Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Scandoctor 2014 Logfile

Scandoctor 2014 Logfile


Log-Analyse und Auswertung: Scandoctor 2014 Logfile

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Seite 4 von 4 « Erste 23 4
Alt 04.06.2013, 20:54   #46
schrauber
/// the machine
/// TB-Ausbilder
 
Scandoctor 2014 Logfile - Standard

Scandoctor 2014 Logfile


No idea, ich glaub das ist ne Einmal-Spende

aufräumen

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.


Falls Du Lob/Kritik loswerden möchtest:
http://www.trojaner-board.de/lob-kritik-wuensche/


Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 08.06.2013, 07:05   #47
AlexisCorner
 
Scandoctor 2014 Logfile - Standard

Scandoctor 2014 Logfile


Moin Schrauber,

erledigt, thanks

Grüße
Alex
__________________
Alt 08.06.2013, 09:17   #48
schrauber
/// the machine
/// TB-Ausbilder
 
Scandoctor 2014 Logfile - Standard

Scandoctor 2014 Logfile


Supi
__________________
__________________
Alt 13.06.2013, 01:06   #49
luci4712
 
Scandoctor 2014 Logfile - Icon19

Scandoctor 2014 Logfile


Beim Starten erscheint immer eine runddll "kann Programm nicht finden.

Logfile anbeiOTL Logfile:
Code:
ATTFilter
OTL logfile created on: 13.06.2013 01:21:41 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Admin\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16599)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,75 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 53,36% Memory free
4,44 Gb Paging File | 2,05 Gb Available in Paging File | 46,28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 278,33 Gb Total Space | 34,57 Gb Free Space | 12,42% Space Free | Partition Type: NTFS
Drive D: | 19,76 Gb Total Space | 9,04 Gb Free Space | 45,77% Space Free | Partition Type: NTFS
 
Computer Name: ADMIN-PC | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Admin\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe (Uniblue Systems Ltd)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)
PRC - C:\Programme\Classic Shell\ClassicShellService.exe (IvoSoft)
PRC - C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe (Microsoft Corp.)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG)
PRC - C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG)
PRC - C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (G Data Software AG)
PRC - C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG)
PRC - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe (G Data Software AG)
PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Program Files (x86)\Secunia\PSI\PSIA.exe (Secunia)
PRC - C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
PRC - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
PRC - C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe ()
PRC - C:\Windows\SysWOW64\PSIService.exe ()
 
