Das angegebene Modul wurde nicht gefunden

schrauber · 16.06.2013, 09:15

Hi,

Du hast :OTL im Fix vergessen, bitte nochmal den Fix, dann reboot und Check ob die Meldung noch kommt.

luci4712 · 16.06.2013, 09:34

Sorry. Neues Log anbei. Meldung erscheint noch immer beim Neustart.

========== OTL ==========
c:\Windows\Tasks\AdvancedDriverUpdater_UPDATES.job moved successfully.
c:\Windows\Tasks\DriverEasy Scheduled Scan.job moved successfully.
c:\Windows\Tasks\dsmonitor.job moved successfully.
File C:\WINDOWS\Tasks\AdvancedDriverUpdater_UPDATES.job not found.
File C:\WINDOWS\Tasks\dsmonitor.job not found.
File C:\WINDOWS\Tasks\DriverEasy Scheduled Scan.job not found.

OTL by OldTimer - Version 3.2.69.0 log created on 06162013_102435

schrauber · 16.06.2013, 09:53

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Lade SystemLook von jpshortstuff von einem der folgenden Spiegel herunter und speichere das Tool auf dem Desktop.
SystemLook (64 bit)

Doppelklicke auf die SystemLook_x64.exe, um das Tool zu starten.
Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:
Code:
ATTFilter
```
:folderfind
*HomeTab*
:filefind
*HomeTab*
:regfind
HomeTab
         
```
Klicke nun auf den Button Look, um den Scan zu starten.
Der Suchlauf kann einige Zeit dauern.
Wenn der Suchlauf beendet ist, wird sich Dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
Die Ergebnisse werden auf dem Desktop als SystemLook.txt gespeichert.

luci4712 · 16.06.2013, 10:53

Textdatei AdwCleaner:AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v2.303 - Datei am 16/06/2013 um 11:41:21 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 8 Pro with Media Center  (64 bits)
# Benutzer : Admin - ADMIN-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Admin\Downloads\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Gelöscht mit Neustart : C:\Program Files (x86)\FromDocToPDF_65

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C66A678D-5E6C-4AF9-8F57-C6192F42CF74}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C66A678D-5E6C-4AF9-8F57-C6192F42CF74}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{13119113-0854-469D-807A-171568457991}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{33119133-0854-469D-807A-171568457991}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C66A678D-5E6C-4AF9-8F57-C6192F42CF74}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{C66A678D-5E6C-4AF9-8F57-C6192F42CF74}]

***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16537

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v21.0 (de)

Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\boyttrw8.default-1370988776258\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v27.0.1453.110

Datei : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

-\\ Opera v12.15.1748.0

Datei : C:\Users\Admin\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [15467 octets] - [13/06/2013 10:04:40]
AdwCleaner[R2].txt - [2449 octets] - [15/06/2013 11:07:31]
AdwCleaner[R3].txt - [2388 octets] - [16/06/2013 11:39:27]
AdwCleaner[S1].txt - [15530 octets] - [13/06/2013 10:08:16]
AdwCleaner[S2].txt - [653 octets] - [15/06/2013 11:10:19]
AdwCleaner[S3].txt - [2329 octets] - [16/06/2013 11:41:21]

########## EOF - C:\AdwCleaner[S3].txt - [2389 octets] ##########

--- --- ---

schrauber · 16.06.2013, 10:55

und weiter

luci4712 · 16.06.2013, 14:07

Beiliegend Log

SystemLook 30.07.11 by jpshortstuff
Log created at 14:54 on 16/06/2013 by Admin
Administrator - Elevation successful

========== folderfind ==========

Searching for "*HomeTab*"
No folders found.

========== filefind ==========

Searching for "*HomeTab*"
C:\Users\Admin\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\hometab.tmp.log --a---- 1122 bytes [16:00 08/06/2013] [16:00 08/06/2013] 12A82280E14075A5249BB3AF152888D9
C:\Windows\Prefetch\HOMETAB.TMP-C25FCAA6.pf --a---- 92526 bytes [15:59 08/06/2013] [15:59 08/06/2013] 5BE837AA1E16EE75C7EDBC1AC3F553D8

========== regfind ==========

Searching for "HomeTab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fgibjgmnimooanbagcfpnkmngejcojaf]
"path"="C:\Program Files (x86)\HomeTab\chrome\HomeTab.crx"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\hometab_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\hometab_RASMANCS]

Searching for " "
[HKEY_CURRENT_USER\Software\Innovative Solutions\DriverMax\Dump\167]
"Desc"="U2 "
[HKEY_CURRENT_USER\Software\Innovative Solutions\DriverMax\Dump\170]
"Desc"="DSC "
[HKEY_LOCAL_MACHINE\HARDWARE\DEVICEMAP\Scsi\Scsi Port 0\Scsi Bus 0\Target Id 0\Logical Unit Id 0]
"Identifier"="SAMSUNG HM321HI 2AJ1"
[HKEY_LOCAL_MACHINE\SOFTWARE\DivX\Install\ASPEncoder]
"Description"="
<h3>Das Kernstück Ihres HD-Videoerlebnisses</h3>
<p>Der Codec, der die Videowelt revolutioniert hat, wurde weiter optimiert. Wir bezeichnen diese Version als „Pro“, da sie zudem fantastische fortschrittliche Encoding-Einstellungen bietet, mit denen Sie mit Drittanbietersoftware hochwertige DivX-Video generieren können, die auf jedem beliebigen DivX Certified®-Gerät wiedergegeben werden können.</p>
<h3>Gute Gründe für den DivX Codec</h3>
<ul>
<li>Erstellen Sie mit Drittanbietersoftware oder mit dem DivX Converter hochwertige, stark komprimierte DivX-Videos.</li>
<li>Wir garantieren, dass Ihre Videos abgesehen von Deinem PC auch auf DivX Certified-DVD-Playern, Mobiltelefonen, Spielekonsolen uvm. abgespielt werden können.</li>
<li>Optimieren Sie Ihre Videos mit den fortschrittlichen Encoding-Einstellungen, um hochwertigere Dateien zu erhalten.</li>
</ul>"
[HKEY_LOCAL_MACHINE\SOFTWARE\DivX\Install\Converter]
"Description"="
<p>DivX Plus® Converter konvertiert im Handumdrehen gängige Formate in DivX-, MKV- und MP4-Videos in hoher Qualität – für eine reibungslose, zuverlässige Wiedergabe auf einer ganzen Reihe von Unterhaltungselektronikgeräten</p>
<ul>
<li>Konvertieren einer ganzen Reihe von Formaten in DivX- und DivX Plus – zur Wiedergabe auf DivX Certified-Geräten</li>
<li>Zwei neue MP4-Profile zum einfachen Erstellen von Videos für iPhone® und iPad®</li>
<li>Erstellen erweiterter Funktionen wie reibungslosem Vor- und Rücklauf und Kombination mehrerer Dateien in einem Video</li>
<li>Videos in einer einzigen Sitzung gleichzeitig konvertieren – sogar bei verschiedenen Formaten</li>
<li>15-Tage-Testversion des MPEG-2/DVD-Plug-Ins um Deine DVDs zu konvertieren.</li>
</ul>
"
[HKEY_LOCAL_MACHINE\SOFTWARE\DivX\Install\Player]
"Description"="
<p>Der DivX Plus® Player bietet beeindruckende HD-Videowiedergabe</p>
<ul>
<li>Hochwertiges DivX (.avi und .divX), DivX Plus (.mkv) und andere gängige Videoformate auf dem PC ansehen</li>
<li>Einfache Übertragung von Videos mit DivX to Go® auf beliebige DivX Certified®-Geräte oder Streaming auf DLNA-kompatible Geräte bei Dir zu Hause</li>
<li>Erweiterte Funktionen wie reibungsloser Vor- und Rücklauf, mehrere Untertitel und mehrere Audiospuren</li>
</ul>
"
[HKEY_LOCAL_MACHINE\SOFTWARE\DivX\Install\Setup\BundleGroups\divx.com]
"BundleGroupDescription"="
<p>DivX Plus®-Software bietet alles, was Du für ein echtes Kinoerlebnis brauchst – auf dem Computer, zu Hause und unterwegs. Das beste DivX® Video-Erlebnis erhältst Du, wenn Du alle Komponenten installierst. <a href="hxxp://go.divx.com/WhatsNew/de" target="_blank">Neu in dieser Version.</a></p>
<ul>
<li>Konvertieren in DivX und MKV mithilfe von DivX Converter und Tools von Drittanbietern – unbegrenzt und kostenlos</li>
<li>Zwei neue MP4-Profile zum Erstellen von Videos für iPhone®, iPad® und mehr </li>
<li>Streaming auf DLNA-kompatible Geräte bei Dir zu Hause</li>
<li>15-Tage-Testversion des MPEG-2/DVD-Plug-Ins um Deine DVDs zu konvertieren.</li>
</ul>
"
[HKEY_LOCAL_MACHINE\SOFTWARE\DivX\Install\Setup\InstallGroups\FiltersAndCodecs]
"Description"="
<p>Mit dem DivX Plus® Codec Pack kannst Du DivX®-Videos mit Deinen Lieblingsanwendungen abspielen und erstellen.</p>
<ul>
<li>DivX- und DivX Plus-Videos auf jedem beliebigen Media-Player abspielen (wie beispielsweise Windows Media Player, QuickTime, Media Player Classic)</li>
<li>Ausgabe von AVI-Videos mit Deiner Lieblingsbearbeitungssoftware (z. B. Sony Vegas, Virtual Dub)</li>
<li>Konvertieren in DivX und MKV mithilfe von DivX Converter und Tools von Drittanbietern – unbegrenzt und kostenlos</li>
</ul>
"
[HKEY_LOCAL_MACHINE\SOFTWARE\DivX\Install\Setup\InstallGroups\SharedLibraries]
"Description"="
<ul>
<li>Das DivX VOD-Plug-in sorgt für besseres Erlebnis für Kunden, die Filme von DivX VOD - Shops beziehen.</li>
</ul>
"
[HKEY_LOCAL_MACHINE\SOFTWARE\DivX\Install\WebPlayer]
"Description"="
<p>Der DivX Plus® Web Player bietet hochwertiges HD-Videostreaming in Deinem Lieblingsbrowser.</p>
<ul>
<li>Unterstützt*DivX Plus Streaming™*(adaptives Streaming von H.264/MKV-Video mit Features).</li>
<li>Streaming der gängigsten Formate im Internet (.divx, .avi, .mkv, .mp4, .mov)</li>
<li>Weniger CPU- und Akkuverbrauch mit H.264-DXVA-Hardwarebeschleunigung</li>
</ul>
"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\S-1-5-21-4293325158-2762499305-3726567904-1001\{2FAB747C-F1A5-4158-AFC1-6BC3FF1227F5}]
"RatingsInfo"="<Ratings xmlns="urn:schemas-microsoft-com:GameDescription.v1">
<Rating ratingSystemID="{0933BE9E-EEA2-404c-8754-F766905FF34D}" ratingID="{DC21B59B-64D9-4972-A522-5FC32DF45DE1}"/>
<Rating ratingSystemID="{36798944-B235-48ac-BF21-E25671F597EE}" ratingID="{464299D0-6D57-47e8-AA53-A849CBEA12CB}"/>
<Rating ratingSystemID="{768BD93D-63BE-46A9-8994-0B53C4B5248F}" ratingID="{7A53B0BE-B92D-4e8a-A11F-8E6F9F3C575B}"/>
<Rating ratingSystemID="{E4143A43-A09E-44DB-9CB9-D1C96F7203F2}" ratingID="{928E6439-F692-406A-AF38-E9E31B81CF46}"/>
<Rating ratingSystemID="{B305AB16-9FF2-40f5-A658-C014566500DE}" ratingID="{56DAFE1F-E267-476d-8E69-CB56652CC3D8}"/>
<Rating ratingSystemID="{48FADB07-3DF2-4B2C-9D01-EEE9FC102290}" ratingID="{FF84D920-1385-4069-B1CB-12474E8234B6}"/>
<R
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\S-1-5-21-4293325158-2762499305-3726567904-1001\{43251954-2BE7-4D4F-BACD-86379C660357}]
"RatingsInfo"="<Ratings xmlns="urn:schemas-microsoft-com:GameDescription.v1">
<Rating ratingSystemID="{0933BE9E-EEA2-404c-8754-F766905FF34D}" ratingID="{DC21B59B-64D9-4972-A522-5FC32DF45DE1}"/>
<Rating ratingSystemID="{36798944-B235-48ac-BF21-E25671F597EE}" ratingID="{464299D0-6D57-47e8-AA53-A849CBEA12CB}"/>
<Rating ratingSystemID="{768BD93D-63BE-46A9-8994-0B53C4B5248F}" ratingID="{7A53B0BE-B92D-4e8a-A11F-8E6F9F3C575B}"/>
<Rating ratingSystemID="{E4143A43-A09E-44DB-9CB9-D1C96F7203F2}" ratingID="{928E6439-F692-406A-AF38-E9E31B81CF46}"/>
<Rating ratingSystemID="{B305AB16-9FF2-40f5-A658-C014566500DE}" ratingID="{56DAFE1F-E267-476d-8E69-CB56652CC3D8}"/>
<Rating ratingSystemID="{30d34abd-c6b3-4802-924e-f0c9fc65022b}" ratingID="{24D81953-37B6-4e5e-B7DF-2B7D7AA6E53B}"/>
<R
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\S-1-5-21-4293325158-2762499305-3726567904-1001\{7AD9EFDC-9318-4BAA-A88E-B7B96B5AD95B}]
"RatingsInfo"="<Ratings xmlns="urn:schemas-microsoft-com:GameDescription.v1">
<Rating ratingSystemID="{48FADB07-3DF2-4B2C-9D01-EEE9FC102290}" ratingID="{FF84D920-1385-4069-B1CB-12474E8234B6}"/>
</Ratings>"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell]
"ConfigXML"=" <PlugInConfiguration xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Name="microsoft.powershell" Filename="%windir%\system32\pwrshplugin.dll" SDKVersion="2" XmlRenderingType="text" Enabled="true" > <InitializationParameters> <Param Name="PSVersion" Value="3.0"/> </InitializationParameters> <Resources> <Resource ResourceUri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell" SupportsOptions="true" ExactMatch="true"> <Security xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Uri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell" ExactMatch="true" Sddl="O:NSG:BAD:P(A;;GA;;;BA)(A;;GA;;;RM)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)"/> <Capability Type="Shell"/> </Reso
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell.Workflow]
"ConfigXML"=" <PlugInConfiguration xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Name="microsoft.powershell.workflow" Filename="%windir%\system32\pwrshplugin.dll" SDKVersion="2" XmlRenderingType="text" UseSharedProcess="true" ProcessIdleTimeoutSec="28800" RunAsUser="" RunAsPassword="" AutoRestart="false" Enabled="true" > <InitializationParameters> <Param Name="PSVersion" Value="3.0"/> <Param Name="AssemblyName" Value="Microsoft.PowerShell.Workflow.ServiceCore, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL"/> <Param Name="PSSessionConfigurationTypeName" Value="Microsoft.PowerShell.Workflow.PSWorkflowSessionConfiguration"/> <Param Name="SessionConfigurationData" Value="
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell32]
"ConfigXML"="<PlugInConfiguration xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Name="microsoft.powershell32" Filename="%windir%\system32\pwrshplugin.dll" SDKVersion="2" XmlRenderingType="text" Architecture="32" Enabled="true" > <InitializationParameters> <Param Name="PSVersion" Value="3.0"/> </InitializationParameters> <Resources> <Resource ResourceUri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell32" SupportsOptions="true" ExactMatch="true"> <Security xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Uri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell32" ExactMatch="true" Sddl="O:NSG:BAD:P(A;;GA;;;BA)(A;;GA;;;RM)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)"/>
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_LGE&PROD_U2&REV_0000#7&1B67F62B&0&2604 000600000001015D93321600B010&0#]
"DeviceDesc"="U2 "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_LGE&PROD_U2&REV_0000#7&3A2C657B&0&2604 000600000001015D93321600B010&0#]
"DeviceDesc"="U2 "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_LGE&PROD_U2&REV_0000#9&DA4FF87&0&26040 00600000001015D93321600B010&0#]
"DeviceDesc"="U2 "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_SONY&PROD_DSC&REV_1.00#D357207374A9&0#]
"DeviceDesc"="DSC "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_LGE&PROD_U2&REV_0000#7&1B67F62B&0& 2604000600000001015D93321600B010&0#]
"DeviceDesc"="U2 "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_LGE&PROD_U2&REV_0000#7&3A2C657B&0& 2604000600000001015D93321600B010&0#]
"DeviceDesc"="U2 "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_LGE&PROD_U2&REV_0000#9&DA4FF87&0&2 604000600000001015D93321600B010&0#]
"DeviceDesc"="U2 "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_SONY&PROD_DSC&REV_1.00#D357207374A 9&0#]
"DeviceDesc"="DSC "
[HKEY_USERS\S-1-5-21-4293325158-2762499305-3726567904-1001\Software\Innovative Solutions\DriverMax\Dump\167]
"Desc"="U2 "
[HKEY_USERS\S-1-5-21-4293325158-2762499305-3726567904-1001\Software\Innovative Solutions\DriverMax\Dump\170]
"Desc"="DSC "

-= EOF =-

Log "Junkware Removal Tool" bekomme ich nicht.

