (LITEON) -- C:\Windows\SysNative\drivers\Ltn_stk7070P_64.sys
[2013.03.21 14:52:41 | 000,000,000 | ---D | C] -- C:\Users\*********\Documents\Jana Bewerbung
[2013.03.16 17:07:26 | 000,000,000 | ---D | C] -- C:\Users\*********\workspace2
[2013.03.14 22:10:51 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Roaming\VMware
[2013.03.14 22:10:08 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Local\VMware
[2013.03.14 20:00:44 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Roaming\vlc
[2013.03.14 20:00:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013.03.14 20:00:27 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2013.03.13 22:42:18 | 000,000,000 | ---D | C] -- C:\Users\*********\workspace
[2013.03.13 22:34:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2013.03.13 21:04:25 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
[2013.03.13 21:04:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
[2013.03.13 21:04:23 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Roaming\Notepad++
[2013.03.13 21:04:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Notepad++
 
========== Files - Modified Within 30 Days ==========
 
[2013.04.12 15:40:00 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013.04.12 15:32:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.04.12 15:27:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.04.12 15:24:30 | 005,053,020 | R--- | M] (Swearware) -- C:\Users\*********\Desktop\ComboFix.exe
[2013.04.12 11:36:44 | 000,033,904 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.12 11:36:44 | 000,033,904 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.12 11:32:39 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\*********\Desktop\tdsskiller.exe
[2013.04.12 11:29:32 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.04.12 11:29:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.04.11 20:15:24 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\*********\Desktop\aswMBR.exe
[2013.04.11 15:43:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\*********\Desktop\OTL.exe
[2013.04.11 14:26:47 | 000,377,856 | ---- | M] () -- C:\Users\*********\Desktop\l464wlq6.exe
[2013.04.11 14:25:53 | 000,000,574 | ---- | M] () -- C:\Users\*********\defogger_reenable
[2013.04.11 14:25:41 | 000,050,477 | ---- | M] () -- C:\Users\*********\Desktop\Defogger.exe
[2013.04.11 11:54:56 | 000,420,280 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.04.10 22:24:45 | 000,001,105 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.04.09 00:39:18 | 001,640,718 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.04.09 00:39:18 | 000,700,168 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.04.09 00:39:18 | 000,654,880 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.04.09 00:39:18 | 000,148,964 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.04.09 00:39:18 | 000,121,752 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.04.08 23:00:21 | 001,612,484 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.04.08 22:11:41 | 000,034,032 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\Windows\SysNative\drivers\seehcri.sys
[2013.04.08 07:14:50 | 000,000,174 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat
[2013.04.08 06:58:07 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.04.08 06:24:55 | 000,014,456 | ---- | M] (GFI Software) -- C:\Windows\SysNative\drivers\gfibto.sys
[2013.04.08 02:07:22 | 000,446,348 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts1
[2013.04.08 01:24:37 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_LMouFilt_01005.Wdf
[2013.04.08 01:16:55 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2013.04.08 00:48:02 | 000,000,898 | ---- | M] () -- C:\Windows\SysWow64\InstallUtil.InstallLog
[2013.04.08 00:03:27 | 000,016,152 | ---- | M] () -- C:\Windows\SysNative\drivers\SWDUMon.sys
[2013.04.07 23:06:40 | 000,002,221 | ---- | M] () -- C:\Users\Public\Desktop\AVG 1-Klick-Wartung.lnk
[2013.04.07 23:06:40 | 000,002,179 | ---- | M] () -- C:\Users\Public\Desktop\AVG PC TuneUp.lnk
[2013.04.07 22:11:43 | 000,000,981 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2013.04.07 22:11:00 | 000,039,768 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2013.04.07 22:00:03 | 000,315,559 | ---- | M] () -- C:\Windows\SysWow64\EPPRTDRV_001.CAB
[2013.04.07 22:00:03 | 000,078,703 | ---- | M] () -- C:\Windows\SysWow64\EPSMTL32_000.CAB
[2013.04.07 22:00:01 | 000,450,278 | ---- | M] () -- C:\Windows\SysWow64\EPSETUP_001.CAB
[2013.04.07 22:00:00 | 000,315,559 | ---- | M] () -- C:\Windows\SysWow64\EPPRTDRV_000.CAB
[2013.04.07 21:59:59 | 000,780,601 | ---- | M] () -- C:\Windows\SysWow64\EPSTP64U_000.CAB
[2013.04.07 21:59:59 | 000,450,278 | ---- | M] () -- C:\Windows\SysWow64\EPSETUP_000.CAB
[2013.04.05 20:45:00 | 000,000,600 | ---- | M] () -- C:\Users\*********\AppData\Local\PUTTY.RND
[2013.04.04 20:56:31 | 000,000,600 | ---- | M] () -- C:\Users\*********\AppData\Roaming\winscp.rnd
[2013.04.04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.04.02 20:00:55 | 000,001,080 | ---- | M] () -- C:\Users\Public\Desktop\PokerStars.eu.lnk
[2013.04.01 15:52:16 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2013.04.01 00:02:31 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013.03.31 23:54:34 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUSB_01009.Wdf
[2013.03.31 23:48:12 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ggflt_01009.Wdf
[2013.03.31 23:48:11 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ggsemc_01009.Wdf
[2013.03.29 13:59:53 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.03.29 13:59:52 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013.03.21 18:25:44 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2013.03.13 21:04:25 | 000,001,049 | ---- | M] () -- C:\Users\*********\Desktop\Notepad++.lnk
[2013.03.13 19:42:38 | 000,001,090 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
 