 
========== Modules (No Company Name) ==========
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (WMSVC) -- C:\Windows\SysNative\inetsrv\WMSvc.exe (Microsoft Corporation)
SRV:64bit: - (TlntSvr) -- C:\Windows\SysNative\tlntsvr.exe (Microsoft Corporation)
SRV:64bit: - (simptcp) -- C:\Windows\SysNative\TCPSVCS.EXE (Microsoft Corporation)
SRV:64bit: - (SNMP) -- C:\Windows\SysNative\snmp.exe (Microsoft Corporation)
SRV:64bit: - (MSMQTriggers) -- C:\Windows\SysNative\mqtgsvc.exe (Microsoft Corporation)
SRV:64bit: - (MSMQ) -- C:\Windows\SysNative\mqsvc.exe (Microsoft Corporation)
SRV:64bit: - (IISADMIN) -- C:\Windows\SysNative\inetsrv\inetinfo.exe (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (LPDSVC) -- C:\Windows\SysNative\lpdsvc.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (iprip) -- C:\Windows\SysNative\iprip.dll (Microsoft Corporation)
SRV:64bit: - (ftpsvc) -- C:\Windows\SysNative\inetsrv\ftpsvc.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (DsRoleSvc) -- C:\Windows\SysNative\dsrolesrv.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SystemStoreService) -- C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe ()
SRV - (NitroReaderDriverReadSpool3) -- C:\Programme\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe (Nitro PDF Software)
SRV - (AVKWCtl) -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe (G Data Software AG)
SRV - (ClassicShellService) -- C:\Programme\Classic Shell\ClassicShellService.exe (IvoSoft)
SRV - (BingDesktopUpdate) -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe (Microsoft Corp.)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (AVKProxy) -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG)
SRV - (GDFwSvc) -- C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe (G Data Software AG)
SRV - (GDScan) -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG)
SRV - (AVKService) -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe (G Data Software AG)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (RichVideo64) -- C:\Programme\CyberLink\Shared files\RichVideo64.exe ()
SRV - (simptcp) -- C:\Windows\SysWOW64\TCPSVCS.EXE (Microsoft Corporation)
SRV - (SNMP) -- C:\Windows\SysWOW64\snmp.exe (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (WAS) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (W3SVC) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (AppHostSvc) -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
SRV - (Secunia PSI Agent) -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe (Secunia)
SRV - (Secunia Update Agent) -- C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
SRV - (ForceWare Intelligent Application Manager (IAM) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe ()
SRV - (nSvcIp) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe ()
SRV - (osppsvc) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (ose64) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (DfSdkS) -- C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\DfsdkS.exe (mst software GmbH, Germany)
SRV - (AdobeActiveFileMonitor6.0) -- C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe ()
SRV - (ProtexisLicensing) -- C:\Windows\SysWOW64\PSIService.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (GRD) -- C:\Windows\SysNative\Drivers\GRD.sys (G Data Software)
DRV:64bit: - (gdwfpcd) -- C:\Windows\SysNative\Drivers\gdwfpcd64.sys (G Data Software AG)
DRV:64bit: - (GDMnIcpt) -- C:\Windows\SysNative\Drivers\MiniIcpt.sys (G Data Software AG)
DRV:64bit: - (HookCentre) -- C:\Windows\SysNative\Drivers\HookCentre.sys (G Data Software AG)
DRV:64bit: - (GDBehave) -- C:\Windows\SysNative\Drivers\GDBehave.sys (G Data Software AG)
DRV:64bit: - (GDPkIcpt) -- C:\Windows\SysNative\Drivers\PktIcpt.sys (G Data Software AG)
DRV:64bit: - (SWDUMon) -- C:\Windows\SysNative\Drivers\SWDUMon.sys ()
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\Drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\Drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\Drivers\sptd.sys (Duplex Secure Ltd.)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\Drivers\ETD.sys (ELAN Microelectronics Corp.)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\Drivers\athw8x.sys (Qualcomm Atheros Communications, Inc.)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\Drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\Drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV:64bit: - (NVNET) -- C:\Windows\SysNative\Drivers\nvmf6264.sys (NVIDIA Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (gfibto) -- C:\Windows\SysNative\Drivers\gfibto.sys (GFI Software)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\Drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (gfiark) -- C:\Windows\SysNative\Drivers\gfiark.sys (GFI Software)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (MQAC) -- C:\Windows\SysNative\Drivers\mqac.sys (Microsoft Corporation)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\Drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (Vid) -- C:\Windows\SysNative\Drivers\Vid.sys (Microsoft Corporation)
DRV:64bit: - (storvsp) -- C:\Windows\SysNative\Drivers\storvsp.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (vmbusr) -- C:\Windows\SysNative\Drivers\vmbusr.sys (Microsoft Corporation)
DRV:64bit: - (vpcivsp) -- C:\Windows\SysNative\Drivers\vpcivsp.sys (Microsoft Corporation)
DRV:64bit: - (RMCAST) -- C:\Windows\SysNative\Drivers\rmcast.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (andnetadb) -- C:\Windows\SysNative\Drivers\lgandnetadb.sys (Google Inc)
DRV:64bit: - (ANDNetModem) -- C:\Windows\SysNative\Drivers\lgandnetmodem64.sys (LG Electronics Inc.)
DRV:64bit: - (AndNetDiag) -- C:\Windows\SysNative\Drivers\lgandnetdiag64.sys (LG Electronics Inc.)
DRV:64bit: - (LPCFilter) -- C:\Windows\SysNative\Drivers\LPCFilter.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (USBModem) -- C:\Windows\SysNative\Drivers\lgx64modem.sys (LG Electronics Inc.)
DRV:64bit: - (UsbDiag) -- C:\Windows\SysNative\Drivers\lgx64diag.sys (LG Electronics Inc.)
DRV:64bit: - (usbbus) -- C:\Windows\SysNative\Drivers\lgx64bus.sys (LG Electronics Inc.)
DRV:64bit: - (MxEFUF) -- C:\Windows\SysNative\Drivers\MxEFUF64.sys (Matrox Graphics Inc.)
DRV:64bit: - (regi) -- C:\Windows\SysNative\Drivers\regi.sys (InterVideo)
DRV:64bit: - (PSI) -- C:\Windows\SysNative\Drivers\psi_mf.sys (Secunia)
DRV:64bit: - (XUIF) -- C:\Windows\SysNative\Drivers\x10ufx2.sys (X10 Wireless Technology, Inc.)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = about:newtab
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = about:newtab
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = about:newtab
IE - HKLM\..\SearchScopes,DefaultScope = {83A37814-D9DF-4FBB-814C-6BE00D227B48}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{83A37814-D9DF-4FBB-814C-6BE00D227B48}: "URL" = hxxp://search.certified-toolbar.com?si=46364&st=bs&tid=3869&ver=3.2&ts=1370707150399&tguid=46364-3869-1370707150399-65824477116CA2415AE5942F28A728D0&q={searchTerms}
IE - HKLM\..\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}: "URL" = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^HJ^xdm255^YY^de&si=CMOt7MuTk7cCFZLKtAodLiEA-w&ptb=1A1D9FAA-C908-4CD3-A27D-9D256F5C47C2&ind=2013051309&n=77fcb9ad&psa=&st=sb&searchfor={searchTerms}
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-4293325158-2762499305-3726567904-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
IE - HKU\S-1-5-21-4293325158-2762499305-3726567904-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = about:blank
IE - HKU\S-1-5-21-4293325158-2762499305-3726567904-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = 
IE - HKU\S-1-5-21-4293325158-2762499305-3726567904-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=UP93&ocid=UP93DHP&dt=061213
IE - HKU\S-1-5-21-4293325158-2762499305-3726567904-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
IE - HKU\S-1-5-21-4293325158-2762499305-3726567904-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\S-1-5-21-4293325158-2762499305-3726567904-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 84 C7 E5 17 19 DF CD 01  [binary data]
IE - HKU\S-1-5-21-4293325158-2762499305-3726567904-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = 
IE - HKU\S-1-5-21-4293325158-2762499305-3726567904-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = 
IE - HKU\S-1-5-21-4293325158-2762499305-3726567904-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = 
IE - HKU\S-1-5-21-4293325158-2762499305-3726567904-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = 
IE - HKU\S-1-5-21-4293325158-2762499305-3726567904-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = 
IE - HKU\S-1-5-21-4293325158-2762499305-3726567904-1001\..\SearchScopes,DefaultScope = {83A37814-D9DF-4FBB-814C-6BE00D227B48}
IE - HKU\S-1-5-21-4293325158-2762499305-3726567904-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-4293325158-2762499305-3726567904-1001\..\SearchScopes\{105C51F9-9778-4686-815B-9A845D78F82C}: "URL" = hxxp://blekko.com/ws/?source=5f97ddbe&tbp=rbox&u=5450479400000000000012224354fec1&q={searchTerms}&r=279
IE - HKU\S-1-5-21-4293325158-2762499305-3726567904-1001\..\SearchScopes\{695A8050-B0AF-4395-8680-B169BEE78F03}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3282494&CUI=UN19012636752030930&UM=1
IE - HKU\S-1-5-21-4293325158-2762499305-3726567904-1001\..\SearchScopes\{83A37814-D9DF-4FBB-814C-6BE00D227B48}: "URL" = hxxp://www.bing.com/search?FORM=UP93DF&PC=UP93&dt=061013&q={searchTerms}&src=IE-SearchBox
IE - HKU\S-1-5-21-4293325158-2762499305-3726567904-1001\..\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}: "URL" = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^HJ^xdm255^YY^de&si=CMOt7MuTk7cCFZLKtAodLiEA-w&ptb=1A1D9FAA-C908-4CD3-A27D-9D256F5C47C2&ind=2013051309&n=77fcb9ad&psa=&st=sb&searchfor={searchTerms}
IE - HKU\S-1-5-21-4293325158-2762499305-3726567904-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://comcenter.netcologne.de/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Plus Web Player Plug-In,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}: C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ [2012.12.21 06:19:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013.05.31 09:07:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.05.14 17:28:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.06.12 16:52:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.05.18 18:08:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2013.06.12 16:52:04 | 000,000,000 | ---D | M]
 
