Medion P7818 Win8, Extrem langsam beim Starten, dauernd gehen Fenster mit online Spielen auf

schrauber · 13.06.2013, 08:03

Neues OTL log bitte. Und schick mal noch das Log von F-Secure, oder einen Screenshot.

Sams · 13.06.2013, 10:31

Hallo Schrauber,
hier die OTL

Code:

ATTFilter

OTL logfile created on: 13.06.2013 10:22:50 - Run 6
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Oksana\Desktop
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16580)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,88 Gb Total Physical Memory | 4,56 Gb Available Physical Memory | 57,90% Memory free
9,07 Gb Paging File | 5,35 Gb Available in Paging File | 58,99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 869,80 Gb Total Space | 804,77 Gb Free Space | 92,52% Space Free | Partition Type: NTFS
Drive D: | 60,00 Gb Total Space | 40,91 Gb Free Space | 68,18% Space Free | Partition Type: NTFS
 
Computer Name: LAPTOP | User Name: Oksana | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.06.10 22:52:43 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.05.16 22:15:26 | 000,216,968 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe
PRC - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.05.02 21:21:44 | 000,109,064 | ---- | M] (Wajam) -- C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe
PRC - [2013.04.23 09:48:17 | 010,244,448 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
PRC - [2013.04.23 09:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013.04.23 09:40:59 | 000,193,888 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
PRC - [2013.04.23 09:06:29 | 001,035,200 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\Anti-Virus\fssm32.exe
PRC - [2013.04.23 09:06:29 | 000,621,504 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\Anti-Virus\FSGK32.EXE
PRC - [2013.03.27 13:37:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Oksana\Desktop\OTL.exe
PRC - [2013.02.25 15:47:33 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2013.02.25 15:47:19 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2013.02.13 04:37:16 | 001,263,952 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2013.02.11 19:25:36 | 000,664,472 | ---- | M] () -- C:\ProgramData\IBUpdaterService\ibsvc.exe
PRC - [2013.01.18 11:06:36 | 000,188,400 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Kabel Deutschland\fshoster32.exe
PRC - [2013.01.03 16:56:12 | 000,311,432 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\Common\FSM32.EXE
PRC - [2013.01.03 16:56:12 | 000,209,032 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\Common\FSMA32.EXE
PRC - [2012.12.12 11:28:14 | 000,163,000 | ---- | M] (Geek Software GmbH) -- C:\Program Files (x86)\PDF24\pdf24.exe
PRC - [2012.10.11 21:41:20 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012.10.04 11:57:42 | 001,313,896 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\ArcSoft TV 5.0\TMTV5Monitor.exe
PRC - [2012.09.30 14:01:24 | 001,132,480 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2012.09.30 14:00:56 | 001,112,000 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2012.09.01 20:07:22 | 000,014,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2012.08.13 12:08:08 | 010,376,704 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2012.08.13 12:08:08 | 010,368,512 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2012.07.30 09:17:20 | 000,258,576 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
PRC - [2012.07.17 18:10:32 | 000,364,416 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012.07.17 18:10:30 | 000,276,864 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012.07.17 18:10:16 | 000,165,760 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
PRC - [2012.07.13 17:50:00 | 000,093,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2012.06.08 05:34:06 | 000,111,120 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
PRC - [2012.05.25 12:00:44 | 000,061,152 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Kabel Deutschland\apps\CCF_Reputation\fsorsp.exe
PRC - [2011.04.13 17:37:06 | 000,312,616 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
PRC - [2011.04.13 17:37:04 | 000,070,952 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
PRC - [2009.03.30 16:00:56 | 000,221,184 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.04.12 10:12:13 | 000,593,464 | ---- | M] () -- C:\Windows\WinSxS\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.482.65_none_b59e1e0911fd55ab\QtMultimediaKit1.dll
MOD - [2013.02.13 04:38:06 | 000,100,688 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2013.02.13 04:37:16 | 001,263,952 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2013.01.03 15:28:18 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\FSGUI\flyerres.eng
MOD - [2013.01.03 15:28:18 | 000,086,016 | ---- | M] () -- C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\FSGUI\strres.eng
MOD - [2013.01.03 15:28:18 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\FSGUI\fsavures.eng
MOD - [2012.08.10 17:51:32 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2012.07.26 05:19:14 | 000,364,544 | ---- | M] () -- C:\Windows\SysWOW64\msjetoledb40.dll
MOD - [2012.06.08 13:34:06 | 000,016,400 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
MOD - [2012.06.08 05:34:06 | 000,627,216 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
MOD - [2012.06.04 17:50:54 | 000,016,384 | ---- | M] () -- C:\Program Files (x86)\ArcSoft\ArcSoft TV 5.0\uTVMUIEngine.dll
MOD - [2009.02.27 17:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
MOD - [2007.04.19 11:33:00 | 000,035,584 | ---- | M] () -- C:\Program Files (x86)\ArcSoft\ArcSoft TV 5.0\uPiApi.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2013.04.09 06:48:42 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013.03.02 04:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013.03.02 04:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013.02.02 10:21:45 | 000,467,456 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013.01.29 03:57:14 | 000,014,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013.01.10 01:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013.01.10 01:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2012.11.06 06:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012.10.19 13:27:10 | 000,386,344 | ---- | M] () [Auto | Running] -- C:\Program Files\CyberLink\Shared files\RichVideo64.exe -- (RichVideo64)
SRV:64bit: - [2012.09.24 18:03:12 | 001,153,840 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:64bit: - [2012.09.24 18:02:54 | 000,272,176 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2012.09.24 18:02:42 | 000,617,776 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2012.09.24 18:02:16 | 000,149,296 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2012.09.20 11:10:47 | 002,367,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2012.09.20 08:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012.09.20 08:30:41 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2012.09.13 06:33:50 | 000,731,688 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:64bit: - [2012.08.15 19:08:14 | 000,135,984 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV:64bit: - [2012.07.26 05:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012.07.26 05:07:42 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2012.07.26 05:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012.07.26 05:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012.07.26 05:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012.07.26 05:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012.07.26 05:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012.07.26 05:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012.07.26 05:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012.07.26 05:05:28 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2012.07.26 05:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012.07.26 05:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2012.04.20 16:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2013.06.11 21:47:28 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.05.26 10:20:04 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.05.02 21:21:44 | 000,109,064 | ---- | M] (Wajam) [Auto | Running] -- C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe -- (WajamUpdater)
SRV - [2013.04.23 09:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013.02.28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.02.25 15:47:33 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.02.25 15:47:19 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.02.11 19:25:36 | 000,664,472 | ---- | M] () [Auto | Running] -- C:\ProgramData\IBUpdaterService\ibsvc.exe -- (IBUpdaterService)
SRV - [2013.01.18 11:06:36 | 000,188,400 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files (x86)\Kabel Deutschland\fshoster32.exe -- (fshoster)
SRV - [2013.01.03 16:56:12 | 000,209,032 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\Common\FSMA32.EXE -- (FSMA)
SRV - [2012.11.06 06:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012.10.22 19:40:30 | 000,277,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012.10.11 21:41:20 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.09.30 14:01:24 | 001,132,480 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2012.09.30 14:00:56 | 001,112,000 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2012.09.01 20:07:22 | 000,014,904 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2012.07.26 05:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012.07.17 18:10:32 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012.07.17 18:10:30 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012.07.17 18:10:16 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2012.05.25 12:00:44 | 000,061,152 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files (x86)\Kabel Deutschland\apps\CCF_Reputation\fsorsp.exe -- (FSORSPClient)
SRV - [2011.04.13 17:37:06 | 000,312,616 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe -- (CyberLink PowerDVD 10 MS Service)
SRV - [2011.04.13 17:37:04 | 000,070,952 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe -- (CyberLink PowerDVD 10 MS Monitor Service)
SRV - [2009.08.24 23:16:12 | 000,544,768 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe -- (DfSdkS)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013.04.12 10:01:49 | 000,056,016 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\fsbts.sys -- (fsbts)
DRV:64bit: - [2013.04.09 07:27:43 | 000,284,424 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013.03.02 12:57:48 | 000,337,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013.03.02 12:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013.03.02 12:45:20 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013.03.02 12:45:19 | 000,194,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013.03.02 12:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013.02.26 15:56:51 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2013.02.26 15:56:51 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\Drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2013.02.26 15:56:51 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2013.02.02 13:19:44 | 000,446,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013.02.02 09:25:23 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013.01.29 03:57:05 | 000,035,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013.01.29 01:08:22 | 000,230,904 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013.01.10 03:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2012.11.27 05:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012.11.20 06:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012.11.14 10:19:48 | 000,165,504 | ---- | M] (ITE                      ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\IT9135BDA.sys -- (IT9135BDA)
DRV:64bit: - [2012.11.06 05:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012.10.22 19:40:12 | 005,332,896 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012.10.12 10:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.10.11 21:41:20 | 000,030,056 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2012.10.11 09:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012.10.11 09:13:49 | 000,058,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2012.10.10 13:18:16 | 004,309,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NETwew00.sys -- (NETwNe64)
DRV:64bit: - [2012.10.09 20:48:50 | 000,035,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2012.10.09 20:48:50 | 000,025,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2012.10.09 20:48:48 | 000,188,896 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\xHCIPort.sys -- (XHCIPort)
DRV:64bit: - [2012.10.09 20:48:48 | 000,047,072 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\usb3Hub.sys -- (usb3Hub)
DRV:64bit: - [2012.10.01 16:41:40 | 001,337,216 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2012.10.01 16:41:38 | 000,132,480 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2012.09.20 09:55:33 | 000,212,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2012.09.20 09:55:30 | 000,120,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2012.09.20 09:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012.09.20 09:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012.09.13 06:35:08 | 000,162,344 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2012.09.13 06:35:08 | 000,162,344 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2012.09.05 04:54:26 | 000,454,456 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2012.09.01 20:01:56 | 000,647,736 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012.08.06 13:07:08 | 000,068,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\iBtFltCoex.sys -- (ibtfltcoex)
DRV:64bit: - [2012.07.31 01:04:12 | 000,690,832 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2012.07.26 07:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.07.26 07:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012.07.26 07:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012.07.26 07:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012.07.26 07:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012.07.26 07:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012.07.26 07:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012.07.26 07:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012.07.26 07:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012.07.26 07:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012.07.26 07:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012.07.26 07:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012.07.26 07:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012.07.26 07:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012.07.26 07:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012.07.26 07:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012.07.26 07:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012.07.26 06:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012.07.26 06:54:34 | 000,096,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2012.07.26 06:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012.07.26 05:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012.07.26 04:29:47 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2012.07.26 04:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012.07.26 04:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012.07.26 04:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012.07.26 04:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012.07.26 04:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012.07.26 04:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012.07.26 04:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012.07.26 04:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012.07.26 04:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012.07.26 04:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012.07.26 04:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012.07.26 04:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012.07.26 04:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012.07.26 04:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.07.26 04:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012.07.26 04:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012.07.26 04:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.07.26 04:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012.07.26 04:25:02 | 000,202,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2012.07.26 04:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012.07.26 04:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012.07.26 04:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012.07.02 16:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012.06.25 12:24:50 | 000,092,536 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:64bit: - [2012.06.19 09:40:52 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012.06.13 19:24:00 | 000,252,048 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2013.04.25 12:52:40 | 000,080,832 | ---- | M] (F-Secure Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Kabel Deutschland\apps\CCF_Scanning\fsni64.sys -- (fsni)
DRV - [2013.04.23 09:06:30 | 000,068,608 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\HIPS\drivers\fshs.sys -- (F-Secure HIPS)
DRV - [2013.04.12 10:16:57 | 000,200,760 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper)
DRV - [2013.04.12 10:14:33 | 000,042,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysWOW64\drivers\fsbts.sys -- (fsbts)
DRV - [2013.01.03 16:56:16 | 000,014,472 | ---- | M] () [Kernel | System | Running] -- C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys -- (fsvista)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com
IE - HKLM\..\SearchScopes,DefaultScope = {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope = {FFEBBF0A-C22C-4172-89FF-45215A135AC7}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\..\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}: "URL" = hxxp://go.mail.ru/search?utf8in=1&fr=ietb&q={SearchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Bing "
FF - prefs.js..browser.search.order.3: "Bing "
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.web.de/"
FF - prefs.js..extensions.enabledAddons: statuswinks%40StatusWinks:1.0.0.5
FF - prefs.js..extensions.enabledAddons: info%40sharkcube.com:0.1
FF - prefs.js..extensions.enabledAddons: plugin%40yontoo.com:1.20.02
FF - prefs.js..extensions.enabledAddons: artur.dubovoy%40gmail.com:3.8.7
FF - prefs.js..extensions.enabledAddons: %7B37964A3C-4EE8-47b1-8321-34DE2C39BA4D%7D:2.5.3.58
FF - prefs.js..extensions.enabledAddons: %7B9AA46F4F-4DC7-4c06-97AF-5035170634FE%7D:5.5
FF - prefs.js..extensions.enabledAddons: toolbar%40web.de:2.6.1
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.15
FF - prefs.js..extensions.enabledAddons: %7B5a95a9e0-59dd-4314-bd84-4d18ca83a0e2%7D:1.26
FF - prefs.js..extensions.enabledAddons: %7B23fcfd51-4958-4f00-80a3-ae97e717ed8b%7D:2.1.2.172
FF - prefs.js..extensions.enabledAddons: YTKaraoke%40DacSoft.org:1.114
FF - prefs.js..extensions.enabledAddons: uploader%40adblockfilters.mozdev.org:2.1
FF - prefs.js..extensions.enabledAddons: adblockpopups%40jessehakanen.net:0.7
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Plus Web Player Plug-In,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\statuswinks@StatusWinks: C:\Users\Oksana\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks [2013.02.04 20:43:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013.05.28 22:30:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.05.28 22:12:50 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\statuswinks@StatusWinks: C:\Users\Oksana\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks [2013.02.04 20:43:00 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}: C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi [2013.05.02 21:21:44 | 000,037,909 | ---- | M] ()
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\YTKaraoke@DacSoft.org: C:\Program Files (x86)\YTKaraoke\FF\ [2013.05.29 23:09:16 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.05.28 22:12:50 | 000,000,000 | ---D | M]
 
[2013.02.04 20:43:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Oksana\AppData\Roaming\mozilla\Extensions
[2013.02.04 20:43:00 | 000,000,000 | ---D | M] (Smiley Bar for Facebook) -- C:\Users\Oksana\AppData\Roaming\mozilla\Extensions\statuswinks@StatusWinks
[2013.06.12 14:16:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Oksana\AppData\Roaming\mozilla\Firefox\Profiles\bohjm6te.default\extensions
[2013.04.05 11:45:49 | 000,000,000 | ---D | M] (Ð¡Ð¿ÑƒÑ‚Ð½Ð¸Ðº @Mail.Ru) -- C:\Users\Oksana\AppData\Roaming\mozilla\Firefox\Profiles\bohjm6te.default\extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D}
[2013.05.28 22:14:31 | 000,000,000 | ---D | M] (Wajam) -- C:\Users\Oksana\AppData\Roaming\mozilla\Firefox\Profiles\bohjm6te.default\extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}
[2013.05.28 22:31:43 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Oksana\AppData\Roaming\mozilla\Firefox\Profiles\bohjm6te.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013.06.12 14:16:50 | 000,134,804 | ---- | M] () (No name found) -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\extensions\adblockpopups@jessehakanen.net.xpi
[2013.03.08 21:19:32 | 000,275,665 | ---- | M] () (No name found) -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\extensions\artur.dubovoy@gmail.com.xpi
[2013.06.12 14:16:07 | 000,123,385 | ---- | M] () (No name found) -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\extensions\elemhidehelper@adblockplus.org.xpi
[2013.02.18 22:21:53 | 000,020,272 | ---- | M] () (No name found) -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\extensions\info@sharkcube.com.xpi
[2013.02.21 17:23:24 | 000,021,487 | ---- | M] () (No name found) -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\extensions\plugin@yontoo.com.xpi
[2013.05.26 10:20:10 | 000,620,338 | ---- | M] () (No name found) -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\extensions\toolbar@web.de.xpi
[2013.06.12 14:16:50 | 000,075,438 | ---- | M] () (No name found) -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\extensions\uploader@adblockfilters.mozdev.org.xpi
[2013.05.19 22:39:57 | 000,117,280 | ---- | M] () (No name found) -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
[2013.06.12 14:15:45 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.05.26 10:20:25 | 000,001,050 | ---- | M] () -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\searchplugins\11-suche.xml
[2013.04.22 21:07:58 | 000,002,402 | ---- | M] () -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\searchplugins\bingp.xml
[2013.05.26 10:20:25 | 000,002,418 | ---- | M] () -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\searchplugins\englische-ergebnisse.xml
[2013.05.26 10:20:24 | 000,010,701 | ---- | M] () -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\searchplugins\gmx-suche.xml
[2013.05.26 10:20:25 | 000,002,432 | ---- | M] () -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\searchplugins\lastminute.xml
[2013.04.05 11:46:01 | 000,001,510 | ---- | M] () -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\searchplugins\mailru.xml
[2013.05.26 10:20:24 | 000,005,682 | ---- | M] () -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\searchplugins\webde-suche.xml
[2013.05.26 11:40:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\Extensions
[2013.05.26 10:20:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2013.05.26 10:20:05 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.05.28 22:30:24 | 000,000,000 | ---D | M] (No name found) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2013.05.29 23:09:16 | 000,000,000 | ---D | M] ("Tube Karaoke") -- C:\PROGRAM FILES (X86)\YTKARAOKE\FF
[2013.02.11 19:26:34 | 000,006,484 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
 