========== Files Created - No Company Name ==========
 
[2013.04.12 15:26:12 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.04.12 15:26:12 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.04.12 15:26:12 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.04.12 15:26:12 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.04.12 15:26:12 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.04.11 14:27:23 | 000,050,477 | ---- | C] () -- C:\Users\*********\Desktop\Defogger.exe
[2013.04.11 14:27:22 | 000,377,856 | ---- | C] () -- C:\Users\*********\Desktop\l464wlq6.exe
[2013.04.11 14:25:53 | 000,000,574 | ---- | C] () -- C:\Users\*********\defogger_reenable
[2013.04.08 08:45:34 | 000,001,105 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.04.08 07:14:30 | 000,000,174 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat
[2013.04.08 06:58:07 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.04.08 01:24:37 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_LMouFilt_01005.Wdf
[2013.04.08 01:16:55 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2013.04.08 01:08:24 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013.04.08 00:21:57 | 000,000,898 | ---- | C] () -- C:\Windows\SysWow64\InstallUtil.InstallLog
[2013.04.08 00:03:27 | 000,016,152 | ---- | C] () -- C:\Windows\SysNative\drivers\SWDUMon.sys
[2013.04.07 23:06:40 | 000,002,221 | ---- | C] () -- C:\Users\Public\Desktop\AVG 1-Klick-Wartung.lnk
[2013.04.07 23:06:40 | 000,002,179 | ---- | C] () -- C:\Users\Public\Desktop\AVG PC TuneUp.lnk
[2013.04.07 23:06:39 | 000,002,191 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk
[2013.04.07 22:11:43 | 000,000,981 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2013.04.07 22:00:03 | 000,315,559 | ---- | C] () -- C:\Windows\SysWow64\EPPRTDRV_001.CAB
[2013.04.07 22:00:03 | 000,078,703 | ---- | C] () -- C:\Windows\SysWow64\EPSMTL32_000.CAB
[2013.04.07 22:00:01 | 000,450,278 | ---- | C] () -- C:\Windows\SysWow64\EPSETUP_001.CAB
[2013.04.07 22:00:00 | 000,315,559 | ---- | C] () -- C:\Windows\SysWow64\EPPRTDRV_000.CAB
[2013.04.07 22:00:00 | 000,050,134 | ---- | C] () -- C:\Windows\SysWow64\EPSUI64W_000.dat
[2013.04.07 21:59:59 | 000,780,601 | ---- | C] () -- C:\Windows\SysWow64\EPSTP64U_000.CAB
[2013.04.07 21:59:59 | 000,450,278 | ---- | C] () -- C:\Windows\SysWow64\EPSETUP_000.CAB
[2013.04.07 21:59:49 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.04.05 12:00:26 | 000,420,280 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.04.02 20:00:55 | 000,001,080 | ---- | C] () -- C:\Users\Public\Desktop\PokerStars.eu.lnk
[2013.04.01 00:02:31 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013.03.31 23:54:34 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUSB_01009.Wdf
[2013.03.31 23:48:12 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ggflt_01009.Wdf
[2013.03.31 23:48:11 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ggsemc_01009.Wdf
[2013.03.29 13:59:53 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.03.29 13:59:52 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013.03.21 17:50:57 | 000,000,349 | ---- | C] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2013.03.21 17:12:28 | 000,524,288 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2013.03.21 17:12:28 | 000,139,264 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2013.03.21 17:12:28 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\xvid.ax
[2013.03.13 21:04:25 | 000,001,049 | ---- | C] () -- C:\Users\*********\Desktop\Notepad++.lnk
[2013.03.12 21:45:11 | 000,001,456 | ---- | C] () -- C:\Users\*********\AppData\Local\Adobe Für Web speichern 11.0 Prefs
[2013.03.11 19:37:05 | 000,291,088 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.03.11 19:37:04 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013.03.08 20:49:15 | 000,000,600 | ---- | C] () -- C:\Users\*********\AppData\Roaming\winscp.rnd
[2013.03.06 20:09:05 | 000,000,600 | ---- | C] () -- C:\Users\*********\AppData\Local\PUTTY.RND
[2013.03.06 19:19:46 | 001,640,718 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.03.06 18:46:17 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.12.19 21:52:22 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.12.19 21:52:22 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.05.02 14:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013.04.08 07:18:39 | 000,000,000 | ---D | M] -- C:\Users\*********\AppData\Roaming\Ad-Aware Antivirus
[2013.04.08 06:12:25 | 000,000,000 | ---D | M] -- C:\Users\*********\AppData\Roaming\Anvisoft
[2013.04.07 22:21:05 | 000,000,000 | ---D | M] -- C:\Users\*********\AppData\Roaming\AVG
[2013.04.07 22:12:22 | 000,000,000 | ---D | M] -- C:\Users\*********\AppData\Roaming\AVG2013
[2013.04.01 23:18:23 | 000,000,000 | ---D | M] -- C:\Users\*********\AppData\Roaming\DAEMON Tools Lite
[2013.03.21 17:21:48 | 000,000,000 | ---D | M] -- C:\Users\*********\AppData\Roaming\DBC2F6FD-3140-41E0-A2A1-D6BAB77D5E21__F893F7CA-8278-41DF-A76F-CAF0437A90CD__
[2013.04.08 06:17:17 | 000,000,000 | ---D | M] -- C:\Users\*********\AppData\Roaming\DriverCure
[2013.04.11 13:45:06 | 000,000,000 | ---D | M] -- C:\Users\*********\AppData\Roaming\EPSON
[2013.04.09 01:21:13 | 000,000,000 | ---D | M] -- C:\Users\*********\AppData\Roaming\ERoot
[2013.03.08 18:06:43 | 000,000,000 | ---D | M] -- C:\Users\*********\AppData\Roaming\Leadertech
[2013.04.05 14:25:23 | 000,000,000 | ---D | M] -- C:\Users\*********\AppData\Roaming\Notepad++
[2013.03.12 20:18:50 | 000,000,000 | ---D | M] -- C:\Users\*********\AppData\Roaming\Origin
[2013.03.13 20:55:43 | 000,000,000 | ---D | M] -- C:\Users\*********\AppData\Roaming\TeamViewer
[2013.04.08 06:59:15 | 000,000,000 | ---D | M] -- C:\Users\*********\AppData\Roaming\TS3Client
[2013.04.07 22:11:43 | 000,000,000 | ---D | M] -- C:\Users\*********\AppData\Roaming\TuneUp Software
[2013.04.08 06:59:15 | 000,000,000 | ---D | M] -- C:\Users\*********\AppData\Roaming\uTorrent
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 971 bytes -> C:\ProgramData:$SS_DESCRIPTOR_LBP6VPVFLVGVVFB84LTSUTB92PFNPC7BPV4XFJDMNGTFB5V5NBJ5TBBJMT9Y0N96GMP3V0GRUEF39X8XHH0TCFUL44FTBX4MLSWPBXRTF6VEKLFEJK35PNX0WHNGT9LSVEVF1VTVVTVXVVD