Das System geht immer bis "Prozesse" und schaltet dann ab. Ein Log habe ich nicht bekommen.

Log "Junkware Removal Tool" bekomme ich immer noch nicht.

Das System geht immer bis "Prozesse" und schaltet dann ab. Ein Log habe ich nicht bekommen.

schrauber · 16.06.2013, 18:20

Fixen mit OTL

Starte bitte die OTL.exe.
Kopiere nun den Inhalt aus der Codebox in die Textbox.

Code:

ATTFilter

:files
C:\Windows\Prefetch\HOMETAB.TMP-C25FCAA6.pf
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fgibjgmnimooanbagcfpnkmngejcojaf]

Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
Schließe bitte nun alle Programme.
Klicke nun bitte auf den Fix Button.
OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
Kopiere nun den Inhalt hier in Deinen Thread

dann bitte nen neuen Custom Scan mit OTl mit dem hier:

Code:

ATTFilter

c:\windows\Tasks\* /s
c:\windows\system32\Tasks\* /s

luci4712 · 16.06.2013, 19:18

der OTL Fix Log

========== FILES ==========
C:\Windows\Prefetch\HOMETAB.TMP-C25FCAA6.pf moved successfully.
File\Folder [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fgibjgmnimooanbagcfpnkmngejcojaf] not found.

OTL by OldTimer - Version 3.2.69.0 log created on 06162013_201608

Die Meldung erscheint immer noch beim Start.

Beiliegend Log OtlOTL Logfile:

Code:

ATTFilter

OTL logfile created on: 16.06.2013 20:20:02 - Run 6
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Admin\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16599)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,75 Gb Total Physical Memory | 2,09 Gb Available Physical Memory | 55,84% Memory free
4,44 Gb Paging File | 2,25 Gb Available in Paging File | 50,66% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 278,33 Gb Total Space | 36,69 Gb Free Space | 13,18% Space Free | Partition Type: NTFS
Drive D: | 19,76 Gb Total Space | 9,04 Gb Free Space | 45,77% Space Free | Partition Type: NTFS
 
Computer Name: ADMIN-PC | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\PROGRA~2\FROMDO~2\bar\1.bin\65barsvc.exe (COMPANYVERS_NAME)
PRC - C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65brmon.exe (VER_COMPANY_NAME)
PRC - C:\Users\Admin\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe (Uniblue Systems Ltd)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)
PRC - C:\Programme\Classic Shell\ClassicShellService.exe (IvoSoft)
PRC - C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe (Microsoft Corp.)
PRC - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG)
PRC - C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG)
PRC - C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (G Data Software AG)
PRC - C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG)
PRC - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe (G Data Software AG)
PRC - C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Program Files (x86)\Secunia\PSI\PSIA.exe (Secunia)
PRC - C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
PRC - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
PRC - C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe ()
PRC - C:\Windows\SysWOW64\PSIService.exe ()
 
 
========== Modules (No Company Name) ==========
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (WMSVC) -- C:\Windows\SysNative\inetsrv\WMSvc.exe (Microsoft Corporation)
SRV:64bit: - (TlntSvr) -- C:\Windows\SysNative\tlntsvr.exe (Microsoft Corporation)
SRV:64bit: - (simptcp) -- C:\Windows\SysNative\TCPSVCS.EXE (Microsoft Corporation)
SRV:64bit: - (SNMP) -- C:\Windows\SysNative\snmp.exe (Microsoft Corporation)
SRV:64bit: - (MSMQTriggers) -- C:\Windows\SysNative\mqtgsvc.exe (Microsoft Corporation)
SRV:64bit: - (MSMQ) -- C:\Windows\SysNative\mqsvc.exe (Microsoft Corporation)
SRV:64bit: - (IISADMIN) -- C:\Windows\SysNative\inetsrv\inetinfo.exe (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (LPDSVC) -- C:\Windows\SysNative\lpdsvc.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (iprip) -- C:\Windows\SysNative\iprip.dll (Microsoft Corporation)
SRV:64bit: - (ftpsvc) -- C:\Windows\SysNative\inetsrv\ftpsvc.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (DsRoleSvc) -- C:\Windows\SysNative\dsrolesrv.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV - (FromDocToPDF_65Service) -- C:\PROGRA~2\FROMDO~2\bar\1.bin\65barsvc.exe (COMPANYVERS_NAME)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SystemStoreService) -- C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe ()
SRV - (NitroReaderDriverReadSpool3) -- C:\Programme\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe (Nitro PDF Software)
SRV - (AVKWCtl) -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe (G Data Software AG)
SRV - (ClassicShellService) -- C:\Programme\Classic Shell\ClassicShellService.exe (IvoSoft)
SRV - (BingDesktopUpdate) -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe (Microsoft Corp.)
SRV - (AVKProxy) -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG)
SRV - (GDFwSvc) -- C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe (G Data Software AG)
SRV - (GDScan) -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG)
SRV - (AVKService) -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe (G Data Software AG)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (RichVideo64) -- C:\Programme\CyberLink\Shared files\RichVideo64.exe ()
SRV - (simptcp) -- C:\Windows\SysWOW64\TCPSVCS.EXE (Microsoft Corporation)
SRV - (SNMP) -- C:\Windows\SysWOW64\snmp.exe (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (WAS) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (W3SVC) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (AppHostSvc) -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
SRV - (Secunia PSI Agent) -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe (Secunia)
SRV - (Secunia Update Agent) -- C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
SRV - (ForceWare Intelligent Application Manager (IAM) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe ()
SRV - (nSvcIp) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe ()
SRV - (osppsvc) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (ose64) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (DfSdkS) -- C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\DfsdkS.exe (mst software GmbH, Germany)
SRV - (AdobeActiveFileMonitor6.0) -- C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe ()
SRV - (ProtexisLicensing) -- C:\Windows\SysWOW64\PSIService.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (GRD) -- C:\Windows\SysNative\Drivers\GRD.sys (G Data Software)
DRV:64bit: - (gdwfpcd) -- C:\Windows\SysNative\Drivers\gdwfpcd64.sys (G Data Software AG)
DRV:64bit: - (GDMnIcpt) -- C:\Windows\SysNative\Drivers\MiniIcpt.sys (G Data Software AG)
DRV:64bit: - (HookCentre) -- C:\Windows\SysNative\Drivers\HookCentre.sys (G Data Software AG)
DRV:64bit: - (GDBehave) -- C:\Windows\SysNative\Drivers\GDBehave.sys (G Data Software AG)
DRV:64bit: - (GDPkIcpt) -- C:\Windows\SysNative\Drivers\PktIcpt.sys (G Data Software AG)
DRV:64bit: - (SWDUMon) -- C:\Windows\SysNative\Drivers\SWDUMon.sys ()
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\Drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\Drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\Drivers\sptd.sys (Duplex Secure Ltd.)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\Drivers\ETD.sys (ELAN Microelectronics Corp.)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\Drivers\athw8x.sys (Qualcomm Atheros Communications, Inc.)
DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\Drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV:64bit: - (NVNET) -- C:\Windows\SysNative\Drivers\nvmf6264.sys (NVIDIA Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (gfibto) -- C:\Windows\SysNative\Drivers\gfibto.sys (GFI Software)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\Drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (gfiark) -- C:\Windows\SysNative\Drivers\gfiark.sys (GFI Software)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (MQAC) -- C:\Windows\SysNative\Drivers\mqac.sys (Microsoft Corporation)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\Drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (Vid) -- C:\Windows\SysNative\Drivers\Vid.sys (Microsoft Corporation)
DRV:64bit: - (storvsp) -- C:\Windows\SysNative\Drivers\storvsp.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (vmbusr) -- C:\Windows\SysNative\Drivers\vmbusr.sys (Microsoft Corporation)
DRV:64bit: - (vpcivsp) -- C:\Windows\SysNative\Drivers\vpcivsp.sys (Microsoft Corporation)
DRV:64bit: - (RMCAST) -- C:\Windows\SysNative\Drivers\rmcast.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (andnetadb) -- C:\Windows\SysNative\Drivers\lgandnetadb.sys (Google Inc)
DRV:64bit: - (ANDNetModem) -- C:\Windows\SysNative\Drivers\lgandnetmodem64.sys (LG Electronics Inc.)
DRV:64bit: - (AndNetDiag) -- C:\Windows\SysNative\Drivers\lgandnetdiag64.sys (LG Electronics Inc.)
DRV:64bit: - (LPCFilter) -- C:\Windows\SysNative\Drivers\LPCFilter.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (USBModem) -- C:\Windows\SysNative\Drivers\lgx64modem.sys (LG Electronics Inc.)
DRV:64bit: - (UsbDiag) -- C:\Windows\SysNative\Drivers\lgx64diag.sys (LG Electronics Inc.)
DRV:64bit: - (usbbus) -- C:\Windows\SysNative\Drivers\lgx64bus.sys (LG Electronics Inc.)
DRV:64bit: - (MxEFUF) -- C:\Windows\SysNative\Drivers\MxEFUF64.sys (Matrox Graphics Inc.)
DRV:64bit: - (regi) -- C:\Windows\SysNative\Drivers\regi.sys (InterVideo)
DRV:64bit: - (PSI) -- C:\Windows\SysNative\Drivers\psi_mf.sys (Secunia)
DRV:64bit: - (XUIF) -- C:\Windows\SysNative\Drivers\x10ufx2.sys (X10 Wireless Technology, Inc.)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = about:newtab
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = about:newtab
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = about:newtab
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{83A37814-D9DF-4FBB-814C-6BE00D227B48}: "URL" = hxxp://search.certified-toolbar.com?si=46364&st=bs&tid=3869&ver=3.2&ts=1370707150399&tguid=46364-3869-1370707150399-65824477116CA2415AE5942F28A728D0&q={searchTerms}
IE - HKLM\..\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}: "URL" = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^HJ^xdm255^YY^de&si=CMOt7MuTk7cCFZLKtAodLiEA-w&ptb=1A1D9FAA-C908-4CD3-A27D-9D256F5C47C2&ind=2013051309&n=77fcb9ad&psa=&st=sb&searchfor={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 84 C7 E5 17 19 DF CD 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = 
IE - HKCU\..\URLSearchHook: {4c60e5ab-5c68-4c59-abaa-885010b24b32} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {83A37814-D9DF-4FBB-814C-6BE00D227B48}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\..\SearchScopes\{105C51F9-9778-4686-815B-9A845D78F82C}: "URL" = hxxp://blekko.com/ws/?source=5f97ddbe&tbp=rbox&u=5450479400000000000012224354fec1&q={searchTerms}&r=279
IE - HKCU\..\SearchScopes\{695A8050-B0AF-4395-8680-B169BEE78F03}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3282494&CUI=UN19012636752030930&UM=1
IE - HKCU\..\SearchScopes\{83A37814-D9DF-4FBB-814C-6BE00D227B48}: "URL" = hxxp://www.bing.com/search?FORM=UP93DF&PC=UP93&dt=061013&q={searchTerms}&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}: "URL" = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^HJ^xdm255^YY^de&si=CMOt7MuTk7cCFZLKtAodLiEA-w&ptb=1A1D9FAA-C908-4CD3-A27D-9D256F5C47C2&ind=2013051309&n=77fcb9ad&psa=&st=sb&searchfor={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://comcenter.netcologne.de/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Plus Web Player Plug-In,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013.05.31 09:07:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.05.14 17:28:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.06.12 16:52:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.05.18 18:08:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2013.06.12 16:52:04 | 000,000,000 | ---D | M]
 
