Internet viel zu langsam, vlt. ein Virus?

ShadowBeastz · 26.06.2013, 15:13

Hallo allerseits

Ich hab ein Problem und zwar ist mein Internet trotz ausgewechseltem LAN-Kabel immer noch zu langsam. Wir haben eine 16K Leitung und ich downloade nur mit ca 500kb anstatt 1,8MB pro sekunde. Bei den anderen zwei PCs ist die Downloadrate perfekt. Ich poste mal meine Logs oder so

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 16:00:22, on 26.06.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16521)

FIREFOX: 15.0 (de)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\Samsung\Kies\Kies.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Users\admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Users\admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Electronic Arts\Die Sims 3\Game\Bin\Sims3LauncherW.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\admin\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=gear&s={searchTerms}&f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - (no file)
O2 - BHO: (no name) - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - (no file)
O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file)
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_A822CA3D40D4B8944864CFEA751D8D57] "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - Startup: Dropbox.lnk = admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: OpenOffice.org 3.4.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Reboot.exe
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)
O9 - Extra 'Tools' menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\progra~2\browse~1\261095~1.52\{c16c1~1\browse~1.dll
O22 - SharedTaskScheduler: Ave's 7StartButton Changer - {F791A188-699D-4FD4-955A-EB59E89B1907} - C:\Program Files\The Skins Factory\Hyperdesk\Common\AveStartButtonChangerInProc.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Google Update-Dienst (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files\Hi-Rez Studios\HiPatchService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Nero Update (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files\OpenVPN\bin\openvpnserv.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe

--
End of file - 11887 bytes

schrauber · 26.06.2013, 16:19

Hi,

Systemscan mit FRST
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Start > Computer (Rechtsklick) > Eigenschaften)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Scan.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

ShadowBeastz · 26.06.2013, 16:26

Die FRST.txt:
FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-06-2013 02
Ran by admin (administrator) on 26-06-2013 17:23:31
Running from C:\Users\admin\Downloads
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Teruten) C:\Windows\system32\FsUsbExService.Exe
(Hi-Rez Studios) C:\Program Files\Hi-Rez Studios\HiPatchService.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
() C:\Windows\system32\PnkBstrA.exe
(StarWind Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.21.145\GoogleCrashHandler.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Samsung) C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
() C:\Program Files\RocketDock\RocketDock.exe
(Spotify Ltd) C:\Users\admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(DT Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTLite.exe
(Dropbox, Inc.) C:\Users\admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmplayer.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(AppWork GmbH) C:\Program Files\JDownloader 2\JDownloader 2.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4767304 2013-03-07] (AVAST Software)
HKLM\...\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime [421888 2012-10-25] (Apple Inc.)
HKLM\...\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-01-28] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" [152392 2013-02-20] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKCU\...\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844168 2013-05-07] (Samsung)
HKCU\...\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844168 2013-05-07] (Samsung)
HKCU\...\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload [1561968 2013-04-23] (Samsung)
HKCU\...\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe [x]
HKCU\...\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" [495616 2007-09-02] ()
HKCU\...\Run: [Spotify Web Helper] "C:\Users\admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [1199576 2012-11-16] (Spotify Ltd)
HKCU\...\Run: [GoogleChromeAutoLaunch_A822CA3D40D4B8944864CFEA751D8D57] "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window [825808 2013-06-15] (Google Inc.)
HKCU\...\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun [3514176 2011-11-10] (DT Soft Ltd)
HKU\UpdatusUser\...\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade [ 2010-11-20] (Microsoft Corporation)
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\ProgramData\Start Menu\Programs\Startup\Reboot.exe (Elitegroup Computer Systems Ltd.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://start.facemoods.com/?a=gear
hxxp://start.facemoods.com/?a=ddrnw
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yahoo.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yahoo.com
SearchScopes: HKCU - {0D7562AE-8EF6-416d-A838-AB665251703A} URL = hxxp://start.facemoods.com/?a=gear&s={searchTerms}&f=4
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.claro-search.com/?q={searchTerms}&affID=117453&tt=310311_olt&babsrc=SP_ss&mntrId=8c7bd15500000000000000ffaee193b0
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=IMB&o=15785&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=HQ&apn_dtid=YYYYYYYYDE&apn_uid=E3C4E90A-114D-48BE-86B2-444B1A35F6D1&apn_sauid=45952E31-EA20-44E3-BB7D-D6CA5C69AAE8&
SearchScopes: HKCU - {56256A51-B582-467e-B8D4-7786EDA79AE0} URL = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZP&ptb=5zsxvHRJxSPuRQuiAtuNuA&ind=2011040313&ptnrS=ZP&si=&n=77de0a39&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKCU - {5F970FDE-702B-4ef9-920C-5F2848A5AF26} URL = hxxp://www.astroburn-search.com/search/web?q={searchTerms}
SearchScopes: HKCU - {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = hxxp://www.daemon-search.com/search?q={searchTerms}
SearchScopes: HKCU - {c99fdc39-a1ae-4b24-8d71-e5274f8d7c54} URL = hxxp://search.hotspotshield.com/g/results.php?c=s&q={searchTerms}
SearchScopes: HKCU - {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://search.yahoo.com/search?p={searchTerms}
BHO: No Name - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} -  No File
BHO: No Name - {31ad400d-1b06-4e33-a59a-90c2c140cba0} -  No File
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} -  No File
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM - Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU -Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)

Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\l3ixncps.default
FF user.js: detected! => C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\l3ixncps.default\user.js
FF NewTab: hxxp://www.google.com/firefox
FF SearchEngine: Google
FF Homepage: hxxp://www.google.com/firefox
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF NetworkProxy: "http", "www-proxy.t-online.de"
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 - C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
FF Extension: No Name - C:\Users\admin\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: Battlefield Heroes Updater - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\l3ixncps.default\Extensions\battlefieldheroespatcher@ea.com
FF Extension: Personas - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\l3ixncps.default\Extensions\personas@christopher.beard
FF Extension: FireShot - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\l3ixncps.default\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
FF Extension: DownloadHelper - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\l3ixncps.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: info - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\l3ixncps.default\Extensions\info@maltegoetz.de.xpi
FF Extension: nasanightlaunch - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\l3ixncps.default\Extensions\nasanightlaunch@example.com.xpi
FF Extension: survey-remover - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\l3ixncps.default\Extensions\survey-remover@gmx.com.xpi
FF Extension: No Name - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\l3ixncps.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
FF Extension: No Name - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\l3ixncps.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

Chrome: 
=======
CHR HomePage: https://www.google.de/
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\27.0.1453.116\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U26) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Yahoo! activeX Plug-in Bridge) - C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (AdobeExManDetect) - C:\Program Files\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
CHR Plugin: (AdobeAAMDetect) - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (Uplay PC) - C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Unity Player) - C:\Users\admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.110.21) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (ProxTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek\1.2.3_0
CHR Extension: (Angry Birds) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0
CHR Extension: (Google Docs) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (TV) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh\1.0.12_0
CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (AdBlock) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.1_0
CHR Extension: (AirMech) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdahlabpinmfcemhcbcfoijcpoalfgdn\17760_0
CHR Extension: (Ultimate Flash Sonic) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmgmfbijldhdncjcipeocgkgbjhaecfp\1.0_0
CHR Extension: (Night Time In New York City) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnimonidkipnhnpgkhgliocfnnpgkhek\1.2_0
CHR Extension: (Google Maps) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0
CHR Extension: (Premiumize.me) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lojbjecfjcnaledoelddkcjlifhhfebm\0.0.16_0
CHR Extension: (Need for Speed World) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnnelgnkomjdakpkjpkfehdipjifjmbk\1.0.0.4_0
CHR Extension: (Mini Ninjas) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\oijfbknbncemokdnlboeabbcfhobechi\1.0.0.18_0
CHR Extension: (Gmail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [45248 2013-03-07] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [136912 2013-03-07] (AVAST Software)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [96768 2012-06-27] (Freemake)
R2 HiPatchService; C:\Program Files\Hi-Rez Studios\HiPatchService.exe [8704 2012-08-15] (Hi-Rez Studios)
S2 KMService; C:\Windows\system32\srvany.exe [8192 2003-04-18] ()
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [598312 2011-03-29] (Nero AG)
S3 npggsvc; C:\Windows\system32\GameMon.des [4023760 2010-12-01] (INCA Internet Co., Ltd.)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [14848 2011-12-15] ()
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75136 2012-08-18] ()
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-03-07] (AVAST Software)
R1 aswFW; C:\Windows\system32\drivers\aswFW.sys [101656 2013-03-07] (AVAST Software)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21576 2013-03-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66336 2013-03-07] (AVAST Software)