< End of report >
ComboFix Log
[CODE]
Combofix Logfile:
Code:
ATTFilter
ComboFix 13-04-12.01 - Nexus 12.04.2013  15:34:39.1.3 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.8191.5405 [GMT 2:00]
ausgeführt von:: c:\users\Nexus\Desktop\ComboFix.exe
AV: AVG Internet Security 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
FW: AVG Internet Security 2013 *Disabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
SP: AVG Internet Security 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Nexus\AppData\Local\assembly\tmp
c:\windows\wininit.ini
D:\install.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-03-12 bis 2013-04-12  ))))))))))))))))))))))))))))))
.
.
2013-04-12 13:40 . 2013-04-12 13:40	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-04-11 13:53 . 2013-03-15 06:28	9311288	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{15EF0D0E-0154-4070-9141-53D17761DACC}\mpengine.dll
2013-04-11 11:45 . 2013-04-11 11:45	--------	d-----w-	c:\users\Nexus\AppData\Roaming\EPSON
2013-04-10 10:53 . 2013-03-15 06:28	9311288	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-04-10 10:49 . 2013-03-01 03:36	3153408	----a-w-	c:\windows\system32\win32k.sys
2013-04-10 10:49 . 2013-03-02 06:04	1655656	----a-w-	c:\windows\system32\drivers\ntfs.sys
2013-04-10 10:49 . 2013-01-24 06:01	223752	----a-w-	c:\windows\system32\drivers\fvevol.sys
2013-04-10 10:49 . 2013-03-19 06:04	5550424	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-04-10 10:49 . 2013-03-19 05:04	3968856	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2013-04-10 10:49 . 2013-03-19 05:04	3913560	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2013-04-10 10:49 . 2013-03-19 05:46	43520	----a-w-	c:\windows\system32\csrsrv.dll
2013-04-10 10:49 . 2013-03-19 04:47	6656	----a-w-	c:\windows\SysWow64\apisetschema.dll
2013-04-10 10:49 . 2013-03-19 03:06	112640	----a-w-	c:\windows\system32\smss.exe
2013-04-08 23:21 . 2013-04-08 23:21	--------	d-----w-	c:\users\Nexus\AppData\Roaming\ERoot
2013-04-08 22:24 . 2013-04-08 22:24	--------	d-----w-	c:\programdata\Sony Ericsson
2013-04-08 22:24 . 2013-04-08 22:24	--------	d-----w-	c:\program files (x86)\Sony Ericsson
2013-04-08 20:37 . 2013-04-08 20:39	--------	d-----w-	C:\mozilla-build
2013-04-08 20:11 . 2013-04-08 20:11	34032	----a-w-	c:\windows\system32\drivers\seehcri.sys
2013-04-08 20:10 . 2013-04-10 13:48	--------	d-----w-	c:\program files (x86)\Sony Mobile
2013-04-08 18:26 . 2013-04-08 18:27	--------	d-----w-	c:\users\Nexus\AppData\Local\Lookeen
2013-04-08 18:26 . 2013-04-12 13:39	--------	d-----w-	c:\users\Nexus\AppData\Local\assembly
2013-04-08 17:55 . 2013-04-08 17:55	--------	d-----w-	c:\program files (x86)\IKARUS
2013-04-08 11:44 . 2013-04-08 21:38	--------	d-----w-	c:\users\Nexus\.android
2013-04-08 11:14 . 2013-04-08 11:14	--------	d-----w-	c:\program files\Logitech
2013-04-08 07:31 . 2013-04-08 07:31	--------	d-----w-	c:\program files (x86)\Common Files\Skype
2013-04-08 07:28 . 2013-04-08 07:28	--------	d-----w-	c:\users\Nexus\AppData\Local\Secunia PSI
2013-04-08 07:25 . 2013-04-08 07:25	--------	d-----w-	c:\windows\ERUNT
2013-04-08 07:19 . 2013-04-08 07:19	--------	d-----w-	c:\program files (x86)\Common Files\Java
2013-04-08 07:19 . 2013-04-08 07:19	95648	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-04-08 07:18 . 2013-04-08 07:18	--------	d-----w-	c:\program files (x86)\Java
2013-04-08 06:45 . 2013-04-10 20:24	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2013-04-08 06:45 . 2013-04-04 12:50	25928	----a-w-	c:\windows\system32\drivers\mbam.sys
2013-04-08 05:14 . 2013-04-08 05:14	174	----a-w-	c:\windows\DeleteOnReboot.bat
2013-04-08 04:58 . 2013-04-08 04:58	--------	d-----w-	c:\program files\CCleaner
2013-04-08 04:27 . 2013-04-08 04:27	--------	d-----w-	c:\users\Nexus\AppData\Roaming\LavasoftStatistics
2013-04-08 04:27 . 2013-04-08 04:27	--------	d-----w-	c:\programdata\Ad-Aware Antivirus
2013-04-08 04:26 . 2013-04-08 04:26	--------	d-----w-	c:\programdata\Lavasoft
2013-04-08 04:25 . 2013-04-08 04:25	--------	d-----w-	c:\programdata\Downloaded Installations
2013-04-08 04:25 . 2013-04-08 04:25	--------	d-----w-	c:\program files (x86)\Toolbar Cleaner
2013-04-08 04:24 . 2013-04-08 04:24	14456	----a-w-	c:\windows\system32\drivers\gfibto.sys
2013-04-08 04:24 . 2013-04-08 05:18	--------	d-----w-	c:\users\Nexus\AppData\Roaming\Ad-Aware Antivirus
2013-04-08 04:17 . 2013-04-08 04:17	--------	d-----w-	c:\users\Nexus\AppData\Roaming\DriverCure
2013-04-08 04:16 . 2013-04-08 04:18	--------	d-----w-	c:\programdata\SpeedyPC Software
2013-04-08 03:48 . 2013-04-08 03:48	--------	d-----w-	c:\users\Public\Anvisoft