[2013.05.04 09:34:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Extensions
[2013.06.11 13:15:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\3katwwvs.default\extensions
[2013.06.11 13:15:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\3katwwvs.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
[2013.05.14 17:28:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2013.05.14 17:28:25 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - default_search_provider: Bing (Enabled)
CHR - default_search_provider: search_url = hxxp://www.bing.com/search?FORM=UP93DF&PC=UP93&dt=061013&q={searchTerms}&src=IE-SearchBox
CHR - default_search_provider: suggest_url = hxxp://api.bing.com/qsml.aspx?query={searchTerms}&market={Language}&form=UP93DF&dt=061013&maxwidth={ie:maxWidth}&rowheight={ie:rowHeight}&sectionHeight={ie:sectionHeight}
CHR - homepage: hxxp://www.msn.com/?pc=UP93&ocid=UP93DHP&dt=061013
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\pdf.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll
CHR - Extension: Google Drive = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google-Suche = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Mehr Leistung und Videoformate fr dein HTML5 video = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0\
CHR - Extension: Google Mail = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2013.04.09 02:37:14 | 000,446,305 | R--- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O1 - Hosts: 127.0.0.1	www.007guard.com
O1 - Hosts: 127.0.0.1	007guard.com
O1 - Hosts: 127.0.0.1	008i.com
O1 - Hosts: 127.0.0.1	www.008k.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	www.00hq.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	010402.com
O1 - Hosts: 127.0.0.1	www.032439.com
O1 - Hosts: 127.0.0.1	032439.com
O1 - Hosts: 127.0.0.1	www.0scan.com
O1 - Hosts: 127.0.0.1	0scan.com
O1 - Hosts: 127.0.0.1	www.1000gratisproben.com
O1 - Hosts: 127.0.0.1	1000gratisproben.com
O1 - Hosts: 127.0.0.1	1001namen.com
O1 - Hosts: 127.0.0.1	www.1001namen.com
O1 - Hosts: 127.0.0.1	100888290cs.com
O1 - Hosts: 127.0.0.1	www.100888290cs.com
O1 - Hosts: 127.0.0.1	www.100sexlinks.com
O1 - Hosts: 127.0.0.1	100sexlinks.com
O1 - Hosts: 127.0.0.1	www.10sek.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 127.0.0.1	www.1-2005-search.com
O1 - Hosts: 127.0.0.1	1-2005-search.com
O1 - Hosts: 127.0.0.1	www.123fporn.info
O1 - Hosts: 15324 more lines...
O2:64bit: - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Programme\Classic Shell\ClassicExplorer64.dll (IvoSoft)
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (ClassicIE9BHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Programme\Classic Shell\ClassicIE9DLL_64.dll (IvoSoft)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Programme\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Toolbar BHO) - {a235e1e3-6296-4710-af39-104a7faa6c7c} - C:\PROGRA~2\FROMDO~2\bar\1.bin\65bar.dll File not found
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (ClassicIE9BHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Programme\Classic Shell\ClassicIE9DLL_32.dll (IvoSoft)
O2 - BHO: (Search Assistant BHO) - {f236ca79-3123-4afb-9f74-e98117ad5625} - C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65SrcAs.dll (MindSpark)
O3:64bit: - HKLM\..\Toolbar: (no name) - {0124123D-61B4-456f-AF86-78C53A0790C5} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Programme\Classic Shell\ClassicExplorer64.dll (IvoSoft)
O3 - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Programme\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {5786D022-540E-4699-B350-B4BE0AE94B79} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\Alps\GlidePoint\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [FromDocToPDF Home Page Guard 64 bit] "C:\PROGRA~2\FROMDO~2\bar\1.bin\AppIntegrator64.exe" File not found
O4:64bit: - HKLM..\Run: [MsmqIntCert] C:\WINDOWS\SysNative\mqrt.dll (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [BingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe (Microsoft Corp.)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [FromDocToPDF Search Scope Monitor] "C:\PROGRA~2\FROMDO~2\bar\1.bin\65srchmn.exe" /m=2 /w /h File not found
O4 - HKLM..\Run: [FromDocToPDF_65 Browser Plugin Loader] C:\PROGRA~2\FROMDO~2\bar\1.bin\65brmon.exe (VER_COMPANY_NAME)
O4 - HKLM..\Run: [G Data AntiVirus Tray] C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG)
O4 - HKLM..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (G Data Software AG)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [Ulead AutoDetector v2] C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe (Ulead Systems, Inc.)
O4 - HKCU..\Run: [DriverMax] C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe (Innovative Solutions)
O4 - HKCU..\Run: [DriverMax_RESTART] C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe (Innovative Solutions)
O4 - HKCU..\Run: [FileHippo.com] C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKCU..\Run: [Spybot-S&D Cleaning] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [StartMenuX] C:\Programme\Start Menu X\StartMenuX.exe (OrdinarySoft)
O4 - Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk = C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O8:64bit: - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Classic IE9 Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Programme\Classic Shell\ClassicIE9_32.exe (IvoSoft)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Classic IE9 Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Programme\Classic Shell\ClassicIE9_32.exe (IvoSoft)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000019 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000020 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (NVIDIA Smart Scan)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9BB74F8C-7AA9-45FE-9694-463B95EB47C5}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~4\Wincert\WIN64C~1.DLL) - C:\ProgramData\Wincert\win64cert.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe) - c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{1cf985d4-a6b6-11e2-80af-00222002dc27}\Shell - "" = AutoRun
O33 - MountPoints2\{1cf985d4-a6b6-11e2-80af-00222002dc27}\Shell\AutoRun\command - "" = "F:\LGAutoRun.exe" 
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: x64 - (C:\Program Files (x86)\Search Results Toolbar\Datamngr\x64\apcrtldr.dll) -  File not found
O36 - AppCertDlls: x86 - (C:\Program Files (x86)\Search Results Toolbar\Datamngr\apcrtldr.dll) -  File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.06.15 17:00:13 | 000,000,000 | ---D | C] -- C:\Stinger_Quarantine
[2013.06.15 16:58:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\stinger
[2013.06.14 15:58:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Digeus
[2013.06.14 15:42:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FromDocToPDF_65
[2013.06.13 10:17:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013.06.13 10:17:38 | 000,000,000 | ---D | C] -- C:\JRT
[2013.06.13 01:43:35 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2013.06.13 01:10:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2013.06.12 22:51:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bing-Desktop
[2013.06.12 22:49:58 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptdlg.dll
[2013.06.12 22:49:58 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cryptdlg.dll
[2013.06.12 22:36:23 | 001,889,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\crypt32.dll
[2013.06.12 22:36:22 | 001,255,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\certutil.exe
[2013.06.12 22:36:22 | 001,013,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\certutil.exe
[2013.06.12 22:36:22 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptnet.dll
[2013.06.12 22:35:49 | 000,733,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32spl.dll
[2013.06.12 22:35:32 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2013.06.12 22:35:22 | 000,915,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uxtheme.dll
[2013.06.12 22:35:21 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2013.06.12 22:35:21 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2013.06.12 22:35:21 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2013.06.12 22:35:21 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2013.06.12 22:35:20 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UXInit.dll
[2013.06.12 22:35:20 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UXInit.dll
[2013.06.12 22:34:59 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tssdisai.dll
[2013.06.12 22:17:12 | 013,644,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2013.06.12 22:17:09 | 010,788,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2013.06.12 22:17:07 | 001,131,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2013.06.12 22:17:06 | 010,116,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2013.06.12 22:17:02 | 000,470,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netprofmsvc.dll
[2013.06.12 22:17:01 | 008,857,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2013.06.12 22:17:00 | 002,305,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2013.06.12 22:17:00 | 000,820,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gpprefcl.dll
[2013.06.12 22:17:00 | 000,760,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2013.06.12 22:16:59 | 002,035,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2013.06.12 22:16:59 | 000,014,848 | ---- | C] (Microsoft) -- C:\WINDOWS\SysWow64\rars.rs
[2013.06.12 22:16:59 | 000,014,848 | ---- | C] (Microsoft) -- C:\WINDOWS\SysNative\rars.rs
[2013.06.12 22:16:58 | 000,708,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.dll
[2013.06.12 22:16:58 | 000,621,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2013.06.12 22:16:58 | 000,446,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBHUB3.SYS
[2013.06.12 22:16:58 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BCP47Langs.dll
[2013.06.12 22:16:58 | 000,330,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\stobject.dll
[2013.06.12 22:16:58 | 000,328,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ubpm.dll
[2013.06.12 22:16:58 | 000,247,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ubpm.dll
[2013.06.12 22:16:56 | 000,812,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Magnify.exe
[2013.06.12 22:16:56 | 000,560,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll
[2013.06.12 22:16:56 | 000,213,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\UCX01000.SYS
[2013.06.12 22:16:56 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netplwiz.dll
[2013.06.12 22:16:56 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netplwiz.dll
[2013.06.12 22:16:56 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\psmsrv.dll
[2013.06.12 22:16:55 | 001,619,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll
[2013.06.12 22:16:55 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Magnify.exe
[2013.06.12 22:16:55 | 000,501,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevicePairing.dll
[2013.06.12 22:16:55 | 000,449,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DevicePairing.dll
[2013.06.12 22:16:55 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\intl.cpl
[2013.06.12 22:16:55 | 000,284,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2013.06.12 22:16:55 | 000,120,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AuthHost.exe
[2013.06.12 22:16:55 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hidclass.sys
[2013.06.12 22:16:55 | 000,058,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2013.06.12 22:16:54 | 000,582,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gpprefcl.dll
[2013.06.12 22:16:54 | 000,411,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
[2013.06.12 22:16:54 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\intl.cpl
[2013.06.12 22:16:54 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll
[2013.06.12 22:16:54 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bisrv.dll
[2013.06.12 22:16:54 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll
[2013.06.12 22:16:54 | 000,122,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\biwinrt.dll
[2013.06.12 22:16:54 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\biwinrt.dll
[2013.06.12 22:16:53 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BCP47Langs.dll
[2013.06.12 22:16:53 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuwebv.dll
[2013.06.12 22:16:53 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuwebv.dll
[2013.06.12 22:16:53 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2013.06.12 22:16:53 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2013.06.12 22:16:53 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapp.exe
[2013.06.12 22:16:53 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapp.exe
[2013.06.12 22:16:53 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\muifontsetup.dll
[2013.06.12 22:16:53 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\muifontsetup.dll
[2013.06.12 22:16:37 | 001,257,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel32.dll
[2013.06.12 22:16:31 | 001,300,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32.dll
[2013.06.12 22:16:29 | 000,888,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autochk.exe
[2013.06.12 22:16:29 | 000,793,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\autochk.exe
[2013.06.12 22:16:29 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\untfs.dll
[2013.06.12 22:16:29 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\untfs.dll
[2013.06.12 16:54:24 | 000,029,712 | ---- | C] (Nitro PDF Software) -- C:\WINDOWS\SysNative\nitrolocalmon2.dll
[2013.06.12 16:54:24 | 000,017,936 | ---- | C] (Nitro PDF Software) -- C:\WINDOWS\SysNative\nitrolocalui2.dll
[2013.06.12 16:54:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nitro
[2013.06.12 16:54:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nitro
[2013.06.12 16:54:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nitro
[2013.06.12 09:26:09 | 000,107,128 | ---- | C] (G Data Software) -- C:\WINDOWS\SysNative\drivers\GRD.sys
[2013.06.11 17:07:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data InternetSecurity 2014
[2013.06.11 16:57:03 | 000,064,824 | ---- | C] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\PktIcpt.sys
[2013.06.11 16:56:23 | 000,068,408 | ---- | C] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\gdwfpcd64.sys
[2013.06.11 16:56:19 | 000,130,392 | ---- | C] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\MiniIcpt.sys
[2013.06.11 16:56:19 | 000,065,368 | ---- | C] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\HookCentre.sys
[2013.06.11 16:56:19 | 000,060,248 | ---- | C] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\GDBehave.sys
[2013.06.11 16:52:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\G Data
[2013.06.11 13:00:51 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Corel
[2013.06.10 20:33:18 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Wise Registry Cleaner
[2013.06.10 20:32:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Registry Cleaner
[2013.06.10 20:32:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wise
[2013.06.08 18:04:01 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Freemium
[2013.06.08 17:58:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SoftwareUpdater
[2013.06.08 17:58:56 | 000,000,000 | ---D | C] -- C:\ProgramData\FreeSystemUtilities
[2013.06.08 17:58:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2013.06.06 21:13:32 | 000,524,016 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\drivers\SynTP.sys
[2013.06.06 21:13:32 | 000,264,432 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynTPAPI.dll
[2013.06.06 21:13:32 | 000,192,240 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynTPCo19.dll
[2013.06.06 21:13:32 | 000,151,280 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysWow64\SynTPCom.dll
[2013.06.06 21:13:26 | 000,351,984 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysWow64\SynCom.dll
[2013.06.06 11:54:34 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\MrJobs
[2013.05.29 11:00:32 | 002,802,760 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtPgEx64.dll
[2013.05.29 11:00:31 | 001,003,080 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtkApi64.dll
[2013.05.29 11:00:31 | 000,613,448 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtDataProc64.dll
[2013.05.29 11:00:30 | 022,429,696 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RCoRes64.dat
[2013.05.29 11:00:30 | 000,138,824 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RCoInstII64.dll
[2013.05.29 11:00:13 | 000,208,072 | ---- | C] (Andrea Electronics Corporation) -- C:\WINDOWS\SysNative\AERTAC64.dll
[2013.05.29 10:47:47 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2013.05.29 10:47:04 | 001,721,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WdfCoInstaller01009.dll
[2013.05.29 10:46:59 | 000,192,240 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynTPCo18.dll
[2013.05.28 11:39:19 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013.05.28 10:12:40 | 003,786,752 | ---- | C] (Qualcomm Atheros Communications, Inc.) -- C:\WINDOWS\SysNative\drivers\athw8x.sys
[2013.05.28 09:58:58 | 000,819,440 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynCOM.dll
[2013.05.28 09:43:02 | 013,403,168 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvwgf2um.dll
[2013.05.28 09:42:58 | 007,641,832 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvopencl.dll
[2013.05.28 09:42:58 | 006,324,360 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvopencl.dll
[2013.05.28 09:42:57 | 027,775,776 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvoglv64.dll
[2013.05.28 09:42:54 | 021,096,736 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvoglv32.dll
[2013.05.28 09:42:49 | 000,518,944 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFR64.dll
[2013.05.28 09:42:49 | 000,421,152 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFR.dll
[2013.05.28 09:42:48 | 000,550,176 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvFBC64.dll
[2013.05.28 09:42:48 | 000,443,168 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvFBC.dll
[2013.05.28 09:42:47 | 001,511,712 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispgenco6432018.dll
[2013.05.28 09:42:46 | 001,832,224 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispco6432018.dll
[2013.05.28 09:42:45 | 015,143,904 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvd3dumx.dll
[2013.05.28 09:42:44 | 002,942,240 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvid.dll
[2013.05.28 09:42:44 | 002,754,336 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvid.dll
[2013.05.28 09:42:43 | 007,682,960 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuda.dll
[2013.05.28 09:42:43 | 002,363,680 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvenc.dll
[2013.05.28 09:42:43 | 002,002,720 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvenc.dll
[2013.05.28 09:42:42 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcompiler.dll
[2013.05.28 09:42:42 | 009,233,688 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuda.dll
[2013.05.28 09:42:41 | 025,256,224 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcompiler.dll
[2013.05.28 09:42:40 | 002,597,344 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvapi.dll
[2013.05.28 09:36:48 | 000,031,520 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvhdap64.dll
[2013.05.28 09:36:47 | 000,194,848 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\drivers\nvhda64v.sys
[2013.05.28 09:36:47 | 000,072,992 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvapo64v.dll
[2013.05.26 21:01:39 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\elsterformular
[2013.05.26 21:00:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
[2013.05.26 21:00:51 | 000,000,000 | ---D | C] -- C:\ProgramData\elsterformular
[2013.05.26 21:00:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ElsterFormular
[2013.05.23 01:56:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2013.05.23 01:56:41 | 000,017,272 | ---- | C] (Safer Networking Limited) -- C:\WINDOWS\SysNative\sdnclean64.exe
[2013.05.21 21:08:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IsoBuster
[2013.05.21 21:08:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Smart Projects
[2013.05.18 18:08:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2013.05.12 17:32:48 | 007,760,687 | ---- | C] (Boraxsoft) -- C:\Users\Admin\AppData\Roaming\SetupGFD.exe
[2013.05.12 17:32:38 | 005,514,668 | ---- | C] (LIGHTNING UK!) -- C:\Users\Admin\AppData\Roaming\Imgburn.exe
[2013.05.12 17:32:35 | 005,082,084 | ---- | C] (The Public) -- C:\Users\Admin\AppData\Roaming\Avisynth.exe
[2012.12.22 08:13:42 | 002,174,976 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Program Files (x86)\Common Files\atimpenc.dll
[2 C:\Users\Admin\*.tmp files -> C:\Users\Admin\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.06.16 19:35:00 | 000,001,126 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.16 19:32:04 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.06.16 18:40:54 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.06.16 18:39:32 | 000,001,122 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.16 18:38:46 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013.06.16 12:57:38 | 002,160,314 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2013.06.16 12:57:38 | 000,914,792 | ---- | M] () -- C:\WINDOWS\SysNative\perfh007.dat
[2013.06.16 12:57:38 | 000,844,608 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2013.06.16 12:57:38 | 000,217,756 | ---- | M] () -- C:\WINDOWS\SysNative\perfc007.dat
[2013.06.16 12:57:38 | 000,181,826 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2013.06.16 11:43:01 | 000,000,160 | ---- | M] () -- C:\WINDOWS\DeleteOnReboot.bat
[2013.06.14 01:13:44 | 000,002,563 | ---- | M] () -- C:\Users\Public\Desktop\Free System Utilities.lnk
[2013.06.13 01:11:20 | 000,001,074 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013.06.12 22:40:22 | 000,477,288 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2013.06.12 16:54:23 | 000,002,007 | ---- | M] () -- C:\Users\Public\Desktop\Nitro Reader.lnk
[2013.06.12 09:26:09 | 000,107,128 | ---- | M] (G Data Software) -- C:\WINDOWS\SysNative\drivers\GRD.sys
[2013.06.11 17:07:08 | 000,001,982 | ---- | M] () -- C:\Users\Public\Desktop\G Data InternetSecurity 2014.lnk
[2013.06.11 17:06:58 | 000,068,408 | ---- | M] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\gdwfpcd64.sys
[2013.06.11 17:06:57 | 000,130,392 | ---- | M] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\MiniIcpt.sys
[2013.06.11 17:06:57 | 000,065,368 | ---- | M] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\HookCentre.sys
[2013.06.11 17:06:57 | 000,060,248 | ---- | M] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\GDBehave.sys
[2013.06.11 16:57:03 | 000,064,824 | ---- | M] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\PktIcpt.sys
[2013.06.11 09:53:08 | 000,012,800 | ---- | M] () -- C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.06.10 20:39:35 | 000,003,628 | ---- | M] () -- C:\Users\Admin\Documents\cc_20130610_203842.reg
[2013.06.10 20:32:48 | 000,001,235 | ---- | M] () -- C:\Users\Public\Desktop\Wise Registry Cleaner.lnk
[2013.06.09 21:01:13 | 000,015,712 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\SWDUMon.sys
[2013.06.09 18:40:58 | 000,011,479 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2013.06.08 12:05:49 | 000,001,089 | ---- | M] () -- C:\Users\Public\Desktop\Advanced Driver Updater.lnk
[2013.06.06 21:13:32 | 000,524,016 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\drivers\SynTP.sys
[2013.06.06 21:13:32 | 000,264,432 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynTPAPI.dll
[2013.06.06 21:13:32 | 000,192,240 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynTPCo19.dll
[2013.06.06 21:13:32 | 000,151,280 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\SysWow64\SynTPCom.dll
[2013.06.06 21:13:26 | 000,351,984 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\SysWow64\SynCom.dll
[2013.06.06 21:13:25 | 000,819,440 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynCOM.dll
[2013.06.06 01:38:51 | 000,002,187 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.06.05 00:09:22 | 000,693,112 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2013.06.05 00:09:22 | 000,078,200 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2013.06.03 12:18:28 | 000,001,197 | ---- | M] () -- C:\Users\Public\Desktop\DriverScanner.lnk
[2013.05.31 09:07:15 | 000,001,579 | ---- | M] () -- C:\Users\Admin\Desktop\DivX Movies.lnk
[2013.05.31 09:06:55 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2013.05.31 09:06:37 | 000,001,160 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2013.05.31 01:24:29 | 001,257,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel32.dll
[2013.05.29 10:47:04 | 001,721,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WdfCoInstaller01009.dll
[2013.05.29 10:46:59 | 000,192,240 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynTPCo18.dll
[2013.05.28 18:49:26 | 000,029,712 | ---- | M] (Nitro PDF Software) -- C:\WINDOWS\SysNative\nitrolocalmon2.dll
[2013.05.28 18:49:26 | 000,017,936 | ---- | M] (Nitro PDF Software) -- C:\WINDOWS\SysNative\nitrolocalui2.dll
[2013.05.28 11:39:42 | 000,000,826 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.05.28 11:33:07 | 000,001,977 | ---- | M] () -- C:\Users\Admin\Desktop\Update Checker.lnk
[2013.05.28 10:06:59 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2013.05.28 09:50:04 | 000,020,536 | ---- | M] () -- C:\WINDOWS\SysNative\nvinfo.pb
[2013.05.28 09:43:07 | 015,910,736 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvwgf2umx.dll
[2013.05.28 09:43:05 | 013,403,168 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvwgf2um.dll
[2013.05.28 09:42:59 | 006,324,360 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvopencl.dll
[2013.05.28 09:42:58 | 027,775,776 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvoglv64.dll
[2013.05.28 09:42:58 | 007,641,832 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvopencl.dll
[2013.05.28 09:42:57 | 021,096,736 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvoglv32.dll
[2013.05.28 09:42:49 | 000,518,944 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFR64.dll
[2013.05.28 09:42:49 | 000,421,152 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFR.dll
[2013.05.28 09:42:48 | 000,550,176 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvFBC64.dll
[2013.05.28 09:42:48 | 000,443,168 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvFBC.dll
[2013.05.28 09:42:47 | 001,832,224 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispco6432018.dll
[2013.05.28 09:42:47 | 001,511,712 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispgenco6432018.dll
[2013.05.28 09:42:46 | 015,143,904 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvd3dumx.dll
[2013.05.28 09:42:45 | 012,426,216 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvd3dum.dll
[2013.05.28 09:42:44 | 002,942,240 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvid.dll
[2013.05.28 09:42:44 | 002,754,336 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvid.dll
[2013.05.28 09:42:44 | 002,363,680 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvenc.dll
[2013.05.28 09:42:43 | 009,233,688 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuda.dll
[2013.05.28 09:42:43 | 007,682,960 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuda.dll
[2013.05.28 09:42:43 | 002,002,720 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvenc.dll
[2013.05.28 09:42:42 | 025,256,224 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcompiler.dll
[2013.05.28 09:42:42 | 017,560,352 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcompiler.dll
[2013.05.28 09:42:41 | 002,935,696 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvapi64.dll
[2013.05.28 09:42:41 | 002,597,344 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvapi.dll
[2013.05.28 09:36:48 | 001,510,176 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvhdagenco6420103.dll
[2013.05.28 09:36:48 | 000,031,520 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvhdap64.dll
[2013.05.28 09:36:47 | 000,194,848 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\drivers\nvhda64v.sys
[2013.05.28 09:36:47 | 000,072,992 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvapo64v.dll
[2013.05.26 21:00:54 | 000,001,237 | ---- | M] () -- C:\Users\Public\Desktop\ElsterFormular.lnk
[2013.05.26 20:52:13 | 000,172,994 | ---- | M] () -- C:\Users\Admin\Documents\install_anleitung_elfo.pdf
[2013.05.24 01:01:46 | 001,300,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32.dll
[2013.05.23 01:56:46 | 000,001,387 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013.05.21 21:08:13 | 000,001,200 | ---- | M] () -- C:\Users\Admin\Desktop\IsoBuster.lnk
[2013.05.20 10:57:12 | 000,001,136 | ---- | M] () -- C:\Users\Public\Desktop\Prism Videodatei-Konverter.lnk
[2013.05.19 17:37:07 | 335,995,200 | ---- | M] () -- C:\Users\Admin\Documents\PowerDirector_2812_GM5.5_Patch_Patch_VDE130411-03.exe
[2013.05.18 11:04:46 | 000,000,959 | ---- | M] () -- C:\Users\Admin\Desktop\Diashow-Player.lnk
[2013.05.17 20:36:43 | 007,077,671 | ---- | M] () -- C:\Users\Admin\Meine Diashow.wmv
[2 C:\Users\Admin\*.tmp files -> C:\Users\Admin\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.06.15 11:10:43 | 000,000,160 | ---- | C] () -- C:\WINDOWS\DeleteOnReboot.bat
[2013.06.12 22:40:07 | 000,477,288 | ---- | C] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2013.06.12 22:16:53 | 000,386,646 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2013.06.12 16:54:23 | 000,002,007 | ---- | C] () -- C:\Users\Public\Desktop\Nitro Reader.lnk
[2013.06.12 16:54:22 | 000,002,499 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Reader 3.lnk
[2013.06.11 16:56:59 | 000,001,982 | ---- | C] () -- C:\Users\Public\Desktop\G Data InternetSecurity 2014.lnk
[2013.06.10 20:39:05 | 000,003,628 | ---- | C] () -- C:\Users\Admin\Documents\cc_20130610_203842.reg
[2013.06.10 20:32:48 | 000,001,235 | ---- | C] () -- C:\Users\Public\Desktop\Wise Registry Cleaner.lnk
[2013.06.08 17:59:53 | 000,023,624 | ---- | C] () -- C:\WINDOWS\Launcher.exe
[2013.06.08 17:58:57 | 000,002,563 | ---- | C] () -- C:\Users\Public\Desktop\Free System Utilities.lnk
[2013.05.29 11:00:30 | 000,465,645 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\RTAIODAT.DAT
[2013.05.28 10:06:59 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2013.05.26 21:00:54 | 000,001,237 | ---- | C] () -- C:\Users\Public\Desktop\ElsterFormular.lnk
[2013.05.26 20:52:13 | 000,172,994 | ---- | C] () -- C:\Users\Admin\Documents\install_anleitung_elfo.pdf
[2013.05.23 01:56:46 | 000,001,399 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2013.05.23 01:56:46 | 000,001,387 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013.05.21 21:08:13 | 000,001,200 | ---- | C] () -- C:\Users\Admin\Desktop\IsoBuster.lnk
[2013.05.20 10:57:12 | 000,001,148 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prism Videodatei-Konverter.lnk
[2013.05.20 10:57:12 | 000,001,136 | ---- | C] () -- C:\Users\Public\Desktop\Prism Videodatei-Konverter.lnk
[2013.05.19 14:46:25 | 335,995,200 | ---- | C] () -- C:\Users\Admin\Documents\PowerDirector_2812_GM5.5_Patch_Patch_VDE130411-03.exe
[2013.05.17 20:35:10 | 007,077,671 | ---- | C] () -- C:\Users\Admin\Meine Diashow.wmv
[2013.05.17 01:28:56 | 009,687,294 | ---- | C] () -- C:\Users\Admin\Nilkreuzfahrt 2013.ads
[2013.05.12 17:32:46 | 005,243,208 | ---- | C] (                                                            ) -- C:\Users\Admin\AppData\Roaming\AvsP.exe
[2013.05.12 17:32:43 | 001,357,348 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\MatroskaSplitter.exe
[2013.05.12 17:32:40 | 000,117,723 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\yuvcodecs-1.3.exe
[2013.05.11 19:30:23 | 000,000,196 | ---- | C] () -- C:\WINDOWS\ulead32.ini
[2013.04.09 02:32:45 | 000,011,479 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2013.03.17 18:21:19 | 000,012,800 | ---- | C] () -- C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.01.29 03:58:17 | 002,079,580 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2012.12.31 00:46:12 | 000,000,209 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012.12.27 18:56:29 | 000,000,026 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2012.12.24 01:15:29 | 001,035,321 | ---- | C] () -- C:\WINDOWS\SysWow64\sig.bin
[2012.12.22 12:53:43 | 000,020,992 | ---- | C] () -- C:\WINDOWS\SysWow64\NC_INST.DLL
[2012.12.21 04:20:35 | 000,246,862 | ---- | C] () -- C:\WINDOWS\hpoins40.dat
[2012.12.21 04:20:35 | 000,000,909 | ---- | C] () -- C:\WINDOWS\hpomdl40.dat
[2012.12.21 02:36:27 | 000,083,968 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2012.07.26 10:13:10 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2012.07.26 10:13:09 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2012.07.26 09:21:26 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012.07.26 03:17:42 | 000,043,520 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2012.07.25 22:37:29 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2012.07.25 22:28:31 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2012.06.02 16:31:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2011.10.08 13:02:40 | 000,001,024 | ---- | C] () -- C:\Users\Admin\.rnd
 