[2013.05.04 09:34:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Extensions
[2013.06.11 13:15:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\3katwwvs.default\extensions
[2013.06.11 13:15:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\3katwwvs.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
[2013.05.14 17:28:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2013.05.14 17:28:25 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.msn.com/?pc=UP93&ocid=UP93DHP&dt=061013
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\pdf.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll
CHR - plugin: Error reading preferences file
CHR - Extension: Google Drive = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google-Suche = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Mehr Leistung und Videoformate fr dein HTML5 video = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0\
CHR - Extension: Google Mail = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2013.04.09 02:37:14 | 000,446,305 | R--- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O1 - Hosts: 127.0.0.1	www.007guard.com
O1 - Hosts: 127.0.0.1	007guard.com
O1 - Hosts: 127.0.0.1	008i.com
O1 - Hosts: 127.0.0.1	www.008k.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	www.00hq.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	010402.com
O1 - Hosts: 127.0.0.1	www.032439.com
O1 - Hosts: 127.0.0.1	032439.com
O1 - Hosts: 127.0.0.1	www.0scan.com
O1 - Hosts: 127.0.0.1	0scan.com
O1 - Hosts: 127.0.0.1	www.1000gratisproben.com
O1 - Hosts: 127.0.0.1	1000gratisproben.com
O1 - Hosts: 127.0.0.1	1001namen.com
O1 - Hosts: 127.0.0.1	www.1001namen.com
O1 - Hosts: 127.0.0.1	100888290cs.com
O1 - Hosts: 127.0.0.1	www.100888290cs.com
O1 - Hosts: 127.0.0.1	www.100sexlinks.com
O1 - Hosts: 127.0.0.1	100sexlinks.com
O1 - Hosts: 127.0.0.1	www.10sek.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 127.0.0.1	www.1-2005-search.com
O1 - Hosts: 127.0.0.1	1-2005-search.com
O1 - Hosts: 127.0.0.1	www.123fporn.info
O1 - Hosts: 15324 more lines...
O2:64bit: - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Programme\Classic Shell\ClassicExplorer64.dll (IvoSoft)
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (ClassicIE9BHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Programme\Classic Shell\ClassicIE9DLL_64.dll (IvoSoft)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Programme\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (ClassicIE9BHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Programme\Classic Shell\ClassicIE9DLL_32.dll (IvoSoft)
O3:64bit: - HKLM\..\Toolbar: (no name) - {0124123D-61B4-456f-AF86-78C53A0790C5} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Programme\Classic Shell\ClassicExplorer64.dll (IvoSoft)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Programme\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-4293325158-2762499305-3726567904-1001\..\Toolbar\WebBrowser: (no name) - {5786D022-540E-4699-B350-B4BE0AE94B79} - No CLSID value found.
O3 - HKU\S-1-5-21-4293325158-2762499305-3726567904-1001\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\Alps\GlidePoint\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [MsmqIntCert] C:\WINDOWS\SysNative\mqrt.dll (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [BingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe (Microsoft Corp.)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [G Data AntiVirus Tray] C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG)
O4 - HKLM..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (G Data Software AG)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [Ulead AutoDetector v2] C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe (Ulead Systems, Inc.)
O4 - HKU\S-1-5-21-4293325158-2762499305-3726567904-1001..\Run: [DriverMax] C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe (Innovative Solutions)
O4 - HKU\S-1-5-21-4293325158-2762499305-3726567904-1001..\Run: [DriverMax_RESTART] C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe (Innovative Solutions)
O4 - HKU\S-1-5-21-4293325158-2762499305-3726567904-1001..\Run: [FileHippo.com] C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKU\S-1-5-21-4293325158-2762499305-3726567904-1001..\Run: [Spybot-S&D Cleaning] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-4293325158-2762499305-3726567904-1001..\Run: [StartMenuX] C:\Programme\Start Menu X\StartMenuX.exe (OrdinarySoft)
O4 - Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk = C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\S-1-5-21-4293325158-2762499305-3726567904-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKU\S-1-5-21-4293325158-2762499305-3726567904-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O8:64bit: - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Classic IE9 Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Programme\Classic Shell\ClassicIE9_32.exe (IvoSoft)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Classic IE9 Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Programme\Classic Shell\ClassicIE9_32.exe (IvoSoft)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000019 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000020 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (NVIDIA Smart Scan)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9BB74F8C-7AA9-45FE-9694-463B95EB47C5}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~4\Wincert\WIN64C~1.DLL) - C:\ProgramData\Wincert\win64cert.dll ()
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\x64\mgrldr.dll) -  File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe) - c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{1cf985d4-a6b6-11e2-80af-00222002dc27}\Shell - "" = AutoRun
O33 - MountPoints2\{1cf985d4-a6b6-11e2-80af-00222002dc27}\Shell\AutoRun\command - "" = "F:\LGAutoRun.exe" 
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: x64 - (C:\Program Files (x86)\Search Results Toolbar\Datamngr\x64\apcrtldr.dll) -  File not found
O36 - AppCertDlls: x86 - (C:\Program Files (x86)\Search Results Toolbar\Datamngr\apcrtldr.dll) -  File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.06.13 01:10:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2013.06.12 22:51:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bing-Desktop
[2013.06.12 22:49:58 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptdlg.dll
[2013.06.12 22:49:58 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cryptdlg.dll
[2013.06.12 22:36:23 | 001,889,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\crypt32.dll
[2013.06.12 22:36:22 | 001,255,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\certutil.exe
[2013.06.12 22:36:22 | 001,013,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\certutil.exe
[2013.06.12 22:36:22 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptnet.dll
[2013.06.12 22:35:49 | 000,733,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32spl.dll
[2013.06.12 22:35:32 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2013.06.12 22:35:22 | 000,915,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uxtheme.dll
[2013.06.12 22:35:21 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2013.06.12 22:35:21 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2013.06.12 22:35:21 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2013.06.12 22:35:21 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2013.06.12 22:35:20 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UXInit.dll
[2013.06.12 22:35:20 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UXInit.dll
[2013.06.12 22:34:59 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tssdisai.dll
[2013.06.12 22:17:12 | 013,644,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2013.06.12 22:17:09 | 010,788,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2013.06.12 22:17:07 | 001,131,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2013.06.12 22:17:06 | 010,116,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2013.06.12 22:17:02 | 000,470,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netprofmsvc.dll
[2013.06.12 22:17:01 | 008,857,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2013.06.12 22:17:00 | 002,305,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2013.06.12 22:17:00 | 000,820,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gpprefcl.dll