2013-04-08 03:32 . 2013-04-08 04:12	--------	d-----w-	c:\users\Nexus\AppData\Roaming\Anvisoft
2013-04-08 03:31 . 2013-04-08 03:31	--------	d-----w-	c:\programdata\Anvisoft
2013-04-08 03:31 . 2013-04-08 04:12	--------	d-----w-	c:\program files (x86)\Anvisoft
2013-04-08 00:28 . 2013-04-08 00:28	--------	d-----w-	c:\users\Nexus\AppData\Roaming\Malwarebytes
2013-04-08 00:27 . 2013-04-08 00:27	--------	d-----w-	c:\programdata\Malwarebytes
2013-04-08 00:13 . 2013-04-08 11:54	--------	d-----w-	c:\programdata\Logitech
2013-04-08 00:12 . 2013-04-08 11:55	--------	d-----w-	c:\program files\Common Files\LogiShrd
2013-04-07 23:58 . 2013-04-08 00:32	--------	d-----w-	c:\programdata\Spybot - Search & Destroy
2013-04-07 23:58 . 2013-04-08 00:24	--------	d-----w-	c:\program files (x86)\Spybot - Search & Destroy
2013-04-07 23:25 . 2013-04-08 00:14	--------	d-----w-	c:\users\Nexus\AppData\Local\LogiShrd
2013-04-07 23:24 . 2013-04-07 23:24	--------	d-----w-	c:\program files (x86)\Common Files\LogiShrd
2013-04-07 23:15 . 2013-04-08 00:18	--------	d-----w-	c:\program files (x86)\Common Files\Wise Installation Wizard
2013-04-07 23:07 . 2013-04-07 23:08	--------	d-----w-	c:\program files (x86)\Common Files\Adobe
2013-04-07 22:09 . 2013-04-07 22:09	--------	d-----w-	c:\program files\VIA
2013-04-07 22:09 . 2013-04-07 22:09	--------	d-----w-	c:\windows\system32\SRSLabs
2013-04-07 22:03 . 2013-04-07 22:03	16152	----a-w-	c:\windows\system32\drivers\SWDUMon.sys
2013-04-07 22:03 . 2013-04-07 22:03	--------	d-----w-	c:\users\Nexus\AppData\Local\SlimWare Utilities Inc
2013-04-07 21:22 . 2012-08-23 09:31	29560	----a-w-	c:\windows\SysWow64\uxtuneup.dll
2013-04-07 21:22 . 2012-08-23 09:31	36216	----a-w-	c:\windows\system32\uxtuneup.dll
2013-04-07 21:06 . 2012-08-23 09:31	35192	----a-w-	c:\windows\system32\TURegOpt.exe
2013-04-07 21:06 . 2012-08-23 09:31	26488	----a-w-	c:\windows\system32\authuitu.dll
2013-04-07 21:06 . 2012-08-23 09:31	21880	----a-w-	c:\windows\SysWow64\authuitu.dll
2013-04-07 20:21 . 2013-04-07 20:21	--------	d-----w-	c:\users\Nexus\AppData\Roaming\AVG
2013-04-07 20:20 . 2013-04-07 20:21	--------	d-----w-	c:\programdata\AVG
2013-04-07 20:20 . 2013-04-07 20:20	--------	d-sh--w-	c:\programdata\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
2013-04-07 20:11 . 2013-04-07 20:11	--------	d-----w-	c:\users\Nexus\AppData\Roaming\TuneUp Software
2013-04-07 20:11 . 2013-04-07 20:11	39768	----a-w-	c:\windows\system32\drivers\avgtpx64.sys
2013-04-07 20:11 . 2013-04-08 05:14	--------	d-----w-	c:\program files (x86)\Common Files\AVG Secure Search
2013-04-07 20:09 . 2013-04-07 20:09	--------	d-----w-	C:\$AVG
2013-04-07 20:08 . 2013-04-07 21:06	--------	d-----w-	c:\program files (x86)\AVG
2013-04-07 20:03 . 2013-04-12 13:06	--------	d-----w-	c:\programdata\MFAData
2013-04-07 20:03 . 2013-04-08 03:54	--------	d-----w-	c:\users\Nexus\AppData\Local\Avg2013
2013-04-07 20:03 . 2013-04-07 20:03	--------	d--h--w-	c:\programdata\Common Files
2013-04-07 20:03 . 2013-04-07 20:03	--------	d-----w-	c:\users\Nexus\AppData\Local\MFAData
2013-04-07 19:59 . 2013-04-07 22:32	73432	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-04-07 19:59 . 2013-04-07 22:32	693976	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-04-07 19:58 . 2013-04-07 19:58	310688	----a-w-	c:\windows\system32\javaws.exe
2013-04-07 19:58 . 2013-04-07 19:58	108448	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2013-04-07 19:58 . 2013-04-07 19:58	188832	----a-w-	c:\windows\system32\javaw.exe
2013-04-07 19:58 . 2013-04-07 19:58	188320	----a-w-	c:\windows\system32\java.exe
2013-04-07 19:58 . 2013-04-07 19:58	--------	d-----w-	c:\program files\Java
2013-04-02 18:00 . 2013-04-08 00:55	--------	d-----w-	c:\users\Nexus\AppData\Local\PokerStars.EU
2013-04-02 18:00 . 2013-04-02 18:01	--------	d-----w-	c:\program files (x86)\PokerStars.EU
2013-04-01 13:52 . 2013-04-01 13:52	283200	----a-w-	c:\windows\system32\drivers\dtsoftbus01.sys
2013-04-01 13:52 . 2013-04-01 21:18	--------	d-----w-	c:\users\Nexus\AppData\Roaming\DAEMON Tools Lite
2013-04-01 13:52 . 2013-04-01 13:52	--------	d-----w-	c:\program files (x86)\DAEMON Tools Lite
2013-04-01 13:50 . 2013-04-01 13:53	--------	d-----w-	c:\programdata\DAEMON Tools Lite
2013-04-01 12:30 . 2013-04-01 12:33	--------	d-----w-	c:\program files (x86)\uTorrent
2013-04-01 12:29 . 2013-04-08 04:59	--------	d-----w-	c:\users\Nexus\AppData\Roaming\uTorrent
2013-03-31 17:54 . 2013-03-15 06:28	9311288	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{45B45507-6B25-4583-B3A9-EF3CDB538067}\mpengine.dll
2013-03-29 14:03 . 2013-03-29 14:06	--------	d-----w-	c:\users\Nexus\AppData\Local\Microsoft Games
2013-03-29 14:02 . 2013-03-29 14:02	--------	d-----w-	c:\program files\Microsoft Games