R0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12112 2013-03-07] (ALWIL Software)
R0 aswNdis2; C:\Windows\System32\drivers\aswNdis2.sys [199384 2013-03-07] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [60656 2013-03-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49248 2013-03-07] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [765736 2013-03-07] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [368176 2013-03-07] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [62376 2013-03-07] (AVAST Software)
S3 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [164736 2013-03-07] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2011-05-28] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [239168 2013-05-13] (DT Soft Ltd)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2013-02-05] ()
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2011-05-28] ()
R3 Ltn_stk7070P; C:\Windows\System32\DRIVERS\Ltn_stk7070P.sys [466048 2007-10-19] (LITEON)
R3 Ltn_stkrc; C:\Windows\System32\DRIVERS\Ltn_stkrc.sys [13440 2007-10-19] (LITEON)
S3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [32768 2010-09-22] (AnchorFree Inc)
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1086976 2009-09-17] (VIA Technologies, Inc.)
R3 VX1000; C:\Windows\System32\DRIVERS\VX1000.sys [1961072 2010-05-20] (Microsoft Corporation)
S3 athr; system32\DRIVERS\athr.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-06-26 17:23 - 2013-06-26 17:23 - 00000000 ____D C:\FRST
2013-06-26 17:22 - 2013-06-26 17:22 - 01370251 ____A (Farbar) C:\Users\admin\Downloads\FRST.exe
2013-06-26 17:21 - 2013-06-26 17:21 - 25732378 ____A C:\Users\admin\Downloads\Inselparadies.part14.rar.part
2013-06-26 17:17 - 2013-06-26 17:21 - 104857600 ____A C:\Users\admin\Downloads\Inselparadies.part13.rar
2013-06-26 17:14 - 2013-06-26 17:17 - 104857600 ____A C:\Users\admin\Downloads\Inselparadies.part12.rar
2013-06-26 17:10 - 2013-06-26 17:14 - 104857600 ____A C:\Users\admin\Downloads\Inselparadies.part11.rar
2013-06-26 17:06 - 2013-06-26 17:10 - 104857600 ____A C:\Users\admin\Downloads\Inselparadies.part10.rar
2013-06-26 17:02 - 2013-06-26 17:06 - 104857600 ____A C:\Users\admin\Downloads\Inselparadies.part09.rar
2013-06-26 16:59 - 2013-06-26 17:02 - 104857600 ____A C:\Users\admin\Downloads\Inselparadies.part08.rar
2013-06-26 16:55 - 2013-06-26 16:59 - 104857600 ____A C:\Users\admin\Downloads\Inselparadies.part07.rar
2013-06-26 16:51 - 2013-06-26 16:55 - 104857600 ____A C:\Users\admin\Downloads\Inselparadies.part06.rar
2013-06-26 16:47 - 2013-06-26 16:51 - 104857600 ____A C:\Users\admin\Downloads\Inselparadies.part05.rar
2013-06-26 16:16 - 2013-06-26 16:47 - 104857600 ____A C:\Users\admin\Downloads\Inselparadies.part04.rar
2013-06-26 16:00 - 2013-06-26 16:00 - 00011889 ____A C:\Users\admin\Documents\hijackthis.log
2013-06-26 15:56 - 2013-06-26 15:56 - 00388608 ____A (Trend Micro Inc.) C:\Users\admin\Downloads\HijackThis.exe
2013-06-26 15:43 - 2013-06-26 16:16 - 104857600 ____A C:\Users\admin\Downloads\Inselparadies.part03.rar
2013-06-26 15:40 - 2013-06-26 15:43 - 104857600 ____A C:\Users\admin\Downloads\Inselparadies.part02.rar
2013-06-26 15:36 - 2013-06-26 15:40 - 104857600 ____A C:\Users\admin\Downloads\Inselparadies.part01.rar
2013-06-26 15:34 - 2013-06-26 15:34 - 00000928 ____A C:\Users\admin\Downloads\l98av716j5a05uj.rsdf
2013-06-15 21:42 - 2013-06-15 21:43 - 12115496 ____A C:\Users\admin\Downloads\505 Drum Kit.zip
2013-06-15 21:41 - 2013-06-15 21:42 - 08067151 ____A C:\Users\admin\Downloads\Lil Jon Crunk Kit.zip
2013-06-15 21:40 - 2013-06-15 21:40 - 01152897 ____A C:\Users\admin\Downloads\East Coast Sound Kit.zip
2013-06-15 21:39 - 2013-06-15 21:39 - 05326278 ____A C:\Users\admin\Downloads\Soulja Boy Sound Kit.zip
2013-06-15 21:39 - 2013-06-15 21:39 - 02292849 ____A C:\Users\admin\Downloads\Hip Hop Sound Kit.zip
2013-06-15 21:38 - 2013-06-15 21:38 - 08461096 ____A C:\Users\admin\Downloads\Jay-Z Sound Kit.zip
2013-06-15 21:37 - 2013-06-15 21:38 - 09225984 ____A C:\Users\admin\Downloads\Lex Luger Drum Kit.zip
2013-06-15 21:32 - 2013-06-15 21:33 - 13388445 ____A C:\Users\admin\Downloads\Dr. Dre Sound Kit.zip
2013-06-08 11:30 - 2013-06-08 11:30 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2013-05-31 16:29 - 2013-06-26 13:45 - 00009811 ____A C:\Windows\AutoKMS.log
2013-05-31 16:27 - 2013-05-31 16:27 - 00169728 ____A C:\Users\admin\AppData\Local\GDIPFONTCACHEV1.DAT
2013-05-31 16:26 - 2013-05-31 16:26 - 03958584 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-31 15:44 - 2013-06-26 14:46 - 34142836 ____A C:\Windows\setupact.log
2013-05-31 15:44 - 2013-05-31 15:44 - 00000000 ____A C:\Windows\setuperr.log
2013-05-31 00:55 - 2013-05-31 00:55 - 00000000 ____D C:\Users\admin\AppData\Roaming\XBMC
2013-05-31 00:54 - 2013-05-31 00:54 - 00001823 ____A C:\Users\admin\Desktop\XBMC.lnk
2013-05-31 00:51 - 2013-05-31 00:52 - 00000000 ____D C:\Program Files\XBMC