[2013.06.12 22:17:00 | 000,760,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2013.06.12 22:16:59 | 002,035,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2013.06.12 22:16:59 | 000,014,848 | ---- | C] (Microsoft) -- C:\WINDOWS\SysWow64\rars.rs
[2013.06.12 22:16:59 | 000,014,848 | ---- | C] (Microsoft) -- C:\WINDOWS\SysNative\rars.rs
[2013.06.12 22:16:58 | 000,708,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.dll
[2013.06.12 22:16:58 | 000,621,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2013.06.12 22:16:58 | 000,446,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBHUB3.SYS
[2013.06.12 22:16:58 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BCP47Langs.dll
[2013.06.12 22:16:58 | 000,330,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\stobject.dll
[2013.06.12 22:16:58 | 000,328,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ubpm.dll
[2013.06.12 22:16:58 | 000,247,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ubpm.dll
[2013.06.12 22:16:56 | 000,812,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Magnify.exe
[2013.06.12 22:16:56 | 000,560,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll
[2013.06.12 22:16:56 | 000,213,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\UCX01000.SYS
[2013.06.12 22:16:56 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netplwiz.dll
[2013.06.12 22:16:56 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netplwiz.dll
[2013.06.12 22:16:56 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\psmsrv.dll
[2013.06.12 22:16:55 | 001,619,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll
[2013.06.12 22:16:55 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Magnify.exe
[2013.06.12 22:16:55 | 000,501,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevicePairing.dll
[2013.06.12 22:16:55 | 000,449,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DevicePairing.dll
[2013.06.12 22:16:55 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\intl.cpl
[2013.06.12 22:16:55 | 000,284,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2013.06.12 22:16:55 | 000,120,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AuthHost.exe
[2013.06.12 22:16:55 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hidclass.sys
[2013.06.12 22:16:55 | 000,058,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2013.06.12 22:16:54 | 000,582,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gpprefcl.dll
[2013.06.12 22:16:54 | 000,411,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
[2013.06.12 22:16:54 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\intl.cpl
[2013.06.12 22:16:54 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll
[2013.06.12 22:16:54 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bisrv.dll
[2013.06.12 22:16:54 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll
[2013.06.12 22:16:54 | 000,122,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\biwinrt.dll
[2013.06.12 22:16:54 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\biwinrt.dll
[2013.06.12 22:16:53 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BCP47Langs.dll
[2013.06.12 22:16:53 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuwebv.dll
[2013.06.12 22:16:53 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuwebv.dll
[2013.06.12 22:16:53 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2013.06.12 22:16:53 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2013.06.12 22:16:53 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapp.exe
[2013.06.12 22:16:53 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapp.exe
[2013.06.12 22:16:53 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\muifontsetup.dll
[2013.06.12 22:16:53 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\muifontsetup.dll
[2013.06.12 22:16:37 | 001,257,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel32.dll
[2013.06.12 22:16:31 | 001,300,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32.dll
[2013.06.12 22:16:29 | 000,888,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autochk.exe
[2013.06.12 22:16:29 | 000,793,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\autochk.exe
[2013.06.12 22:16:29 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\untfs.dll
[2013.06.12 22:16:29 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\untfs.dll
[2013.06.12 16:54:24 | 000,029,712 | ---- | C] (Nitro PDF Software) -- C:\WINDOWS\SysNative\nitrolocalmon2.dll
[2013.06.12 16:54:24 | 000,017,936 | ---- | C] (Nitro PDF Software) -- C:\WINDOWS\SysNative\nitrolocalui2.dll
[2013.06.12 16:54:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nitro
[2013.06.12 16:54:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nitro
[2013.06.12 16:54:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nitro
[2013.06.12 09:26:09 | 000,107,128 | ---- | C] (G Data Software) -- C:\WINDOWS\SysNative\drivers\GRD.sys
[2013.06.11 17:07:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data InternetSecurity 2014
[2013.06.11 16:57:03 | 000,064,824 | ---- | C] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\PktIcpt.sys
[2013.06.11 16:56:23 | 000,068,408 | ---- | C] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\gdwfpcd64.sys
[2013.06.11 16:56:19 | 000,130,392 | ---- | C] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\MiniIcpt.sys
[2013.06.11 16:56:19 | 000,065,368 | ---- | C] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\HookCentre.sys
[2013.06.11 16:56:19 | 000,060,248 | ---- | C] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\GDBehave.sys
[2013.06.11 16:52:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\G Data
[2013.06.11 13:00:51 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Corel
[2013.06.10 20:33:18 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Wise Registry Cleaner
[2013.06.10 20:32:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Registry Cleaner
[2013.06.10 20:32:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wise
[2013.06.08 18:04:01 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Freemium
[2013.06.08 17:58:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SoftwareUpdater
[2013.06.08 17:58:56 | 000,000,000 | ---D | C] -- C:\ProgramData\FreeSystemUtilities
[2013.06.08 17:58:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Covus Freemium
[2013.06.08 17:58:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Covus Freemium
[2013.06.08 17:58:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2013.06.06 21:13:32 | 000,524,016 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\drivers\SynTP.sys
[2013.06.06 21:13:32 | 000,264,432 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynTPAPI.dll
[2013.06.06 21:13:32 | 000,192,240 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynTPCo19.dll
[2013.06.06 21:13:32 | 000,151,280 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysWow64\SynTPCom.dll
[2013.06.06 21:13:26 | 000,351,984 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysWow64\SynCom.dll
[2013.06.06 11:54:34 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\MrJobs
[2013.05.29 11:00:32 | 002,802,760 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtPgEx64.dll
[2013.05.29 11:00:31 | 001,003,080 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtkApi64.dll
[2013.05.29 11:00:31 | 000,613,448 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtDataProc64.dll
[2013.05.29 11:00:30 | 022,429,696 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RCoRes64.dat
[2013.05.29 11:00:30 | 000,138,824 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RCoInstII64.dll
[2013.05.29 11:00:13 | 000,208,072 | ---- | C] (Andrea Electronics Corporation) -- C:\WINDOWS\SysNative\AERTAC64.dll
[2013.05.29 10:47:47 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2013.05.29 10:47:04 | 001,721,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WdfCoInstaller01009.dll
[2013.05.29 10:46:59 | 000,192,240 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynTPCo18.dll
[2013.05.28 11:39:19 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013.05.28 10:12:40 | 003,786,752 | ---- | C] (Qualcomm Atheros Communications, Inc.) -- C:\WINDOWS\SysNative\drivers\athw8x.sys
[2013.05.28 09:58:58 | 000,819,440 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynCOM.dll
[2013.05.28 09:43:02 | 013,403,168 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvwgf2um.dll
[2013.05.28 09:42:58 | 007,641,832 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvopencl.dll
[2013.05.28 09:42:58 | 006,324,360 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvopencl.dll