2013-03-27 15:16 . 2012-12-17 10:39	160784	----a-w-	c:\windows\system32\drivers\ESLWireACD.sys
2013-03-27 15:16 . 2013-04-07 20:02	--------	d-----w-	c:\program files\EslWire
2013-03-27 15:16 . 2013-03-27 15:16	--------	d-----w-	c:\users\Nexus\AppData\Local\Programs
2013-03-21 17:22 . 2013-04-08 02:52	--------	d-----w-	c:\windows\system32\appmgmt
2013-03-21 16:08 . 2013-03-21 16:08	--------	d-----w-	c:\users\Nexus\AppData\Local\PCTV Systems
2013-03-21 15:59 . 2013-03-21 15:59	--------	d-----w-	c:\program files (x86)\DivX
2013-03-21 15:58 . 2013-03-21 18:48	--------	d-----w-	c:\programdata\PCTV Systems
2013-03-21 15:57 . 2013-03-21 18:48	--------	d-----w-	c:\program files (x86)\PCTV Systems
2013-03-21 15:51 . 2013-04-07 20:06	--------	d-----w-	c:\program files (x86)\Pando Networks
2013-03-21 15:51 . 2013-03-21 15:51	--------	d-----w-	c:\users\Nexus\AppData\Local\Pando_Temp
2013-03-21 15:48 . 2013-03-21 15:52	--------	d-----w-	c:\users\Nexus\AppData\Local\Pinnacle
2013-03-21 15:48 . 2013-03-21 15:48	--------	d-----w-	c:\programdata\Pinnacle
2013-03-21 15:47 . 2013-03-21 17:23	--------	d-----w-	c:\program files (x86)\Pinnacle
2013-03-21 15:47 . 2013-04-07 23:23	--------	d-----w-	c:\users\Nexus\AppData\Local\Downloaded Installations
2013-03-21 15:21 . 2013-03-21 15:21	--------	d-----w-	c:\users\Nexus\AppData\Roaming\DBC2F6FD-3140-41E0-A2A1-D6BAB77D5E21__F893F7CA-8278-41DF-A76F-CAF0437A90CD__
2013-03-21 15:21 . 2013-03-21 15:21	--------	d-----w-	c:\programdata\DBC2F6FD-3140-41E0-A2A1-D6BAB77D5E21__F893F7CA-8278-41DF-A76F-CAF0437A90CD__
2013-03-21 15:20 . 2013-03-21 15:46	--------	d-----w-	c:\programdata\CMUV
2013-03-21 15:13 . 2013-03-21 15:13	--------	d-----w-	c:\programdata\AVS4YOU
2013-03-21 15:13 . 2013-03-21 15:13	--------	d-----w-	c:\users\Nexus\AppData\Roaming\AVS4YOU
2013-03-21 15:12 . 2004-09-06 16:06	53248	----a-w-	c:\windows\SysWow64\xvid.ax
2013-03-21 15:12 . 2004-07-03 21:08	139264	----a-w-	c:\windows\SysWow64\xvidvfw.dll
2013-03-21 15:12 . 2004-07-03 20:59	524288	----a-w-	c:\windows\SysWow64\xvidcore.dll
2013-03-21 15:12 . 2003-05-21 23:50	261632	----a-w-	c:\windows\SysWow64\mcdvd_32.dll
2013-03-21 15:12 . 2003-05-21 23:50	1700352	----a-w-	c:\windows\SysWow64\GdiPlus.dll
2013-03-21 15:12 . 2002-08-20 00:41	413760	----a-w-	c:\windows\SysWow64\mpg4c32.dll
2013-03-21 15:12 . 2002-01-05 14:48	974848	----a-w-	c:\windows\SysWow64\mfc70.dll
2013-03-21 15:12 . 2003-05-21 23:50	24576	----a-w-	c:\windows\SysWow64\msxml3a.dll
2013-03-21 15:12 . 2003-05-21 23:50	344064	----a-w-	c:\windows\SysWow64\msvcr70.dll
2013-03-21 15:12 . 2002-01-05 14:40	487424	----a-w-	c:\windows\SysWow64\msvcp70.dll
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-10 21:08 . 2013-03-10 02:34	72702784	----a-w-	c:\windows\system32\MRT.exe
2013-04-08 11:55 . 2013-03-08 16:06	18960	----a-w-	c:\windows\system32\drivers\LNonPnP.sys
2013-04-02 10:34 . 2010-11-21 03:27	282744	------w-	c:\windows\system32\MpSigStub.exe
2013-03-12 18:31 . 2013-03-11 17:37	76888	----a-w-	c:\windows\SysWow64\PnkBstrA.exe
2013-03-12 18:31 . 2013-03-12 18:21	291088	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2013-03-12 18:31 . 2013-03-11 17:37	291088	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2013-03-12 18:28 . 2013-03-11 17:37	280904	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2013-02-12 05:45 . 2013-03-14 09:41	135168	----a-w-	c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-03-14 09:41	350208	----a-w-	c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45 . 2013-03-14 09:41	308736	----a-w-	c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-03-14 09:41	111104	----a-w-	c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48 . 2013-03-14 09:41	474112	----a-w-	c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-14 09:41	2176512	----a-w-	c:\windows\apppatch\AcGenral.dll
2013-01-20 14:59 . 2013-01-20 14:59	230320	----a-w-	c:\windows\system32\drivers\MpFilter.sys
2013-01-20 14:59 . 2013-01-20 14:59	130008	----a-w-	c:\windows\system32\drivers\NisDrvWFP.sys
2013-01-17 20:15 . 2013-01-17 20:15	66800	----a-w-	c:\windows\system32\drivers\LGSHidFilt.Sys