O1 HOSTS File: ([2012.07.26 07:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {8984B388-A5BB-4DF7-B274-77B879E179DB} - No CLSID value found.
O2 - BHO: (Wajam) - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll (Wajam)
O2 - BHO: (delta Helper Object) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.10.0\bh\delta.dll (Delta-search.com)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Tube Karaoke) - {F351B686-F6AF-45F1-9EB9-684C805B25B1} - C:\Program Files (x86)\YTKaraoke\ytkaraoke.dll (Dacotta SoftEngineering)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (Delta Toolbar) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.10.0\deltaTlbr.dll (Delta-search.com)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll (Motorola Solutions, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [bdinstaller] "C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\setupdownloader.exe" /args:"/after_restart" File not found
O4 - HKLM..\Run: [CLMLServer_For_P2G8] C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink)
O4 - HKLM..\Run: [CLVirtualDrive] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [F-Secure Hoster (44553)] C:\Program Files (x86)\Kabel Deutschland\fshoster32.exe (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [YouCam Service] C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe (CyberLink Corp.)
O4 - HKCU..\Run: [MAgent] C:\Users\Oksana\AppData\Roaming\Mail.Ru\Agent\magent.exe (Mail.Ru)
O4 - Startup: C:\Users\Oksana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ConfirmFileDelete = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O8:64bit: - Extra context menu item: An Bluetooth senden - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm ()
O8 - Extra context menu item: An Bluetooth senden - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm ()
O9:64bit: - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-154514-44482-15/4 File not found
O9:64bit: - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-154514-44482-15/4 File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.169.184.225 83.169.184.161
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9A34807A-9833-43AC-A876-5346935872C5}: DhcpNameServer = 83.169.184.225 83.169.184.161
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D93110B3-007B-4A4A-8BAC-33DF59D2732D}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (c:\progra~3\browserprotect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browserprotect.dll) -  File not found
O20 - AppInit_DLLs: (c:\windows\syswow64\nvinit.dll) - c:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.06.13 09:46:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013.06.10 22:58:49 | 000,000,000 | ---D | C] -- C:\Users\Oksana\AppData\Roaming\Avira
[2013.06.10 22:53:32 | 000,083,160 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2013.06.10 22:50:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2013.06.10 22:50:22 | 000,130,016 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013.06.10 22:50:22 | 000,100,712 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013.06.10 22:50:22 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2013.06.10 22:50:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2013.06.10 21:59:49 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.06.10 21:59:07 | 000,000,000 | ---D | C] -- C:\JRT
[2013.06.10 21:55:24 | 000,545,954 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Oksana\Desktop\JRT.exe
[2013.06.06 21:44:03 | 000,000,000 | ---D | C] -- C:\Users\Oksana\Documents\Lucas
[2013.06.03 23:19:26 | 000,000,000 | ---D | C] -- C:\Users\Oksana\Documents\Luise Krening
[2013.06.01 18:54:18 | 000,000,000 | ---D | C] -- C:\Users\Oksana\AppData\Local\DDMSettings
[2013.06.01 18:43:35 | 000,000,000 | ---D | C] -- C:\Users\Oksana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2013.05.30 19:55:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip
[2013.05.30 18:31:48 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Oksana\Desktop\OTL.exe
[2013.05.29 23:09:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\YTKaraoke
[2013.05.28 22:14:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wajam
[2013.05.28 22:13:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LyricsFinder
[2013.05.28 22:12:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2013.05.28 22:12:15 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2013.05.28 22:12:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2013.05.28 22:11:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
[2013.05.28 22:11:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
[2013.05.28 22:11:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xvid
[2013.05.28 22:11:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2013.05.28 22:11:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
[2013.05.28 22:11:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ffdshow
[2013.05.28 22:11:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lame For Audacity
[2013.05.28 22:11:26 | 000,000,000 | ---D | C] -- C:\Users\Oksana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
[2013.05.28 22:11:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Haali
[2013.05.28 22:11:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DSP-worx
[2013.05.28 22:11:25 | 000,000,000 | ---D | C] -- C:\Users\Oksana\AppData\Roaming\LavFilters
[2013.05.28 22:11:25 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2013.05.28 22:11:25 | 000,000,000 | ---D | C] -- C:\Users\Oksana\AppData\Roaming\CDXReader
[2013.05.28 22:11:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenSource Flash Video Splitter
[2013.05.28 22:10:28 | 000,000,000 | ---D | C] -- C:\Users\Oksana\AppData\Roaming\DSite
[2013.05.28 21:32:35 | 000,000,000 | R--D | C] -- C:\Users\Oksana\AppData\Roaming\Brother
[2013.05.28 11:04:44 | 000,000,000 | ---D | C] -- C:\Users\Oksana\Documents\Oksana
[2013.05.27 12:28:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ConvertHelper
[2013.05.27 12:22:58 | 000,000,000 | ---D | C] -- C:\Users\Oksana\dwhelper
[2013.05.20 08:43:26 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\searchplugins
[2013.05.20 08:43:26 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Extensions
[2013.05.19 22:38:22 | 000,000,000 | ---D | C] -- C:\Users\Oksana\AppData\Roaming\FreeCDRipper
[2013.05.16 20:34:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free Easy CD DVD Burner
[2013.05.16 11:59:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Audio Pack
[2013.05.16 11:58:59 | 000,348,160 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\WMAFile.dll
[2013.05.16 11:58:58 | 001,212,416 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudioInfos.dll
[2013.05.16 11:58:58 | 000,479,232 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudioVisu.dll
[2013.05.16 11:58:58 | 000,458,752 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudPlayer.dll
[2013.05.16 11:58:58 | 000,454,656 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudioRecord.dll
[2013.05.16 11:58:57 | 002,084,864 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudDesign.dll
[2013.05.16 11:58:57 | 001,986,560 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudFile.dll
[2013.05.16 11:58:57 | 000,417,792 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudDisplay.dll
[2013.05.16 11:58:50 | 000,000,000 | ---D | C] -- C:\Users\Oksana\AppData\Roaming\FreeAudioPack
[2013.05.16 11:58:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free mp3 Wma Converter
 
========== Files - Modified Within 30 Days ==========
 
[2013.06.13 10:20:00 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.13 10:13:00 | 000,000,312 | ---- | M] () -- C:\Windows\tasks\DSite.job
[2013.06.13 09:42:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.06.13 09:32:53 | 000,093,330 | ---- | M] () -- C:\Users\Oksana\Desktop\FSecure_X.jpg
[2013.06.13 09:30:05 | 000,000,390 | ---- | M] () -- C:\Windows\tasks\Tube Karaoke Update.job
[2013.06.13 09:20:57 | 000,082,017 | ---- | M] () -- C:\Users\Oksana\Desktop\FSeucure.jpg
[2013.06.13 09:18:48 | 001,748,838 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.06.13 09:18:48 | 000,754,172 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.06.13 09:18:48 | 000,711,282 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.06.13 09:18:48 | 000,156,362 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.06.13 09:18:48 | 000,133,150 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.06.13 09:15:11 | 000,067,584 | -H-- | M] () -- C:\Windows\bootstat.dat
[2013.06.12 22:20:03 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.11 22:05:36 | 000,068,348 | ---- | M] () -- C:\Users\Oksana\Desktop\Werbung2.jpg
[2013.06.11 22:03:27 | 000,034,649 | ---- | M] () -- C:\Users\Oksana\Desktop\Werbung.jpg
[2013.06.11 21:51:23 | 000,059,526 | ---- | M] () -- C:\Users\Oksana\Desktop\Onlinspiel.jpg
[2013.06.10 22:53:00 | 000,083,160 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2013.06.10 22:50:30 | 000,002,076 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2013.06.10 22:45:34 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013.06.10 22:45:28 | 2475,114,495 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.10 21:55:32 | 000,545,954 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Oksana\Desktop\JRT.exe
[2013.06.10 20:44:35 | 000,648,201 | ---- | M] () -- C:\Users\Oksana\Desktop\adwcleaner(1).exe
[2013.06.10 17:19:36 | 000,000,000 | ---- | M] () -- C:\END
[2013.05.30 22:08:46 | 000,009,565 | ---- | M] () -- C:\Users\Oksana\Documents\MeineZip.zip
[2013.05.30 19:03:28 | 000,377,856 | ---- | M] () -- C:\Users\Oksana\Desktop\gmer_2.1.19163.exe
[2013.05.29 23:41:34 | 000,000,000 | ---- | M] () -- C:\Users\Oksana\defogger_reenable
[2013.05.29 22:44:22 | 000,335,656 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.05.28 23:45:26 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\SystemPreferences.xml
[2013.05.28 22:30:25 | 000,001,614 | ---- | M] () -- C:\Users\Oksana\Desktop\DivX Movies.lnk
[2013.05.28 22:30:12 | 000,001,132 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2013.05.28 22:29:49 | 000,001,178 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2013.05.28 22:11:29 | 000,001,989 | ---- | M] () -- C:\Windows\unins000.dat
[2013.05.28 22:11:23 | 000,715,038 | ---- | M] () -- C:\Windows\unins000.exe
[2013.05.16 12:19:02 | 000,001,098 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
[2013.05.16 11:59:09 | 000,001,342 | ---- | M] () -- C:\Users\Oksana\Desktop\Easy Audio Cutter.lnk
[2013.05.16 11:59:09 | 000,001,326 | ---- | M] () -- C:\Users\Oksana\Desktop\Free CD Ripper.lnk
[2013.05.16 11:59:09 | 000,001,322 | ---- | M] () -- C:\Users\Oksana\Desktop\Free Mp3 Wma Converter.lnk
 
========== Files Created - No Company Name ==========
 
[2013.06.13 09:32:53 | 000,093,330 | ---- | C] () -- C:\Users\Oksana\Desktop\FSecure_X.jpg
[2013.06.13 09:20:57 | 000,082,017 | ---- | C] () -- C:\Users\Oksana\Desktop\FSeucure.jpg
[2013.06.11 22:05:36 | 000,068,348 | ---- | C] () -- C:\Users\Oksana\Desktop\Werbung2.jpg
[2013.06.11 22:03:27 | 000,034,649 | ---- | C] () -- C:\Users\Oksana\Desktop\Werbung.jpg
[2013.06.11 21:51:23 | 000,059,526 | ---- | C] () -- C:\Users\Oksana\Desktop\Onlinspiel.jpg
[2013.06.10 22:50:30 | 000,002,076 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2013.06.10 20:44:29 | 000,648,201 | ---- | C] () -- C:\Users\Oksana\Desktop\adwcleaner(1).exe
[2013.06.07 09:40:59 | 000,000,390 | ---- | C] () -- C:\Windows\tasks\Tube Karaoke Update.job
[2013.05.30 22:08:46 | 000,009,565 | ---- | C] () -- C:\Users\Oksana\Documents\MeineZip.zip
[2013.05.30 19:04:06 | 000,377,856 | ---- | C] () -- C:\Users\Oksana\Desktop\gmer_2.1.19163.exe
[2013.05.29 23:41:34 | 000,000,000 | ---- | C] () -- C:\Users\Oksana\defogger_reenable
[2013.05.29 22:44:14 | 000,335,656 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.05.28 23:34:37 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\SystemPreferences.xml
[2013.05.28 22:30:25 | 000,001,614 | ---- | C] () -- C:\Users\Oksana\Desktop\DivX Movies.lnk
[2013.05.28 22:30:12 | 000,001,132 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2013.05.28 22:29:49 | 000,001,178 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2013.05.28 22:28:11 | 000,000,000 | ---- | C] () -- C:\END
[2013.05.28 22:11:42 | 000,255,488 | ---- | C] () -- C:\Windows\SysNative\xvidvfw.dll
[2013.05.28 22:11:41 | 000,696,832 | ---- | C] () -- C:\Windows\SysNative\xvidcore.dll
[2013.05.28 22:11:41 | 000,173,568 | ---- | C] () -- C:\Windows\SysNative\xvid.ax
[2013.05.28 22:11:40 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2013.05.28 22:11:40 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2013.05.28 22:11:40 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\xvid.ax
[2013.05.28 22:11:35 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2013.05.28 22:11:28 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2013.05.28 22:11:27 | 000,148,992 | ---- | C] ( ) -- C:\Windows\SysNative\lagarith.dll
[2013.05.28 22:11:26 | 000,715,038 | ---- | C] () -- C:\Windows\unins000.exe
[2013.05.28 22:11:26 | 000,001,989 | ---- | C] () -- C:\Windows\unins000.dat
[2013.05.28 22:10:28 | 000,000,312 | ---- | C] () -- C:\Windows\tasks\DSite.job
[2013.05.20 12:49:59 | 000,387,688 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2013.05.19 22:42:05 | 000,002,471 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013.05.16 12:19:02 | 000,001,110 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk
[2013.05.16 12:19:02 | 000,001,098 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
[2013.05.16 11:59:09 | 000,001,342 | ---- | C] () -- C:\Users\Oksana\Desktop\Easy Audio Cutter.lnk
[2013.05.16 11:59:09 | 000,001,326 | ---- | C] () -- C:\Users\Oksana\Desktop\Free CD Ripper.lnk
[2013.05.16 11:59:09 | 000,001,322 | ---- | C] () -- C:\Users\Oksana\Desktop\Free Mp3 Wma Converter.lnk
[2013.05.16 11:58:59 | 000,116,296 | ---- | C] () -- C:\Windows\SysWow64\NCTWMAProfiles.prx
[2013.05.16 11:58:54 | 000,484,352 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2013.04.06 14:01:23 | 000,007,605 | ---- | C] () -- C:\Users\Oksana\AppData\Local\Resmon.ResmonCfg
[2013.03.31 19:49:41 | 000,042,248 | ---- | C] () -- C:\Windows\SysWow64\drivers\fsbts.sys
[2013.03.31 19:49:32 | 000,019,418 | ---- | C] () -- C:\Windows\prodsett_copy.ini
[2013.03.22 15:07:25 | 000,003,584 | ---- | C] () -- C:\Users\Oksana\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.03.15 14:42:21 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2013.03.15 14:42:21 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2013.01.27 16:01:34 | 000,000,125 | ---- | C] () -- C:\Windows\wininit.ini
[2013.01.25 21:40:15 | 000,077,671 | ---- | C] () -- C:\Users\Oksana\AppData\Local\funmoods_2.0.1.crx
[2012.11.14 10:31:46 | 007,024,928 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.11.14 10:19:05 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2012.11.14 10:03:57 | 000,598,780 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
[2012.11.14 10:03:50 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.11.14 10:03:49 | 000,755,048 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
[2012.11.14 08:55:38 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2012.07.26 10:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2012.07.26 10:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2012.07.26 09:21:26 | 000,067,584 | -H-- | C] () -- C:\Windows\bootstat.dat
[2012.07.26 03:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2012.07.25 22:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012.07.25 22:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2012.06.02 16:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2012.04.20 15:59:44 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
 
========== ZeroAccess Check ==========
 
[2012.11.14 10:30:56 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.03.06 08:31:28 | 019,758,592 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.03.06 07:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013.01.25 21:40:26 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\0T1F0D1F2W1G1I1F1T1Q
[2013.01.19 20:25:38 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\Canneverbe Limited
[2013.05.28 22:11:26 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\CDXReader
[2013.05.28 22:10:28 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\DSite
[2013.05.16 11:59:22 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\FreeAudioPack
[2013.05.19 22:39:02 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\FreeCDRipper
[2013.01.27 10:19:08 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\HoolappForAndroid
[2013.05.28 22:11:28 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\LavFilters
[2013.01.17 12:22:33 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\Lenovo
[2013.01.21 15:13:44 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\MAGIX
[2013.01.22 10:37:13 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\Mail.Ru
[2013.02.12 18:47:24 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\Mra
[2013.01.17 19:08:17 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\OpenOffice.org
[2013.04.28 11:14:09 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\ProfiCAD
[2013.04.05 21:31:32 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\QuickScan
[2013.02.04 20:43:00 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\StatusWinks
[2013.01.21 15:03:26 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\SuperEasy Software
[2013.03.07 21:23:59 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\TeamViewer
 
========== Purity Check ==========
 
 

< End of report >

beim Fsecure ist ganz scuriel, wenn ich auf update gehe, Meldung es ist die Aktuelle Version aber beim nachschauen der Datenbankversion steht Warten auf Update! Ich hab Scrennshorts gemacht, kann aber sie nicht anhängen. Ich komm nicht ins Menü! Beim Drücken auf Anhänge Verwalten passier nichts. Blockiert villeicht der Browser jetzt was?

sams

schrauber · 13.06.2013, 10:56

Zitat:

Und wie deaktiviere oder lösche ich die Systemtaskexe sie wird von Fsecure blokiert. Oder benötige ich es und muss es erlauben? FSecure meldet sich das nicht genügend Schutz vorhanden ist und das rote x ist an wenn man Computer Sicherheit anwählt. Upgedatet hab ich es, hat nichts gebracht.

zu der systemtask.exe brauch ich nen screenhsot der f-secure-blockier-meldung.

schick sie an schrauber(at)gmx.eu

schrauber · 13.06.2013, 11:21

Hi,

neues OTL log bitte, diesmal Scan Alle Benutzer anhaken.