========== ZeroAccess Check ==========
 
[2012.12.24 01:21:30 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.03.06 08:31:28 | 019,758,592 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.03.06 07:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Custom Scans ==========
 
< c:\windows\Tasks\* /s >
[2013.06.16 20:32:09 | 000,000,884 | ---- | M] () -- c:\windows\Tasks\Adobe Flash Player Updater.job
[2013.06.16 18:39:32 | 000,001,122 | ---- | M] () -- c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.06.16 19:35:00 | 000,001,126 | ---- | M] () -- c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013.06.16 18:39:02 | 000,000,006 | -H-- | M] () -- c:\windows\Tasks\SA.DAT
 
< c:\windows\system32\Tasks\* /s >
 
<           >
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:DFC5A2B2

< End of report >

--- --- ---

schrauber · 17.06.2013, 08:17

Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1

WICHTIG - Speichere Combofix auf deinem Desktop

Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

starte den Rechner einfach neu. Dies sollte das Problem beheben.

luci4712 · 17.06.2013, 14:05

Log

Combofix Logfile:

Code:

ATTFilter

ComboFix 13-06-17.01 - Admin 17.06.2013  14:29:00.1.2 - x64
Microsoft Windows 8 Pro with Media Center  6.2.9200.0.1252.49.1031.18.3838.2269 [GMT 2:00]
ausgeführt von:: c:\users\Admin\Downloads\ComboFix.exe
AV: G Data InternetSecurity 2014 *Disabled/Updated* {39B780B4-63C2-05B0-3B40-8F7A21E4F496}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G Data Personal Firewall *Disabled* {018C0191-29AD-04E8-101F-264FDF37B3ED}
SP: G Data InternetSecurity 2014 *Disabled/Updated* {82D66150-45F8-0A3E-01F0-B4085A63BE2B}
SP: Spybot - Search and Destroy *Disabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Wincert\WIN32C~1.DLL
c:\users\Admin\AppData\Roaming\Avisynth.exe
c:\users\Admin\AppData\Roaming\AvsP.exe
c:\users\Admin\AppData\Roaming\ImgBurn.exe
c:\users\Admin\AppData\Roaming\MatroskaSplitter.exe
c:\users\Admin\AppData\Roaming\SetupGFD.exe
c:\users\Admin\AppData\Roaming\yuvcodecs-1.3.exe
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-05-17 bis 2013-06-17  ))))))))))))))))))))))))))))))
.
.
2013-06-17 12:42 . 2013-06-17 12:42	--------	d-----w-	c:\users\DefaultAppPool\AppData\Local\temp
2013-06-17 12:42 . 2013-06-17 12:42	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-06-17 12:42 . 2013-06-17 12:42	--------	d-----w-	c:\users\Classic .NET AppPool\AppData\Local\temp
2013-06-17 12:42 . 2013-06-17 12:42	--------	d-----w-	c:\users\.NET v4.5\AppData\Local\temp
2013-06-17 12:42 . 2013-06-17 12:42	--------	d-----w-	c:\users\.NET v4.5 Classic\AppData\Local\temp
2013-06-16 20:26 . 2013-06-16 20:26	--------	d-----w-	c:\program files\ESET
2013-06-15 15:00 . 2013-06-16 08:02	--------	d-----w-	C:\Stinger_Quarantine
2013-06-14 13:58 . 2013-06-17 09:03	--------	d-----w-	c:\program files (x86)\Digeus
2013-06-14 13:42 . 2013-06-14 13:42	--------	d-----w-	c:\program files (x86)\FromDocToPDF_65
2013-06-14 12:40 . 2013-06-17 10:07	--------	d-----w-	c:\program files\SmartPCFixer
2013-06-13 23:13 . 2013-06-17 09:03	--------	d-----w-	c:\program files (x86)\Covus Freemium
2013-06-13 08:17 . 2013-06-13 08:17	--------	d-----w-	c:\windows\ERUNT
2013-06-13 08:17 . 2013-06-17 10:05	--------	d-----w-	C:\JRT
2013-06-12 23:10 . 2013-06-12 23:10	--------	d-----w-	c:\program files (x86)\VideoLAN
2013-06-12 21:06 . 2013-03-26 15:59	92256	----a-w-	c:\programdata\Microsoft\BingDesktop\Updater\BingDesktopRestarter.exe
2013-06-12 20:50 . 2013-05-10 02:42	17271808	----a-w-	c:\program files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-06-12 20:50 . 2013-05-10 02:21	16642560	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-06-12 20:49 . 2013-04-02 23:37	25088	----a-w-	c:\windows\SysWow64\cryptdlg.dll
2013-06-12 20:49 . 2013-04-02 23:12	30720	----a-w-	c:\windows\system32\cryptdlg.dll
2013-06-12 20:36 . 2013-04-23 23:12	1569792	----a-w-	c:\windows\SysWow64\crypt32.dll
2013-06-12 20:36 . 2013-04-23 22:55	1889280	----a-w-	c:\windows\system32\crypt32.dll
2013-06-12 20:36 . 2013-04-23 23:13	1013248	----a-w-	c:\windows\SysWow64\certutil.exe
2013-06-12 20:36 . 2013-04-23 23:12	109056	----a-w-	c:\windows\SysWow64\cryptnet.dll
2013-06-12 20:36 . 2013-04-23 22:56	1255936	----a-w-	c:\windows\system32\certutil.exe
2013-06-12 20:36 . 2013-04-23 22:55	68096	----a-w-	c:\windows\system32\cryptsvc.dll
2013-06-12 20:36 . 2013-04-23 22:55	141312	----a-w-	c:\windows\system32\cryptnet.dll
2013-06-12 20:36 . 2013-05-04 07:45	2233600	----a-w-	c:\windows\system32\drivers\tcpip.sys
2013-06-12 20:34 . 2013-05-15 22:35	144384	----a-w-	c:\windows\system32\tssdisai.dll
2013-06-12 20:16 . 2013-05-04 04:57	1637376	----a-w-	c:\program files (x86)\Windows Photo Viewer\PhotoViewer.dll
2013-06-12 14:54 . 2013-05-28 16:49	29712	----a-w-	c:\windows\system32\nitrolocalmon2.dll
2013-06-12 14:54 . 2013-05-28 16:49	17936	----a-w-	c:\windows\system32\nitrolocalui2.dll
2013-06-12 14:54 . 2013-06-12 14:54	--------	d-----w-	c:\program files\Common Files\Nitro
2013-06-12 14:54 . 2013-06-12 14:54	--------	d-----w-	c:\program files (x86)\Nitro
2013-06-12 14:54 . 2013-06-12 14:54	--------	d-----w-	c:\program files (x86)\Common Files\Nitro
2013-06-12 07:26 . 2013-06-12 07:26	107128	----a-w-	c:\windows\system32\drivers\GRD.sys
2013-06-11 21:57 . 2013-06-11 21:57	893552	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2013-06-11 21:57 . 2013-06-11 21:57	42776	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2013-06-11 15:37 . 2013-06-11 15:37	--------	d-----w-	c:\windows\SysWow64\wbem\Logs
2013-06-11 14:57 . 2013-06-11 14:57	64824	----a-w-	c:\windows\system32\drivers\PktIcpt.sys
2013-06-11 14:56 . 2013-06-11 15:06	68408	----a-w-	c:\windows\system32\drivers\gdwfpcd64.sys
2013-06-11 14:56 . 2013-06-11 15:06	65368	----a-w-	c:\windows\system32\drivers\HookCentre.sys
2013-06-11 14:56 . 2013-06-11 15:06	60248	----a-w-	c:\windows\system32\drivers\GDBehave.sys
2013-06-11 14:56 . 2013-06-11 15:06	130392	----a-w-	c:\windows\system32\drivers\MiniIcpt.sys
2013-06-11 14:52 . 2013-06-11 14:53	--------	d-----w-	c:\program files (x86)\Common Files\G Data
2013-06-11 11:00 . 2013-06-11 11:00	--------	d-----w-	c:\users\Admin\AppData\Roaming\Corel
2013-06-10 18:33 . 2013-06-17 10:07	--------	d-----w-	c:\users\Admin\AppData\Roaming\Wise Registry Cleaner
2013-06-10 18:32 . 2013-06-10 18:32	--------	d-----w-	c:\program files (x86)\Wise
2013-06-08 16:04 . 2013-06-08 16:04	--------	d-----w-	c:\users\Admin\AppData\Local\Freemium
2013-06-08 15:59 . 2013-05-13 03:52	23624	----a-w-	c:\windows\Launcher.exe
2013-06-08 15:58 . 2013-06-08 15:59	--------	d-----w-	c:\program files (x86)\SoftwareUpdater
2013-06-08 15:58 . 2013-06-08 15:58	--------	d-----w-	c:\programdata\FreeSystemUtilities
2013-06-08 15:58 . 2013-06-08 15:58	--------	d-----w-	c:\programdata\Package Cache
2013-06-06 19:13 . 2013-06-06 19:13	524016	----a-w-	c:\windows\system32\drivers\SynTP.sys
2013-06-06 19:13 . 2013-06-06 19:13	264432	----a-w-	c:\windows\system32\SynTPAPI.dll
2013-06-06 19:13 . 2013-06-06 19:13	192240	----a-w-	c:\windows\system32\SynTPCo19.dll
2013-06-06 19:13 . 2013-06-06 19:13	151280	----a-w-	c:\windows\SysWow64\SynTPCom.dll
2013-06-06 19:13 . 2013-06-06 19:13	351984	----a-w-	c:\windows\SysWow64\SynCom.dll
2013-06-06 09:54 . 2013-06-06 09:54	--------	d-----w-	c:\users\Admin\AppData\Roaming\MrJobs
2013-05-29 09:00 . 2013-04-17 18:11	3355336	----a-w-	c:\windows\system32\drivers\RTKVHD64.sys
2013-05-29 09:00 . 2013-04-10 15:22	2802760	----a-w-	c:\windows\system32\RtPgEx64.dll
2013-05-29 09:00 . 2013-04-16 14:21	1003080	----a-w-	c:\windows\system32\RtkApi64.dll
2013-05-29 09:00 . 2013-04-03 20:02	613448	----a-w-	c:\windows\system32\RtDataProc64.dll
2013-05-29 09:00 . 2013-04-17 11:30	22429696	----a-w-	c:\windows\system32\RCoRes64.dat
2013-05-29 09:00 . 2013-04-11 12:35	138824	----a-w-	c:\windows\system32\RCoInstII64.dll
2013-05-29 09:00 . 2013-03-23 01:43	208072	----a-w-	c:\windows\system32\AERTAC64.dll
2013-05-29 08:47 . 2013-05-29 08:47	--------	d-----w-	c:\program files\Synaptics
2013-05-29 08:47 . 2013-05-29 08:47	1721576	----a-w-	c:\windows\system32\WdfCoInstaller01009.dll
2013-05-29 08:46 . 2013-05-29 08:46	192240	----a-w-	c:\windows\system32\SynTPCo18.dll
2013-05-28 09:39 . 2013-05-28 10:00	--------	d-----w-	c:\program files\Google
2013-05-28 08:12 . 2013-04-22 16:52	3786752	----a-w-	c:\windows\system32\drivers\athw8x.sys
2013-05-28 07:58 . 2013-06-06 19:13	819440	----a-w-	c:\windows\system32\SynCOM.dll
2013-05-28 07:43 . 2013-05-28 07:43	13403168	----a-w-	c:\windows\SysWow64\nvwgf2um.dll
2013-05-28 07:36 . 2013-05-28 07:36	31520	----a-w-	c:\windows\system32\nvhdap64.dll
2013-05-28 07:36 . 2013-05-28 07:36	72992	----a-w-	c:\windows\system32\nvapo64v.dll
2013-05-28 07:36 . 2013-05-28 07:36	194848	----a-w-	c:\windows\system32\drivers\nvhda64v.sys
2013-05-26 19:01 . 2013-05-26 19:01	--------	d-----w-	c:\users\Admin\AppData\Roaming\elsterformular
2013-05-26 19:00 . 2013-05-26 19:01	--------	d-----w-	c:\programdata\elsterformular
2013-05-26 19:00 . 2013-05-26 19:04	--------	d-----w-	c:\program files (x86)\ElsterFormular
2013-05-22 23:56 . 2009-01-25 11:14	17272	----a-w-	c:\windows\system32\sdnclean64.exe
2013-05-21 19:08 . 2013-05-21 19:08	--------	d-----w-	c:\program files (x86)\Smart Projects
2013-05-18 16:08 . 2013-05-18 16:09	--------	d-----w-	c:\program files (x86)\Mozilla Thunderbird
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-17 10:38 . 2013-01-27 02:40	4194304	----a-w-	c:\windows\ServiceProfiles\NetworkService\msmqlog.bin
2013-06-12 20:17 . 2012-12-21 01:32	75825640	----a-w-	c:\windows\system32\MRT.exe
2013-06-09 19:01 . 2013-05-07 20:17	15712	----a-w-	c:\windows\system32\drivers\SWDUMon.sys
2013-06-04 22:09 . 2013-04-10 01:13	78200	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-04 22:09 . 2013-04-10 01:13	693112	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-28 07:43 . 2012-07-25 20:22	15910736	----a-w-	c:\windows\system32\nvwgf2umx.dll
2013-05-28 07:42 . 2013-02-21 01:08	12426216	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2013-05-28 07:42 . 2013-01-26 20:19	2935696	----a-w-	c:\windows\system32\nvapi64.dll
2013-05-28 07:36 . 2013-01-26 20:19	1510176	----a-w-	c:\windows\system32\nvhdagenco6420103.dll
2013-05-12 20:34 . 2013-01-26 20:24	3514656	----a-w-	c:\windows\system32\nvsvc64.dll
2013-05-12 20:34 . 2013-01-26 20:24	6491936	----a-w-	c:\windows\system32\nvcpl.dll
2013-05-12 20:34 . 2013-01-26 20:24	884512	----a-w-	c:\windows\system32\nvvsvc.exe
2013-05-12 20:34 . 2013-01-26 20:24	63776	----a-w-	c:\windows\system32\nvshext.dll
2013-05-12 20:34 . 2013-01-26 20:24	2555680	----a-w-	c:\windows\system32\nvsvcr.dll
2013-05-12 20:34 . 2013-01-26 20:24	237856	----a-w-	c:\windows\system32\nvmctray.dll
2013-05-10 13:36 . 2013-05-10 13:36	564824	----a-w-	c:\windows\system32\drivers\sptd.sys
2013-05-08 16:32 . 2012-07-26 08:13	22240	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-06 03:32 . 2013-05-06 03:32	364944	----a-w-	c:\windows\system32\drivers\ETD.sys
2013-04-16 02:34 . 2013-05-15 06:54	1455368	----a-w-	c:\windows\system32\drivers\dxgkrnl.sys
2013-04-13 05:56 . 2013-05-15 06:46	444416	----a-w-	c:\windows\apppatch\AcSpecfc.dll
2013-04-13 02:59 . 2012-12-23 11:40	16944	----a-w-	c:\windows\system32\drivers\GdPhyMem.sys
2013-04-11 06:40 . 2013-05-15 00:32	6987528	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-04-09 05:33 . 2013-05-14 23:41	446792	----a-w-	c:\windows\system32\AudioSes.dll
2013-04-09 05:33 . 2013-05-14 23:41	489576	----a-w-	c:\windows\system32\AudioEng.dll
2013-04-09 05:33 . 2013-05-14 23:41	253544	----a-w-	c:\windows\system32\audiodg.exe
2013-04-09 05:20 . 2013-05-14 23:41	306952	----a-w-	c:\windows\system32\kd_02_10ec.dll
2013-04-09 05:20 . 2013-05-14 23:41	86280	----a-w-	c:\windows\system32\kdnet.dll
2013-04-09 05:18 . 2013-05-14 23:41	77960	----a-w-	c:\windows\system32\kdvm.dll
2013-04-09 05:17 . 2013-05-14 23:41	1829408	----a-w-	c:\windows\system32\ntdll.dll
2013-04-09 04:52 . 2013-05-14 23:41	816128	----a-w-	c:\windows\system32\SearchIndexer.exe
2013-04-09 04:52 . 2013-05-14 23:41	373760	----a-w-	c:\windows\system32\SearchProtocolHost.exe
2013-04-09 04:52 . 2013-05-14 23:41	197120	----a-w-	c:\windows\system32\SearchFilterHost.exe
2013-04-09 04:52 . 2013-05-14 23:41	126464	----a-w-	c:\windows\system32\Robocopy.exe
2013-04-09 04:52 . 2013-05-14 23:41	804352	----a-w-	c:\windows\system32\RecoveryDrive.exe
2013-04-09 04:51 . 2013-05-14 23:41	367616	----a-w-	c:\windows\system32\conhost.exe
2013-04-09 04:51 . 2013-05-14 23:41	523264	----a-w-	c:\windows\system32\XpsGdiConverter.dll
2013-04-09 04:51 . 2013-05-14 23:41	456704	----a-w-	c:\windows\system32\wpncore.dll
2013-04-09 04:51 . 2013-05-14 23:41	99840	----a-w-	c:\windows\system32\wscsvc.dll
2013-04-09 04:51 . 2013-05-14 23:41	14267904	----a-w-	c:\windows\system32\wmp.dll
2013-04-09 04:51 . 2013-05-14 23:41	595456	----a-w-	c:\windows\system32\Windows.Networking.dll
2013-04-09 04:51 . 2013-05-14 23:41	391168	----a-w-	c:\windows\system32\Windows.Networking.BackgroundTransfer.dll
2013-04-09 04:51 . 2013-05-14 23:41	3552768	----a-w-	c:\windows\system32\tquery.dll
2013-04-09 04:50 . 2013-05-14 23:40	414720	----a-w-	c:\windows\system32\GenuineCenter.dll
2013-04-09 04:50 . 2013-05-14 23:41	1285632	----a-w-	c:\windows\system32\schedsvc.dll
2013-04-09 04:50 . 2013-05-14 23:41	422400	----a-w-	c:\windows\system32\schannel.dll
2013-04-09 04:50 . 2013-05-14 23:41	2107904	----a-w-	c:\windows\system32\mssrch.dll
2013-04-09 04:50 . 2013-05-14 23:40	745984	----a-w-	c:\windows\system32\mssvp.dll
2013-04-09 04:50 . 2013-05-14 23:40	96256	----a-w-	c:\windows\system32\mssprxy.dll
2013-04-09 04:50 . 2013-05-14 23:41	435200	----a-w-	c:\windows\system32\mssph.dll
2013-04-09 04:50 . 2013-05-14 23:40	65024	----a-w-	c:\windows\system32\msscntrs.dll
2013-04-09 04:50 . 2013-05-14 23:40	13824	----a-w-	c:\windows\system32\msshooks.dll
2013-04-09 04:49 . 2013-05-14 23:41	1444864	----a-w-	c:\windows\system32\MSAudDecMFT.dll