2013-01-13 21:17 . 2013-03-10 02:27	9728	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 21:17 . 2013-03-10 02:27	2560	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 21:16 . 2013-03-10 02:27	10752	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 21:12 . 2013-03-10 02:27	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 21:11 . 2013-03-10 02:27	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 21:11 . 2013-03-10 02:27	5632	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 21:11 . 2013-03-10 02:27	5632	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 21:11 . 2013-03-10 02:27	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 21:11 . 2013-03-10 02:27	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:35 . 2013-03-10 02:27	9728	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 20:35 . 2013-03-10 02:27	2560	---ha-w-	c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 20:35 . 2013-03-10 02:27	10752	---ha-w-	c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 20:32 . 2013-03-10 02:27	3584	---ha-w-	c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 20:31 . 2013-03-10 02:27	4096	---ha-w-	c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 20:31 . 2013-03-10 02:27	5632	---ha-w-	c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 20:31 . 2013-03-10 02:27	5632	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 20:31 . 2013-03-10 02:27	3072	---ha-w-	c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 20:31 . 2013-03-10 02:27	3072	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:31 . 2013-03-10 02:27	1247744	----a-w-	c:\windows\SysWow64\DWrite.dll
2013-01-13 20:22 . 2013-03-10 02:27	1988096	----a-w-	c:\windows\SysWow64\d3d10warp.dll
2013-01-13 20:20 . 2013-03-10 02:27	293376	----a-w-	c:\windows\SysWow64\dxgi.dll
2013-01-13 20:09 . 2013-03-10 02:27	249856	----a-w-	c:\windows\SysWow64\d3d10_1core.dll
2013-01-13 20:08 . 2013-03-10 02:27	220160	----a-w-	c:\windows\SysWow64\d3d10core.dll
2013-01-13 20:08 . 2013-03-10 02:27	1504768	----a-w-	c:\windows\SysWow64\d3d11.dll
2013-01-13 19:59 . 2013-03-10 02:27	1643520	----a-w-	c:\windows\system32\DWrite.dll
2013-01-13 19:58 . 2013-03-10 02:27	1175552	----a-w-	c:\windows\system32\FntCache.dll
2013-01-13 19:54 . 2013-03-10 02:27	604160	----a-w-	c:\windows\SysWow64\d3d10level9.dll
2013-01-13 19:53 . 2013-03-10 02:27	207872	----a-w-	c:\windows\SysWow64\WindowsCodecsExt.dll
2013-01-13 19:53 . 2013-03-10 02:28	187392	----a-w-	c:\windows\SysWow64\UIAnimation.dll
2013-01-13 19:51 . 2013-03-10 02:27	2565120	----a-w-	c:\windows\system32\d3d10warp.dll
2013-01-13 19:49 . 2013-03-10 02:27	363008	----a-w-	c:\windows\system32\dxgi.dll
2013-01-13 19:48 . 2013-03-10 02:27	161792	----a-w-	c:\windows\SysWow64\d3d10_1.dll
2013-01-13 19:46 . 2013-03-10 02:27	1080832	----a-w-	c:\windows\SysWow64\d3d10.dll
2013-01-13 19:43 . 2013-03-10 02:27	1230336	----a-w-	c:\windows\SysWow64\WindowsCodecs.dll
2013-01-13 19:38 . 2013-03-10 02:27	333312	----a-w-	c:\windows\system32\d3d10_1core.dll
2013-01-13 19:38 . 2013-03-10 02:27	1887232	----a-w-	c:\windows\system32\d3d11.dll
2013-01-13 19:38 . 2013-03-10 02:27	296960	----a-w-	c:\windows\system32\d3d10core.dll
2013-01-13 19:37 . 2013-03-10 02:27	3419136	----a-w-	c:\windows\SysWow64\d2d1.dll
2013-01-13 19:25 . 2013-03-10 02:27	245248	----a-w-	c:\windows\system32\WindowsCodecsExt.dll
2013-01-13 19:24 . 2013-03-10 02:27	648192	----a-w-	c:\windows\system32\d3d10level9.dll
2013-01-13 19:24 . 2013-03-10 02:28	221184	----a-w-	c:\windows\system32\UIAnimation.dll
2013-01-13 19:20 . 2013-03-10 02:27	194560	----a-w-	c:\windows\system32\d3d10_1.dll
2013-01-13 19:20 . 2013-03-10 02:27	1238528	----a-w-	c:\windows\system32\d3d10.dll
2013-01-13 19:15 . 2013-03-10 02:27	1424384	----a-w-	c:\windows\system32\WindowsCodecs.dll
2013-01-13 19:10 . 2013-03-10 02:27	3928064	----a-w-	c:\windows\system32\d2d1.dll
2013-01-13 19:02 . 2013-03-10 02:27	417792	----a-w-	c:\windows\SysWow64\WMPhoto.dll
2013-01-13 18:34 . 2013-03-10 02:27	364544	----a-w-	c:\windows\SysWow64\XpsGdiConverter.dll
2013-01-13 18:32 . 2013-03-10 02:27	465920	----a-w-	c:\windows\system32\WMPhoto.dll
2013-01-13 18:09 . 2013-03-10 02:27	522752	----a-w-	c:\windows\system32\XpsGdiConverter.dll
2013-01-13 17:26 . 2013-03-10 02:27	1158144	----a-w-	c:\windows\SysWow64\XpsPrint.dll
2013-01-13 17:05 . 2013-03-10 02:27	1682432	----a-w-	c:\windows\system32\XpsPrint.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="d:\steam\Steam.exe" [2013-03-29 1631144]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2000-01-01 5299320]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]
"LiveZilla"="c:\program files (x86)\LiveZilla\LiveZilla.exe" [2011-10-19 7030784]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2012-12-11 3147384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)
"SynchronousMachineGroupPolicy"= 0 (0x0)
"EnableSecureUIAPath"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2013\avgfws.exe [2012-12-10 1342024]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-15 5814904]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
R3 AsrCDDrv;AsrCDDrv;c:\windows\SysWOW64\Drivers\AsrCDDrv.sys [x]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-11-06 96256]