[2013.05.28 09:42:57 | 027,775,776 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvoglv64.dll
[2013.05.28 09:42:54 | 021,096,736 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvoglv32.dll
[2013.05.28 09:42:49 | 000,518,944 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFR64.dll
[2013.05.28 09:42:49 | 000,421,152 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFR.dll
[2013.05.28 09:42:48 | 000,550,176 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvFBC64.dll
[2013.05.28 09:42:48 | 000,443,168 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvFBC.dll
[2013.05.28 09:42:47 | 001,511,712 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispgenco6432018.dll
[2013.05.28 09:42:46 | 001,832,224 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispco6432018.dll
[2013.05.28 09:42:45 | 015,143,904 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvd3dumx.dll
[2013.05.28 09:42:44 | 002,942,240 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvid.dll
[2013.05.28 09:42:44 | 002,754,336 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvid.dll
[2013.05.28 09:42:43 | 007,682,960 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuda.dll
[2013.05.28 09:42:43 | 002,363,680 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvenc.dll
[2013.05.28 09:42:43 | 002,002,720 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvenc.dll
[2013.05.28 09:42:42 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcompiler.dll
[2013.05.28 09:42:42 | 009,233,688 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuda.dll
[2013.05.28 09:42:41 | 025,256,224 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcompiler.dll
[2013.05.28 09:42:40 | 002,597,344 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvapi.dll
[2013.05.28 09:36:48 | 000,031,520 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvhdap64.dll
[2013.05.28 09:36:47 | 000,194,848 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\drivers\nvhda64v.sys
[2013.05.28 09:36:47 | 000,072,992 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvapo64v.dll
[2013.05.26 21:01:39 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\elsterformular
[2013.05.26 21:00:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
[2013.05.26 21:00:51 | 000,000,000 | ---D | C] -- C:\ProgramData\elsterformular
[2013.05.26 21:00:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ElsterFormular
[2013.05.23 01:56:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2013.05.23 01:56:41 | 000,017,272 | ---- | C] (Safer Networking Limited) -- C:\WINDOWS\SysNative\sdnclean64.exe
[2013.05.21 21:08:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IsoBuster
[2013.05.21 21:08:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Smart Projects
[2013.05.18 18:08:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2013.05.17 18:31:40 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Ashampoo Slideshow Studio 2012
[2013.05.17 01:15:36 | 000,000,000 | -H-D | C] -- C:\ProgramData\{C9F60138-EDD0-4FE6-997C-6A42B5D7A85D}
[2013.05.17 01:13:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AquaSoft
[2013.05.17 01:13:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AquaSoft
[2013.05.16 11:42:40 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\VideoPad Projekte
[2013.05.15 15:51:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Related Programs
[2013.05.15 15:51:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
[2013.05.15 15:24:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foto2Avi
[2013.05.15 15:24:34 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Foto2Avi
[2013.05.15 15:24:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foto2Avi
[2013.05.15 08:50:06 | 002,382,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\esent.dll
[2013.05.15 08:50:05 | 002,851,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\esent.dll
[2013.05.15 08:49:44 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shdocvw.dll
[2013.05.15 08:49:40 | 000,112,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\consent.exe
[2013.05.15 02:32:49 | 006,987,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2013.05.15 01:41:38 | 014,267,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmp.dll
[2013.05.15 01:41:38 | 003,552,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tquery.dll
[2013.05.15 01:41:35 | 011,878,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmp.dll
[2013.05.15 01:41:34 | 002,107,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssrch.dll
[2013.05.15 01:41:31 | 002,767,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tquery.dll
[2013.05.15 01:41:29 | 001,593,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssrch.dll
[2013.05.15 01:41:25 | 001,829,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2013.05.15 01:41:25 | 001,444,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSAudDecMFT.dll
[2013.05.15 01:41:14 | 001,113,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSAudDecMFT.dll
[2013.05.15 01:41:14 | 000,306,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kd_02_10ec.dll
[2013.05.15 01:41:12 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssph.dll
[2013.05.15 01:41:12 | 000,298,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rsaenh.dll
[2013.05.15 01:41:11 | 000,446,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll
[2013.05.15 01:41:11 | 000,373,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchProtocolHost.exe
[2013.05.15 01:41:10 | 000,489,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEng.dll
[2013.05.15 01:41:09 | 000,435,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssph.dll
[2013.05.15 01:41:09 | 000,367,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\conhost.exe
[2013.05.15 01:41:09 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmredir.dll
[2013.05.15 01:41:07 | 000,804,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RecoveryDrive.exe
[2013.05.15 01:41:07 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.dll
[2013.05.15 01:41:07 | 000,456,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpncore.dll
[2013.05.15 01:41:07 | 000,253,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audiodg.exe
[2013.05.15 01:41:06 | 001,403,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2013.05.15 01:41:06 | 001,267,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2013.05.15 01:41:06 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.BackgroundTransfer.dll
[2013.05.15 01:41:05 | 001,217,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2013.05.15 01:41:05 | 000,523,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XpsGdiConverter.dll
[2013.05.15 01:41:04 | 001,093,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2013.05.15 01:41:04 | 000,503,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ci.dll
[2013.05.15 01:41:04 | 000,468,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
[2013.05.15 01:41:04 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmvdsitf.dll
[2013.05.15 01:41:03 | 000,659,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssvp.dll
[2013.05.15 01:41:03 | 000,411,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.dll
[2013.05.15 01:41:03 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfreadwrite.dll
[2013.05.15 01:41:03 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhengine.dll
[2013.05.15 01:41:03 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2013.05.15 01:41:02 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.BackgroundTransfer.dll
[2013.05.15 01:41:02 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFilterHost.exe
[2013.05.15 01:41:02 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Robocopy.exe
[2013.05.15 01:41:02 | 000,123,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wscapi.dll
[2013.05.15 01:41:02 | 000,077,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kdvm.dll
[2013.05.15 01:41:01 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iuilp.dll
[2013.05.15 01:41:01 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Robocopy.exe
[2013.05.15 01:41:00 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XpsGdiConverter.dll
[2013.05.15 01:41:00 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfreadwrite.dll
[2013.05.15 01:41:00 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmvdsitf.dll
[2013.05.15 01:41:00 | 000,086,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kdnet.dll
[2013.05.15 01:40:59 | 000,745,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssvp.dll