2013-04-09 04:49 . 2013-05-14 23:41	468992	----a-w-	c:\windows\system32\MFMediaEngine.dll
2013-04-09 04:49 . 2013-05-14 23:41	281088	----a-w-	c:\windows\system32\mfreadwrite.dll
2013-04-09 04:49 . 2013-05-14 23:41	817152	----a-w-	c:\windows\system32\kerberos.dll
2013-04-09 04:49 . 2013-05-14 23:41	210432	----a-w-	c:\windows\system32\iuilp.dll
2013-04-09 04:49 . 2013-05-14 23:41	231936	----a-w-	c:\windows\system32\fhengine.dll
2013-04-09 04:49 . 2013-05-14 23:40	50176	----a-w-	c:\windows\system32\fmifs.dll
2013-04-09 04:49 . 2013-05-14 23:41	172544	----a-w-	c:\windows\system32\dwmredir.dll
2013-04-09 04:49 . 2013-05-14 23:41	196096	----a-w-	c:\windows\system32\dmvdsitf.dll
2013-04-09 04:48 . 2013-05-14 23:41	785408	----a-w-	c:\windows\system32\audiosrv.dll
2013-04-09 04:48 . 2013-05-14 23:41	169472	----a-w-	c:\windows\system32\AudioEndpointBuilder.dll
2013-04-09 02:35 . 2013-05-14 23:41	4038144	----a-w-	c:\windows\system32\win32k.sys
2013-04-09 02:34 . 2013-05-14 23:41	95744	----a-w-	c:\windows\system32\drivers\hidbth.sys
2013-04-09 02:33 . 2013-05-14 23:40	60416	----a-w-	c:\windows\system32\drivers\ndproxy.sys
2013-04-09 02:33 . 2013-05-14 23:41	623104	----a-w-	c:\windows\system32\drivers\srv2.sys
2013-04-09 02:32 . 2013-05-14 23:41	805376	----a-w-	c:\windows\system32\drivers\PEAuth.sys
2013-04-09 02:31 . 2013-05-14 23:41	247808	----a-w-	c:\windows\system32\drivers\srvnet.sys
2013-04-09 02:31 . 2013-05-14 23:40	83456	----a-w-	c:\windows\system32\drivers\wanarp.sys
2013-04-08 23:44 . 2013-05-14 23:41	123880	----a-w-	c:\windows\SysWow64\wscapi.dll
2013-04-08 23:39 . 2013-05-14 23:41	1408896	----a-w-	c:\windows\SysWow64\ntdll.dll
2013-04-08 23:37 . 2013-05-14 23:41	426024	----a-w-	c:\windows\SysWow64\AudioEng.dll
2013-04-08 23:37 . 2013-05-14 23:41	324368	----a-w-	c:\windows\SysWow64\AudioSes.dll
2013-04-08 21:52 . 2013-05-14 23:41	302592	----a-w-	c:\windows\SysWow64\SearchProtocolHost.exe
2013-04-08 21:52 . 2013-05-14 23:41	670208	----a-w-	c:\windows\SysWow64\SearchIndexer.exe
2013-04-08 21:52 . 2013-05-14 23:41	171008	----a-w-	c:\windows\SysWow64\SearchFilterHost.exe
2013-04-08 21:52 . 2013-05-14 23:41	106496	----a-w-	c:\windows\SysWow64\Robocopy.exe
2013-04-08 21:52 . 2013-05-14 23:41	364544	----a-w-	c:\windows\SysWow64\XpsGdiConverter.dll
2013-04-08 21:51 . 2013-05-14 23:41	411136	----a-w-	c:\windows\SysWow64\Windows.Networking.dll
2013-04-08 21:51 . 2013-05-14 23:41	268800	----a-w-	c:\windows\SysWow64\Windows.Networking.BackgroundTransfer.dll
2013-04-08 21:51 . 2013-05-14 23:41	2767360	----a-w-	c:\windows\SysWow64\tquery.dll
2013-04-08 21:51 . 2013-05-14 23:41	324096	----a-w-	c:\windows\SysWow64\schannel.dll
2013-04-08 21:51 . 2013-05-14 23:41	1593344	----a-w-	c:\windows\SysWow64\mssrch.dll
2013-04-08 21:51 . 2013-05-14 23:41	403968	----a-w-	c:\windows\SysWow64\mssph.dll
2013-04-08 21:51 . 2013-05-14 23:41	659456	----a-w-	c:\windows\SysWow64\mssvp.dll
2013-04-08 21:51 . 2013-05-14 23:40	35328	----a-w-	c:\windows\SysWow64\mssprxy.dll
2013-04-08 21:51 . 2013-05-14 23:40	186880	----a-w-	c:\windows\SysWow64\mssphtb.dll
2013-04-08 21:51 . 2013-05-14 23:40	10752	----a-w-	c:\windows\SysWow64\msshooks.dll
2013-04-08 21:51 . 2013-05-14 23:41	1113600	----a-w-	c:\windows\SysWow64\MSAudDecMFT.dll
2013-04-08 21:51 . 2013-05-14 23:41	214528	----a-w-	c:\windows\SysWow64\mfreadwrite.dll
2013-04-08 21:51 . 2013-05-14 23:40	361984	----a-w-	c:\windows\SysWow64\MFMediaEngine.dll
2013-04-08 21:51 . 2013-05-14 23:41	656896	----a-w-	c:\windows\SysWow64\kerberos.dll
2013-04-08 21:51 . 2013-05-14 23:40	41984	----a-w-	c:\windows\SysWow64\fmifs.dll
2013-04-08 21:51 . 2013-05-14 23:41	155648	----a-w-	c:\windows\SysWow64\dmvdsitf.dll
2013-04-04 23:30 . 2013-05-14 23:41	503080	----a-w-	c:\windows\system32\ci.dll
2013-04-04 12:50 . 2013-01-14 14:21	25928	----a-w-	c:\windows\system32\drivers\mbam.sys
2013-04-01 12:06 . 2012-12-21 03:38	2079816	----a-w-	c:\windows\RtlExUpd.dll
2013-03-31 16:10 . 2013-03-31 16:10	1807136	----a-w-	c:\windows\system32\nvdispco6431422.dll
2013-03-31 16:10 . 2013-03-31 16:10	1510176	----a-w-	c:\windows\system32\nvdispgenco6431422.dll
2013-03-30 18:16 . 2013-05-14 23:41	1403784	----a-w-	c:\windows\system32\winload.efi
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{a235e1e3-6296-4710-af39-104a7faa6c7c}]
2013-06-14 13:42	708168	----a-w-	c:\progra~2\FROMDO~2\bar\1.bin\65bar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{f236ca79-3123-4afb-9f74-e98117ad5625}]
2013-06-14 13:42	62864	----a-w-	c:\program files (x86)\FromDocToPDF_65\bar\1.bin\65SrcAs.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{c66a678d-5e6c-4af9-8f57-c6192f42cf74}"= "c:\program files (x86)\FromDocToPDF_65\bar\1.bin\65bar.dll" [2013-06-14 708168]
.
[HKEY_CLASSES_ROOT\clsid\{c66a678d-5e6c-4af9-8f57-c6192f42cf74}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2013-04-12 21:28	611840	----a-w-	c:\program files\Classic Shell\ClassicExplorer32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FileHippo.com"="c:\program files (x86)\FileHippo.com\UpdateChecker.exe" [2012-11-23 307712]
"StartMenuX"="c:\program files\Start Menu X\StartMenuX.exe" [2012-08-09 6708656]
"DriverMax"="c:\program files (x86)\Innovative Solutions\DriverMax\drivermax.exe" [2013-04-26 7162232]
"DriverMax_RESTART"="c:\program files (x86)\Innovative Solutions\DriverMax\drivermax.exe" [2013-04-26 7162232]
"Spybot-S&D Cleaning"="c:\program files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" [2013-05-16 3642312]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2013-05-20 450560]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2013-02-13 1263952]
"Ulead AutoDetector v2"="c:\program files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe" [2007-08-02 95504]
"SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2013-05-16 3830224]
"G Data AntiVirus Tray"="c:\program files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe" [2013-03-22 1444304]
"GDFirewallTray"="c:\program files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe" [2013-03-22 1854928]
"BingDesktop"="c:\program files (x86)\Microsoft\BingDesktop\BingDesktop.exe" [2013-04-10 2387088]
"FromDocToPDF Search Scope Monitor"="c:\progra~2\FROMDO~2\bar\1.bin\65srchmn.exe" [2013-06-14 44784]
"FromDocToPDF_65 Browser Plugin Loader"="c:\progra~2\FROMDO~2\bar\1.bin\65brmon.exe" [2013-06-14 30096]
.
c:\users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech . Produktregistrierung.lnk - c:\program files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe /remind /language=DEU /_WFM="." [2009-11-16 517384]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2011-4-19 291896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0\0sdnclean64.exe
.
3;3 GDPkIcpt;GDPkIcpt;c:\windows\system32\drivers\PktIcpt.sys;c:\windows\SYSNATIVE\drivers\PktIcpt.sys [x]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x]
R2 SystemStoreService;System Store;c:\program files (x86)\SoftwareUpdater\SystemStore.exe  -displayname System Store -servicename SystemStoreService;c:\program files (x86)\SoftwareUpdater\SystemStore.exe  -displayname System Store -servicename SystemStoreService [x]
R3 andnetadb;ADB Interface DriverNet;c:\windows\System32\Drivers\lgandnetadb.sys;c:\windows\SYSNATIVE\Drivers\lgandnetadb.sys [x]
R3 AndNetDiag;LGE AndroidNet USB Serial Port;c:\windows\system32\DRIVERS\lgandnetdiag64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetdiag64.sys [x]
R3 ANDNetModem;LGE AndroidNet USB Modem;c:\windows\system32\DRIVERS\lgandnetmodem64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetmodem64.sys [x]
R3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys;c:\windows\SYSNATIVE\DRIVERS\avfsfilter.sys [x]
R3 c2wts;Claims to Windows Token Service;c:\program files\Windows Identity Foundation\v3.5\c2wtshost.exe;c:\program files\Windows Identity Foundation\v3.5\c2wtshost.exe [x]
R3 DsRoleSvc;DS-Rollenserver;c:\windows\System32\lsass.exe;c:\windows\SYSNATIVE\lsass.exe [x]
R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
R3 gfiark;gfiark;c:\windows\system32\drivers\gfiark.sys;c:\windows\SYSNATIVE\drivers\gfiark.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]
R3 WMSVC;Webverwaltungsdienst;c:\windows\system32\inetsrv\wmsvc.exe;c:\windows\SYSNATIVE\inetsrv\wmsvc.exe [x]
S0 GDBehave;GDBehave;c:\windows\system32\drivers\GDBehave.sys;c:\windows\SYSNATIVE\drivers\GDBehave.sys [x]
S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys;c:\windows\SYSNATIVE\drivers\gfibto.sys [x]
S0 MxEFUF;Matrox Extio Upper Function Filter;c:\windows\system32\DRIVERS\MxEFUF64.sys;c:\windows\SYSNATIVE\DRIVERS\MxEFUF64.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys;c:\windows\SYSNATIVE\drivers\MiniIcpt.sys [x]
S1 gdwfpcd;G Data WFP CD;c:\windows\system32\drivers\gdwfpcd64.sys;c:\windows\SYSNATIVE\drivers\gdwfpcd64.sys [x]
S1 GRD;G Data Rootkit Detector Driver;c:\windows\system32\drivers\GRD.sys;c:\windows\SYSNATIVE\drivers\GRD.sys [x]
S1 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys;c:\windows\SYSNATIVE\drivers\HookCentre.sys [x]
S2 AVKProxy;G Data AntiVirus Proxy;c:\program files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe;c:\program files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [x]
S2 AVKService;G Data Scheduler;c:\program files (x86)\G Data\InternetSecurity\AVK\AVKService.exe;c:\program files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [x]
S2 AVKWCtl;G Data Dateisystem Wächter;c:\program files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe;c:\program files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [x]
S2 BingDesktopUpdate;Bing Desktop Update service;c:\program files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe;c:\program files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [x]
S2 DfSdkS;Defragmentation-Service;c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 6\DfsdkS.exe;c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 6\DfsdkS.exe [x]
S2 FromDocToPDF_65Service;FromDocToPDFService;c:\progra~2\FROMDO~2\bar\1.bin\65barsvc.exe;c:\progra~2\FROMDO~2\bar\1.bin\65barsvc.exe [x]
S2 ftpsvc;Microsoft-FTP-Dienst;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 iprip;RIP-Überwachung;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3;c:\program files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe;c:\program files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [x]
S2 regi;regi;c:\windows\system32\drivers\regi.sys;c:\windows\SYSNATIVE\drivers\regi.sys [x]
S2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);c:\program files\CyberLink\Shared files\RichVideo64.exe;c:\program files\CyberLink\Shared files\RichVideo64.exe [x]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe [x]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe;c:\program files (x86)\Secunia\PSI\sua.exe [x]
S3 GDFwSvc;G Data Personal Firewall;c:\program files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe;c:\program files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [x]
S3 GDScan;G Data Scanner;c:\program files (x86)\Common Files\G Data\GDScan\GDScan.exe;c:\program files (x86)\Common Files\G Data\GDScan\GDScan.exe [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf.sys [x]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
S3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
apphost	REG_MULTI_SZ   	apphostsvc
iissvcs	REG_MULTI_SZ   	w3svc was
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-05 23:35	1165776	----a-w-	c:\program files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-06-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-23 21:32]
.
2013-06-12 c:\windows\Tasks\AdvancedDriverUpdater_UPDATES.job
- c:\program files (x86)\Advanced Driver Updater\adu.exe [2013-02-21 13:23]
.
2013-03-26 c:\windows\Tasks\DriverEasy Scheduled Scan.job
- c:\program files\Easeware\DriverEasy\DriverEasy.exe [2013-02-25 13:29]
.
2013-06-17 c:\windows\Tasks\dsmonitor.job
- c:\program files (x86)\Uniblue\DriverScanner\dsmonitor.exe [2013-03-11 09:00]
.
2013-06-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-21 04:08]
.
2013-06-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-21 04:08]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-04-16 14:10	776144	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-04-16 14:10	776144	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-04-16 14:10	776144	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-04-16 14:10	776144	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2013-04-12 21:28	742400	----a-w-	c:\program files\Classic Shell\ClassicExplorer64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsmqIntCert"="c:\windows\System32\mqrt.dll" [2012-07-26 237056]
"Apoint"="c:\program files\Alps\GlidePoint\Apoint.exe" [2013-03-13 670040]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-04-10 13519432]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2000-01-01 1278024]
"FromDocToPDF Home Page Guard 64 bit"="c:\progra~2\FROMDO~2\bar\1.bin\AppIntegrator64.exe" [2013-06-14 548936]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
uDefault_Search_URL = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Bar = about:blank
IE: An OneNote s&enden - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
LSP: c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\boyttrw8.default-1370988776258\
FF - prefs.js: browser.startup.homepage - hxxp://comcenter.netcologne.de/
FF - ExtSQL: 2013-05-31 09:07; {23fcfd51-4958-4f00-80a3-ae97e717ed8b}; c:\program files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
WebBrowser-{5786D022-540E-4699-B350-B4BE0AE94B79} - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\SysWOW64\\Macromed\\Flash\\FlashUtil10zi_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\SysWOW64\\Macromed\\Flash\\FlashUtil10zi_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Zeit der Fertigstellung: 2013-06-17  14:48:09
ComboFix-quarantined-files.txt  2013-06-17 12:48
.
Vor Suchlauf: 31 Verzeichnis(se), 34.384.445.440 Bytes frei
Nach Suchlauf: 39 Verzeichnis(se), 36.035.330.048 Bytes frei
.
- - End Of File - - F4462BFD11995E64C10C99C267B3FAEB