==================== One Month Modified Files and Folders ========

2013-06-26 17:24 - 2013-05-02 17:19 - 00001096 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-26 17:23 - 2013-06-26 17:23 - 00000000 ____D C:\FRST
2013-06-26 17:23 - 2013-05-02 17:18 - 00001092 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-26 17:22 - 2013-06-26 17:22 - 01370251 ____A (Farbar) C:\Users\admin\Downloads\FRST.exe
2013-06-26 17:21 - 2013-06-26 17:21 - 25732378 ____A C:\Users\admin\Downloads\Inselparadies.part14.rar.part
2013-06-26 17:21 - 2013-06-26 17:17 - 104857600 ____A C:\Users\admin\Downloads\Inselparadies.part13.rar
2013-06-26 17:17 - 2013-06-26 17:14 - 104857600 ____A C:\Users\admin\Downloads\Inselparadies.part12.rar
2013-06-26 17:14 - 2013-06-26 17:10 - 104857600 ____A C:\Users\admin\Downloads\Inselparadies.part11.rar
2013-06-26 17:10 - 2013-06-26 17:06 - 104857600 ____A C:\Users\admin\Downloads\Inselparadies.part10.rar
2013-06-26 17:08 - 2012-03-30 12:04 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-26 17:06 - 2013-06-26 17:02 - 104857600 ____A C:\Users\admin\Downloads\Inselparadies.part09.rar
2013-06-26 17:02 - 2013-06-26 16:59 - 104857600 ____A C:\Users\admin\Downloads\Inselparadies.part08.rar
2013-06-26 16:59 - 2013-06-26 16:55 - 104857600 ____A C:\Users\admin\Downloads\Inselparadies.part07.rar
2013-06-26 16:55 - 2013-06-26 16:51 - 104857600 ____A C:\Users\admin\Downloads\Inselparadies.part06.rar
2013-06-26 16:51 - 2013-06-26 16:47 - 104857600 ____A C:\Users\admin\Downloads\Inselparadies.part05.rar
2013-06-26 16:47 - 2013-06-26 16:16 - 104857600 ____A C:\Users\admin\Downloads\Inselparadies.part04.rar
2013-06-26 16:16 - 2013-06-26 15:43 - 104857600 ____A C:\Users\admin\Downloads\Inselparadies.part03.rar
2013-06-26 16:15 - 2013-04-26 13:20 - 00000000 ____D C:\Program Files\JDownloader 2
2013-06-26 16:00 - 2013-06-26 16:00 - 00011889 ____A C:\Users\admin\Documents\hijackthis.log
2013-06-26 15:56 - 2013-06-26 15:56 - 00388608 ____A (Trend Micro Inc.) C:\Users\admin\Downloads\HijackThis.exe
2013-06-26 15:49 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\tracing
2013-06-26 15:43 - 2013-06-26 15:40 - 104857600 ____A C:\Users\admin\Downloads\Inselparadies.part02.rar
2013-06-26 15:40 - 2013-06-26 15:36 - 104857600 ____A C:\Users\admin\Downloads\Inselparadies.part01.rar
2013-06-26 15:34 - 2013-06-26 15:34 - 00000928 ____A C:\Users\admin\Downloads\l98av716j5a05uj.rsdf
2013-06-26 15:08 - 2013-04-28 20:46 - 00000000 ____D C:\Users\admin\AppData\Roaming\Skype
2013-06-26 15:08 - 2011-06-02 17:47 - 00000000 ____D C:\Users\admin\AppData\Local\PMB Files
2013-06-26 15:08 - 2011-06-02 17:47 - 00000000 ____D C:\ProgramData\PMB Files
2013-06-26 14:46 - 2013-05-31 15:44 - 34142836 ____A C:\Windows\setupact.log
2013-06-26 13:54 - 2011-03-11 13:17 - 00000000 ____D C:\Users\admin\AppData\Local\Adobe
2013-06-26 13:52 - 2009-07-14 06:34 - 00033984 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-26 13:52 - 2009-07-14 06:34 - 00033984 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-26 13:45 - 2013-05-31 16:29 - 00009811 ____A C:\Windows\AutoKMS.log
2013-06-26 13:45 - 2012-11-06 21:54 - 00078848 ____A C:\Windows\KMSEmulator.exe
2013-06-26 13:45 - 2012-11-06 21:54 - 00000202 ____A C:\Windows\Tasks\AutoKMSDaily.job
2013-06-26 13:45 - 2012-11-06 21:54 - 00000200 ____A C:\Windows\Tasks\AutoKMS.job
2013-06-26 13:44 - 2013-05-05 15:56 - 00000000 ____D C:\Users\admin\AppData\Roaming\Dropbox
2013-06-26 13:44 - 2013-01-26 14:29 - 00000000 ___RD C:\Users\admin\Dropbox
2013-06-26 13:43 - 2013-04-26 19:29 - 00000000 ____D C:\ProgramData\NVIDIA
2013-06-26 13:43 - 2011-04-06 14:03 - 00065536 _____ C:\Windows\System32\Ikeext.etl