[2013.05.15 01:40:58 | 000,414,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GenuineCenter.dll
[2013.05.15 01:40:58 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2013.05.15 01:40:58 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fmifs.dll
[2013.05.15 01:40:57 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssprxy.dll
[2013.05.15 01:40:57 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msscntrs.dll
[2013.05.15 01:40:57 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fmifs.dll
[2013.05.15 01:40:57 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msshooks.dll
[2013.05.15 01:40:57 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msshooks.dll
[2013.05.12 17:32:48 | 007,760,687 | ---- | C] (Boraxsoft) -- C:\Users\Admin\AppData\Roaming\SetupGFD.exe
[2013.05.12 17:32:38 | 005,514,668 | ---- | C] (LIGHTNING UK!) -- C:\Users\Admin\AppData\Roaming\Imgburn.exe
[2013.05.12 17:32:35 | 005,082,084 | ---- | C] (The Public) -- C:\Users\Admin\AppData\Roaming\Avisynth.exe
[2012.12.22 08:13:42 | 002,174,976 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Program Files (x86)\Common Files\atimpenc.dll
[2 C:\Users\Admin\*.tmp files -> C:\Users\Admin\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.06.13 01:11:20 | 000,001,074 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013.06.13 01:04:56 | 000,001,122 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.13 01:04:38 | 000,000,358 | ---- | M] () -- C:\WINDOWS\tasks\dsmonitor.job
[2013.06.13 01:04:24 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.06.13 01:02:14 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013.06.12 22:40:22 | 000,477,288 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2013.06.12 22:35:03 | 000,001,126 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.12 22:32:01 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.06.12 16:54:23 | 000,002,007 | ---- | M] () -- C:\Users\Public\Desktop\Nitro Reader.lnk
[2013.06.12 15:59:19 | 000,000,308 | ---- | M] () -- C:\WINDOWS\tasks\AdvancedDriverUpdater_UPDATES.job
[2013.06.12 13:18:41 | 002,160,314 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2013.06.12 13:18:41 | 000,914,792 | ---- | M] () -- C:\WINDOWS\SysNative\perfh007.dat
[2013.06.12 13:18:41 | 000,844,608 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2013.06.12 13:18:41 | 000,217,756 | ---- | M] () -- C:\WINDOWS\SysNative\perfc007.dat
[2013.06.12 13:18:41 | 000,181,826 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2013.06.12 09:26:09 | 000,107,128 | ---- | M] (G Data Software) -- C:\WINDOWS\SysNative\drivers\GRD.sys
[2013.06.11 17:07:08 | 000,001,982 | ---- | M] () -- C:\Users\Public\Desktop\G Data InternetSecurity 2014.lnk
[2013.06.11 17:06:58 | 000,068,408 | ---- | M] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\gdwfpcd64.sys
[2013.06.11 17:06:57 | 000,130,392 | ---- | M] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\MiniIcpt.sys
[2013.06.11 17:06:57 | 000,065,368 | ---- | M] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\HookCentre.sys
[2013.06.11 17:06:57 | 000,060,248 | ---- | M] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\GDBehave.sys
[2013.06.11 16:57:03 | 000,064,824 | ---- | M] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\PktIcpt.sys
[2013.06.11 09:53:08 | 000,012,800 | ---- | M] () -- C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.06.10 20:39:35 | 000,003,628 | ---- | M] () -- C:\Users\Admin\Documents\cc_20130610_203842.reg
[2013.06.10 20:32:48 | 000,001,235 | ---- | M] () -- C:\Users\Public\Desktop\Wise Registry Cleaner.lnk
[2013.06.09 21:01:13 | 000,015,712 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\SWDUMon.sys
[2013.06.09 18:40:58 | 000,011,479 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2013.06.08 17:58:57 | 000,002,563 | ---- | M] () -- C:\Users\Public\Desktop\Free System Utilities.lnk
[2013.06.08 12:05:49 | 000,001,089 | ---- | M] () -- C:\Users\Public\Desktop\Advanced Driver Updater.lnk
[2013.06.06 21:13:32 | 000,524,016 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\drivers\SynTP.sys
[2013.06.06 21:13:32 | 000,264,432 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynTPAPI.dll
[2013.06.06 21:13:32 | 000,192,240 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynTPCo19.dll
[2013.06.06 21:13:32 | 000,151,280 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\SysWow64\SynTPCom.dll
[2013.06.06 21:13:26 | 000,351,984 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\SysWow64\SynCom.dll
[2013.06.06 21:13:25 | 000,819,440 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynCOM.dll
[2013.06.06 01:38:51 | 000,002,187 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.06.05 00:09:22 | 000,693,112 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2013.06.05 00:09:22 | 000,078,200 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2013.06.03 12:18:28 | 000,001,197 | ---- | M] () -- C:\Users\Public\Desktop\DriverScanner.lnk
[2013.05.31 09:07:15 | 000,001,579 | ---- | M] () -- C:\Users\Admin\Desktop\DivX Movies.lnk
[2013.05.31 09:06:55 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2013.05.31 09:06:37 | 000,001,160 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2013.05.31 01:24:29 | 001,257,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel32.dll
[2013.05.29 10:47:04 | 001,721,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WdfCoInstaller01009.dll
[2013.05.29 10:46:59 | 000,192,240 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynTPCo18.dll
[2013.05.28 18:49:26 | 000,029,712 | ---- | M] (Nitro PDF Software) -- C:\WINDOWS\SysNative\nitrolocalmon2.dll
[2013.05.28 18:49:26 | 000,017,936 | ---- | M] (Nitro PDF Software) -- C:\WINDOWS\SysNative\nitrolocalui2.dll
[2013.05.28 11:39:42 | 000,000,826 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.05.28 11:33:07 | 000,001,977 | ---- | M] () -- C:\Users\Admin\Desktop\Update Checker.lnk
[2013.05.28 10:06:59 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2013.05.28 09:50:04 | 000,020,536 | ---- | M] () -- C:\WINDOWS\SysNative\nvinfo.pb
[2013.05.28 09:43:07 | 015,910,736 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvwgf2umx.dll
[2013.05.28 09:43:05 | 013,403,168 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvwgf2um.dll
[2013.05.28 09:42:59 | 006,324,360 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvopencl.dll
[2013.05.28 09:42:58 | 027,775,776 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvoglv64.dll
[2013.05.28 09:42:58 | 007,641,832 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvopencl.dll
[2013.05.28 09:42:57 | 021,096,736 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvoglv32.dll
[2013.05.28 09:42:49 | 000,518,944 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFR64.dll
[2013.05.28 09:42:49 | 000,421,152 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFR.dll
[2013.05.28 09:42:48 | 000,550,176 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvFBC64.dll
[2013.05.28 09:42:48 | 000,443,168 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvFBC.dll
[2013.05.28 09:42:47 | 001,832,224 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispco6432018.dll
[2013.05.28 09:42:47 | 001,511,712 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispgenco6432018.dll
[2013.05.28 09:42:46 | 015,143,904 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvd3dumx.dll
[2013.05.28 09:42:45 | 012,426,216 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvd3dum.dll
[2013.05.28 09:42:44 | 002,942,240 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvid.dll
[2013.05.28 09:42:44 | 002,754,336 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvid.dll
[2013.05.28 09:42:44 | 002,363,680 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvenc.dll
[2013.05.28 09:42:43 | 009,233,688 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuda.dll
[2013.05.28 09:42:43 | 007,682,960 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuda.dll
[2013.05.28 09:42:43 | 002,002,720 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvenc.dll
[2013.05.28 09:42:42 | 025,256,224 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcompiler.dll
[2013.05.28 09:42:42 | 017,560,352 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcompiler.dll
[2013.05.28 09:42:41 | 002,935,696 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvapi64.dll
[2013.05.28 09:42:41 | 002,597,344 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvapi.dll
[2013.05.28 09:36:48 | 001,510,176 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvhdagenco6420103.dll