R3 azvusb;Virtual USB Hub;c:\windows\system32\DRIVERS\azvusb.sys [2009-08-24 54784]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2011-11-25 14448]
R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys [2013-01-17 66800]
R3 Ltn_stk7070P_64;PCTV based TV tuner device;c:\windows\system32\DRIVERS\Ltn_stk7070P_64.sys [2007-10-19 543232]
R3 Ltn_stkrc_64;PCTV Infrared Receiver;c:\windows\system32\DRIVERS\Ltn_stkrc_64.sys [2007-10-19 16256]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [2013-04-07 16152]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
R4 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-03-06 3560288]
R4 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [2011-06-01 609904]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-10-15 63328]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys [2012-09-21 225120]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2012-11-15 111968]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-09-14 40800]
S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys [2013-04-08 14456]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys [2012-09-04 50296]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2012-10-22 154464]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-10-02 185696]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-09-21 200032]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2013-04-07 39768]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-04-01 283200]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-12-19 240640]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-12-19 361984]
S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-04-09 57472]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]
S2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2012-02-21 151648]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2012-08-23 2148216]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe [2000-01-01 27768]
S2 vToolbarUpdater15.0.0;vToolbarUpdater15.0.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe [2013-04-07 990896]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2009-11-24 22408]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2009-11-24 16008]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 25928]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [2013-04-08 34032]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2012-07-04 11880]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2000-01-01 2206864]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 46022021
*Deregistered* - 46022021
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-11 10:27	1642448	----a-w-	c:\program files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-04-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-07 22:32]
.
2013-04-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-06 16:22]
.
2013-04-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-06 16:22]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RunDLLEntry"="c:\windows\system32\AmbRunE.dll" [2009-02-26 17920]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2013-02-28 7468784]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2000-01-01 5299320]
"LogiScrollApp"="c:\program files\Logitech\FlowScroll\KhalScroll.exe" [2012-02-08 166680]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalService
FontCache
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = about:blank
uStart Page = about:blank
mDefault_Page_URL = about:blank
mStart Page = about:blank
mLocal Page = about:blank
mWindow Title = Microsoft Internet Explorer
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Nexus\AppData\Roaming\Mozilla\Firefox\Profiles\usbmt5kw.default-1365434795045\
FF - prefs.js: keyword.URL -  	  hxxp://www.google.com/search?sourceid=navclient&hl=de&q=
FF - ExtSQL: 2013-04-08 13:54; {5D3F3872-91E9-4d59-AD9F-AA174A3145DD}; c:\program files\Logitech\FlowScroll\LogiSmoothFirefoxExt
FF - ExtSQL: 2013-04-08 18:06; r2d2b2g@mozilla.org; c:\users\Nexus\AppData\Roaming\Mozilla\Firefox\Profiles\usbmt5kw.default-1365434795045\extensions\r2d2b2g@mozilla.org
FF - ExtSQL: 2013-04-08 20:12; {F53C93F1-07D5-430c-86D4-C9531B27DFAF}; c:\users\Nexus\AppData\Roaming\Mozilla\Firefox\Profiles\usbmt5kw.default-1365434795045\extensions\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-04-12  15:42:15
ComboFix-quarantined-files.txt  2013-04-12 13:42
.
Vor Suchlauf: 8 Verzeichnis(se), 160.120.041.472 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 159.699.050.496 Bytes frei
.
- - End Of File - - 89F3CE9C6692D52EDC477432518635B4
--- --- ---