2013-06-26 13:43 - 2009-07-14 06:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-25 22:42 - 2013-04-26 19:28 - 01747279 ____A C:\Windows\WindowsUpdate.log
2013-06-23 21:02 - 2012-12-06 21:35 - 00000000 ____D C:\Users\admin\AppData\Roaming\TS3Client
2013-06-22 18:46 - 2011-02-27 15:39 - 00000000 ____D C:\Program Files\Steam
2013-06-22 18:41 - 2011-02-27 15:39 - 00000000 ____D C:\Program Files\Common Files\Steam
2013-06-19 21:26 - 2013-05-02 17:20 - 00002129 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2013-06-15 23:11 - 2012-01-01 22:22 - 00000000 ____D C:\Program Files\Image-Line
2013-06-15 21:43 - 2013-06-15 21:42 - 12115496 ____A C:\Users\admin\Downloads\505 Drum Kit.zip
2013-06-15 21:42 - 2013-06-15 21:41 - 08067151 ____A C:\Users\admin\Downloads\Lil Jon Crunk Kit.zip
2013-06-15 21:40 - 2013-06-15 21:40 - 01152897 ____A C:\Users\admin\Downloads\East Coast Sound Kit.zip
2013-06-15 21:39 - 2013-06-15 21:39 - 05326278 ____A C:\Users\admin\Downloads\Soulja Boy Sound Kit.zip
2013-06-15 21:39 - 2013-06-15 21:39 - 02292849 ____A C:\Users\admin\Downloads\Hip Hop Sound Kit.zip
2013-06-15 21:38 - 2013-06-15 21:38 - 08461096 ____A C:\Users\admin\Downloads\Jay-Z Sound Kit.zip
2013-06-15 21:38 - 2013-06-15 21:37 - 09225984 ____A C:\Users\admin\Downloads\Lex Luger Drum Kit.zip
2013-06-15 21:33 - 2013-06-15 21:32 - 13388445 ____A C:\Users\admin\Downloads\Dr. Dre Sound Kit.zip
2013-06-15 19:33 - 2011-03-05 00:00 - 00000000 ____D C:\Users\admin\Desktop\neben Programme
2013-06-15 18:33 - 2012-01-01 22:24 - 00000000 ____D C:\Program Files\VstPlugins
2013-06-15 15:08 - 2012-03-30 12:04 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-06-15 15:08 - 2011-05-15 12:56 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-06-15 01:39 - 2013-03-13 01:23 - 73381792 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-15 00:40 - 2010-11-20 23:01 - 01618320 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-08 14:36 - 2013-05-02 17:25 - 00000000 ___RD C:\Program Files\Skype
2013-06-08 14:36 - 2011-02-26 14:25 - 00000000 ____D C:\ProgramData\Skype
2013-06-08 11:30 - 2013-06-08 11:30 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2013-06-06 16:03 - 2013-05-02 17:18 - 00000000 ____D C:\Program Files\Google
2013-06-06 16:03 - 2011-04-28 17:34 - 00000000 ____D C:\Users\admin\AppData\Local\Google
2013-06-02 13:30 - 2012-08-18 18:49 - 00138184 ____A C:\Windows\System32\Drivers\PnkBstrK.sys
2013-06-02 13:29 - 2012-08-18 18:18 - 00183112 ____A C:\Windows\System32\PnkBstrB.exe
2013-06-01 18:54 - 2013-05-05 15:59 - 00001017 ____A C:\Users\admin\Desktop\Dropbox.lnk
2013-06-01 12:50 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\LogFiles
2013-05-31 17:20 - 2009-07-14 04:37 - 00000000 __RHD C:\Users\Public\Libraries
2013-05-31 16:27 - 2013-05-31 16:27 - 00169728 ____A C:\Users\admin\AppData\Local\GDIPFONTCACHEV1.DAT
2013-05-31 16:26 - 2013-05-31 16:26 - 03958584 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-31 16:25 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\DriverStore
2013-05-31 15:44 - 2013-05-31 15:44 - 00000000 ____A C:\Windows\setuperr.log
2013-05-31 15:24 - 2011-03-17 19:41 - 00000000 ____D C:\Users\admin\AppData\Roaming\DAEMON Tools Lite
2013-05-31 15:22 - 2013-05-04 03:02 - 00000000 ____D C:\Windows\Minidump
2013-05-31 00:55 - 2013-05-31 00:55 - 00000000 ____D C:\Users\admin\AppData\Roaming\XBMC
2013-05-31 00:54 - 2013-05-31 00:54 - 00001823 ____A C:\Users\admin\Desktop\XBMC.lnk
2013-05-31 00:54 - 2011-03-04 15:39 - 00000000 ____D C:\Users\admin\Desktop\Rocket Dock, Spiele
2013-05-31 00:52 - 2013-05-31 00:51 - 00000000 ____D C:\Program Files\XBMC