[2013.05.28 09:36:48 | 000,031,520 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvhdap64.dll
[2013.05.28 09:36:47 | 000,194,848 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\drivers\nvhda64v.sys
[2013.05.28 09:36:47 | 000,072,992 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvapo64v.dll
[2013.05.26 21:00:54 | 000,001,237 | ---- | M] () -- C:\Users\Public\Desktop\ElsterFormular.lnk
[2013.05.26 20:52:13 | 000,172,994 | ---- | M] () -- C:\Users\Admin\Documents\install_anleitung_elfo.pdf
[2013.05.24 01:01:46 | 001,300,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32.dll
[2013.05.23 01:56:46 | 000,001,387 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013.05.21 21:08:13 | 000,001,200 | ---- | M] () -- C:\Users\Admin\Desktop\IsoBuster.lnk
[2013.05.20 10:57:12 | 000,001,136 | ---- | M] () -- C:\Users\Public\Desktop\Prism Videodatei-Konverter.lnk
[2013.05.19 17:37:07 | 335,995,200 | ---- | M] () -- C:\Users\Admin\Documents\PowerDirector_2812_GM5.5_Patch_Patch_VDE130411-03.exe
[2013.05.18 11:04:46 | 000,000,959 | ---- | M] () -- C:\Users\Admin\Desktop\Diashow-Player.lnk
[2013.05.17 20:36:43 | 007,077,671 | ---- | M] () -- C:\Users\Admin\Meine Diashow.wmv
[2013.05.17 18:31:32 | 000,001,355 | ---- | M] () -- C:\Users\Public\Desktop\Ashampoo Slideshow Studio 2012.lnk
[2013.05.17 10:26:09 | 007,217,318 | ---- | M] () -- C:\Users\Admin\Documents\dvdr3570h_31_dfu_deu.pdf
[2013.05.17 01:28:59 | 009,687,294 | ---- | M] () -- C:\Users\Admin\Nilkreuzfahrt 2013.ads
[2013.05.17 01:15:33 | 000,001,087 | ---- | M] () -- C:\Users\Public\Desktop\DiaShow 8 Ultimate.lnk
[2013.05.17 01:13:26 | 001,640,788 | ---- | M] () -- C:\Users\Admin\Documents\DiaShowManager_de.pdf
[2013.05.16 00:37:03 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UXInit.dll
[2013.05.16 00:35:49 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UXInit.dll
[2013.05.16 00:35:47 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tssdisai.dll
[2013.05.15 15:51:55 | 000,001,162 | ---- | M] () -- C:\Users\Public\Desktop\WavePad Audiobearbeitungs-Software.lnk
[2013.05.15 15:51:49 | 000,001,162 | ---- | M] () -- C:\Users\Public\Desktop\PhotoPad Foto-Editor.lnk
[2013.05.15 15:51:40 | 000,001,178 | ---- | M] () -- C:\Users\Public\Desktop\VideoPad Videobearbeitungs-Software.lnk
[2013.05.15 15:51:03 | 000,001,184 | ---- | M] () -- C:\Users\Public\Desktop\PhotoStage Diashow-Ersteller.lnk
[2013.05.15 15:24:35 | 000,001,015 | ---- | M] () -- C:\Users\Admin\Desktop\Foto2Avi.lnk
[2013.05.15 04:25:59 | 000,888,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autochk.exe
[2013.05.15 04:25:44 | 000,542,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\untfs.dll
[2013.05.15 04:24:10 | 000,793,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\autochk.exe
[2013.05.15 04:24:01 | 000,482,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\untfs.dll
[2013.05.14 12:36:18 | 000,001,074 | ---- | M] () -- C:\Users\Admin\Desktop\Diashow XL.lnk
[2 C:\Users\Admin\*.tmp files -> C:\Users\Admin\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.06.12 22:40:07 | 000,477,288 | ---- | C] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2013.06.12 22:16:53 | 000,386,646 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2013.06.12 16:54:23 | 000,002,007 | ---- | C] () -- C:\Users\Public\Desktop\Nitro Reader.lnk
[2013.06.12 16:54:22 | 000,002,499 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Reader 3.lnk
[2013.06.11 16:56:59 | 000,001,982 | ---- | C] () -- C:\Users\Public\Desktop\G Data InternetSecurity 2014.lnk
[2013.06.10 20:39:05 | 000,003,628 | ---- | C] () -- C:\Users\Admin\Documents\cc_20130610_203842.reg
[2013.06.10 20:32:48 | 000,001,235 | ---- | C] () -- C:\Users\Public\Desktop\Wise Registry Cleaner.lnk
[2013.06.08 17:59:53 | 000,023,624 | ---- | C] () -- C:\WINDOWS\Launcher.exe
[2013.06.08 17:58:57 | 000,002,563 | ---- | C] () -- C:\Users\Public\Desktop\Free System Utilities.lnk
[2013.05.29 11:00:30 | 000,465,645 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\RTAIODAT.DAT
[2013.05.28 10:06:59 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2013.05.26 21:00:54 | 000,001,237 | ---- | C] () -- C:\Users\Public\Desktop\ElsterFormular.lnk
[2013.05.26 20:52:13 | 000,172,994 | ---- | C] () -- C:\Users\Admin\Documents\install_anleitung_elfo.pdf
[2013.05.23 01:56:46 | 000,001,399 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2013.05.23 01:56:46 | 000,001,387 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013.05.21 21:08:13 | 000,001,200 | ---- | C] () -- C:\Users\Admin\Desktop\IsoBuster.lnk
[2013.05.20 10:57:12 | 000,001,148 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prism Videodatei-Konverter.lnk
[2013.05.20 10:57:12 | 000,001,136 | ---- | C] () -- C:\Users\Public\Desktop\Prism Videodatei-Konverter.lnk
[2013.05.19 14:46:25 | 335,995,200 | ---- | C] () -- C:\Users\Admin\Documents\PowerDirector_2812_GM5.5_Patch_Patch_VDE130411-03.exe
[2013.05.17 20:35:10 | 007,077,671 | ---- | C] () -- C:\Users\Admin\Meine Diashow.wmv
[2013.05.17 18:31:32 | 000,001,355 | ---- | C] () -- C:\Users\Public\Desktop\Ashampoo Slideshow Studio 2012.lnk
[2013.05.17 10:26:08 | 007,217,318 | ---- | C] () -- C:\Users\Admin\Documents\dvdr3570h_31_dfu_deu.pdf
[2013.05.17 01:28:56 | 009,687,294 | ---- | C] () -- C:\Users\Admin\Nilkreuzfahrt 2013.ads
[2013.05.17 01:15:33 | 000,001,087 | ---- | C] () -- C:\Users\Public\Desktop\DiaShow 8 Ultimate.lnk
[2013.05.17 01:13:25 | 001,640,788 | ---- | C] () -- C:\Users\Admin\Documents\DiaShowManager_de.pdf
[2013.05.15 15:51:55 | 000,001,174 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WavePad Audiobearbeitungs-Software.lnk
[2013.05.15 15:51:55 | 000,001,162 | ---- | C] () -- C:\Users\Public\Desktop\WavePad Audiobearbeitungs-Software.lnk
[2013.05.15 15:51:49 | 000,001,174 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoPad Foto-Editor.lnk
[2013.05.15 15:51:49 | 000,001,162 | ---- | C] () -- C:\Users\Public\Desktop\PhotoPad Foto-Editor.lnk
[2013.05.15 15:51:40 | 000,001,190 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoPad Videobearbeitungs-Software.lnk
[2013.05.15 15:51:40 | 000,001,178 | ---- | C] () -- C:\Users\Public\Desktop\VideoPad Videobearbeitungs-Software.lnk
[2013.05.15 15:51:03 | 000,001,196 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoStage Diashow-Ersteller.lnk
[2013.05.15 15:51:03 | 000,001,184 | ---- | C] () -- C:\Users\Public\Desktop\PhotoStage Diashow-Ersteller.lnk
[2013.05.15 15:24:35 | 000,001,015 | ---- | C] () -- C:\Users\Admin\Desktop\Foto2Avi.lnk
[2013.05.12 17:32:46 | 005,243,208 | ---- | C] (                                                            ) -- C:\Users\Admin\AppData\Roaming\AvsP.exe
[2013.05.12 17:32:43 | 001,357,348 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\MatroskaSplitter.exe
[2013.05.12 17:32:40 | 000,117,723 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\yuvcodecs-1.3.exe
[2013.05.11 19:30:23 | 000,000,196 | ---- | C] () -- C:\WINDOWS\ulead32.ini
[2013.04.09 02:32:45 | 000,011,479 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2013.03.17 18:21:19 | 000,012,800 | ---- | C] () -- C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.01.29 03:58:17 | 002,079,580 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2012.12.31 00:46:12 | 000,000,209 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012.12.27 18:56:29 | 000,000,026 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2012.12.24 01:15:29 | 001,035,321 | ---- | C] () -- C:\WINDOWS\SysWow64\sig.bin
[2012.12.22 12:53:43 | 000,020,992 | ---- | C] () -- C:\WINDOWS\SysWow64\NC_INST.DLL
[2012.12.21 04:20:35 | 000,246,862 | ---- | C] () -- C:\WINDOWS\hpoins40.dat
[2012.12.21 04:20:35 | 000,000,909 | ---- | C] () -- C:\WINDOWS\hpomdl40.dat
[2012.12.21 02:36:27 | 000,083,968 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2012.07.26 10:13:10 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2012.07.26 10:13:09 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2012.07.26 09:21:26 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012.07.26 03:17:42 | 000,043,520 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2012.07.25 22:37:29 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2012.07.25 22:28:31 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2012.06.02 16:31:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2011.10.08 13:02:40 | 000,001,024 | ---- | C] () -- C:\Users\Admin\.rnd
 