--- --- ---
A36C5E4F47E84449FF07ED3517B43A31

HTML-Code:

Die Meldung zum Start ist immer noch da. Das System wird unruhiger.

schrauber · 17.06.2013, 16:44

Combofix-Skript

WARNUNG für die MITLESER:
Folgendes ComboFix Skript ist ausschließlich für diesen User in dieser Situtation erstellt worden.
Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!
Lösche die vorhandene Combofix.exe von deinem Desktop und lade das Programm von folgenden Download-Spiegel neu herunter: Link

Speichere es erneut auf dem Desktop (nicht woanders hin, das ist wichtig)!

Drücke die Windows + R Taste --> notepad (hinein schreiben) --> OK
Kopiere nun den Text aus der folgenden Codebox komplett in das leere Textdokument.
Code:
ATTFilter
File::
c:\windows\Tasks\DriverEasy Scheduled Scan.job
c:\windows\Tasks\AdvancedDriverUpdater_UPDATES.job
c:\windows\Tasks\dsmonitor.job
         
Speichere dies als CFScript.txt auf deinem Desktop.

Wichtig: Stelle deine Anti Viren Software temporär ab. Dies kann ComboFix nämlich bei der Arbeit behindern.
Danach wieder anstellen nicht vergessen!

Schließe alle laufenden Programme damit ComboFix ungehindert arbeiten kann.

Ziehe CFScript.txt in die ComboFix.exe wie in diesem Bild:

Mache nichts am Computer, bewege nicht die Maus über das ComboFix-Fenster oder klicke in dieses hinein. Dies kann dazu führen, dass ComboFix sich aufhängt.