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-23 13:28

==================== End Of Log ============================

--- --- ---

Addition.txt:FRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 25-06-2013 02
Ran by admin at 2013-06-26 17:24:28
Running from C:\Users\admin\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

Action Replay Code Manager
Adobe AIR (Version: 3.7.0.1530)
Adobe Community Help (Version: 3.0.0)
Adobe Community Help (Version: 3.0.0.400)
Adobe Download Assistant (Version: 1.0.2)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
Adobe Media Player (Version: 1.8)
Adobe Photoshop CS6 (Version: 13.0)
Adobe Reader X (10.1.7) - Deutsch (Version: 10.1.7)
Adobe Shockwave Player 11.5 (Version: 11.5.9.620)
Age of Empires III - The WarChiefs (Version: 1.00.0000)
Age of Empires III (Version: 1.00.0000)
Apple Application Support (Version: 2.3.3)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
ArtMoney SE v7.37 (Version: 7.37)
Assassin's Creed Brotherhood (Version: 1.03)
Assassins Creed Revelations (Version: 1.0.0)
Astroburn Lite (Version: 1.4.0.0115)
Atomic RAR Password Recovery 1.20 (Version: 1.20)
Audials (Version: 8.0.46302.200)
Audials TV (Version: 1.3.10803.300)
Avast License by ZeNiX [2012-06-29]
avast! Internet Security (Version: 8.0.1483.0)
Battle for Wesnoth 1.10.4 (Version: 1.10.4)
Battlefield: Bad Company™ 2 (Version: 1.0.0.0)
Bonjour (Version: 3.0.0.10)
Borderlands 2
Call of Duty: Modern Warfare 3
Call of Duty: Modern Warfare 3 - Multiplayer
Camtasia Studio 7 (Version: 7.0.1)
CCleaner (Version: 4.00)
Cheat Engine 6.2
D3DX10 (Version: 15.4.2368.0902)
DAEMON Tools Lite (Version: 4.45.1.0236)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Die Sims™ 3 (Version: 1.42.130)
Die Sims™ 3 Einfach tierisch (Version: 10.0.96)
Die Sims™ 3 Jahreszeiten (Version: 16.0.136)
Die Sims™ 3 Late Night (Version: 6.0.81)
Die Sims™ 3 Luxus-Accessoires (Version: 3.13.1)
Die Sims™ 3 Reiseabenteuer (Version: 2.0.86)
DiRT Showdown
Divinity II - Ego Draconis
DivX Codec (Version: 6.6.1)
Dropbox (HKCU Version: 2.0.22)
Empire Earth III (Version: 1.00.0000)
Empire: Total War
FIFA 11 (Version: 1.0.0.0)
FileZilla Client 3.5.3 (HKCU Version: 3.5.3)
Fraps (remove only)
Free Studio version 5.6.3.706 (Version: 5.6.3.706)
Freemake Video Converter Version 3.0.2 (Version: 3.0.2)
Global Agenda Launcher (Version: 1.0.0)
Global Agenda Live (Version: 1.5.1.5)
Google Chrome (Version: 27.0.1453.116)
Google Earth (Version: 7.1.1.1580)
Google Update Helper (Version: 1.3.21.145)
Guild Wars 2
Guitar Hero III (Version: 1.00.0000)
High-Definition Video Playback (Version: 7.3.10800.5.0)