Sams · 13.06.2013, 14:13

Hallo Schrauber,
hier die aktuelle OTL Log.
Danke
sams

Code:

ATTFilter

OTL logfile created on: 13.06.2013 15:01:22 - Run 7
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Oksana\Desktop
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16599)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,88 Gb Total Physical Memory | 6,03 Gb Available Physical Memory | 76,53% Memory free
9,07 Gb Paging File | 7,01 Gb Available in Paging File | 77,33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 869,80 Gb Total Space | 804,01 Gb Free Space | 92,44% Space Free | Partition Type: NTFS
Drive D: | 60,00 Gb Total Space | 40,91 Gb Free Space | 68,18% Space Free | Partition Type: NTFS
 
Computer Name: LAPTOP | User Name: Oksana | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.06.10 22:52:43 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.05.16 22:15:26 | 000,216,968 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe
PRC - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.05.02 21:21:44 | 000,109,064 | ---- | M] (Wajam) -- C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe
PRC - [2013.04.23 09:48:17 | 010,244,448 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
PRC - [2013.04.23 09:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013.04.23 09:40:59 | 000,193,888 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
PRC - [2013.04.23 09:06:29 | 001,035,200 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\Anti-Virus\fssm32.exe
PRC - [2013.04.23 09:06:29 | 000,621,504 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\Anti-Virus\FSGK32.EXE
PRC - [2013.03.27 13:37:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Oksana\Desktop\OTL.exe
PRC - [2013.02.25 15:47:33 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2013.02.25 15:47:19 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2013.02.13 04:37:16 | 001,263,952 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2013.02.11 19:25:36 | 000,664,472 | ---- | M] () -- C:\ProgramData\IBUpdaterService\ibsvc.exe
PRC - [2013.01.18 11:06:36 | 000,188,400 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Kabel Deutschland\fshoster32.exe
PRC - [2013.01.03 16:56:12 | 000,311,432 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\Common\FSM32.EXE
PRC - [2013.01.03 16:56:12 | 000,209,032 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\Common\FSMA32.EXE
PRC - [2012.12.12 11:28:14 | 000,163,000 | ---- | M] (Geek Software GmbH) -- C:\Program Files (x86)\PDF24\pdf24.exe
PRC - [2012.10.04 11:57:42 | 001,313,896 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\ArcSoft TV 5.0\TMTV5Monitor.exe
PRC - [2012.09.30 14:01:24 | 001,132,480 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2012.09.30 14:00:56 | 001,112,000 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2012.09.01 20:07:22 | 000,014,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2012.08.13 12:08:08 | 010,376,704 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2012.08.13 12:08:08 | 010,368,512 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2012.07.30 09:17:20 | 000,258,576 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
PRC - [2012.07.17 18:10:32 | 000,364,416 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012.07.17 18:10:30 | 000,276,864 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012.07.17 18:10:16 | 000,165,760 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
PRC - [2012.07.13 17:50:00 | 000,093,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2012.06.08 05:34:06 | 000,111,120 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
PRC - [2012.05.25 12:00:44 | 000,061,152 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Kabel Deutschland\apps\CCF_Reputation\fsorsp.exe
PRC - [2011.04.13 17:37:06 | 000,312,616 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
PRC - [2011.04.13 17:37:04 | 000,070,952 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
PRC - [2009.03.30 16:00:56 | 000,221,184 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.04.12 10:12:13 | 000,593,464 | ---- | M] () -- C:\Windows\WinSxS\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.482.65_none_b59e1e0911fd55ab\QtMultimediaKit1.dll
MOD - [2013.02.13 04:38:06 | 000,100,688 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2013.02.13 04:37:16 | 001,263,952 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2013.01.03 15:28:18 | 000,086,016 | ---- | M] () -- C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\FSGUI\strres.eng
MOD - [2013.01.03 15:28:18 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\FSGUI\fsavures.eng
MOD - [2012.08.10 17:51:32 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2012.07.26 05:19:14 | 000,364,544 | ---- | M] () -- C:\Windows\SysWOW64\msjetoledb40.dll
MOD - [2012.06.08 13:34:06 | 000,016,400 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
MOD - [2012.06.08 05:34:06 | 000,627,216 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
MOD - [2012.06.04 17:50:54 | 000,016,384 | ---- | M] () -- C:\Program Files (x86)\ArcSoft\ArcSoft TV 5.0\uTVMUIEngine.dll
MOD - [2009.02.27 17:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
MOD - [2007.04.19 11:33:00 | 000,035,584 | ---- | M] () -- C:\Program Files (x86)\ArcSoft\ArcSoft TV 5.0\uPiApi.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2013.04.09 06:48:42 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013.03.02 04:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013.03.02 04:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013.02.02 10:21:45 | 000,467,456 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013.01.29 03:57:14 | 000,014,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013.01.10 01:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013.01.10 01:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2012.11.06 06:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012.10.19 13:27:10 | 000,386,344 | ---- | M] () [Auto | Running] -- C:\Program Files\CyberLink\Shared files\RichVideo64.exe -- (RichVideo64)
SRV:64bit: - [2012.09.24 18:03:12 | 001,153,840 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:64bit: - [2012.09.24 18:02:54 | 000,272,176 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2012.09.24 18:02:42 | 000,617,776 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2012.09.24 18:02:16 | 000,149,296 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2012.09.20 11:10:47 | 002,367,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2012.09.20 08:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012.09.20 08:30:41 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2012.09.13 06:33:50 | 000,731,688 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:64bit: - [2012.08.15 19:08:14 | 000,135,984 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV:64bit: - [2012.07.26 05:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012.07.26 05:07:42 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2012.07.26 05:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012.07.26 05:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012.07.26 05:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012.07.26 05:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012.07.26 05:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012.07.26 05:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012.07.26 05:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012.07.26 05:05:28 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2012.07.26 05:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012.07.26 05:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2012.04.20 16:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2013.06.11 21:47:28 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.05.26 10:20:04 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.05.02 21:21:44 | 000,109,064 | ---- | M] (Wajam) [Auto | Running] -- C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe -- (WajamUpdater)
SRV - [2013.04.23 09:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013.02.28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.02.25 15:47:33 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.02.25 15:47:19 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.02.11 19:25:36 | 000,664,472 | ---- | M] () [Auto | Running] -- C:\ProgramData\IBUpdaterService\ibsvc.exe -- (IBUpdaterService)
SRV - [2013.01.18 11:06:36 | 000,188,400 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files (x86)\Kabel Deutschland\fshoster32.exe -- (fshoster)
SRV - [2013.01.03 16:56:12 | 000,209,032 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\Common\FSMA32.EXE -- (FSMA)
SRV - [2012.11.06 06:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012.10.22 19:40:30 | 000,277,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012.10.11 21:41:20 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.09.30 14:01:24 | 001,132,480 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2012.09.30 14:00:56 | 001,112,000 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2012.09.01 20:07:22 | 000,014,904 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2012.07.26 05:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012.07.17 18:10:32 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012.07.17 18:10:30 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012.07.17 18:10:16 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2012.05.25 12:00:44 | 000,061,152 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files (x86)\Kabel Deutschland\apps\CCF_Reputation\fsorsp.exe -- (FSORSPClient)
SRV - [2011.04.13 17:37:06 | 000,312,616 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe -- (CyberLink PowerDVD 10 MS Service)
SRV - [2011.04.13 17:37:04 | 000,070,952 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe -- (CyberLink PowerDVD 10 MS Monitor Service)
SRV - [2009.08.24 23:16:12 | 000,544,768 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe -- (DfSdkS)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013.04.12 10:01:49 | 000,056,016 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\fsbts.sys -- (fsbts)
DRV:64bit: - [2013.04.09 07:27:43 | 000,284,424 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013.03.02 12:57:48 | 000,337,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013.03.02 12:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013.03.02 12:45:20 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013.03.02 12:45:19 | 000,194,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013.03.02 12:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013.02.26 15:56:51 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2013.02.26 15:56:51 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\Drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2013.02.26 15:56:51 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2013.02.02 13:19:44 | 000,446,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013.02.02 09:25:23 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013.01.29 03:57:05 | 000,035,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013.01.29 01:08:22 | 000,230,904 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013.01.10 03:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2012.11.27 05:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012.11.20 06:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012.11.14 10:19:48 | 000,165,504 | ---- | M] (ITE                      ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\IT9135BDA.sys -- (IT9135BDA)
DRV:64bit: - [2012.11.06 05:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012.10.22 19:40:12 | 005,332,896 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012.10.12 10:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.10.11 21:41:20 | 000,030,056 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2012.10.11 09:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012.10.11 09:13:49 | 000,058,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2012.10.10 13:18:16 | 004,309,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NETwew00.sys -- (NETwNe64)
DRV:64bit: - [2012.10.09 20:48:50 | 000,035,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2012.10.09 20:48:50 | 000,025,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2012.10.09 20:48:48 | 000,188,896 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\xHCIPort.sys -- (XHCIPort)
DRV:64bit: - [2012.10.09 20:48:48 | 000,047,072 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\usb3Hub.sys -- (usb3Hub)
DRV:64bit: - [2012.10.01 16:41:40 | 001,337,216 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2012.10.01 16:41:38 | 000,132,480 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2012.09.20 09:55:33 | 000,212,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2012.09.20 09:55:30 | 000,120,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2012.09.20 09:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012.09.20 09:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012.09.13 06:35:08 | 000,162,344 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2012.09.13 06:35:08 | 000,162,344 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2012.09.05 04:54:26 | 000,454,456 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2012.09.01 20:01:56 | 000,647,736 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012.08.06 13:07:08 | 000,068,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\iBtFltCoex.sys -- (ibtfltcoex)
DRV:64bit: - [2012.07.31 01:04:12 | 000,690,832 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2012.07.26 07:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.07.26 07:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012.07.26 07:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012.07.26 07:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012.07.26 07:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012.07.26 07:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012.07.26 07:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012.07.26 07:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012.07.26 07:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012.07.26 07:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012.07.26 07:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012.07.26 07:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012.07.26 07:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012.07.26 07:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012.07.26 07:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012.07.26 07:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012.07.26 07:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012.07.26 06:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012.07.26 06:54:34 | 000,096,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2012.07.26 06:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012.07.26 05:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012.07.26 04:29:47 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2012.07.26 04:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012.07.26 04:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012.07.26 04:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012.07.26 04:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012.07.26 04:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012.07.26 04:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012.07.26 04:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012.07.26 04:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012.07.26 04:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012.07.26 04:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012.07.26 04:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012.07.26 04:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012.07.26 04:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012.07.26 04:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.07.26 04:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012.07.26 04:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012.07.26 04:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.07.26 04:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012.07.26 04:25:02 | 000,202,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2012.07.26 04:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012.07.26 04:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012.07.26 04:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012.07.02 16:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012.06.25 12:24:50 | 000,092,536 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:64bit: - [2012.06.19 09:40:52 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012.06.13 19:24:00 | 000,252,048 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2013.04.25 12:52:40 | 000,080,832 | ---- | M] (F-Secure Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Kabel Deutschland\apps\CCF_Scanning\fsni64.sys -- (fsni)
DRV - [2013.04.23 09:06:30 | 000,068,608 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\HIPS\drivers\fshs.sys -- (F-Secure HIPS)
DRV - [2013.04.12 10:16:57 | 000,200,760 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper)
DRV - [2013.04.12 10:14:33 | 000,042,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysWOW64\drivers\fsbts.sys -- (fsbts)
DRV - [2013.01.03 16:56:16 | 000,014,472 | ---- | M] () [Kernel | System | Running] -- C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys -- (fsvista)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com
IE - HKLM\..\SearchScopes,DefaultScope = {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-174320049-3726716400-672341874-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
IE - HKU\S-1-5-21-174320049-3726716400-672341874-1002\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-174320049-3726716400-672341874-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-174320049-3726716400-672341874-1002\..\SearchScopes,DefaultScope = {FFEBBF0A-C22C-4172-89FF-45215A135AC7}
IE - HKU\S-1-5-21-174320049-3726716400-672341874-1002\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-174320049-3726716400-672341874-1002\..\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}: "URL" = hxxp://go.mail.ru/search?utf8in=1&fr=ietb&q={SearchTerms}
IE - HKU\S-1-5-21-174320049-3726716400-672341874-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Bing "
FF - prefs.js..browser.search.order.3: "Bing "
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.web.de/"
FF - prefs.js..extensions.enabledAddons: statuswinks%40StatusWinks:1.0.0.5
FF - prefs.js..extensions.enabledAddons: info%40sharkcube.com:0.1
FF - prefs.js..extensions.enabledAddons: plugin%40yontoo.com:1.20.02
FF - prefs.js..extensions.enabledAddons: artur.dubovoy%40gmail.com:3.8.7
FF - prefs.js..extensions.enabledAddons: %7B37964A3C-4EE8-47b1-8321-34DE2C39BA4D%7D:2.5.3.58
FF - prefs.js..extensions.enabledAddons: %7B9AA46F4F-4DC7-4c06-97AF-5035170634FE%7D:5.5
FF - prefs.js..extensions.enabledAddons: toolbar%40web.de:2.6.1
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.15
FF - prefs.js..extensions.enabledAddons: %7B5a95a9e0-59dd-4314-bd84-4d18ca83a0e2%7D:1.26
FF - prefs.js..extensions.enabledAddons: %7B23fcfd51-4958-4f00-80a3-ae97e717ed8b%7D:2.1.2.172
FF - prefs.js..extensions.enabledAddons: YTKaraoke%40DacSoft.org:1.114
FF - prefs.js..extensions.enabledAddons: uploader%40adblockfilters.mozdev.org:2.1
FF - prefs.js..extensions.enabledAddons: adblockpopups%40jessehakanen.net:0.7
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Plus Web Player Plug-In,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\statuswinks@StatusWinks: C:\Users\Oksana\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks [2013.02.04 20:43:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013.05.28 22:30:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.05.28 22:12:50 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\statuswinks@StatusWinks: C:\Users\Oksana\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks [2013.02.04 20:43:00 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}: C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi [2013.05.02 21:21:44 | 000,037,909 | ---- | M] ()
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\YTKaraoke@DacSoft.org: C:\Program Files (x86)\YTKaraoke\FF\ [2013.05.29 23:09:16 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.05.28 22:12:50 | 000,000,000 | ---D | M]
 
[2013.02.04 20:43:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Oksana\AppData\Roaming\mozilla\Extensions
[2013.02.04 20:43:00 | 000,000,000 | ---D | M] (Smiley Bar for Facebook) -- C:\Users\Oksana\AppData\Roaming\mozilla\Extensions\statuswinks@StatusWinks
[2013.06.12 14:16:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Oksana\AppData\Roaming\mozilla\Firefox\Profiles\bohjm6te.default\extensions
[2013.04.05 11:45:49 | 000,000,000 | ---D | M] (Ð¡Ð¿ÑƒÑ‚Ð½Ð¸Ðº @Mail.Ru) -- C:\Users\Oksana\AppData\Roaming\mozilla\Firefox\Profiles\bohjm6te.default\extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D}
[2013.05.28 22:14:31 | 000,000,000 | ---D | M] (Wajam) -- C:\Users\Oksana\AppData\Roaming\mozilla\Firefox\Profiles\bohjm6te.default\extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}
[2013.05.28 22:31:43 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Oksana\AppData\Roaming\mozilla\Firefox\Profiles\bohjm6te.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013.06.12 14:16:50 | 000,134,804 | ---- | M] () (No name found) -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\extensions\adblockpopups@jessehakanen.net.xpi
[2013.03.08 21:19:32 | 000,275,665 | ---- | M] () (No name found) -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\extensions\artur.dubovoy@gmail.com.xpi
[2013.06.12 14:16:07 | 000,123,385 | ---- | M] () (No name found) -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\extensions\elemhidehelper@adblockplus.org.xpi
[2013.02.18 22:21:53 | 000,020,272 | ---- | M] () (No name found) -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\extensions\info@sharkcube.com.xpi
[2013.02.21 17:23:24 | 000,021,487 | ---- | M] () (No name found) -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\extensions\plugin@yontoo.com.xpi
[2013.05.26 10:20:10 | 000,620,338 | ---- | M] () (No name found) -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\extensions\toolbar@web.de.xpi
[2013.06.12 14:16:50 | 000,075,438 | ---- | M] () (No name found) -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\extensions\uploader@adblockfilters.mozdev.org.xpi
[2013.05.19 22:39:57 | 000,117,280 | ---- | M] () (No name found) -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
[2013.06.12 14:15:45 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.05.26 10:20:25 | 000,001,050 | ---- | M] () -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\searchplugins\11-suche.xml
[2013.04.22 21:07:58 | 000,002,402 | ---- | M] () -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\searchplugins\bingp.xml
[2013.05.26 10:20:25 | 000,002,418 | ---- | M] () -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\searchplugins\englische-ergebnisse.xml
[2013.05.26 10:20:24 | 000,010,701 | ---- | M] () -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\searchplugins\gmx-suche.xml
[2013.05.26 10:20:25 | 000,002,432 | ---- | M] () -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\searchplugins\lastminute.xml
[2013.04.05 11:46:01 | 000,001,510 | ---- | M] () -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\searchplugins\mailru.xml
[2013.05.26 10:20:24 | 000,005,682 | ---- | M] () -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\searchplugins\webde-suche.xml
[2013.05.26 11:40:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\Extensions
[2013.05.26 10:20:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2013.05.26 10:20:05 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.05.28 22:30:24 | 000,000,000 | ---D | M] (No name found) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2013.05.29 23:09:16 | 000,000,000 | ---D | M] ("Tube Karaoke") -- C:\PROGRAM FILES (X86)\YTKARAOKE\FF
[2013.02.11 19:26:34 | 000,006,484 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
 
O1 HOSTS File: ([2012.07.26 07:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {8984B388-A5BB-4DF7-B274-77B879E179DB} - No CLSID value found.
O2 - BHO: (Wajam) - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll (Wajam)
O2 - BHO: (delta Helper Object) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.10.0\bh\delta.dll (Delta-search.com)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Tube Karaoke) - {F351B686-F6AF-45F1-9EB9-684C805B25B1} - C:\Program Files (x86)\YTKaraoke\ytkaraoke.dll (Dacotta SoftEngineering)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (Delta Toolbar) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.10.0\deltaTlbr.dll (Delta-search.com)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll (Motorola Solutions, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [bdinstaller] "C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\setupdownloader.exe" /args:"/after_restart" File not found
O4 - HKLM..\Run: [CLMLServer_For_P2G8] C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink)
O4 - HKLM..\Run: [CLVirtualDrive] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [F-Secure Hoster (44553)] C:\Program Files (x86)\Kabel Deutschland\fshoster32.exe (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [YouCam Service] C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe (CyberLink Corp.)
O4 - HKU\S-1-5-21-174320049-3726716400-672341874-1002..\Run: [MAgent] C:\Users\Oksana\AppData\Roaming\Mail.Ru\Agent\magent.exe (Mail.Ru)
O4 - Startup: C:\Users\Oksana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ConfirmFileDelete = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O8:64bit: - Extra context menu item: An Bluetooth senden - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm ()
O8 - Extra context menu item: An Bluetooth senden - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm ()
O9:64bit: - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-154514-44482-15/4 File not found
O9:64bit: - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-154514-44482-15/4 File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.169.184.225 83.169.184.161
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9A34807A-9833-43AC-A876-5346935872C5}: DhcpNameServer = 83.169.184.225 83.169.184.161
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D93110B3-007B-4A4A-8BAC-33DF59D2732D}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (c:\progra~3\browserprotect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browserprotect.dll) -  File not found
O20 - AppInit_DLLs: (c:\windows\syswow64\nvinit.dll) - c:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.06.13 09:46:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013.06.10 22:58:49 | 000,000,000 | ---D | C] -- C:\Users\Oksana\AppData\Roaming\Avira
[2013.06.10 22:53:32 | 000,083,160 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2013.06.10 22:50:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2013.06.10 22:50:22 | 000,130,016 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013.06.10 22:50:22 | 000,100,712 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013.06.10 22:50:22 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2013.06.10 22:50:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2013.06.10 21:59:49 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.06.10 21:59:07 | 000,000,000 | ---D | C] -- C:\JRT
[2013.06.10 21:55:24 | 000,545,954 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Oksana\Desktop\JRT.exe
[2013.06.06 21:44:03 | 000,000,000 | ---D | C] -- C:\Users\Oksana\Documents\Lucas
[2013.06.03 23:19:26 | 000,000,000 | ---D | C] -- C:\Users\Oksana\Documents\Luise Krening
[2013.06.01 18:54:18 | 000,000,000 | ---D | C] -- C:\Users\Oksana\AppData\Local\DDMSettings
[2013.06.01 18:43:35 | 000,000,000 | ---D | C] -- C:\Users\Oksana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2013.05.30 19:55:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip
[2013.05.30 18:31:48 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Oksana\Desktop\OTL.exe
[2013.05.29 23:09:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\YTKaraoke
[2013.05.28 22:14:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wajam
[2013.05.28 22:13:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LyricsFinder
[2013.05.28 22:12:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2013.05.28 22:12:15 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2013.05.28 22:12:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2013.05.28 22:11:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
[2013.05.28 22:11:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
[2013.05.28 22:11:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xvid
[2013.05.28 22:11:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2013.05.28 22:11:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
[2013.05.28 22:11:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ffdshow
[2013.05.28 22:11:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lame For Audacity
[2013.05.28 22:11:26 | 000,000,000 | ---D | C] -- C:\Users\Oksana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
[2013.05.28 22:11:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Haali
[2013.05.28 22:11:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DSP-worx
[2013.05.28 22:11:25 | 000,000,000 | ---D | C] -- C:\Users\Oksana\AppData\Roaming\LavFilters
[2013.05.28 22:11:25 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2013.05.28 22:11:25 | 000,000,000 | ---D | C] -- C:\Users\Oksana\AppData\Roaming\CDXReader
[2013.05.28 22:11:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenSource Flash Video Splitter
[2013.05.28 22:10:28 | 000,000,000 | ---D | C] -- C:\Users\Oksana\AppData\Roaming\DSite
[2013.05.28 21:32:35 | 000,000,000 | R--D | C] -- C:\Users\Oksana\AppData\Roaming\Brother
[2013.05.28 11:04:44 | 000,000,000 | ---D | C] -- C:\Users\Oksana\Documents\Oksana
[2013.05.27 12:28:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ConvertHelper
[2013.05.27 12:22:58 | 000,000,000 | ---D | C] -- C:\Users\Oksana\dwhelper
[2013.05.20 08:43:26 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\searchplugins
[2013.05.20 08:43:26 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Extensions
[2013.05.19 22:38:22 | 000,000,000 | ---D | C] -- C:\Users\Oksana\AppData\Roaming\FreeCDRipper
[2013.05.16 20:34:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free Easy CD DVD Burner
[2013.05.16 11:59:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Audio Pack
[2013.05.16 11:58:59 | 000,348,160 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\WMAFile.dll
[2013.05.16 11:58:58 | 001,212,416 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudioInfos.dll
[2013.05.16 11:58:58 | 000,479,232 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudioVisu.dll
[2013.05.16 11:58:58 | 000,458,752 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudPlayer.dll
[2013.05.16 11:58:58 | 000,454,656 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudioRecord.dll
[2013.05.16 11:58:57 | 002,084,864 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudDesign.dll
[2013.05.16 11:58:57 | 001,986,560 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudFile.dll
[2013.05.16 11:58:57 | 000,417,792 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudDisplay.dll
[2013.05.16 11:58:50 | 000,000,000 | ---D | C] -- C:\Users\Oksana\AppData\Roaming\FreeAudioPack
[2013.05.16 11:58:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free mp3 Wma Converter
 