Wenn ComboFix fertig ist wird es ein Log erstellen: C:\ComboFix.txt
Bitte füge es hier als Antwort (in CODE-Tags mit dem #-Button des Editors) ein.
Hinweis:
Suspect:: und Collect::
Falls im Skript diese Anweisungen enthalten sind, sollen Dateien zur Analyse eingeschickt werden. Es erscheint eine Message-Box, nachdem Combofix fertig ist. Klicke OK und folge den Aufforderungen/Anweisungen, um die Dateien hochzuladen. Teile mir unbedingt mit, ob der Upload geklappt hat!

mach mal bitte nen Screenshot von der Meldung.

luci4712 · 17.06.2013, 19:19

Combofix Log

Combofix Logfile:

Code:

ATTFilter

ComboFix 13-06-17.01 - Admin 17.06.2013  19:22:05.2.2 - x64
Microsoft Windows 8 Pro with Media Center  6.2.9200.0.1252.49.1031.18.3838.2458 [GMT 2:00]
ausgeführt von:: c:\users\Admin\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\Admin\Desktop\CFScript.txt
AV: G Data InternetSecurity 2014 *Disabled/Updated* {39B780B4-63C2-05B0-3B40-8F7A21E4F496}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G Data Personal Firewall *Enabled* {018C0191-29AD-04E8-101F-264FDF37B3ED}
SP: G Data InternetSecurity 2014 *Disabled/Updated* {82D66150-45F8-0A3E-01F0-B4085A63BE2B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\AdvancedDriverUpdater_UPDATES.job"
"c:\windows\Tasks\DriverEasy Scheduled Scan.job"
"c:\windows\Tasks\dsmonitor.job"
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-05-17 bis 2013-06-17  ))))))))))))))))))))))))))))))
.
.
2013-06-17 17:32 . 2013-06-17 17:32	--------	d-----w-	c:\users\Lucian\AppData\Local\temp
2013-06-17 17:32 . 2013-06-17 17:32	--------	d-----w-	c:\users\DefaultAppPool\AppData\Local\temp
2013-06-17 17:32 . 2013-06-17 17:32	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-06-17 17:32 . 2013-06-17 17:32	--------	d-----w-	c:\users\Classic .NET AppPool\AppData\Local\temp
2013-06-17 17:32 . 2013-06-17 17:32	--------	d-----w-	c:\users\.NET v4.5\AppData\Local\temp
2013-06-17 17:32 . 2013-06-17 17:32	--------	d-----w-	c:\users\.NET v4.5 Classic\AppData\Local\temp
2013-06-17 17:32 . 2013-06-17 17:32	--------	d-----w-	c:\users\.NET v2.0\AppData\Local\temp
2013-06-17 17:32 . 2013-06-17 17:32	--------	d-----w-	c:\users\.NET v2.0 Classic\AppData\Local\temp
2013-06-17 16:03 . 2013-06-17 16:03	--------	d-----w-	C:\_OTL
2013-06-16 20:26 . 2013-06-16 20:26	--------	d-----w-	c:\program files\ESET
2013-06-15 15:00 . 2013-06-16 08:02	--------	d-----w-	C:\Stinger_Quarantine
2013-06-14 13:58 . 2013-06-17 09:03	--------	d-----w-	c:\program files (x86)\Digeus
2013-06-14 12:40 . 2013-06-17 10:07	--------	d-----w-	c:\program files\SmartPCFixer
2013-06-13 23:13 . 2013-06-17 09:03	--------	d-----w-	c:\program files (x86)\Covus Freemium
2013-06-13 08:17 . 2013-06-13 08:17	--------	d-----w-	c:\windows\ERUNT
2013-06-13 08:17 . 2013-06-17 10:05	--------	d-----w-	C:\JRT
2013-06-12 23:10 . 2013-06-17 13:18	--------	d-----w-	c:\program files (x86)\VideoLAN
2013-06-12 20:50 . 2013-05-10 02:42	17271808	----a-w-	c:\program files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-06-12 20:50 . 2013-05-10 02:21	16642560	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-06-12 20:49 . 2013-04-02 23:37	25088	----a-w-	c:\windows\SysWow64\cryptdlg.dll
2013-06-12 20:49 . 2013-04-02 23:12	30720	----a-w-	c:\windows\system32\cryptdlg.dll
2013-06-12 20:36 . 2013-04-23 23:12	1569792	----a-w-	c:\windows\SysWow64\crypt32.dll
2013-06-12 20:36 . 2013-04-23 22:55	1889280	----a-w-	c:\windows\system32\crypt32.dll
2013-06-12 20:36 . 2013-04-23 23:13	1013248	----a-w-	c:\windows\SysWow64\certutil.exe
2013-06-12 20:36 . 2013-04-23 23:12	109056	----a-w-	c:\windows\SysWow64\cryptnet.dll
2013-06-12 20:36 . 2013-04-23 22:56	1255936	----a-w-	c:\windows\system32\certutil.exe
2013-06-12 20:36 . 2013-04-23 22:55	68096	----a-w-	c:\windows\system32\cryptsvc.dll
2013-06-12 20:36 . 2013-04-23 22:55	141312	----a-w-	c:\windows\system32\cryptnet.dll
2013-06-12 20:36 . 2013-05-04 07:45	2233600	----a-w-	c:\windows\system32\drivers\tcpip.sys
2013-06-12 20:34 . 2013-05-15 22:35	144384	----a-w-	c:\windows\system32\tssdisai.dll
2013-06-12 20:16 . 2013-05-04 04:57	1637376	----a-w-	c:\program files (x86)\Windows Photo Viewer\PhotoViewer.dll
2013-06-12 14:54 . 2013-05-28 16:49	29712	----a-w-	c:\windows\system32\nitrolocalmon2.dll
2013-06-12 14:54 . 2013-05-28 16:49	17936	----a-w-	c:\windows\system32\nitrolocalui2.dll
2013-06-12 14:54 . 2013-06-12 14:54	--------	d-----w-	c:\program files\Common Files\Nitro
2013-06-12 14:54 . 2013-06-12 14:54	--------	d-----w-	c:\program files (x86)\Nitro
2013-06-12 14:54 . 2013-06-12 14:54	--------	d-----w-	c:\program files (x86)\Common Files\Nitro
2013-06-12 07:26 . 2013-06-12 07:26	107128	----a-w-	c:\windows\system32\drivers\GRD.sys
2013-06-11 21:57 . 2013-06-11 21:57	893552	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2013-06-11 21:57 . 2013-06-11 21:57	42776	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2013-06-11 15:37 . 2013-06-11 15:37	--------	d-----w-	c:\windows\SysWow64\wbem\Logs
2013-06-11 14:57 . 2013-06-11 14:57	64824	----a-w-	c:\windows\system32\drivers\PktIcpt.sys
2013-06-11 14:56 . 2013-06-11 15:06	68408	----a-w-	c:\windows\system32\drivers\gdwfpcd64.sys
2013-06-11 14:56 . 2013-06-11 15:06	65368	----a-w-	c:\windows\system32\drivers\HookCentre.sys
2013-06-11 14:56 . 2013-06-11 15:06	60248	----a-w-	c:\windows\system32\drivers\GDBehave.sys
2013-06-11 14:56 . 2013-06-11 15:06	130392	----a-w-	c:\windows\system32\drivers\MiniIcpt.sys
2013-06-11 14:52 . 2013-06-11 14:53	--------	d-----w-	c:\program files (x86)\Common Files\G Data
2013-06-11 11:00 . 2013-06-11 11:00	--------	d-----w-	c:\users\Admin\AppData\Roaming\Corel
2013-06-10 18:33 . 2013-06-17 10:07	--------	d-----w-	c:\users\Admin\AppData\Roaming\Wise Registry Cleaner
2013-06-10 18:32 . 2013-06-10 18:32	--------	d-----w-	c:\program files (x86)\Wise
2013-06-08 16:04 . 2013-06-08 16:04	--------	d-----w-	c:\users\Admin\AppData\Local\Freemium
2013-06-08 15:59 . 2013-05-13 03:52	23624	----a-w-	c:\windows\Launcher.exe
2013-06-08 15:58 . 2013-06-08 15:59	--------	d-----w-	c:\program files (x86)\SoftwareUpdater
2013-06-08 15:58 . 2013-06-08 15:58	--------	d-----w-	c:\programdata\FreeSystemUtilities
2013-06-08 15:58 . 2013-06-08 15:58	--------	d-----w-	c:\programdata\Package Cache
2013-06-06 19:13 . 2013-06-06 19:13	524016	----a-w-	c:\windows\system32\drivers\SynTP.sys
2013-06-06 19:13 . 2013-06-06 19:13	264432	----a-w-	c:\windows\system32\SynTPAPI.dll
2013-06-06 19:13 . 2013-06-06 19:13	192240	----a-w-	c:\windows\system32\SynTPCo19.dll
2013-06-06 19:13 . 2013-06-06 19:13	151280	----a-w-	c:\windows\SysWow64\SynTPCom.dll
2013-06-06 19:13 . 2013-06-06 19:13	351984	----a-w-	c:\windows\SysWow64\SynCom.dll
2013-06-06 09:54 . 2013-06-06 09:54	--------	d-----w-	c:\users\Admin\AppData\Roaming\MrJobs
2013-05-29 09:00 . 2013-04-17 18:11	3355336	----a-w-	c:\windows\system32\drivers\RTKVHD64.sys
2013-05-29 09:00 . 2013-04-10 15:22	2802760	----a-w-	c:\windows\system32\RtPgEx64.dll
2013-05-29 09:00 . 2013-04-16 14:21	1003080	----a-w-	c:\windows\system32\RtkApi64.dll
2013-05-29 09:00 . 2013-04-03 20:02	613448	----a-w-	c:\windows\system32\RtDataProc64.dll
2013-05-29 09:00 . 2013-04-17 11:30	22429696	----a-w-	c:\windows\system32\RCoRes64.dat
2013-05-29 09:00 . 2013-04-11 12:35	138824	----a-w-	c:\windows\system32\RCoInstII64.dll
2013-05-29 09:00 . 2013-03-23 01:43	208072	----a-w-	c:\windows\system32\AERTAC64.dll
2013-05-29 08:47 . 2013-05-29 08:47	--------	d-----w-	c:\program files\Synaptics
2013-05-29 08:47 . 2013-05-29 08:47	1721576	----a-w-	c:\windows\system32\WdfCoInstaller01009.dll
2013-05-29 08:46 . 2013-05-29 08:46	192240	----a-w-	c:\windows\system32\SynTPCo18.dll
2013-05-28 09:39 . 2013-05-28 10:00	--------	d-----w-	c:\program files\Google
2013-05-28 08:12 . 2013-04-22 16:52	3786752	----a-w-	c:\windows\system32\drivers\athw8x.sys
2013-05-28 07:58 . 2013-06-06 19:13	819440	----a-w-	c:\windows\system32\SynCOM.dll
2013-05-28 07:43 . 2013-05-28 07:43	13403168	----a-w-	c:\windows\SysWow64\nvwgf2um.dll
2013-05-28 07:36 . 2013-05-28 07:36	31520	----a-w-	c:\windows\system32\nvhdap64.dll
2013-05-28 07:36 . 2013-05-28 07:36	72992	----a-w-	c:\windows\system32\nvapo64v.dll
2013-05-28 07:36 . 2013-05-28 07:36	194848	----a-w-	c:\windows\system32\drivers\nvhda64v.sys
2013-05-26 19:01 . 2013-05-26 19:01	--------	d-----w-	c:\users\Admin\AppData\Roaming\elsterformular
2013-05-26 19:00 . 2013-05-26 19:01	--------	d-----w-	c:\programdata\elsterformular
2013-05-26 19:00 . 2013-05-26 19:04	--------	d-----w-	c:\program files (x86)\ElsterFormular
2013-05-21 19:08 . 2013-05-21 19:08	--------	d-----w-	c:\program files (x86)\Smart Projects
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-17 17:01 . 2013-01-27 02:40	4194304	----a-w-	c:\windows\ServiceProfiles\NetworkService\msmqlog.bin
2013-06-12 20:17 . 2012-12-21 01:32	75825640	----a-w-	c:\windows\system32\MRT.exe
2013-06-09 19:01 . 2013-05-07 20:17	15712	----a-w-	c:\windows\system32\drivers\SWDUMon.sys
2013-06-04 22:09 . 2013-04-10 01:13	78200	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-04 22:09 . 2013-04-10 01:13	693112	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-28 07:43 . 2012-07-25 20:22	15910736	----a-w-	c:\windows\system32\nvwgf2umx.dll
2013-05-28 07:42 . 2013-02-21 01:08	12426216	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2013-05-28 07:42 . 2013-01-26 20:19	2935696	----a-w-	c:\windows\system32\nvapi64.dll
2013-05-28 07:36 . 2013-01-26 20:19	1510176	----a-w-	c:\windows\system32\nvhdagenco6420103.dll
2013-05-12 20:34 . 2013-01-26 20:24	3514656	----a-w-	c:\windows\system32\nvsvc64.dll
2013-05-12 20:34 . 2013-01-26 20:24	6491936	----a-w-	c:\windows\system32\nvcpl.dll
2013-05-12 20:34 . 2013-01-26 20:24	884512	----a-w-	c:\windows\system32\nvvsvc.exe
2013-05-12 20:34 . 2013-01-26 20:24	63776	----a-w-	c:\windows\system32\nvshext.dll
2013-05-12 20:34 . 2013-01-26 20:24	2555680	----a-w-	c:\windows\system32\nvsvcr.dll
2013-05-12 20:34 . 2013-01-26 20:24	237856	----a-w-	c:\windows\system32\nvmctray.dll
2013-05-10 13:36 . 2013-05-10 13:36	564824	----a-w-	c:\windows\system32\drivers\sptd.sys
2013-05-08 16:32 . 2012-07-26 08:13	22240	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-06 03:32 . 2013-05-06 03:32	364944	----a-w-	c:\windows\system32\drivers\ETD.sys
2013-04-16 02:34 . 2013-05-15 06:54	1455368	----a-w-	c:\windows\system32\drivers\dxgkrnl.sys
2013-04-13 05:56 . 2013-05-15 06:46	444416	----a-w-	c:\windows\apppatch\AcSpecfc.dll
2013-04-13 02:59 . 2012-12-23 11:40	16944	----a-w-	c:\windows\system32\drivers\GdPhyMem.sys
2013-04-11 06:40 . 2013-05-15 00:32	6987528	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-04-09 05:33 . 2013-05-14 23:41	446792	----a-w-	c:\windows\system32\AudioSes.dll
2013-04-09 05:33 . 2013-05-14 23:41	489576	----a-w-	c:\windows\system32\AudioEng.dll
2013-04-09 05:33 . 2013-05-14 23:41	253544	----a-w-	c:\windows\system32\audiodg.exe
2013-04-09 05:20 . 2013-05-14 23:41	306952	----a-w-	c:\windows\system32\kd_02_10ec.dll
2013-04-09 05:20 . 2013-05-14 23:41	86280	----a-w-	c:\windows\system32\kdnet.dll
2013-04-09 05:18 . 2013-05-14 23:41	77960	----a-w-	c:\windows\system32\kdvm.dll
2013-04-09 05:17 . 2013-05-14 23:41	1829408	----a-w-	c:\windows\system32\ntdll.dll
2013-04-09 04:52 . 2013-05-14 23:41	816128	----a-w-	c:\windows\system32\SearchIndexer.exe
2013-04-09 04:52 . 2013-05-14 23:41	373760	----a-w-	c:\windows\system32\SearchProtocolHost.exe
2013-04-09 04:52 . 2013-05-14 23:41	197120	----a-w-	c:\windows\system32\SearchFilterHost.exe
2013-04-09 04:52 . 2013-05-14 23:41	126464	----a-w-	c:\windows\system32\Robocopy.exe
2013-04-09 04:52 . 2013-05-14 23:41	804352	----a-w-	c:\windows\system32\RecoveryDrive.exe
2013-04-09 04:51 . 2013-05-14 23:41	367616	----a-w-	c:\windows\system32\conhost.exe
2013-04-09 04:51 . 2013-05-14 23:41	523264	----a-w-	c:\windows\system32\XpsGdiConverter.dll
2013-04-09 04:51 . 2013-05-14 23:41	456704	----a-w-	c:\windows\system32\wpncore.dll
2013-04-09 04:51 . 2013-05-14 23:41	99840	----a-w-	c:\windows\system32\wscsvc.dll
2013-04-09 04:51 . 2013-05-14 23:41	14267904	----a-w-	c:\windows\system32\wmp.dll
2013-04-09 04:51 . 2013-05-14 23:41	595456	----a-w-	c:\windows\system32\Windows.Networking.dll
2013-04-09 04:51 . 2013-05-14 23:41	391168	----a-w-	c:\windows\system32\Windows.Networking.BackgroundTransfer.dll
2013-04-09 04:51 . 2013-05-14 23:41	3552768	----a-w-	c:\windows\system32\tquery.dll
2013-04-09 04:50 . 2013-05-14 23:40	414720	----a-w-	c:\windows\system32\GenuineCenter.dll
2013-04-09 04:50 . 2013-05-14 23:41	1285632	----a-w-	c:\windows\system32\schedsvc.dll
2013-04-09 04:50 . 2013-05-14 23:41	422400	----a-w-	c:\windows\system32\schannel.dll
2013-04-09 04:50 . 2013-05-14 23:41	2107904	----a-w-	c:\windows\system32\mssrch.dll
2013-04-09 04:50 . 2013-05-14 23:40	745984	----a-w-	c:\windows\system32\mssvp.dll
2013-04-09 04:50 . 2013-05-14 23:40	96256	----a-w-	c:\windows\system32\mssprxy.dll
2013-04-09 04:50 . 2013-05-14 23:41	435200	----a-w-	c:\windows\system32\mssph.dll
2013-04-09 04:50 . 2013-05-14 23:40	65024	----a-w-	c:\windows\system32\msscntrs.dll
2013-04-09 04:50 . 2013-05-14 23:40	13824	----a-w-	c:\windows\system32\msshooks.dll
2013-04-09 04:49 . 2013-05-14 23:41	1444864	----a-w-	c:\windows\system32\MSAudDecMFT.dll
2013-04-09 04:49 . 2013-05-14 23:41	468992	----a-w-	c:\windows\system32\MFMediaEngine.dll
2013-04-09 04:49 . 2013-05-14 23:41	281088	----a-w-	c:\windows\system32\mfreadwrite.dll
2013-04-09 04:49 . 2013-05-14 23:41	817152	----a-w-	c:\windows\system32\kerberos.dll
2013-04-09 04:49 . 2013-05-14 23:41	210432	----a-w-	c:\windows\system32\iuilp.dll
2013-04-09 04:49 . 2013-05-14 23:41	231936	----a-w-	c:\windows\system32\fhengine.dll
2013-04-09 04:49 . 2013-05-14 23:40	50176	----a-w-	c:\windows\system32\fmifs.dll
2013-04-09 04:49 . 2013-05-14 23:41	172544	----a-w-	c:\windows\system32\dwmredir.dll
2013-04-09 04:49 . 2013-05-14 23:41	196096	----a-w-	c:\windows\system32\dmvdsitf.dll
2013-04-09 04:48 . 2013-05-14 23:41	785408	----a-w-	c:\windows\system32\audiosrv.dll
2013-04-09 04:48 . 2013-05-14 23:41	169472	----a-w-	c:\windows\system32\AudioEndpointBuilder.dll
2013-04-09 02:35 . 2013-05-14 23:41	4038144	----a-w-	c:\windows\system32\win32k.sys
2013-04-09 02:34 . 2013-05-14 23:41	95744	----a-w-	c:\windows\system32\drivers\hidbth.sys
2013-04-09 02:33 . 2013-05-14 23:40	60416	----a-w-	c:\windows\system32\drivers\ndproxy.sys
2013-04-09 02:33 . 2013-05-14 23:41	623104	----a-w-	c:\windows\system32\drivers\srv2.sys
2013-04-09 02:32 . 2013-05-14 23:41	805376	----a-w-	c:\windows\system32\drivers\PEAuth.sys
2013-04-09 02:31 . 2013-05-14 23:41	247808	----a-w-	c:\windows\system32\drivers\srvnet.sys
2013-04-09 02:31 . 2013-05-14 23:40	83456	----a-w-	c:\windows\system32\drivers\wanarp.sys
2013-04-08 23:44 . 2013-05-14 23:41	123880	----a-w-	c:\windows\SysWow64\wscapi.dll
2013-04-08 23:39 . 2013-05-14 23:41	1408896	----a-w-	c:\windows\SysWow64\ntdll.dll
2013-04-08 23:37 . 2013-05-14 23:41	426024	----a-w-	c:\windows\SysWow64\AudioEng.dll
2013-04-08 23:37 . 2013-05-14 23:41	324368	----a-w-	c:\windows\SysWow64\AudioSes.dll
2013-04-08 21:52 . 2013-05-14 23:41	302592	----a-w-	c:\windows\SysWow64\SearchProtocolHost.exe
2013-04-08 21:52 . 2013-05-14 23:41	670208	----a-w-	c:\windows\SysWow64\SearchIndexer.exe
2013-04-08 21:52 . 2013-05-14 23:41	171008	----a-w-	c:\windows\SysWow64\SearchFilterHost.exe
2013-04-08 21:52 . 2013-05-14 23:41	106496	----a-w-	c:\windows\SysWow64\Robocopy.exe
2013-04-08 21:52 . 2013-05-14 23:41	364544	----a-w-	c:\windows\SysWow64\XpsGdiConverter.dll
2013-04-08 21:51 . 2013-05-14 23:41	411136	----a-w-	c:\windows\SysWow64\Windows.Networking.dll
2013-04-08 21:51 . 2013-05-14 23:41	268800	----a-w-	c:\windows\SysWow64\Windows.Networking.BackgroundTransfer.dll
2013-04-08 21:51 . 2013-05-14 23:41	2767360	----a-w-	c:\windows\SysWow64\tquery.dll
2013-04-08 21:51 . 2013-05-14 23:41	324096	----a-w-	c:\windows\SysWow64\schannel.dll
2013-04-08 21:51 . 2013-05-14 23:41	1593344	----a-w-	c:\windows\SysWow64\mssrch.dll
2013-04-08 21:51 . 2013-05-14 23:41	403968	----a-w-	c:\windows\SysWow64\mssph.dll
2013-04-08 21:51 . 2013-05-14 23:41	659456	----a-w-	c:\windows\SysWow64\mssvp.dll
2013-04-08 21:51 . 2013-05-14 23:40	35328	----a-w-	c:\windows\SysWow64\mssprxy.dll
2013-04-08 21:51 . 2013-05-14 23:40	186880	----a-w-	c:\windows\SysWow64\mssphtb.dll
2013-04-08 21:51 . 2013-05-14 23:40	10752	----a-w-	c:\windows\SysWow64\msshooks.dll
2013-04-08 21:51 . 2013-05-14 23:41	1113600	----a-w-	c:\windows\SysWow64\MSAudDecMFT.dll
2013-04-08 21:51 . 2013-05-14 23:41	214528	----a-w-	c:\windows\SysWow64\mfreadwrite.dll
2013-04-08 21:51 . 2013-05-14 23:40	361984	----a-w-	c:\windows\SysWow64\MFMediaEngine.dll
2013-04-08 21:51 . 2013-05-14 23:41	656896	----a-w-	c:\windows\SysWow64\kerberos.dll
2013-04-08 21:51 . 2013-05-14 23:40	41984	----a-w-	c:\windows\SysWow64\fmifs.dll
2013-04-08 21:51 . 2013-05-14 23:41	155648	----a-w-	c:\windows\SysWow64\dmvdsitf.dll
2013-04-04 23:30 . 2013-05-14 23:41	503080	----a-w-	c:\windows\system32\ci.dll
2013-04-04 12:50 . 2013-01-14 14:21	25928	----a-w-	c:\windows\system32\drivers\mbam.sys
2013-04-01 12:06 . 2012-12-21 03:38	2079816	----a-w-	c:\windows\RtlExUpd.dll
2013-03-31 16:10 . 2013-03-31 16:10	1807136	----a-w-	c:\windows\system32\nvdispco6431422.dll
2013-03-31 16:10 . 2013-03-31 16:10	1510176	----a-w-	c:\windows\system32\nvdispgenco6431422.dll
2013-03-30 18:16 . 2013-05-14 23:41	1403784	----a-w-	c:\windows\system32\winload.efi
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2013-04-12 21:28	611840	----a-w-	c:\program files\Classic Shell\ClassicExplorer32.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"GDFirewallTray"="c:\program files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe" [2013-03-22 1854928]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0\0sdnclean64.exe
.
3;3 GDPkIcpt;GDPkIcpt;c:\windows\system32\drivers\PktIcpt.sys;c:\windows\SYSNATIVE\drivers\PktIcpt.sys [x]
R2 SystemStoreService;System Store;c:\program files (x86)\SoftwareUpdater\SystemStore.exe  -displayname System Store -servicename SystemStoreService;c:\program files (x86)\SoftwareUpdater\SystemStore.exe  -displayname System Store -servicename SystemStoreService [x]
R3 andnetadb;ADB Interface DriverNet;c:\windows\System32\Drivers\lgandnetadb.sys;c:\windows\SYSNATIVE\Drivers\lgandnetadb.sys [x]
R3 AndNetDiag;LGE AndroidNet USB Serial Port;c:\windows\system32\DRIVERS\lgandnetdiag64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetdiag64.sys [x]
R3 ANDNetModem;LGE AndroidNet USB Modem;c:\windows\system32\DRIVERS\lgandnetmodem64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetmodem64.sys [x]
R3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys;c:\windows\SYSNATIVE\DRIVERS\avfsfilter.sys [x]
R3 c2wts;Claims to Windows Token Service;c:\program files\Windows Identity Foundation\v3.5\c2wtshost.exe;c:\program files\Windows Identity Foundation\v3.5\c2wtshost.exe [x]
R3 DsRoleSvc;DS-Rollenserver;c:\windows\System32\lsass.exe;c:\windows\SYSNATIVE\lsass.exe [x]
R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
R3 gfiark;gfiark;c:\windows\system32\drivers\gfiark.sys;c:\windows\SYSNATIVE\drivers\gfiark.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]
R3 WMSVC;Webverwaltungsdienst;c:\windows\system32\inetsrv\wmsvc.exe;c:\windows\SYSNATIVE\inetsrv\wmsvc.exe [x]
S0 GDBehave;GDBehave;c:\windows\system32\drivers\GDBehave.sys;c:\windows\SYSNATIVE\drivers\GDBehave.sys [x]
S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys;c:\windows\SYSNATIVE\drivers\gfibto.sys [x]
S0 MxEFUF;Matrox Extio Upper Function Filter;c:\windows\system32\DRIVERS\MxEFUF64.sys;c:\windows\SYSNATIVE\DRIVERS\MxEFUF64.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys;c:\windows\SYSNATIVE\drivers\MiniIcpt.sys [x]
S1 gdwfpcd;G Data WFP CD;c:\windows\system32\drivers\gdwfpcd64.sys;c:\windows\SYSNATIVE\drivers\gdwfpcd64.sys [x]
S1 GRD;G Data Rootkit Detector Driver;c:\windows\system32\drivers\GRD.sys;c:\windows\SYSNATIVE\drivers\GRD.sys [x]
S1 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys;c:\windows\SYSNATIVE\drivers\HookCentre.sys [x]
S2 AVKProxy;G Data AntiVirus Proxy;c:\program files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe;c:\program files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [x]
S2 AVKService;G Data Scheduler;c:\program files (x86)\G Data\InternetSecurity\AVK\AVKService.exe;c:\program files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [x]
S2 AVKWCtl;G Data Dateisystem Wächter;c:\program files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe;c:\program files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [x]
S2 DfSdkS;Defragmentation-Service;c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 6\DfsdkS.exe;c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 6\DfsdkS.exe [x]
S2 ftpsvc;Microsoft-FTP-Dienst;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 iprip;RIP-Überwachung;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3;c:\program files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe;c:\program files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [x]
S2 regi;regi;c:\windows\system32\drivers\regi.sys;c:\windows\SYSNATIVE\drivers\regi.sys [x]
S2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);c:\program files\CyberLink\Shared files\RichVideo64.exe;c:\program files\CyberLink\Shared files\RichVideo64.exe [x]
S3 GDFwSvc;G Data Personal Firewall;c:\program files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe;c:\program files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [x]
S3 GDScan;G Data Scanner;c:\program files (x86)\Common Files\G Data\GDScan\GDScan.exe;c:\program files (x86)\Common Files\G Data\GDScan\GDScan.exe [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
S3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
apphost	REG_MULTI_SZ   	apphostsvc
iissvcs	REG_MULTI_SZ   	w3svc was
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-05 23:35	1165776	----a-w-	c:\program files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-06-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-23 21:32]
.
2013-06-12 c:\windows\Tasks\AdvancedDriverUpdater_UPDATES.job
- c:\program files (x86)\Advanced Driver Updater\adu.exe [2013-02-21 13:23]
.
2013-03-26 c:\windows\Tasks\DriverEasy Scheduled Scan.job
- c:\program files\Easeware\DriverEasy\DriverEasy.exe [2013-02-25 13:29]
.
2013-06-17 c:\windows\Tasks\dsmonitor.job
- c:\program files (x86)\Uniblue\DriverScanner\dsmonitor.exe [2013-03-11 09:00]
.
2013-06-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-21 04:08]
.
2013-06-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-21 04:08]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-04-16 14:10	776144	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-04-16 14:10	776144	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-04-16 14:10	776144	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-04-16 14:10	776144	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2013-04-12 21:28	742400	----a-w-	c:\program files\Classic Shell\ClassicExplorer64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsmqIntCert"="c:\windows\System32\mqrt.dll" [2012-07-26 237056]
"Apoint"="c:\program files\Alps\GlidePoint\Apoint.exe" [2013-03-13 670040]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-04-10 13519432]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2000-01-01 1278024]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
uDefault_Search_URL = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Bar = about:blank
IE: An OneNote s&enden - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
LSP: c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\boyttrw8.default-1370988776258\
FF - prefs.js: browser.startup.homepage - hxxp://comcenter.netcologne.de/
FF - ExtSQL: 2013-05-31 09:07; {23fcfd51-4958-4f00-80a3-ae97e717ed8b}; c:\program files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
WebBrowser-{5786D022-540E-4699-B350-B4BE0AE94B79} - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\SysWOW64\\Macromed\\Flash\\FlashUtil10zi_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\SysWOW64\\Macromed\\Flash\\FlashUtil10zi_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Zeit der Fertigstellung: 2013-06-17  19:38:03
ComboFix-quarantined-files.txt  2013-06-17 17:38
.
Vor Suchlauf: 38 Verzeichnis(se), 53.838.061.568 Bytes frei
Nach Suchlauf: 39 Verzeichnis(se), 53.504.450.560 Bytes frei
.
- - End Of File - - 717ECD2C63BE34CC6D7B3022FF0C36CE