========== ZeroAccess Check ==========
 
[2012.12.24 01:21:30 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.03.06 08:31:28 | 019,758,592 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.03.06 07:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013.01.28 17:46:45 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\6Wunderkinder
[2012.12.23 01:26:17 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\ACD Systems
[2013.05.10 17:56:29 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Anvsoft
[2013.05.10 18:36:53 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\AquaSoft
[2012.12.27 09:14:31 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Ashampoo
[2013.05.17 18:31:40 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Ashampoo Slideshow Studio 2012
[2012.12.25 12:11:23 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Audacity
[2012.12.27 09:27:07 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Canneverbe Limited
[2012.12.31 01:25:12 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013.06.12 16:53:51 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Downloaded Installations
[2013.02.18 12:00:55 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\driveridentifier
[2013.02.19 02:57:53 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Drivers For Free
[2013.02.17 21:05:18 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DriverSleuth
[2013.03.15 18:13:09 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DriverTurbo
[2012.12.21 06:20:27 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DVDVideoSoft
[2013.02.18 06:03:45 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Easeware
[2013.05.26 21:01:41 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\elsterformular
[2012.12.22 21:05:20 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\FileOpen
[2013.02.25 10:43:36 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\GHISLER
[2013.01.12 02:10:00 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\GlarySoft
[2012.12.28 17:45:18 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\hdbADS
[2013.05.13 11:23:46 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\IN-MEDIAKG
[2013.05.14 10:30:31 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\IrfanView
[2013.04.09 18:20:11 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\K-Pacs-Lite
[2013.02.05 18:32:20 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Leadertech
[2013.04.16 19:54:56 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\LG Electronics
[2012.12.30 12:34:34 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\MOVAVI
[2013.05.14 12:37:07 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\mresreg
[2013.06.06 11:54:34 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\MrJobs
[2012.12.22 21:05:20 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Nitro
[2013.05.12 21:22:21 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Nitro PDF
[2012.12.30 15:40:50 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\No Company Name
[2013.05.10 17:42:42 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\OpenCandy
[2012.12.21 02:45:03 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Opera
[2012.12.22 12:19:23 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\RoboForm
[2013.01.21 12:11:24 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\StartMenuX
[2013.02.21 16:59:01 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Systweak
[2012.12.22 17:32:02 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\TestApp
[2012.12.21 06:05:02 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Thunderbird
[2012.12.23 03:00:10 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\TuneUp Software
[2013.05.11 19:32:43 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Ulead Systems
[2013.06.07 00:42:44 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Uniblue
[2013.05.14 17:29:11 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\uTorrent
[2013.06.10 20:54:38 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Wise Registry Cleaner
[2012.12.30 12:50:45 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Xilisoft
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:DFC5A2B2

< End of report >
--- --- ---
Alt 13.06.2013, 07:23   #50
schrauber
/// the machine
/// TB-Ausbilder
 
Scandoctor 2014 Logfile - Standard

Scandoctor 2014 Logfile


Ehm...warum postest Du in den Thread eines anderen?

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort
Seite 4 von 4 « Erste 23 4

Themen zu Scandoctor 2014 Logfile
administrator, adobe, antivir, avg secure search, avg security toolbar, avira, bonjour, browser, cid, desktop, explorer, farbar, farbar recovery scan tool, flash player, freemium, helper, home, logfile, malware, msiexec, nvidia, origin, plug-in, realtek, registry, rundll, secure search, security, services.exe, software, spyware, svchost.exe, vista, winlogon.exe


« Miner.exe, TR/hijacker.Gen, etc? | Blue Screens nach Installation der Software ILEMI »


Ähnliche Themen: Scandoctor 2014 Logfile


  1. Zorton Win 7 Protect 2014 and Zorton Win 7 Antivirus 2014 entfernen
    Anleitungen, FAQs & Links - 02.12.2014 (2)
  2. Sirius Win 7 Antivirus 2014 and Sirius Win 7 Protection 2014 entfernen
    Anleitungen, FAQs & Links - 02.12.2014 (2)
  3. Rango Win 7 Antivirus 2014 and Rango Win 7 Protection 2014 entfernen
    Anleitungen, FAQs & Links - 02.10.2014 (2)
  4. Rango XP Antivirus 2014 and Rango XP Protection 2014 entfernen
    Anleitungen, FAQs & Links - 02.10.2014 (2)
  5. Win 8 Antivirus 2014 and Win 8 Protection 2014 entfernen
    Anleitungen, FAQs & Links - 02.10.2014 (2)
  6. Vista Protection 2014 and Vista Antivirus 2014 entfernen
    Anleitungen, FAQs & Links - 02.10.2014 (2)
  7. XP Antivirus 2014 and XP Protection 2014 entfernen
    Anleitungen, FAQs & Links - 02.10.2014 (2)
  8. Win 7 Antivirus 2014 and Win 7 Protection 2014 entfernen
    Anleitungen, FAQs & Links - 02.10.2014 (2)
  9. PC Cleaner Pro 2014 entfernen
    Anleitungen, FAQs & Links - 23.07.2014 (2)
  10. BKA Trojaner 2014
    Log-Analyse und Auswertung - 24.05.2014 (5)
  11. irp-Hook Rootkit mit AVG 2014
    Log-Analyse und Auswertung - 14.01.2014 (13)
  12. Survey 2014 (Umfrage 2014) entfernen
    Anleitungen, FAQs & Links - 08.01.2014 (2)
  13. AntiVirus Plus 2014 entfernen
    Anleitungen, FAQs & Links - 06.12.2013 (2)
  14. Avast 9 heißt 2014
    Nachrichten - 16.10.2013 (0)
  15. My Safe PC 2014 entfernen
    Anleitungen, FAQs & Links - 12.09.2013 (2)
  16. Systemdoctor 2014 - frst64.exe - logfile erstellt
    Log-Analyse und Auswertung - 02.06.2013 (4)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Scandoctor 2014 Logfile - No idea, ich glaub das ist ne Einmal-Spende aufräumen Die Reihenfolge ist hier entscheidend. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken. Falls Combofix benutzt wurde: (Alternativ - Scandoctor 2014 Logfile...
Archiv
Du betrachtest: Scandoctor 2014 Logfile auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55