========== Files - Modified Within 30 Days ==========
 
[2013.06.13 14:56:37 | 000,754,172 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.06.13 14:56:37 | 000,711,282 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.06.13 14:56:37 | 000,156,362 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.06.13 14:56:37 | 000,133,150 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.06.13 14:56:36 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.13 14:56:30 | 001,748,838 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.06.13 14:54:58 | 000,000,390 | ---- | M] () -- C:\Windows\tasks\Tube Karaoke Update.job
[2013.06.13 14:53:38 | 000,067,584 | -H-- | M] () -- C:\Windows\bootstat.dat
[2013.06.13 12:20:00 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.13 12:13:00 | 000,000,312 | ---- | M] () -- C:\Windows\tasks\DSite.job
[2013.06.13 11:42:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.06.13 11:09:15 | 000,000,000 | ---- | M] () -- C:\END
[2013.06.13 11:07:19 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013.06.13 11:07:13 | 2475,114,495 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.13 09:32:53 | 000,093,330 | ---- | M] () -- C:\Users\Oksana\Desktop\FSecure_X.jpg
[2013.06.13 09:20:57 | 000,082,017 | ---- | M] () -- C:\Users\Oksana\Desktop\FSeucure.jpg
[2013.06.11 22:05:36 | 000,068,348 | ---- | M] () -- C:\Users\Oksana\Desktop\Werbung2.jpg
[2013.06.11 22:03:27 | 000,034,649 | ---- | M] () -- C:\Users\Oksana\Desktop\Werbung.jpg
[2013.06.11 21:51:23 | 000,059,526 | ---- | M] () -- C:\Users\Oksana\Desktop\Onlinspiel.jpg
[2013.06.10 22:53:00 | 000,083,160 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2013.06.10 22:50:30 | 000,002,076 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2013.06.10 21:55:32 | 000,545,954 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Oksana\Desktop\JRT.exe
[2013.06.10 20:44:35 | 000,648,201 | ---- | M] () -- C:\Users\Oksana\Desktop\adwcleaner(1).exe
[2013.05.30 22:08:46 | 000,009,565 | ---- | M] () -- C:\Users\Oksana\Documents\MeineZip.zip
[2013.05.30 19:03:28 | 000,377,856 | ---- | M] () -- C:\Users\Oksana\Desktop\gmer_2.1.19163.exe
[2013.05.29 23:41:34 | 000,000,000 | ---- | M] () -- C:\Users\Oksana\defogger_reenable
[2013.05.29 22:44:22 | 000,335,656 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.05.28 23:45:26 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\SystemPreferences.xml
[2013.05.28 22:30:25 | 000,001,614 | ---- | M] () -- C:\Users\Oksana\Desktop\DivX Movies.lnk
[2013.05.28 22:30:12 | 000,001,132 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2013.05.28 22:29:49 | 000,001,178 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2013.05.28 22:11:29 | 000,001,989 | ---- | M] () -- C:\Windows\unins000.dat
[2013.05.28 22:11:23 | 000,715,038 | ---- | M] () -- C:\Windows\unins000.exe
[2013.05.16 12:19:02 | 000,001,098 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
[2013.05.16 11:59:09 | 000,001,342 | ---- | M] () -- C:\Users\Oksana\Desktop\Easy Audio Cutter.lnk
[2013.05.16 11:59:09 | 000,001,326 | ---- | M] () -- C:\Users\Oksana\Desktop\Free CD Ripper.lnk
[2013.05.16 11:59:09 | 000,001,322 | ---- | M] () -- C:\Users\Oksana\Desktop\Free Mp3 Wma Converter.lnk
 
========== Files Created - No Company Name ==========
 
[2013.06.13 09:32:53 | 000,093,330 | ---- | C] () -- C:\Users\Oksana\Desktop\FSecure_X.jpg
[2013.06.13 09:20:57 | 000,082,017 | ---- | C] () -- C:\Users\Oksana\Desktop\FSeucure.jpg
[2013.06.11 22:05:36 | 000,068,348 | ---- | C] () -- C:\Users\Oksana\Desktop\Werbung2.jpg
[2013.06.11 22:03:27 | 000,034,649 | ---- | C] () -- C:\Users\Oksana\Desktop\Werbung.jpg
[2013.06.11 21:51:23 | 000,059,526 | ---- | C] () -- C:\Users\Oksana\Desktop\Onlinspiel.jpg
[2013.06.10 22:50:30 | 000,002,076 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2013.06.10 20:44:29 | 000,648,201 | ---- | C] () -- C:\Users\Oksana\Desktop\adwcleaner(1).exe
[2013.06.07 09:40:59 | 000,000,390 | ---- | C] () -- C:\Windows\tasks\Tube Karaoke Update.job
[2013.05.30 22:08:46 | 000,009,565 | ---- | C] () -- C:\Users\Oksana\Documents\MeineZip.zip
[2013.05.30 19:04:06 | 000,377,856 | ---- | C] () -- C:\Users\Oksana\Desktop\gmer_2.1.19163.exe
[2013.05.29 23:41:34 | 000,000,000 | ---- | C] () -- C:\Users\Oksana\defogger_reenable
[2013.05.29 22:44:14 | 000,335,656 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.05.28 23:34:37 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\SystemPreferences.xml
[2013.05.28 22:30:25 | 000,001,614 | ---- | C] () -- C:\Users\Oksana\Desktop\DivX Movies.lnk
[2013.05.28 22:30:12 | 000,001,132 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2013.05.28 22:29:49 | 000,001,178 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2013.05.28 22:28:11 | 000,000,000 | ---- | C] () -- C:\END
[2013.05.28 22:11:42 | 000,255,488 | ---- | C] () -- C:\Windows\SysNative\xvidvfw.dll
[2013.05.28 22:11:41 | 000,696,832 | ---- | C] () -- C:\Windows\SysNative\xvidcore.dll
[2013.05.28 22:11:41 | 000,173,568 | ---- | C] () -- C:\Windows\SysNative\xvid.ax
[2013.05.28 22:11:40 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2013.05.28 22:11:40 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2013.05.28 22:11:40 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\xvid.ax
[2013.05.28 22:11:35 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2013.05.28 22:11:28 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2013.05.28 22:11:27 | 000,148,992 | ---- | C] ( ) -- C:\Windows\SysNative\lagarith.dll
[2013.05.28 22:11:26 | 000,715,038 | ---- | C] () -- C:\Windows\unins000.exe
[2013.05.28 22:11:26 | 000,001,989 | ---- | C] () -- C:\Windows\unins000.dat
[2013.05.28 22:10:28 | 000,000,312 | ---- | C] () -- C:\Windows\tasks\DSite.job
[2013.05.20 12:49:59 | 000,387,688 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2013.05.19 22:42:05 | 000,002,471 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013.05.16 12:19:02 | 000,001,110 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk
[2013.05.16 12:19:02 | 000,001,098 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
[2013.05.16 11:59:09 | 000,001,342 | ---- | C] () -- C:\Users\Oksana\Desktop\Easy Audio Cutter.lnk
[2013.05.16 11:59:09 | 000,001,326 | ---- | C] () -- C:\Users\Oksana\Desktop\Free CD Ripper.lnk
[2013.05.16 11:59:09 | 000,001,322 | ---- | C] () -- C:\Users\Oksana\Desktop\Free Mp3 Wma Converter.lnk
[2013.05.16 11:58:59 | 000,116,296 | ---- | C] () -- C:\Windows\SysWow64\NCTWMAProfiles.prx
[2013.05.16 11:58:54 | 000,484,352 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2013.04.06 14:01:23 | 000,007,605 | ---- | C] () -- C:\Users\Oksana\AppData\Local\Resmon.ResmonCfg
[2013.03.31 19:49:41 | 000,042,248 | ---- | C] () -- C:\Windows\SysWow64\drivers\fsbts.sys
[2013.03.31 19:49:32 | 000,019,418 | ---- | C] () -- C:\Windows\prodsett_copy.ini
[2013.03.22 15:07:25 | 000,003,584 | ---- | C] () -- C:\Users\Oksana\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.03.15 14:42:21 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2013.03.15 14:42:21 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2013.01.27 16:01:34 | 000,000,125 | ---- | C] () -- C:\Windows\wininit.ini
[2013.01.25 21:40:15 | 000,077,671 | ---- | C] () -- C:\Users\Oksana\AppData\Local\funmoods_2.0.1.crx
[2012.11.14 10:31:46 | 007,024,928 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.11.14 10:19:05 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2012.11.14 10:03:57 | 000,598,780 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
[2012.11.14 10:03:50 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.11.14 10:03:49 | 000,755,048 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
[2012.11.14 08:55:38 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2012.07.26 10:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2012.07.26 10:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2012.07.26 09:21:26 | 000,067,584 | -H-- | C] () -- C:\Windows\bootstat.dat
[2012.07.26 03:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2012.07.25 22:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012.07.25 22:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2012.06.02 16:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2012.04.20 15:59:44 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
 
========== ZeroAccess Check ==========
 
[2012.11.14 10:30:56 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.03.06 08:31:28 | 019,758,592 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.03.06 07:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013.01.25 21:40:26 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\0T1F0D1F2W1G1I1F1T1Q
[2013.01.19 20:25:38 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\Canneverbe Limited
[2013.05.28 22:11:26 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\CDXReader
[2013.05.28 22:10:28 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\DSite
[2013.05.16 11:59:22 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\FreeAudioPack
[2013.05.19 22:39:02 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\FreeCDRipper
[2013.01.27 10:19:08 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\HoolappForAndroid
[2013.05.28 22:11:28 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\LavFilters
[2013.01.17 12:22:33 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\Lenovo
[2013.01.21 15:13:44 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\MAGIX
[2013.01.22 10:37:13 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\Mail.Ru
[2013.02.12 18:47:24 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\Mra
[2013.01.17 19:08:17 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\OpenOffice.org
[2013.04.28 11:14:09 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\ProfiCAD
[2013.04.05 21:31:32 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\QuickScan
[2013.02.04 20:43:00 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\StatusWinks
[2013.01.21 15:03:26 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\SuperEasy Software
[2013.03.07 21:23:59 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\TeamViewer
[2013.05.02 19:54:03 | 000,000,000 | ---D | M] -- C:\Users\Oksana_2\AppData\Roaming\Lenovo
 
========== Purity Check ==========
 
 

< End of report >

schrauber · 13.06.2013, 18:40

Bitte AcwCleaner und Junkware removal tool löschen und neu laden. Nochmal laufen lassen.

Sams · 13.06.2013, 21:28

Hallo Schrauber,
hier wieder eine neue OTL Log.
Gruß
Sams

Code:

ATTFilter

OTL logfile created on: 13.06.2013 22:13:43 - Run 8
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Oksana\Desktop
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16599)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,88 Gb Total Physical Memory | 6,04 Gb Available Physical Memory | 76,60% Memory free
9,07 Gb Paging File | 7,22 Gb Available in Paging File | 79,60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 869,80 Gb Total Space | 803,98 Gb Free Space | 92,43% Space Free | Partition Type: NTFS
Drive D: | 60,00 Gb Total Space | 40,91 Gb Free Space | 68,18% Space Free | Partition Type: NTFS
 