Alt 12.04.2013, 15:06   #12
aharonov
/// TB-Ausbilder
 
Verbraucher gehen plötzlich aus und wieder an...Firefox öffnet verdächtiege Seiten - Standard

Verbraucher gehen plötzlich aus und wieder an...Firefox öffnet verdächtiege Seiten


Besteht das ursprüngliche Problem immer noch?
__________________
cheers,
Leo

Alt 12.04.2013, 15:11   #13
Nexus633
 
Verbraucher gehen plötzlich aus und wieder an...Firefox öffnet verdächtiege Seiten - Standard

Verbraucher gehen plötzlich aus und wieder an...Firefox öffnet verdächtiege Seiten


Hallo,
Firefox öffnet weiterhin seiten die von Malwarebyte geblockt werden.

ansonsten sieht es soweit jut aus.

Hey,

Ich danke soweit füe deine geduld und Hilfe.

Alt 12.04.2013, 15:32   #14
aharonov
/// TB-Ausbilder
 
Verbraucher gehen plötzlich aus und wieder an...Firefox öffnet verdächtiege Seiten - Standard

Verbraucher gehen plötzlich aus und wieder an...Firefox öffnet verdächtiege Seiten


Zitat:
Firefox öffnet weiterhin seiten die von Malwarebyte geblockt werden.
Das ist aber nicht so gut.. Kannst du mir bitte mal ein paar dieser geblockten Seiten (bzw. IP-Adressen) nennen?
Und kannst du bitte mal testen, ob das nur im Firefox so ist oder auch in den anderen Browsern? (Internet Explorer, Chrome, ..)
__________________
cheers,
Leo

Alt 12.04.2013, 17:53   #15
Nexus633
 
Verbraucher gehen plötzlich aus und wieder an...Firefox öffnet verdächtiege Seiten - Standard

Verbraucher gehen plötzlich aus und wieder an...Firefox öffnet verdächtiege Seiten


Hallo,

diese Seite öffnet sich dauernd

"hxxp://network.adsmarket.com/click/imJrnGKcqZaLZmqbX8p6w4iQapVlon-bjmKYll6cgZm3aG6dX5ypmY1lap1f?dp=kD9z9d6CNliUnKaWz7EcaIYyS9n2LwfWZfmZjjrWuAHIbIuAGZDGxs5grj83GdPwi2lsbDfw3M45lowR"

mein malwarebyte sagte mir diese IP:
2013/04/12 18:52:42 +0200 NEXUS-PC Nexus IP-BLOCK 193.169.104.1 (Type: outgoing, Port: 10365, Process: firefox.exe)

und die Liste ist LANG

Antwort
Seite 1 von 2 1 2

Themen zu Verbraucher gehen plötzlich aus und wieder an...Firefox öffnet verdächtiege Seiten
anti-malware, entfernen, firefox, forum, google, hoffe, lieber, malware, malwarebytes, maus, min, namen, nenne, nicht mehr, plötzlich, problem, programm, search, seite, seiten, startseite, tastatur, toolbars, trojaner, trojaners, verbraucher, versucht, öffnet


« Virus vermutlich in Skype Link | Trojaner von Avira gefunden »


Ähnliche Themen: Verbraucher gehen plötzlich aus und wieder an...Firefox öffnet verdächtiege Seiten


  1. Google öffnet plötzlich komische Seiten, Werbung und Videos. Außerdem sehr langsam geworden!
    Plagegeister aller Art und deren Bekämpfung - 24.05.2014 (7)
  2. Firefox öffnet plötzlich Werbung
    Log-Analyse und Auswertung - 23.01.2012 (5)
  3. Neue Seiten gehen nach der angewählten Seite in Firefox auf
    Plagegeister aller Art und deren Bekämpfung - 05.09.2011 (14)
  4. Firefox öffnet plötzlich, immer wieder unerwünschte Webseiten ...Internet Explorer öffnet Werbung
    Log-Analyse und Auswertung - 12.06.2011 (17)
  5. Firefox öffnet plötzlich fremde Seiten (auch nach neuer WindowsInstallation) + ständige Bluescreens
    Log-Analyse und Auswertung - 12.06.2011 (4)
  6. Firefox öffnet fremde Seiten
    Log-Analyse und Auswertung - 19.02.2011 (16)
  7. Firefox öffnet fremde Seiten
    Log-Analyse und Auswertung - 18.01.2011 (4)
  8. Firefox öffnet manche Internetseiten nicht-im IE gehen die ohne Probleme
    Log-Analyse und Auswertung - 17.01.2011 (1)
  9. Firefox öffnet dubiose Seiten
    Log-Analyse und Auswertung - 05.01.2011 (14)
  10. Firefox öffnet neue Seiten
    Log-Analyse und Auswertung - 28.04.2010 (12)
  11. Firefox öffnet ungewollt Seiten
    Log-Analyse und Auswertung - 06.11.2009 (1)
  12. PC hat sich einen Virus eingefangen. Firefox öffnet plötzlich unerwünschte Webseiten
    Log-Analyse und Auswertung - 24.10.2009 (7)
  13. Google öffnet falsche Seiten, Spybot öffnet sich nicht und PC geht immer wieder aus
    Plagegeister aller Art und deren Bekämpfung - 26.08.2009 (8)
  14. Firefox öffnet falsche Seiten
    Log-Analyse und Auswertung - 12.03.2009 (0)
  15. Firefox öffnet plötzlich, immer wieder unerwünschte Webseiten
    Log-Analyse und Auswertung - 28.12.2008 (3)
  16. Firefox öffnet neue Seiten
    Log-Analyse und Auswertung - 10.07.2008 (1)
  17. Firefox öffnet Seiten ungewollt
    Plagegeister aller Art und deren Bekämpfung - 26.11.2007 (0)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Verbraucher gehen plötzlich aus und wieder an...Firefox öffnet verdächtiege Seiten - Hallo liebes Team, vor einigen Tagen hatte ich einen Trojaner gefunden...Ich war leichtsinnig und habe den versucht selber zu entfernen was auch nach meinem Empfinden geklappt hat...Falsch gedacht. Seit dem - Verbraucher gehen plötzlich aus und wieder an...Firefox öffnet verdächtiege Seiten...
Archiv
Du betrachtest: Verbraucher gehen plötzlich aus und wieder an...Firefox öffnet verdächtiege Seiten auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19