Hi-Rez Studios Games (Version: 3.0.0.0)
Hyperdesk - DarkMatter Subspace (Version: 1.00.0001)
ImgBurn (Version: 2.5.5.0)
Incomedia WebSite X5 Evolution
iPhone Folders (Version: 1.0.32)
iPhone-Konfigurationsprogramm (Version: 3.6.2.300)
iTunes (Version: 11.0.2.26)
Java 7 Update 21 (Version: 7.0.210)
Java Auto Updater (Version: 2.1.9.5)
Java(TM) 6 Update 22 (Version: 6.0.220)
Java(TM) 6 Update 26 (Version: 6.0.260)
JC2-MP version 0.0.11 (Version: 0.0.11)
Junk Mail filter update (Version: 15.4.3502.0922)
Just Cause 2
League of Legends (Version: 1.3)
LEGO Star Wars III The Clone Wars (Version: 1.0)
LG PC Suite III (Version: 1.0.0.0)
LG USB Modem Drivers (Version: 4.9.4)
MAGIX Music Maker MX Production Suite Download Version (Version: 18.0.1.11)
MAGIX Screenshare (Version: 4.3.6.1987)
MAGIX Speed burnR (MSI) (Version: 7.0.1.27)
MAGIX Web Designer 6 Download-Version (Version: 6.0.1.12244)
MAGIX Web Designer 7 Premium Content Pack (Version: 1.0.0.0)
MAGIX Web Designer 7 Premium Download-Version (Version: 7.0.4.16646)
Mass Effect™ 3 (Version: 1.05.0.0)
Medieval II: Total War
Medieval II: Total War Kingdoms
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft .NET Framework 4.5 DEU Language Pack (Version: 4.5.50709)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Corporation (Version: 9.1.0.0)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.88.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft LifeCam (Version: 3.22.270.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (Version: 11.0.50727.1)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Microsoft XNA Framework Redistributable 4.0 (Version: 4.0.20823.0)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
MKV Player 2.1.4
Mobile Mouse Server (Version: 2.5.0)
MobileMe Control Panel (Version: 3.1.6.0)
Mozilla Firefox 15.0 (x86 de) (Version: 15.0)
Mozilla Maintenance Service (Version: 15.0)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
MyFreeCodec
MyPhoneExplorer (Version: 1.8.4)
Napoleon: Total War
NAVIGON Fresh 3.3.2 (Version: 3.3.2)
NBA 2K13 (Version: 1.0.0)
NC Launcher (GameForge)
Need for Speed™ Undercover (Version: 1.0.1.0)
Nero 10 Menu TemplatePack Basic (Version: 10.6.10000.0.0)
Nero 10 Movie ThemePack Basic (Version: 10.6.10000.1.0)
Nero BackItUp 10 Help (CHM) (Version: 10.6.10600)
Nero BurningROM 10 Help (CHM) (Version: 10.6.10600)
Nero BurnRights 10 Help (CHM) (Version: 10.6.10600)
Nero Control Center 10 (Version: 10.6.12600.0.5)
Nero ControlCenter 10 Help (CHM) (Version: 10.6.10700)
Nero Core Components 10 (Version: 2.0.19800.9.10)
Nero CoverDesigner 10 (Version: 5.6.10500.3.100)