Computer Name: LAPTOP | User Name: Oksana | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.06.10 22:52:43 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.05.16 22:15:26 | 000,216,968 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe
PRC - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.05.02 21:21:44 | 000,109,064 | ---- | M] (Wajam) -- C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe
PRC - [2013.04.23 09:48:17 | 010,244,448 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
PRC - [2013.04.23 09:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013.04.23 09:40:59 | 000,193,888 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
PRC - [2013.04.23 09:06:29 | 001,035,200 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\Anti-Virus\fssm32.exe
PRC - [2013.04.23 09:06:29 | 000,621,504 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\Anti-Virus\FSGK32.EXE
PRC - [2013.03.27 13:37:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Oksana\Desktop\OTL.exe
PRC - [2013.02.25 15:47:33 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2013.02.25 15:47:19 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2013.02.13 04:37:16 | 001,263,952 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2013.02.11 19:25:36 | 000,664,472 | ---- | M] () -- C:\ProgramData\IBUpdaterService\ibsvc.exe
PRC - [2013.02.02 10:40:58 | 000,375,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2013.01.18 11:06:36 | 000,188,400 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Kabel Deutschland\fshoster32.exe
PRC - [2013.01.03 16:56:12 | 000,311,432 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\Common\FSM32.EXE
PRC - [2013.01.03 16:56:12 | 000,209,032 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\Common\FSMA32.EXE
PRC - [2012.12.12 11:28:14 | 000,163,000 | ---- | M] (Geek Software GmbH) -- C:\Program Files (x86)\PDF24\pdf24.exe
PRC - [2012.10.11 21:41:20 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012.10.04 11:57:42 | 001,313,896 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\ArcSoft TV 5.0\TMTV5Monitor.exe
PRC - [2012.09.30 14:01:24 | 001,132,480 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2012.09.30 14:00:56 | 001,112,000 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2012.09.01 20:07:22 | 000,014,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2012.08.13 12:08:08 | 010,376,704 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2012.08.13 12:08:08 | 010,368,512 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2012.07.30 09:17:20 | 000,258,576 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
PRC - [2012.07.17 18:10:30 | 000,276,864 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012.07.17 18:10:16 | 000,165,760 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
PRC - [2012.07.13 17:50:00 | 000,093,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2012.06.08 05:34:06 | 000,111,120 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
PRC - [2012.05.25 12:00:44 | 000,061,152 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Kabel Deutschland\apps\CCF_Reputation\fsorsp.exe
PRC - [2011.04.13 17:37:06 | 000,312,616 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
PRC - [2011.04.13 17:37:04 | 000,070,952 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
PRC - [2009.03.30 16:00:56 | 000,221,184 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.04.12 10:12:13 | 000,593,464 | ---- | M] () -- C:\Windows\WinSxS\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.482.65_none_b59e1e0911fd55ab\QtMultimediaKit1.dll
MOD - [2013.02.13 04:38:06 | 000,100,688 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2013.02.13 04:37:16 | 001,263,952 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2013.01.03 15:28:18 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\FSGUI\flyerres.eng
MOD - [2013.01.03 15:28:18 | 000,086,016 | ---- | M] () -- C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\FSGUI\strres.eng
MOD - [2013.01.03 15:28:18 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\FSGUI\fsavures.eng
MOD - [2012.08.10 17:51:32 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2012.07.26 05:19:14 | 000,364,544 | ---- | M] () -- C:\Windows\SysWOW64\msjetoledb40.dll
MOD - [2012.06.08 13:34:06 | 000,016,400 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
MOD - [2012.06.08 05:34:06 | 000,627,216 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
MOD - [2012.06.04 17:50:54 | 000,016,384 | ---- | M] () -- C:\Program Files (x86)\ArcSoft\ArcSoft TV 5.0\uTVMUIEngine.dll
MOD - [2009.02.27 17:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
MOD - [2007.04.19 11:33:00 | 000,035,584 | ---- | M] () -- C:\Program Files (x86)\ArcSoft\ArcSoft TV 5.0\uPiApi.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2013.04.09 06:48:42 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013.03.02 04:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013.03.02 04:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013.02.02 10:21:45 | 000,467,456 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013.01.29 03:57:14 | 000,014,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013.01.10 01:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013.01.10 01:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2012.11.06 06:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012.10.19 13:27:10 | 000,386,344 | ---- | M] () [Auto | Running] -- C:\Program Files\CyberLink\Shared files\RichVideo64.exe -- (RichVideo64)
SRV:64bit: - [2012.09.24 18:03:12 | 001,153,840 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:64bit: - [2012.09.24 18:02:54 | 000,272,176 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2012.09.24 18:02:42 | 000,617,776 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2012.09.24 18:02:16 | 000,149,296 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2012.09.20 11:10:47 | 002,367,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2012.09.20 08:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012.09.20 08:30:41 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2012.09.13 06:33:50 | 000,731,688 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:64bit: - [2012.08.15 19:08:14 | 000,135,984 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV:64bit: - [2012.07.26 05:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012.07.26 05:07:42 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2012.07.26 05:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012.07.26 05:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012.07.26 05:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012.07.26 05:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012.07.26 05:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012.07.26 05:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012.07.26 05:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012.07.26 05:05:28 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2012.07.26 05:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012.07.26 05:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2012.04.20 16:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2013.06.11 21:47:28 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.05.26 10:20:04 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.05.02 21:21:44 | 000,109,064 | ---- | M] (Wajam) [Auto | Running] -- C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe -- (WajamUpdater)
SRV - [2013.04.23 09:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013.02.28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.02.25 15:47:33 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.02.25 15:47:19 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.02.11 19:25:36 | 000,664,472 | ---- | M] () [Auto | Running] -- C:\ProgramData\IBUpdaterService\ibsvc.exe -- (IBUpdaterService)
SRV - [2013.01.18 11:06:36 | 000,188,400 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files (x86)\Kabel Deutschland\fshoster32.exe -- (fshoster)
SRV - [2013.01.03 16:56:12 | 000,209,032 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\Common\FSMA32.EXE -- (FSMA)
SRV - [2012.11.06 06:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012.10.22 19:40:30 | 000,277,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012.10.11 21:41:20 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Start_Pending] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.09.30 14:01:24 | 001,132,480 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2012.09.30 14:00:56 | 001,112,000 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2012.09.01 20:07:22 | 000,014,904 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2012.07.26 05:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012.07.17 18:10:32 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012.07.17 18:10:30 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012.07.17 18:10:16 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2012.05.25 12:00:44 | 000,061,152 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files (x86)\Kabel Deutschland\apps\CCF_Reputation\fsorsp.exe -- (FSORSPClient)
SRV - [2011.04.13 17:37:06 | 000,312,616 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe -- (CyberLink PowerDVD 10 MS Service)
SRV - [2011.04.13 17:37:04 | 000,070,952 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe -- (CyberLink PowerDVD 10 MS Monitor Service)
SRV - [2009.08.24 23:16:12 | 000,544,768 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe -- (DfSdkS)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013.04.12 10:01:49 | 000,056,016 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\fsbts.sys -- (fsbts)
DRV:64bit: - [2013.04.09 07:27:43 | 000,284,424 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013.03.02 12:57:48 | 000,337,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013.03.02 12:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013.03.02 12:45:20 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013.03.02 12:45:19 | 000,194,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013.03.02 12:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013.02.26 15:56:51 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2013.02.26 15:56:51 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\Drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2013.02.26 15:56:51 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2013.02.02 13:19:44 | 000,446,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013.02.02 09:25:23 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013.01.29 03:57:05 | 000,035,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013.01.29 01:08:22 | 000,230,904 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013.01.10 03:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2012.11.27 05:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012.11.20 06:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012.11.14 10:19:48 | 000,165,504 | ---- | M] (ITE                      ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\IT9135BDA.sys -- (IT9135BDA)
DRV:64bit: - [2012.11.06 05:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012.10.22 19:40:12 | 005,332,896 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012.10.12 10:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.10.11 21:41:20 | 000,030,056 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2012.10.11 09:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012.10.11 09:13:49 | 000,058,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2012.10.10 13:18:16 | 004,309,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NETwew00.sys -- (NETwNe64)
DRV:64bit: - [2012.10.09 20:48:50 | 000,035,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2012.10.09 20:48:50 | 000,025,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2012.10.09 20:48:48 | 000,188,896 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\xHCIPort.sys -- (XHCIPort)
DRV:64bit: - [2012.10.09 20:48:48 | 000,047,072 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\usb3Hub.sys -- (usb3Hub)
DRV:64bit: - [2012.10.01 16:41:40 | 001,337,216 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2012.10.01 16:41:38 | 000,132,480 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2012.09.20 09:55:33 | 000,212,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2012.09.20 09:55:30 | 000,120,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2012.09.20 09:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012.09.20 09:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012.09.13 06:35:08 | 000,162,344 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2012.09.13 06:35:08 | 000,162,344 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2012.09.05 04:54:26 | 000,454,456 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2012.09.01 20:01:56 | 000,647,736 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012.08.06 13:07:08 | 000,068,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\iBtFltCoex.sys -- (ibtfltcoex)
DRV:64bit: - [2012.07.31 01:04:12 | 000,690,832 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2012.07.26 07:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.07.26 07:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012.07.26 07:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012.07.26 07:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012.07.26 07:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012.07.26 07:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012.07.26 07:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012.07.26 07:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012.07.26 07:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012.07.26 07:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012.07.26 07:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012.07.26 07:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012.07.26 07:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012.07.26 07:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012.07.26 07:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012.07.26 07:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012.07.26 07:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012.07.26 06:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012.07.26 06:54:34 | 000,096,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2012.07.26 06:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012.07.26 05:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012.07.26 04:29:47 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2012.07.26 04:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012.07.26 04:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012.07.26 04:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012.07.26 04:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012.07.26 04:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012.07.26 04:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012.07.26 04:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012.07.26 04:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012.07.26 04:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012.07.26 04:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012.07.26 04:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012.07.26 04:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012.07.26 04:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012.07.26 04:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.07.26 04:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012.07.26 04:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012.07.26 04:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.07.26 04:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012.07.26 04:25:02 | 000,202,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2012.07.26 04:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012.07.26 04:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012.07.26 04:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012.07.02 16:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012.06.25 12:24:50 | 000,092,536 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:64bit: - [2012.06.19 09:40:52 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012.06.13 19:24:00 | 000,252,048 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2013.04.25 12:52:40 | 000,080,832 | ---- | M] (F-Secure Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Kabel Deutschland\apps\CCF_Scanning\fsni64.sys -- (fsni)
DRV - [2013.04.23 09:06:30 | 000,068,608 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\HIPS\drivers\fshs.sys -- (F-Secure HIPS)
DRV - [2013.04.12 10:16:57 | 000,200,760 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper)
DRV - [2013.04.12 10:14:33 | 000,042,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysWOW64\drivers\fsbts.sys -- (fsbts)
DRV - [2013.01.03 16:56:16 | 000,014,472 | ---- | M] () [Kernel | System | Running] -- C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys -- (fsvista)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com
IE - HKLM\..\SearchScopes,DefaultScope = {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-174320049-3726716400-672341874-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-174320049-3726716400-672341874-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
IE - HKU\S-1-5-21-174320049-3726716400-672341874-1002\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-174320049-3726716400-672341874-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-174320049-3726716400-672341874-1002\..\SearchScopes,DefaultScope = {FFEBBF0A-C22C-4172-89FF-45215A135AC7}
IE - HKU\S-1-5-21-174320049-3726716400-672341874-1002\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-174320049-3726716400-672341874-1002\..\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}: "URL" = hxxp://go.mail.ru/search?utf8in=1&fr=ietb&q={SearchTerms}
IE - HKU\S-1-5-21-174320049-3726716400-672341874-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Bing "
FF - prefs.js..browser.search.order.3: "Bing "
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.web.de/"
FF - prefs.js..extensions.enabledAddons: statuswinks%40StatusWinks:1.0.0.5
FF - prefs.js..extensions.enabledAddons: info%40sharkcube.com:0.1
FF - prefs.js..extensions.enabledAddons: plugin%40yontoo.com:1.20.02
FF - prefs.js..extensions.enabledAddons: artur.dubovoy%40gmail.com:3.8.7
FF - prefs.js..extensions.enabledAddons: %7B37964A3C-4EE8-47b1-8321-34DE2C39BA4D%7D:2.5.3.58
FF - prefs.js..extensions.enabledAddons: %7B9AA46F4F-4DC7-4c06-97AF-5035170634FE%7D:5.5
FF - prefs.js..extensions.enabledAddons: toolbar%40web.de:2.6.1
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.15
FF - prefs.js..extensions.enabledAddons: %7B5a95a9e0-59dd-4314-bd84-4d18ca83a0e2%7D:1.26
FF - prefs.js..extensions.enabledAddons: %7B23fcfd51-4958-4f00-80a3-ae97e717ed8b%7D:2.1.2.172
FF - prefs.js..extensions.enabledAddons: YTKaraoke%40DacSoft.org:1.114
FF - prefs.js..extensions.enabledAddons: uploader%40adblockfilters.mozdev.org:2.1
FF - prefs.js..extensions.enabledAddons: adblockpopups%40jessehakanen.net:0.7
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Plus Web Player Plug-In,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\statuswinks@StatusWinks: C:\Users\Oksana\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks [2013.02.04 20:43:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013.05.28 22:30:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.05.28 22:12:50 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\statuswinks@StatusWinks: C:\Users\Oksana\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks [2013.02.04 20:43:00 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}: C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi [2013.05.02 21:21:44 | 000,037,909 | ---- | M] ()
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\YTKaraoke@DacSoft.org: C:\Program Files (x86)\YTKaraoke\FF\ [2013.05.29 23:09:16 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.05.28 22:12:50 | 000,000,000 | ---D | M]
 
[2013.02.04 20:43:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Oksana\AppData\Roaming\mozilla\Extensions
[2013.02.04 20:43:00 | 000,000,000 | ---D | M] (Smiley Bar for Facebook) -- C:\Users\Oksana\AppData\Roaming\mozilla\Extensions\statuswinks@StatusWinks
[2013.06.12 14:16:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Oksana\AppData\Roaming\mozilla\Firefox\Profiles\bohjm6te.default\extensions
[2013.04.05 11:45:49 | 000,000,000 | ---D | M] (Ð¡Ð¿ÑƒÑ‚Ð½Ð¸Ðº @Mail.Ru) -- C:\Users\Oksana\AppData\Roaming\mozilla\Firefox\Profiles\bohjm6te.default\extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D}
[2013.05.28 22:14:31 | 000,000,000 | ---D | M] (Wajam) -- C:\Users\Oksana\AppData\Roaming\mozilla\Firefox\Profiles\bohjm6te.default\extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}
[2013.05.28 22:31:43 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Oksana\AppData\Roaming\mozilla\Firefox\Profiles\bohjm6te.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013.06.12 14:16:50 | 000,134,804 | ---- | M] () (No name found) -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\extensions\adblockpopups@jessehakanen.net.xpi
[2013.03.08 21:19:32 | 000,275,665 | ---- | M] () (No name found) -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\extensions\artur.dubovoy@gmail.com.xpi
[2013.06.12 14:16:07 | 000,123,385 | ---- | M] () (No name found) -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\extensions\elemhidehelper@adblockplus.org.xpi
[2013.02.18 22:21:53 | 000,020,272 | ---- | M] () (No name found) -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\extensions\info@sharkcube.com.xpi
[2013.02.21 17:23:24 | 000,021,487 | ---- | M] () (No name found) -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\extensions\plugin@yontoo.com.xpi
[2013.05.26 10:20:10 | 000,620,338 | ---- | M] () (No name found) -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\extensions\toolbar@web.de.xpi
[2013.06.12 14:16:50 | 000,075,438 | ---- | M] () (No name found) -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\extensions\uploader@adblockfilters.mozdev.org.xpi
[2013.05.19 22:39:57 | 000,117,280 | ---- | M] () (No name found) -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
[2013.06.12 14:15:45 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.05.26 10:20:25 | 000,001,050 | ---- | M] () -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\searchplugins\11-suche.xml
[2013.04.22 21:07:58 | 000,002,402 | ---- | M] () -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\searchplugins\bingp.xml
[2013.05.26 10:20:25 | 000,002,418 | ---- | M] () -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\searchplugins\englische-ergebnisse.xml
[2013.05.26 10:20:24 | 000,010,701 | ---- | M] () -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\searchplugins\gmx-suche.xml
[2013.05.26 10:20:25 | 000,002,432 | ---- | M] () -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\searchplugins\lastminute.xml
[2013.04.05 11:46:01 | 000,001,510 | ---- | M] () -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\searchplugins\mailru.xml
[2013.05.26 10:20:24 | 000,005,682 | ---- | M] () -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\searchplugins\webde-suche.xml
[2013.05.26 11:40:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\Extensions
[2013.05.26 10:20:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2013.05.26 10:20:05 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.05.28 22:30:24 | 000,000,000 | ---D | M] (No name found) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2013.05.29 23:09:16 | 000,000,000 | ---D | M] ("Tube Karaoke") -- C:\PROGRAM FILES (X86)\YTKARAOKE\FF
[2013.02.11 19:26:34 | 000,006,484 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
 
O1 HOSTS File: ([2012.07.26 07:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {8984B388-A5BB-4DF7-B274-77B879E179DB} - No CLSID value found.
O2 - BHO: (Wajam) - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll (Wajam)
O2 - BHO: (delta Helper Object) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.10.0\bh\delta.dll (Delta-search.com)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Tube Karaoke) - {F351B686-F6AF-45F1-9EB9-684C805B25B1} - C:\Program Files (x86)\YTKaraoke\ytkaraoke.dll (Dacotta SoftEngineering)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (Delta Toolbar) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.10.0\deltaTlbr.dll (Delta-search.com)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll (Motorola Solutions, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [bdinstaller] "C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\setupdownloader.exe" /args:"/after_restart" File not found
O4 - HKLM..\Run: [CLMLServer_For_P2G8] C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink)
O4 - HKLM..\Run: [CLVirtualDrive] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [F-Secure Hoster (44553)] C:\Program Files (x86)\Kabel Deutschland\fshoster32.exe (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [YouCam Service] C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe (CyberLink Corp.)
O4 - HKU\S-1-5-21-174320049-3726716400-672341874-1001..\Run: [AppLauncher] C:\Program Files (x86)\Medion MediaPack 3\Ashampoo AppLauncher (Medion)\AppLauncher.exe (Ashampoo)
O4 - HKU\S-1-5-21-174320049-3726716400-672341874-1002..\Run: [MAgent] C:\Users\Oksana\AppData\Roaming\Mail.Ru\Agent\magent.exe (Mail.Ru)
O4 - Startup: C:\Users\Oksana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ConfirmFileDelete = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKU\S-1-5-21-174320049-3726716400-672341874-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: An Bluetooth senden - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm ()
O8 - Extra context menu item: An Bluetooth senden - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm ()
O9:64bit: - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-154514-44482-15/4 File not found
O9:64bit: - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-154514-44482-15/4 File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.169.184.161 83.169.184.225
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9A34807A-9833-43AC-A876-5346935872C5}: DhcpNameServer = 83.169.184.161 83.169.184.225
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D93110B3-007B-4A4A-8BAC-33DF59D2732D}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (c:\progra~3\browserprotect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browserprotect.dll) -  File not found
O20 - AppInit_DLLs: (c:\windows\syswow64\nvinit.dll) - c:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.06.13 09:46:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013.06.10 22:58:49 | 000,000,000 | ---D | C] -- C:\Users\Oksana\AppData\Roaming\Avira
[2013.06.10 22:53:32 | 000,083,160 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2013.06.10 22:50:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2013.06.10 22:50:22 | 000,130,016 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013.06.10 22:50:22 | 000,100,712 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013.06.10 22:50:22 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2013.06.10 22:50:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2013.06.10 21:59:49 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.06.10 21:59:07 | 000,000,000 | ---D | C] -- C:\JRT
[2013.06.06 21:44:03 | 000,000,000 | ---D | C] -- C:\Users\Oksana\Documents\Lucas
[2013.06.03 23:19:26 | 000,000,000 | ---D | C] -- C:\Users\Oksana\Documents\Luise Krening
[2013.06.01 18:54:18 | 000,000,000 | ---D | C] -- C:\Users\Oksana\AppData\Local\DDMSettings
[2013.06.01 18:43:35 | 000,000,000 | ---D | C] -- C:\Users\Oksana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2013.05.30 19:55:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip
[2013.05.30 18:31:48 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Oksana\Desktop\OTL.exe
[2013.05.29 23:09:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\YTKaraoke
[2013.05.28 22:14:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wajam
[2013.05.28 22:13:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LyricsFinder
[2013.05.28 22:12:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2013.05.28 22:12:15 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2013.05.28 22:12:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2013.05.28 22:11:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
[2013.05.28 22:11:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
[2013.05.28 22:11:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xvid
[2013.05.28 22:11:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2013.05.28 22:11:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
[2013.05.28 22:11:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ffdshow
[2013.05.28 22:11:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lame For Audacity
[2013.05.28 22:11:26 | 000,000,000 | ---D | C] -- C:\Users\Oksana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
[2013.05.28 22:11:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Haali
[2013.05.28 22:11:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DSP-worx
[2013.05.28 22:11:25 | 000,000,000 | ---D | C] -- C:\Users\Oksana\AppData\Roaming\LavFilters
[2013.05.28 22:11:25 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2013.05.28 22:11:25 | 000,000,000 | ---D | C] -- C:\Users\Oksana\AppData\Roaming\CDXReader
[2013.05.28 22:11:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenSource Flash Video Splitter
[2013.05.28 22:10:28 | 000,000,000 | ---D | C] -- C:\Users\Oksana\AppData\Roaming\DSite
[2013.05.28 21:32:35 | 000,000,000 | R--D | C] -- C:\Users\Oksana\AppData\Roaming\Brother
[2013.05.28 11:04:44 | 000,000,000 | ---D | C] -- C:\Users\Oksana\Documents\Oksana
[2013.05.27 12:28:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ConvertHelper
[2013.05.27 12:22:58 | 000,000,000 | ---D | C] -- C:\Users\Oksana\dwhelper
[2013.05.20 08:43:26 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\searchplugins
[2013.05.20 08:43:26 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Extensions
[2013.05.19 22:38:22 | 000,000,000 | ---D | C] -- C:\Users\Oksana\AppData\Roaming\FreeCDRipper
[2013.05.16 20:34:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free Easy CD DVD Burner
[2013.05.16 11:59:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Audio Pack
[2013.05.16 11:58:59 | 000,348,160 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\WMAFile.dll
[2013.05.16 11:58:58 | 001,212,416 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudioInfos.dll
[2013.05.16 11:58:58 | 000,479,232 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudioVisu.dll
[2013.05.16 11:58:58 | 000,458,752 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudPlayer.dll
[2013.05.16 11:58:58 | 000,454,656 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudioRecord.dll
[2013.05.16 11:58:57 | 002,084,864 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudDesign.dll
[2013.05.16 11:58:57 | 001,986,560 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudFile.dll
[2013.05.16 11:58:57 | 000,417,792 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudDisplay.dll
[2013.05.16 11:58:50 | 000,000,000 | ---D | C] -- C:\Users\Oksana\AppData\Roaming\FreeAudioPack
[2013.05.16 11:58:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free mp3 Wma Converter
 