--- --- ---
A36C5E4F47E84449FF07ED3517B43A31

schrauber · 17.06.2013, 19:19

Dann den Screenshot bitte.

luci4712 · 17.06.2013, 20:49

HTML-Code:

 Ich habe keinen zu sendenden Screenshut gesehen? Bitte um nähere Information.

schrauber · 18.06.2013, 06:32

Du sollst mir bitte einen Screenshot von der Meldung machen damit ich ihn sehe

16.06.2013, 09:15	#16
schrauber /// the machine /// TB-Ausbilder	Das angegebene Modul wurde nicht gefunden Hi, Du hast :OTL im Fix vergessen, bitte nochmal den Fix, dann reboot und Check ob die Meldung noch kommt. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

16.06.2013, 10:55	#20
schrauber /// the machine /// TB-Ausbilder	Das angegebene Modul wurde nicht gefunden und weiter __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

17.06.2013, 19:19	#28
schrauber /// the machine /// TB-Ausbilder	Das angegebene Modul wurde nicht gefunden Dann den Screenshot bitte. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

18.06.2013, 06:32	#30
schrauber /// the machine /// TB-Ausbilder	Das angegebene Modul wurde nicht gefunden Du sollst mir bitte einen Screenshot von der Meldung machen damit ich ihn sehe __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Das angegebene Modul wurde nicht gefunden

Plagegeister aller Art und deren Bekämpfung: Das angegebene Modul wurde nicht gefunden