========== Files - Modified Within 30 Days ==========
 
[2013.06.13 22:20:00 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.13 22:20:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.13 22:19:27 | 000,001,098 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
[2013.06.13 22:13:00 | 000,000,312 | ---- | M] () -- C:\Windows\tasks\DSite.job
[2013.06.13 22:11:52 | 000,067,584 | -H-- | M] () -- C:\Windows\bootstat.dat
[2013.06.13 22:10:48 | 000,000,390 | ---- | M] () -- C:\Windows\tasks\Tube Karaoke Update.job
[2013.06.13 22:09:49 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013.06.13 22:09:46 | 2475,114,495 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.13 21:59:20 | 001,748,838 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.06.13 21:59:20 | 000,754,172 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.06.13 21:59:20 | 000,711,282 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.06.13 21:59:20 | 000,156,362 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.06.13 21:59:20 | 000,133,150 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.06.13 11:42:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.06.13 11:09:15 | 000,000,000 | ---- | M] () -- C:\END
[2013.06.13 09:32:53 | 000,093,330 | ---- | M] () -- C:\Users\Oksana\Desktop\FSecure_X.jpg
[2013.06.13 09:20:57 | 000,082,017 | ---- | M] () -- C:\Users\Oksana\Desktop\FSeucure.jpg
[2013.06.11 22:05:36 | 000,068,348 | ---- | M] () -- C:\Users\Oksana\Desktop\Werbung2.jpg
[2013.06.11 22:03:27 | 000,034,649 | ---- | M] () -- C:\Users\Oksana\Desktop\Werbung.jpg
[2013.06.11 21:51:23 | 000,059,526 | ---- | M] () -- C:\Users\Oksana\Desktop\Onlinspiel.jpg
[2013.06.10 22:53:00 | 000,083,160 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2013.06.10 22:50:30 | 000,002,076 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2013.05.30 22:08:46 | 000,009,565 | ---- | M] () -- C:\Users\Oksana\Documents\MeineZip.zip
[2013.05.30 19:03:28 | 000,377,856 | ---- | M] () -- C:\Users\Oksana\Desktop\gmer_2.1.19163.exe
[2013.05.29 23:41:34 | 000,000,000 | ---- | M] () -- C:\Users\Oksana\defogger_reenable
[2013.05.29 22:44:22 | 000,335,656 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.05.28 23:45:26 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\SystemPreferences.xml
[2013.05.28 22:30:25 | 000,001,614 | ---- | M] () -- C:\Users\Oksana\Desktop\DivX Movies.lnk
[2013.05.28 22:30:12 | 000,001,132 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2013.05.28 22:29:49 | 000,001,178 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2013.05.28 22:11:29 | 000,001,989 | ---- | M] () -- C:\Windows\unins000.dat
[2013.05.28 22:11:23 | 000,715,038 | ---- | M] () -- C:\Windows\unins000.exe
[2013.05.16 11:59:09 | 000,001,342 | ---- | M] () -- C:\Users\Oksana\Desktop\Easy Audio Cutter.lnk
[2013.05.16 11:59:09 | 000,001,326 | ---- | M] () -- C:\Users\Oksana\Desktop\Free CD Ripper.lnk
[2013.05.16 11:59:09 | 000,001,322 | ---- | M] () -- C:\Users\Oksana\Desktop\Free Mp3 Wma Converter.lnk
 
========== Files Created - No Company Name ==========
 
[2013.06.13 22:19:27 | 000,001,110 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk
[2013.06.13 22:19:27 | 000,001,098 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
[2013.06.13 09:32:53 | 000,093,330 | ---- | C] () -- C:\Users\Oksana\Desktop\FSecure_X.jpg
[2013.06.13 09:20:57 | 000,082,017 | ---- | C] () -- C:\Users\Oksana\Desktop\FSeucure.jpg
[2013.06.11 22:05:36 | 000,068,348 | ---- | C] () -- C:\Users\Oksana\Desktop\Werbung2.jpg
[2013.06.11 22:03:27 | 000,034,649 | ---- | C] () -- C:\Users\Oksana\Desktop\Werbung.jpg
[2013.06.11 21:51:23 | 000,059,526 | ---- | C] () -- C:\Users\Oksana\Desktop\Onlinspiel.jpg
[2013.06.10 22:50:30 | 000,002,076 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2013.06.07 09:40:59 | 000,000,390 | ---- | C] () -- C:\Windows\tasks\Tube Karaoke Update.job
[2013.05.30 22:08:46 | 000,009,565 | ---- | C] () -- C:\Users\Oksana\Documents\MeineZip.zip
[2013.05.30 19:04:06 | 000,377,856 | ---- | C] () -- C:\Users\Oksana\Desktop\gmer_2.1.19163.exe
[2013.05.29 23:41:34 | 000,000,000 | ---- | C] () -- C:\Users\Oksana\defogger_reenable
[2013.05.29 22:44:14 | 000,335,656 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.05.28 23:34:37 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\SystemPreferences.xml
[2013.05.28 22:30:25 | 000,001,614 | ---- | C] () -- C:\Users\Oksana\Desktop\DivX Movies.lnk
[2013.05.28 22:30:12 | 000,001,132 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2013.05.28 22:29:49 | 000,001,178 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2013.05.28 22:28:11 | 000,000,000 | ---- | C] () -- C:\END
[2013.05.28 22:11:42 | 000,255,488 | ---- | C] () -- C:\Windows\SysNative\xvidvfw.dll
[2013.05.28 22:11:41 | 000,696,832 | ---- | C] () -- C:\Windows\SysNative\xvidcore.dll
[2013.05.28 22:11:41 | 000,173,568 | ---- | C] () -- C:\Windows\SysNative\xvid.ax
[2013.05.28 22:11:40 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2013.05.28 22:11:40 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2013.05.28 22:11:40 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\xvid.ax
[2013.05.28 22:11:35 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2013.05.28 22:11:28 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2013.05.28 22:11:27 | 000,148,992 | ---- | C] ( ) -- C:\Windows\SysNative\lagarith.dll
[2013.05.28 22:11:26 | 000,715,038 | ---- | C] () -- C:\Windows\unins000.exe
[2013.05.28 22:11:26 | 000,001,989 | ---- | C] () -- C:\Windows\unins000.dat
[2013.05.28 22:10:28 | 000,000,312 | ---- | C] () -- C:\Windows\tasks\DSite.job
[2013.05.20 12:49:59 | 000,387,688 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2013.05.19 22:42:05 | 000,002,471 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013.05.16 11:59:09 | 000,001,342 | ---- | C] () -- C:\Users\Oksana\Desktop\Easy Audio Cutter.lnk
[2013.05.16 11:59:09 | 000,001,326 | ---- | C] () -- C:\Users\Oksana\Desktop\Free CD Ripper.lnk
[2013.05.16 11:59:09 | 000,001,322 | ---- | C] () -- C:\Users\Oksana\Desktop\Free Mp3 Wma Converter.lnk
[2013.05.16 11:58:59 | 000,116,296 | ---- | C] () -- C:\Windows\SysWow64\NCTWMAProfiles.prx
[2013.05.16 11:58:54 | 000,484,352 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2013.04.06 14:01:23 | 000,007,605 | ---- | C] () -- C:\Users\Oksana\AppData\Local\Resmon.ResmonCfg
[2013.03.31 19:49:41 | 000,042,248 | ---- | C] () -- C:\Windows\SysWow64\drivers\fsbts.sys
[2013.03.31 19:49:32 | 000,019,418 | ---- | C] () -- C:\Windows\prodsett_copy.ini
[2013.03.22 15:07:25 | 000,003,584 | ---- | C] () -- C:\Users\Oksana\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.03.15 14:42:21 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2013.03.15 14:42:21 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2013.01.27 16:01:34 | 000,000,125 | ---- | C] () -- C:\Windows\wininit.ini
[2013.01.25 21:40:15 | 000,077,671 | ---- | C] () -- C:\Users\Oksana\AppData\Local\funmoods_2.0.1.crx
[2012.11.14 10:31:46 | 007,024,928 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.11.14 10:19:05 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2012.11.14 10:03:57 | 000,598,780 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
[2012.11.14 10:03:50 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.11.14 10:03:49 | 000,755,048 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
[2012.11.14 08:55:38 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2012.07.26 10:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2012.07.26 10:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2012.07.26 09:21:26 | 000,067,584 | -H-- | C] () -- C:\Windows\bootstat.dat
[2012.07.26 03:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2012.07.25 22:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012.07.25 22:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2012.06.02 16:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2012.04.20 15:59:44 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
 
========== ZeroAccess Check ==========
 
[2012.11.14 10:30:56 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.03.06 08:31:28 | 019,758,592 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.03.06 07:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013.01.25 21:40:26 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\0T1F0D1F2W1G1I1F1T1Q
[2013.01.19 20:25:38 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\Canneverbe Limited
[2013.05.28 22:11:26 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\CDXReader
[2013.05.28 22:10:28 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\DSite
[2013.05.16 11:59:22 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\FreeAudioPack
[2013.05.19 22:39:02 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\FreeCDRipper
[2013.01.27 10:19:08 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\HoolappForAndroid
[2013.05.28 22:11:28 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\LavFilters
[2013.01.17 12:22:33 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\Lenovo
[2013.01.21 15:13:44 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\MAGIX
[2013.01.22 10:37:13 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\Mail.Ru
[2013.02.12 18:47:24 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\Mra
[2013.01.17 19:08:17 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\OpenOffice.org
[2013.04.28 11:14:09 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\ProfiCAD
[2013.04.05 21:31:32 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\QuickScan
[2013.02.04 20:43:00 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\StatusWinks
[2013.01.21 15:03:26 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\SuperEasy Software
[2013.03.07 21:23:59 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\TeamViewer
[2013.05.02 19:54:03 | 000,000,000 | ---D | M] -- C:\Users\Oksana_2\AppData\Roaming\Lenovo
 
========== Purity Check ==========
 
 

< End of report >

schrauber · 14.06.2013, 06:52

Die neuen Logs der beiden Tools?

Sams · 14.06.2013, 08:16

Hallo Schrauber,
meinst du GMER und OTL Log files?

schrauber · 14.06.2013, 11:59

Zitat:

Zitat von schrauber

Bitte AcwCleaner und Junkware removal tool löschen und neu laden. Nochmal laufen lassen.

HAst Du das geamcht? Wo sind die Logfiles dazu?

Sams · 14.06.2013, 13:21

Hallo Schrauber,
ich habe JRT exe und ADWCleaner gelöscht, OTL laufen lassen und das Logfile dir zugeschickt. Soll ich es noch mal laufen lassen?

Sams

schrauber · 14.06.2013, 16:08

Du sollst die beiden Tools löschen, die beiden Tools neu laden und beide Tools nochmal laufen lassen

Sams · 14.06.2013, 17:25

Ok, hatte ich falsch verstanden. Hab sie nun laufen lassen, hier die Log´s.

Danke
Sams

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 8 x64
Ran by Oksana on 14.06.2013 at 17:50:55,23
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully stopped: [Service] ibupdaterservice 
Successfully deleted: [Service] ibupdaterservice 
Successfully stopped: [Service] wajamupdater 
Successfully deleted: [Service] wajamupdater 



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{82E1477C-B154-48D3-9891-33D83C26BCD3}



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\escort.escortiepane
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\escort.escortiepane.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\esrv.funmoodsesrvc
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\esrv.funmoodsesrvc.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylontoolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\datamngr
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\datamngr
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\datamngr_toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\wajam
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\escort.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\escortapp.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\escorteng.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\escortlbr.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\esrv.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\priam_bho.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\yontooieclient.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\delta.deltaappcore
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\delta.deltaappcore.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\delta.deltadskbnd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\delta.deltadskbnd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\delta.deltahlpr
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\delta.deltahlpr.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\esrv.deltaesrvc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\esrv.deltaesrvc.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajambho
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajambho.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajamdownloader
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wajam.wajamdownloader.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.api
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.api.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.layers
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.layers.1
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\datamngr
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}



~~~ Files

Successfully deleted: [File] "C:\end"
Successfully deleted: [File] C:\eula.1028.txt
Successfully deleted: [File] C:\eula.1031.txt
Successfully deleted: [File] C:\eula.1033.txt
Successfully deleted: [File] C:\eula.1036.txt
Successfully deleted: [File] C:\eula.1040.txt
Successfully deleted: [File] C:\eula.1041.txt
Successfully deleted: [File] C:\eula.1042.txt
Successfully deleted: [File] C:\eula.2052.txt
Successfully deleted: [File] C:\install.res.1028.dll
Successfully deleted: [File] C:\install.res.1031.dll
Successfully deleted: [File] C:\install.res.1033.dll
Successfully deleted: [File] C:\install.res.1036.dll
Successfully deleted: [File] C:\install.res.1040.dll
Successfully deleted: [File] C:\install.res.1041.dll
Successfully deleted: [File] C:\install.res.1042.dll
Successfully deleted: [File] C:\install.res.2052.dll
Successfully deleted: [File] C:\install.res.3082.dll
Successfully deleted: [File] C:\Windows\prefetch\APNSTUB.EXE-E559527F.pf



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\ibupdaterservice"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\Program Files (x86)\delta"
Successfully deleted: [Folder] "C:\Program Files (x86)\file scout"
Successfully deleted: [Folder] "C:\Program Files (x86)\wajam"
Successfully deleted: [Folder] "C:\Program Files (x86)\yontoo"



~~~ FireFox

Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml"
Successfully deleted the following from C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\prefs.js

user_pref("extensions.wajam.affiliate_id", "3672");
user_pref("extensions.wajam.firstrun", "false");
user_pref("extensions.wajam.log_send_info", "false");
user_pref("extensions.wajam.mappingListJsonString", "{\"version\":\"0.21087\",\"supported_sites\":{\"google\":{\"patterns\":[\"^hxxp\\\\:\\/\\/www\\\\.google\\\\..{2,3}(|\\\\\
user_pref("extensions.wajam.no_trace", "true");
user_pref("extensions.wajam.server_current_mapping_version", "0.21087");
user_pref("extensions.wajam.supported_sites.ask.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_
user_pref("extensions.wajam.supported_sites.encryptedgoogle.wajam_google_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM
user_pref("extensions.wajam.supported_sites.google.wajam_google_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_L
user_pref("extensions.wajam.supported_sites.youtubesearch.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_L
user_pref("extensions.wajam.trace_log", "1369932853044 - onFlagInfoReceived - Server mapping version: 0.21087\n1369932853044 - onFlagInfoReceived - Server mapping version (cli
user_pref("extensions.wajam.unique_id", "BCD20C1BA6EF8F3785A37EAAC428B1DC");
user_pref("extensions.wajam.user_current_mapping_version", "0");
user_pref("extensions.wajam.version", "1.26");



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14.06.2013 at 18:08:55,37
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

und die zweite

Code:

ATTFilter

# AdwCleaner v2.303 - Datei am 14/06/2013 um 17:47:27 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzer : Oksana - LAPTOP
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Oksana\Desktop\adwcleaner(1).exe
# Option [Suche]


**** [Dienste] ****

Gefunden : IBUpdaterService
Gefunden : WajamUpdater

***** [Dateien / Ordner] *****

Datei Gefunden : C:\END
Datei Gefunden : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
Datei Gefunden : C:\Users\Oksana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bbjciahceamgodcoidkjpchnokgfpphh_0.localstorage
Datei Gefunden : C:\Users\Oksana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cjpglkicenollcignonpgiafdgfeehoj_0.localstorage
Datei Gefunden : C:\Users\Oksana\AppData\Roaming\Mozilla\Firefox\Profiles\bohjm6te.default\extensions\plugin@yontoo.com.xpi
Datei Gefunden : C:\Users\Oksana\AppData\Roaming\Mozilla\Firefox\Profiles\bohjm6te.default\searchplugins\11-suche.xml
Datei Gefunden : C:\Windows\Tasks\DSite.job
Ordner Gefunden : C:\Program Files (x86)\Delta
Ordner Gefunden : C:\Program Files (x86)\file scout
Ordner Gefunden : C:\Program Files (x86)\jZip
Ordner Gefunden : C:\Program Files (x86)\Wajam
Ordner Gefunden : C:\Program Files (x86)\Yontoo
Ordner Gefunden : C:\ProgramData\Babylon
Ordner Gefunden : C:\ProgramData\IBUpdaterService
Ordner Gefunden : C:\ProgramData\Tarma Installer
Ordner Gefunden : C:\Users\Oksana\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnbcopcndefcccgdofjadnafjljgofam
Ordner Gefunden : C:\Users\Oksana\AppData\Roaming\DSite
Ordner Gefunden : C:\Users\Oksana\AppData\Roaming\StatusWinks

***** [Registrierungsdatenbank] *****

Daten Gefunden : HKLM\..\Windows [AppInit_DLLs] = c:\progra~3\browserprotect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browserprotect.dll
Schlüssel Gefunden : HKCU\Software\DataMngr
Schlüssel Gefunden : HKCU\Software\DataMngr_Toolbar
Schlüssel Gefunden : HKCU\Software\Delta
Schlüssel Gefunden : HKCU\Software\delta LTD
Schlüssel Gefunden : HKCU\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Schlüssel Gefunden : HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Schlüssel Gefunden : HKCU\Software\InstallCore
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schlüssel Gefunden : HKCU\Software\5855dcdbb33fef10
Schlüssel Gefunden : HKLM\Software\Babylon
Schlüssel Gefunden : HKLM\Software\BabylonToolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\delta.deltaappCore
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\delta.deltadskBnd
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\delta.deltaHlpr
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.deltaESrvc
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\wajam.WajamBHO
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Schlüssel Gefunden : HKLM\Software\Conduit
Schlüssel Gefunden : HKLM\Software\DataMngr
Schlüssel Gefunden : HKLM\Software\Delta
Schlüssel Gefunden : HKLM\Software\InstallCore
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gefunden : HKLM\Software\Wajam
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\5855dcdbb33fef10
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fmfnfnpmhcllokmkepffndflpnadjmma
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C87FC351-A80D-43E9-9A86-CF1E29DC443A}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Delta
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
Schlüssel Gefunden : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Schlüssel Gefunden : HKLM\SOFTWARE\Tarma Installer
Schlüssel Gefunden : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Wert Gefunden : HKCU\Software\Mozilla\Firefox\Extensions [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}]
Wert Gefunden : HKCU\Software\Mozilla\Firefox\Extensions [statuswinks@StatusWinks]
Wert Gefunden : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [statuswinks@StatusWinks]
Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{82E1477C-B154-48D3-9891-33D83C26BCD3}]

***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16537

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v21.0 (de)

Datei : C:\Users\Oksana\AppData\Roaming\Mozilla\Firefox\Profiles\bohjm6te.default\prefs.js

Gefunden : user_pref("extensions.wajam.affiliate_id", "3672");
Gefunden : user_pref("extensions.wajam.firstrun", "false");
Gefunden : user_pref("extensions.wajam.log_send_info", "false");
Gefunden : user_pref("extensions.wajam.mappingListJsonString", "{\"version\":\"0.21087\",\"supported_sites\":{\[...]
Gefunden : user_pref("extensions.wajam.no_trace", "true");
Gefunden : user_pref("extensions.wajam.server_current_mapping_version", "0.21087");
Gefunden : user_pref("extensions.wajam.supported_sites.ask.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'waja[...]
Gefunden : user_pref("extensions.wajam.supported_sites.encryptedgoogle.wajam_google_js", "try {window['APP_LABE[...]
Gefunden : user_pref("extensions.wajam.supported_sites.google.wajam_google_se_js", "try {window['APP_LABEL_NAME[...]
Gefunden : user_pref("extensions.wajam.supported_sites.youtubesearch.wajam_se_js", "try {window['APP_LABEL_NAME[...]
Gefunden : user_pref("extensions.wajam.trace_log", "1369932853044 - onFlagInfoReceived - Server mapping version[...]
Gefunden : user_pref("extensions.wajam.unique_id", "BCD20C1BA6EF8F3785A37EAAC428B1DC");
Gefunden : user_pref("extensions.wajam.user_current_mapping_version", "0");
Gefunden : user_pref("extensions.wajam.version", "1.26");
Gefunden : user_pref("extentions.y2layers.defaultEnableAppsList", "twittube,buzzdock,YontooNewOffers");
Gefunden : user_pref("extentions.y2layers.installId", "8562da36-2101-4038-a81b-cd00e9fc3feb");

Datei : C:\Users\Oksana_2\AppData\Roaming\Mozilla\Firefox\Profiles\rub1om2b.default\prefs.js

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [24607 octets] - [10/06/2013 20:46:53]
AdwCleaner[R2].txt - [17572 octets] - [14/06/2013 17:38:31]
AdwCleaner[R3].txt - [17548 octets] - [14/06/2013 17:47:27]

########## EOF - C:\AdwCleaner[R3].txt - [17609 octets] ##########

schrauber · 14.06.2013, 18:48

ADWCleaner bitte auch löschen lassen

dann ein frisches OTL log.

Sams · 14.06.2013, 21:04

Hallo Schrauber, hier die nächsten Log Files.

Code:

ATTFilter

OTL logfile created on: 14.06.2013 21:52:22 - Run 9
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Oksana\Desktop
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16599)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,88 Gb Total Physical Memory | 5,86 Gb Available Physical Memory | 74,34% Memory free
9,07 Gb Paging File | 7,09 Gb Available in Paging File | 78,16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 869,80 Gb Total Space | 803,87 Gb Free Space | 92,42% Space Free | Partition Type: NTFS
Drive D: | 60,00 Gb Total Space | 40,91 Gb Free Space | 68,18% Space Free | Partition Type: NTFS
 
Computer Name: LAPTOP | User Name: Oksana | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.06.07 14:39:25 | 004,150,112 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013.05.27 12:16:56 | 030,171,168 | ---- | M] (Mail.Ru) -- C:\Users\Oksana\AppData\Roaming\Mail.Ru\Agent\magent.exe
PRC - [2013.05.16 22:15:26 | 000,216,968 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe
PRC - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.04.23 09:06:29 | 001,035,200 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\Anti-Virus\fssm32.exe
PRC - [2013.04.23 09:06:29 | 000,621,504 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\Anti-Virus\FSGK32.EXE
PRC - [2013.04.04 11:22:39 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.03.27 13:37:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Oksana\Desktop\OTL.exe
PRC - [2013.02.25 16:47:33 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2013.02.25 16:47:19 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2013.02.13 04:37:16 | 001,263,952 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2013.01.18 11:06:36 | 000,188,400 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Kabel Deutschland\fshoster32.exe
PRC - [2013.01.03 16:56:12 | 000,311,432 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\Common\FSM32.EXE
PRC - [2013.01.03 16:56:12 | 000,209,032 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\Common\FSMA32.EXE
PRC - [2012.12.12 11:28:14 | 000,163,000 | ---- | M] (Geek Software GmbH) -- C:\Program Files (x86)\PDF24\pdf24.exe
PRC - [2012.10.11 21:41:20 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012.10.04 11:57:42 | 001,313,896 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\ArcSoft TV 5.0\TMTV5Monitor.exe
PRC - [2012.09.30 14:01:24 | 001,132,480 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2012.09.30 14:00:56 | 001,112,000 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2012.09.01 20:07:22 | 000,014,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2012.08.13 12:08:08 | 010,376,704 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2012.08.13 12:08:08 | 010,368,512 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2012.07.30 09:17:20 | 000,258,576 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
PRC - [2012.07.17 18:10:30 | 000,276,864 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012.07.17 18:10:16 | 000,165,760 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
PRC - [2012.07.13 17:50:00 | 000,093,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2012.06.08 05:34:06 | 000,111,120 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
PRC - [2012.05.25 12:00:44 | 000,061,152 | ---- | M] (F-Secure Corporation) -- C:\Program Files (x86)\Kabel Deutschland\apps\CCF_Reputation\fsorsp.exe
PRC - [2011.04.13 17:37:06 | 000,312,616 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
PRC - [2011.04.13 17:37:04 | 000,070,952 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
PRC - [2009.03.30 16:00:56 | 000,221,184 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.05.27 12:18:36 | 000,851,456 | ---- | M] () -- C:\Users\Oksana\AppData\Roaming\Mail.Ru\Agent\Mra\dll\YLUSBTEL.dll
MOD - [2013.04.12 10:12:13 | 000,593,464 | ---- | M] () -- C:\Windows\WinSxS\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.482.65_none_b59e1e0911fd55ab\QtMultimediaKit1.dll
MOD - [2013.02.13 04:38:06 | 000,100,688 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2013.02.13 04:37:16 | 001,263,952 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2013.01.03 15:28:18 | 000,086,016 | ---- | M] () -- C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\FSGUI\strres.eng
MOD - [2013.01.03 15:28:18 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\FSGUI\fsavures.eng
MOD - [2012.08.10 17:51:32 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2012.07.26 05:19:14 | 000,364,544 | ---- | M] () -- C:\Windows\SysWOW64\msjetoledb40.dll
MOD - [2012.06.08 13:34:06 | 000,016,400 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
MOD - [2012.06.08 05:34:06 | 000,627,216 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
MOD - [2012.06.04 17:50:54 | 000,016,384 | ---- | M] () -- C:\Program Files (x86)\ArcSoft\ArcSoft TV 5.0\uTVMUIEngine.dll
MOD - [2009.02.27 17:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
MOD - [2007.04.19 11:33:00 | 000,035,584 | ---- | M] () -- C:\Program Files (x86)\ArcSoft\ArcSoft TV 5.0\uPiApi.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2013.04.09 06:48:42 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013.03.02 04:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013.03.02 04:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013.02.02 10:21:45 | 000,467,456 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013.01.29 03:57:14 | 000,014,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013.01.10 01:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013.01.10 01:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2012.11.06 06:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012.10.19 13:27:10 | 000,386,344 | ---- | M] () [Auto | Running] -- C:\Program Files\CyberLink\Shared files\RichVideo64.exe -- (RichVideo64)
SRV:64bit: - [2012.09.24 18:03:12 | 001,153,840 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:64bit: - [2012.09.24 18:02:54 | 000,272,176 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2012.09.24 18:02:42 | 000,617,776 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2012.09.24 18:02:16 | 000,149,296 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2012.09.20 11:10:47 | 002,367,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2012.09.20 08:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012.09.20 08:30:41 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2012.09.13 06:33:50 | 000,731,688 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:64bit: - [2012.08.15 19:08:14 | 000,135,984 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV:64bit: - [2012.07.26 05:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012.07.26 05:07:42 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2012.07.26 05:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012.07.26 05:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012.07.26 05:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012.07.26 05:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012.07.26 05:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012.07.26 05:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012.07.26 05:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012.07.26 05:05:28 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2012.07.26 05:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012.07.26 05:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2012.04.20 16:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2013.06.11 21:47:28 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.06.07 14:39:25 | 004,150,112 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013.05.26 10:20:04 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.02.28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.02.25 16:47:33 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.02.25 16:47:19 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.01.18 11:06:36 | 000,188,400 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files (x86)\Kabel Deutschland\fshoster32.exe -- (fshoster)
SRV - [2013.01.03 16:56:12 | 000,209,032 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\Common\FSMA32.EXE -- (FSMA)
SRV - [2012.11.06 06:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012.10.22 19:40:30 | 000,277,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012.10.11 21:41:20 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.09.30 14:01:24 | 001,132,480 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2012.09.30 14:00:56 | 001,112,000 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2012.09.01 20:07:22 | 000,014,904 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2012.07.26 05:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012.07.17 18:10:32 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012.07.17 18:10:30 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012.07.17 18:10:16 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2012.05.25 12:00:44 | 000,061,152 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files (x86)\Kabel Deutschland\apps\CCF_Reputation\fsorsp.exe -- (FSORSPClient)
SRV - [2011.04.13 17:37:06 | 000,312,616 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe -- (CyberLink PowerDVD 10 MS Service)
SRV - [2011.04.13 17:37:04 | 000,070,952 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe -- (CyberLink PowerDVD 10 MS Monitor Service)
SRV - [2009.08.24 23:16:12 | 000,544,768 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe -- (DfSdkS)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013.04.12 10:01:49 | 000,056,016 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\fsbts.sys -- (fsbts)
DRV:64bit: - [2013.04.09 07:27:43 | 000,284,424 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013.03.02 12:57:48 | 000,337,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013.03.02 12:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013.03.02 12:45:20 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013.03.02 12:45:19 | 000,194,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013.03.02 12:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013.02.26 16:56:51 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2013.02.26 16:56:51 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\Drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2013.02.26 16:56:51 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2013.02.02 13:19:44 | 000,446,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013.02.02 09:25:23 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013.01.29 03:57:05 | 000,035,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013.01.29 01:08:22 | 000,230,904 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013.01.10 03:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2012.11.27 05:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012.11.20 06:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012.11.14 10:19:48 | 000,165,504 | ---- | M] (ITE                      ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\IT9135BDA.sys -- (IT9135BDA)
DRV:64bit: - [2012.11.06 05:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012.10.22 19:40:12 | 005,332,896 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012.10.12 10:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.10.11 21:41:20 | 000,030,056 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2012.10.11 09:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012.10.11 09:13:49 | 000,058,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2012.10.10 13:18:16 | 004,309,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NETwew00.sys -- (NETwNe64)
DRV:64bit: - [2012.10.09 20:48:50 | 000,035,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2012.10.09 20:48:50 | 000,025,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2012.10.09 20:48:48 | 000,188,896 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\xHCIPort.sys -- (XHCIPort)
DRV:64bit: - [2012.10.09 20:48:48 | 000,047,072 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\usb3Hub.sys -- (usb3Hub)
DRV:64bit: - [2012.10.01 16:41:40 | 001,337,216 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2012.10.01 16:41:38 | 000,132,480 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2012.09.20 09:55:33 | 000,212,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2012.09.20 09:55:30 | 000,120,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2012.09.20 09:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012.09.20 09:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012.09.13 06:35:08 | 000,162,344 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2012.09.13 06:35:08 | 000,162,344 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2012.09.05 04:54:26 | 000,454,456 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2012.09.01 20:01:56 | 000,647,736 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012.08.06 13:07:08 | 000,068,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\iBtFltCoex.sys -- (ibtfltcoex)
DRV:64bit: - [2012.07.31 01:04:12 | 000,690,832 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2012.07.26 07:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.07.26 07:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012.07.26 07:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012.07.26 07:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012.07.26 07:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012.07.26 07:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012.07.26 07:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012.07.26 07:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012.07.26 07:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012.07.26 07:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012.07.26 07:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012.07.26 07:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012.07.26 07:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012.07.26 07:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012.07.26 07:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012.07.26 07:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012.07.26 07:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012.07.26 06:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012.07.26 06:54:34 | 000,096,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2012.07.26 06:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012.07.26 05:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012.07.26 04:29:47 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2012.07.26 04:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012.07.26 04:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012.07.26 04:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012.07.26 04:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012.07.26 04:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012.07.26 04:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012.07.26 04:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012.07.26 04:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012.07.26 04:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012.07.26 04:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012.07.26 04:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012.07.26 04:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012.07.26 04:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012.07.26 04:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.07.26 04:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012.07.26 04:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012.07.26 04:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.07.26 04:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012.07.26 04:25:02 | 000,202,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2012.07.26 04:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012.07.26 04:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012.07.26 04:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012.07.02 16:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012.06.25 12:24:50 | 000,092,536 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:64bit: - [2012.06.19 09:40:52 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012.06.13 19:24:00 | 000,252,048 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2013.04.25 12:52:40 | 000,080,832 | ---- | M] (F-Secure Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Kabel Deutschland\apps\CCF_Scanning\fsni64.sys -- (fsni)
DRV - [2013.04.23 09:06:30 | 000,068,608 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\HIPS\drivers\fshs.sys -- (F-Secure HIPS)
DRV - [2013.04.12 10:16:57 | 000,200,760 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper)
DRV - [2013.04.12 10:14:33 | 000,042,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysWOW64\drivers\fsbts.sys -- (fsbts)
DRV - [2013.01.03 16:56:16 | 000,014,472 | ---- | M] () [Kernel | System | Running] -- C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys -- (fsvista)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-174320049-3726716400-672341874-1001\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-174320049-3726716400-672341874-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-174320049-3726716400-672341874-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
IE - HKU\S-1-5-21-174320049-3726716400-672341874-1002\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-174320049-3726716400-672341874-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-174320049-3726716400-672341874-1002\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-174320049-3726716400-672341874-1002\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-174320049-3726716400-672341874-1002\..\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}: "URL" = hxxp://go.mail.ru/search?utf8in=1&fr=ietb&q={SearchTerms}
IE - HKU\S-1-5-21-174320049-3726716400-672341874-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Bing "
FF - prefs.js..browser.search.order.3: "Bing "
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.web.de/"
FF - prefs.js..extensions.enabledAddons: statuswinks%40StatusWinks:1.0.0.5
FF - prefs.js..extensions.enabledAddons: info%40sharkcube.com:0.1
FF - prefs.js..extensions.enabledAddons: plugin%40yontoo.com:1.20.02
FF - prefs.js..extensions.enabledAddons: artur.dubovoy%40gmail.com:3.8.7
FF - prefs.js..extensions.enabledAddons: %7B37964A3C-4EE8-47b1-8321-34DE2C39BA4D%7D:2.5.3.58
FF - prefs.js..extensions.enabledAddons: %7B9AA46F4F-4DC7-4c06-97AF-5035170634FE%7D:5.5
FF - prefs.js..extensions.enabledAddons: toolbar%40web.de:2.6.1
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.15
FF - prefs.js..extensions.enabledAddons: %7B5a95a9e0-59dd-4314-bd84-4d18ca83a0e2%7D:1.26
FF - prefs.js..extensions.enabledAddons: %7B23fcfd51-4958-4f00-80a3-ae97e717ed8b%7D:2.1.2.172
FF - prefs.js..extensions.enabledAddons: YTKaraoke%40DacSoft.org:1.114
FF - prefs.js..extensions.enabledAddons: uploader%40adblockfilters.mozdev.org:2.1
FF - prefs.js..extensions.enabledAddons: adblockpopups%40jessehakanen.net:0.7
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Plus Web Player Plug-In,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013.05.28 22:30:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.05.28 22:12:50 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\YTKaraoke@DacSoft.org: C:\Program Files (x86)\YTKaraoke\FF\ [2013.05.29 23:09:16 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.05.28 22:12:50 | 000,000,000 | ---D | M]
 
[2013.02.04 20:43:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Oksana\AppData\Roaming\mozilla\Extensions
[2013.02.04 20:43:00 | 000,000,000 | ---D | M] (Smiley Bar for Facebook) -- C:\Users\Oksana\AppData\Roaming\mozilla\Extensions\statuswinks@StatusWinks
[2013.06.14 21:45:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Oksana\AppData\Roaming\mozilla\Firefox\Profiles\bohjm6te.default\extensions
[2013.04.05 11:45:49 | 000,000,000 | ---D | M] (Ð¡Ð¿ÑƒÑ‚Ð½Ð¸Ðº @Mail.Ru) -- C:\Users\Oksana\AppData\Roaming\mozilla\Firefox\Profiles\bohjm6te.default\extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D}
[2013.05.28 22:14:31 | 000,000,000 | ---D | M] (Wajam) -- C:\Users\Oksana\AppData\Roaming\mozilla\Firefox\Profiles\bohjm6te.default\extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}
[2013.05.28 22:31:43 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Oksana\AppData\Roaming\mozilla\Firefox\Profiles\bohjm6te.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013.06.12 14:16:50 | 000,134,804 | ---- | M] () (No name found) -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\extensions\adblockpopups@jessehakanen.net.xpi
[2013.03.08 21:19:32 | 000,275,665 | ---- | M] () (No name found) -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\extensions\artur.dubovoy@gmail.com.xpi
[2013.06.12 14:16:07 | 000,123,385 | ---- | M] () (No name found) -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\extensions\elemhidehelper@adblockplus.org.xpi
[2013.02.18 22:21:53 | 000,020,272 | ---- | M] () (No name found) -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\extensions\info@sharkcube.com.xpi
[2013.05.26 10:20:10 | 000,620,338 | ---- | M] () (No name found) -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\extensions\toolbar@web.de.xpi
[2013.06.12 14:16:50 | 000,075,438 | ---- | M] () (No name found) -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\extensions\uploader@adblockfilters.mozdev.org.xpi
[2013.05.19 22:39:57 | 000,117,280 | ---- | M] () (No name found) -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
[2013.06.12 14:15:45 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.04.22 21:07:58 | 000,002,402 | ---- | M] () -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\searchplugins\bingp.xml
[2013.05.26 10:20:25 | 000,002,418 | ---- | M] () -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\searchplugins\englische-ergebnisse.xml
[2013.05.26 10:20:24 | 000,010,701 | ---- | M] () -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\searchplugins\gmx-suche.xml
[2013.05.26 10:20:25 | 000,002,432 | ---- | M] () -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\searchplugins\lastminute.xml
[2013.04.05 11:46:01 | 000,001,510 | ---- | M] () -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\searchplugins\mailru.xml
[2013.05.26 10:20:24 | 000,005,682 | ---- | M] () -- C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\searchplugins\webde-suche.xml
[2013.05.26 11:40:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\Extensions
[2013.05.26 10:20:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2013.05.26 10:20:05 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.05.28 22:30:24 | 000,000,000 | ---D | M] (No name found) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2013.05.29 23:09:16 | 000,000,000 | ---D | M] ("Tube Karaoke") -- C:\PROGRAM FILES (X86)\YTKARAOKE\FF
File not found (No name found) -- C:\USERS\OKSANA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\BOHJM6TE.DEFAULT\EXTENSIONS\PLUGIN@YONTOO.COM.XPI
 
O1 HOSTS File: ([2012.07.26 07:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {8984B388-A5BB-4DF7-B274-77B879E179DB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Tube Karaoke) - {F351B686-F6AF-45F1-9EB9-684C805B25B1} - C:\Program Files (x86)\YTKaraoke\ytkaraoke.dll (Dacotta SoftEngineering)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll (Motorola Solutions, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [bdinstaller] "C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\setupdownloader.exe" /args:"/after_restart" File not found
O4 - HKLM..\Run: [CLMLServer_For_P2G8] C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink)
O4 - HKLM..\Run: [CLVirtualDrive] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [F-Secure Hoster (44553)] C:\Program Files (x86)\Kabel Deutschland\fshoster32.exe (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [YouCam Service] C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe (CyberLink Corp.)
O4 - HKU\S-1-5-21-174320049-3726716400-672341874-1001..\Run: [AppLauncher] C:\Program Files (x86)\Medion MediaPack 3\Ashampoo AppLauncher (Medion)\AppLauncher.exe (Ashampoo)
O4 - HKU\S-1-5-21-174320049-3726716400-672341874-1002..\Run: [MAgent] C:\Users\Oksana\AppData\Roaming\Mail.Ru\Agent\magent.exe (Mail.Ru)
O4 - Startup: C:\Users\Oksana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ConfirmFileDelete = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKU\S-1-5-21-174320049-3726716400-672341874-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: An Bluetooth senden - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm ()
O8 - Extra context menu item: An Bluetooth senden - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm ()
O9:64bit: - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-154514-44482-15/4 File not found
O9:64bit: - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-154514-44482-15/4 File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9A34807A-9833-43AC-A876-5346935872C5}: DhcpNameServer = 83.169.184.225 83.169.184.161
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D93110B3-007B-4A4A-8BAC-33DF59D2732D}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.06.14 18:23:21 | 000,000,000 | ---D | C] -- C:\Users\Oksana\AppData\Roaming\Avira
[2013.06.14 18:20:38 | 000,083,160 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2013.06.14 18:18:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2013.06.14 18:17:53 | 000,130,016 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013.06.14 18:17:53 | 000,100,712 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013.06.14 18:17:53 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2013.06.14 18:17:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2013.06.14 17:49:34 | 000,545,954 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Oksana\Desktop\JRT.exe
[2013.06.13 09:46:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013.06.10 21:59:49 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.06.10 21:59:07 | 000,000,000 | ---D | C] -- C:\JRT
[2013.06.06 21:44:03 | 000,000,000 | ---D | C] -- C:\Users\Oksana\Documents\Lucas
[2013.06.03 23:19:26 | 000,000,000 | ---D | C] -- C:\Users\Oksana\Documents\Luise Krening
[2013.06.01 18:54:18 | 000,000,000 | ---D | C] -- C:\Users\Oksana\AppData\Local\DDMSettings
[2013.06.01 18:43:35 | 000,000,000 | ---D | C] -- C:\Users\Oksana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2013.05.30 19:55:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip
[2013.05.30 18:31:48 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Oksana\Desktop\OTL.exe
[2013.05.29 23:09:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\YTKaraoke
[2013.05.28 22:13:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LyricsFinder
[2013.05.28 22:12:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2013.05.28 22:12:15 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2013.05.28 22:12:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2013.05.28 22:11:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
[2013.05.28 22:11:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
[2013.05.28 22:11:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xvid
[2013.05.28 22:11:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2013.05.28 22:11:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
[2013.05.28 22:11:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ffdshow
[2013.05.28 22:11:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lame For Audacity
[2013.05.28 22:11:26 | 000,000,000 | ---D | C] -- C:\Users\Oksana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
[2013.05.28 22:11:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Haali
[2013.05.28 22:11:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DSP-worx
[2013.05.28 22:11:25 | 000,000,000 | ---D | C] -- C:\Users\Oksana\AppData\Roaming\LavFilters
[2013.05.28 22:11:25 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2013.05.28 22:11:25 | 000,000,000 | ---D | C] -- C:\Users\Oksana\AppData\Roaming\CDXReader
[2013.05.28 22:11:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenSource Flash Video Splitter
[2013.05.28 21:32:35 | 000,000,000 | R--D | C] -- C:\Users\Oksana\AppData\Roaming\Brother
[2013.05.28 11:04:44 | 000,000,000 | ---D | C] -- C:\Users\Oksana\Documents\Oksana
[2013.05.27 12:28:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ConvertHelper
[2013.05.27 12:22:58 | 000,000,000 | ---D | C] -- C:\Users\Oksana\dwhelper
[2013.05.20 08:43:26 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\searchplugins
[2013.05.20 08:43:26 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Extensions
[2013.05.19 22:38:22 | 000,000,000 | ---D | C] -- C:\Users\Oksana\AppData\Roaming\FreeCDRipper
[2013.05.16 20:34:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free Easy CD DVD Burner
[2013.05.16 11:59:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Audio Pack
[2013.05.16 11:58:59 | 000,348,160 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\WMAFile.dll
[2013.05.16 11:58:58 | 001,212,416 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudioInfos.dll
[2013.05.16 11:58:58 | 000,479,232 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudioVisu.dll
[2013.05.16 11:58:58 | 000,458,752 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudPlayer.dll
[2013.05.16 11:58:58 | 000,454,656 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudioRecord.dll
[2013.05.16 11:58:57 | 002,084,864 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudDesign.dll
[2013.05.16 11:58:57 | 001,986,560 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudFile.dll
[2013.05.16 11:58:57 | 000,417,792 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudDisplay.dll
[2013.05.16 11:58:50 | 000,000,000 | ---D | C] -- C:\Users\Oksana\AppData\Roaming\FreeAudioPack
[2013.05.16 11:58:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free mp3 Wma Converter
 
========== Files - Modified Within 30 Days ==========
 
[2013.06.14 21:49:14 | 000,067,584 | -H-- | M] () -- C:\Windows\bootstat.dat
[2013.06.14 21:48:08 | 000,000,390 | ---- | M] () -- C:\Windows\tasks\Tube Karaoke Update.job
[2013.06.14 21:47:53 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.14 21:47:10 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013.06.14 21:47:08 | 2475,114,495 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.14 21:42:16 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.06.14 21:40:09 | 000,754,172 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.06.14 21:40:09 | 000,711,282 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.06.14 21:40:09 | 000,156,362 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.06.14 21:40:09 | 000,133,150 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.06.14 21:40:08 | 001,748,838 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.06.14 18:20:13 | 000,083,160 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2013.06.14 18:20:00 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.14 18:18:00 | 000,002,076 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2013.06.14 17:34:20 | 000,545,954 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Oksana\Desktop\JRT.exe
[2013.06.14 17:20:00 | 000,648,201 | ---- | M] () -- C:\Users\Oksana\Desktop\adwcleaner(1).exe
[2013.06.13 22:19:27 | 000,001,098 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
[2013.06.13 09:32:53 | 000,093,330 | ---- | M] () -- C:\Users\Oksana\Desktop\FSecure_X.jpg
[2013.06.13 09:20:57 | 000,082,017 | ---- | M] () -- C:\Users\Oksana\Desktop\FSeucure.jpg
[2013.06.11 22:05:36 | 000,068,348 | ---- | M] () -- C:\Users\Oksana\Desktop\Werbung2.jpg
[2013.06.11 22:03:27 | 000,034,649 | ---- | M] () -- C:\Users\Oksana\Desktop\Werbung.jpg
[2013.06.11 21:51:23 | 000,059,526 | ---- | M] () -- C:\Users\Oksana\Desktop\Onlinspiel.jpg
[2013.05.30 22:08:46 | 000,009,565 | ---- | M] () -- C:\Users\Oksana\Documents\MeineZip.zip
[2013.05.30 19:03:28 | 000,377,856 | ---- | M] () -- C:\Users\Oksana\Desktop\gmer_2.1.19163.exe
[2013.05.29 23:41:34 | 000,000,000 | ---- | M] () -- C:\Users\Oksana\defogger_reenable
[2013.05.29 22:44:22 | 000,335,656 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.05.28 23:45:26 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\SystemPreferences.xml
[2013.05.28 22:30:25 | 000,001,614 | ---- | M] () -- C:\Users\Oksana\Desktop\DivX Movies.lnk
[2013.05.28 22:30:12 | 000,001,132 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2013.05.28 22:29:49 | 000,001,178 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2013.05.28 22:11:29 | 000,001,989 | ---- | M] () -- C:\Windows\unins000.dat
[2013.05.28 22:11:23 | 000,715,038 | ---- | M] () -- C:\Windows\unins000.exe
[2013.05.16 11:59:09 | 000,001,342 | ---- | M] () -- C:\Users\Oksana\Desktop\Easy Audio Cutter.lnk
[2013.05.16 11:59:09 | 000,001,326 | ---- | M] () -- C:\Users\Oksana\Desktop\Free CD Ripper.lnk
[2013.05.16 11:59:09 | 000,001,322 | ---- | M] () -- C:\Users\Oksana\Desktop\Free Mp3 Wma Converter.lnk
 
========== Files Created - No Company Name ==========
 
[2013.06.14 18:18:00 | 000,002,076 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2013.06.14 17:19:54 | 000,648,201 | ---- | C] () -- C:\Users\Oksana\Desktop\adwcleaner(1).exe
[2013.06.13 22:19:27 | 000,001,110 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk
[2013.06.13 22:19:27 | 000,001,098 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
[2013.06.13 09:32:53 | 000,093,330 | ---- | C] () -- C:\Users\Oksana\Desktop\FSecure_X.jpg
[2013.06.13 09:20:57 | 000,082,017 | ---- | C] () -- C:\Users\Oksana\Desktop\FSeucure.jpg
[2013.06.11 22:05:36 | 000,068,348 | ---- | C] () -- C:\Users\Oksana\Desktop\Werbung2.jpg
[2013.06.11 22:03:27 | 000,034,649 | ---- | C] () -- C:\Users\Oksana\Desktop\Werbung.jpg
[2013.06.11 21:51:23 | 000,059,526 | ---- | C] () -- C:\Users\Oksana\Desktop\Onlinspiel.jpg
[2013.06.07 09:40:59 | 000,000,390 | ---- | C] () -- C:\Windows\tasks\Tube Karaoke Update.job
[2013.05.30 22:08:46 | 000,009,565 | ---- | C] () -- C:\Users\Oksana\Documents\MeineZip.zip
[2013.05.30 19:04:06 | 000,377,856 | ---- | C] () -- C:\Users\Oksana\Desktop\gmer_2.1.19163.exe
[2013.05.29 23:41:34 | 000,000,000 | ---- | C] () -- C:\Users\Oksana\defogger_reenable
[2013.05.29 22:44:14 | 000,335,656 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.05.28 23:34:37 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\SystemPreferences.xml
[2013.05.28 22:30:25 | 000,001,614 | ---- | C] () -- C:\Users\Oksana\Desktop\DivX Movies.lnk
[2013.05.28 22:30:12 | 000,001,132 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2013.05.28 22:29:49 | 000,001,178 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2013.05.28 22:11:42 | 000,255,488 | ---- | C] () -- C:\Windows\SysNative\xvidvfw.dll
[2013.05.28 22:11:41 | 000,696,832 | ---- | C] () -- C:\Windows\SysNative\xvidcore.dll
[2013.05.28 22:11:41 | 000,173,568 | ---- | C] () -- C:\Windows\SysNative\xvid.ax
[2013.05.28 22:11:40 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2013.05.28 22:11:40 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2013.05.28 22:11:40 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\xvid.ax
[2013.05.28 22:11:35 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2013.05.28 22:11:28 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2013.05.28 22:11:27 | 000,148,992 | ---- | C] ( ) -- C:\Windows\SysNative\lagarith.dll
[2013.05.28 22:11:26 | 000,715,038 | ---- | C] () -- C:\Windows\unins000.exe
[2013.05.28 22:11:26 | 000,001,989 | ---- | C] () -- C:\Windows\unins000.dat
[2013.05.20 12:49:59 | 000,387,688 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2013.05.19 22:42:05 | 000,002,471 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013.05.16 11:59:09 | 000,001,342 | ---- | C] () -- C:\Users\Oksana\Desktop\Easy Audio Cutter.lnk
[2013.05.16 11:59:09 | 000,001,326 | ---- | C] () -- C:\Users\Oksana\Desktop\Free CD Ripper.lnk
[2013.05.16 11:59:09 | 000,001,322 | ---- | C] () -- C:\Users\Oksana\Desktop\Free Mp3 Wma Converter.lnk
[2013.05.16 11:58:59 | 000,116,296 | ---- | C] () -- C:\Windows\SysWow64\NCTWMAProfiles.prx
[2013.05.16 11:58:54 | 000,484,352 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2013.04.06 14:01:23 | 000,007,605 | ---- | C] () -- C:\Users\Oksana\AppData\Local\Resmon.ResmonCfg
[2013.03.31 19:49:41 | 000,042,248 | ---- | C] () -- C:\Windows\SysWow64\drivers\fsbts.sys
[2013.03.31 19:49:32 | 000,019,418 | ---- | C] () -- C:\Windows\prodsett_copy.ini
[2013.03.22 15:07:25 | 000,003,584 | ---- | C] () -- C:\Users\Oksana\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.03.15 14:42:21 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2013.03.15 14:42:21 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2013.01.27 16:01:34 | 000,000,125 | ---- | C] () -- C:\Windows\wininit.ini
[2013.01.25 21:40:15 | 000,077,671 | ---- | C] () -- C:\Users\Oksana\AppData\Local\funmoods_2.0.1.crx
[2012.11.14 10:31:46 | 007,024,928 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.11.14 10:19:05 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2012.11.14 10:03:57 | 000,598,780 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
[2012.11.14 10:03:50 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.11.14 10:03:49 | 000,755,048 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
[2012.11.14 08:55:38 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2012.07.26 10:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2012.07.26 10:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2012.07.26 09:21:26 | 000,067,584 | -H-- | C] () -- C:\Windows\bootstat.dat
[2012.07.26 03:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2012.07.25 22:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012.07.25 22:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2012.06.02 16:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2012.04.20 15:59:44 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
 
========== ZeroAccess Check ==========
 
[2012.11.14 10:30:56 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.03.06 08:31:28 | 019,758,592 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.03.06 07:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013.01.25 21:40:26 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\0T1F0D1F2W1G1I1F1T1Q
[2013.01.19 20:25:38 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\Canneverbe Limited
[2013.05.28 22:11:26 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\CDXReader
[2013.05.16 11:59:22 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\FreeAudioPack
[2013.05.19 22:39:02 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\FreeCDRipper
[2013.01.27 10:19:08 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\HoolappForAndroid
[2013.05.28 22:11:28 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\LavFilters
[2013.01.17 12:22:33 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\Lenovo
[2013.01.21 15:13:44 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\MAGIX
[2013.01.22 10:37:13 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\Mail.Ru
[2013.02.12 18:47:24 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\Mra
[2013.01.17 19:08:17 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\OpenOffice.org
[2013.04.28 11:14:09 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\ProfiCAD
[2013.04.05 21:31:32 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\QuickScan
[2013.01.21 15:03:26 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\SuperEasy Software
[2013.03.07 21:23:59 | 000,000,000 | ---D | M] -- C:\Users\Oksana\AppData\Roaming\TeamViewer
[2013.05.02 19:54:03 | 000,000,000 | ---D | M] -- C:\Users\Oksana_2\AppData\Roaming\Lenovo
 
========== Purity Check ==========
 
 

< End of report >

und
AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v2.303 - Datei am 14/06/2013 um 21:50:01 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzer : Oksana - LAPTOP
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Oksana\Desktop\adwcleaner(1).exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16537

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v21.0 (de)

Datei : C:\Users\Oksana\AppData\Roaming\Mozilla\Firefox\Profiles\bohjm6te.default\prefs.js

[OK] Die Datei ist sauber.

Datei : C:\Users\Oksana_2\AppData\Roaming\Mozilla\Firefox\Profiles\rub1om2b.default\prefs.js

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [24607 octets] - [10/06/2013 20:46:53]
AdwCleaner[R2].txt - [17572 octets] - [14/06/2013 17:38:31]
AdwCleaner[R3].txt - [17633 octets] - [14/06/2013 17:47:38]
AdwCleaner[R4].txt - [14516 octets] - [14/06/2013 21:44:30]
AdwCleaner[R5].txt - [1069 octets] - [14/06/2013 21:50:01]
AdwCleaner[S1].txt - [14455 octets] - [14/06/2013 21:45:09]

########## EOF - C:\AdwCleaner[R5].txt - [1190 octets] ##########

--- --- ---
Danke
Sams

13.06.2013, 08:03	#31
schrauber /// the machine /// TB-Ausbilder	Medion P7818 Win8, Extrem langsam beim Starten, dauernd gehen Fenster mit online Spielen auf Neues OTL log bitte. Und schick mal noch das Log von F-Secure, oder einen Screenshot. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

13.06.2013, 11:21	#34
schrauber /// the machine /// TB-Ausbilder	Medion P7818 Win8, Extrem langsam beim Starten, dauernd gehen Fenster mit online Spielen auf Hi, neues OTL log bitte, diesmal Scan Alle Benutzer anhaken. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

13.06.2013, 18:40	#36
schrauber /// the machine /// TB-Ausbilder	Medion P7818 Win8, Extrem langsam beim Starten, dauernd gehen Fenster mit online Spielen auf Bitte AcwCleaner und Junkware removal tool löschen und neu laden. Nochmal laufen lassen. __________________ --> Medion P7818 Win8, Extrem langsam beim Starten, dauernd gehen Fenster mit online Spielen auf

14.06.2013, 06:52	#38
schrauber /// the machine /// TB-Ausbilder	Medion P7818 Win8, Extrem langsam beim Starten, dauernd gehen Fenster mit online Spielen auf Die neuen Logs der beiden Tools? __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

14.06.2013, 16:08	#42
schrauber /// the machine /// TB-Ausbilder	Medion P7818 Win8, Extrem langsam beim Starten, dauernd gehen Fenster mit online Spielen auf Du sollst die beiden Tools löschen, die beiden Tools neu laden und beide Tools nochmal laufen lassen __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Medion P7818 Win8, Extrem langsam beim Starten, dauernd gehen Fenster mit online Spielen auf

Plagegeister aller Art und deren Bekämpfung: Medion P7818 Win8, Extrem langsam beim Starten, dauernd gehen Fenster mit online Spielen auf