Nero CoverDesigner 10 Help (CHM) (Version: 10.6.10600)
Nero DiscCopy Gadget 10 (Version: 3.6.10200.1.100)
Nero DiscCopyGadget 10 Help (CHM) (Version: 10.6.10600)
Nero DiscSpeed 10 Help (CHM) (Version: 10.6.10600)
Nero Dolby Files 10 (Version: 2.0.13000.0.10)
Nero Express 10 (Version: 10.6.10600.4.100)
Nero Express 10 Help (CHM) (Version: 10.6.10600)
Nero InfoTool 10 (Version: 7.4.10200.0.100)
Nero InfoTool 10 Help (CHM) (Version: 10.6.10600)
Nero Multimedia Suite 10 (Version: 10.6.11300)
Nero Recode 10 (Version: 4.10.10600.4.100)
Nero Recode 10 Help (CHM) (Version: 10.6.10600)
Nero RescueAgent 10 (Version: 3.6.10500.3.100)
Nero RescueAgent 10 Help (CHM) (Version: 10.6.10700)
Nero SoundTrax 10 Help (CHM) (Version: 10.6.10600)
Nero StartSmart 10 Help (CHM) (Version: 10.6.10600)
Nero Update (Version: 1.0.10900.31.0)
Nero Vision 10 Help (CHM) (Version: 10.6.10600)
Nero WaveEditor 10 Help (CHM) (Version: 10.6.10600)
NeroKwikMedia Help (CHM) (Version: 10.6.10700)
Neverwinter
No-IP DUC (Version: 3.0.4)
Notepad++ (Version: 5.9.2)
NVIDIA 3D Vision Controller-Treiber 306.02 (Version: 306.02)
NVIDIA 3D Vision Treiber 311.06 (Version: 311.06)
NVIDIA Display Control Panel (Version: 6.14.12.5919)
NVIDIA Grafiktreiber 311.06 (Version: 311.06)
NVIDIA HD-Audiotreiber 1.3.18.0 (Version: 1.3.18.0)
NVIDIA Install Application (Version: 2.1002.108.688)
NVIDIA PhysX (Version: 9.12.0604)
NVIDIA PhysX-Systemsoftware 9.12.0604 (Version: 9.12.0604)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.1106)
NVIDIA Systemsteuerung 311.06 (Version: 311.06)
NVIDIA Update 1.11.3 (Version: 1.11.3)
NVIDIA Update Components (Version: 1.11.3)
OpenAL
OpenOffice.org 3.4.1 (Version: 3.41.9593)
OpenVPN 2.2.2 (Version: 2.2.2)
Opera 11.11 (Version: 11.11.2109)
Orbit Downloader
Origin (Version: 9.1.13.85)
Pando Media Booster (Version: 2.6.0.8)
PDF Settings CS6 (Version: 11.0)
PlanetSide 2
Platform (Version: 1.34)
PlayReady PC Runtime x86 (Version: 1.3.0)
Portal
Project64 1.6 (Version: 1.6)
PunkBuster Services (Version: 0.990)
Quick Memory Editor 5.5
QuickShare (Version: 1.6.1.697)
QuickStores-Toolbar 1.1.0 (Version: 1.1.0)
QuickTime (Version: 7.73.80.64)
RAD Video Tools
Rapture3D 2.4.11 Game
Rayman Origins
Revo Uninstaller 1.94 (Version: 1.94)
Risen (Version: 1.00.0000)
Risen 2: Dark Waters
RocketDock 1.3.5
Rockstar Games Social Club (Version: 1.00.0000)
Rome: Total War - Alexander
Rome: Total War Gold Edition
Saints Row: The Third
Samsung Kies (Version: 2.0.3.11082_152)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.23.0)
Santa Claus in Trouble
Section 8: Prejudice
SimCity™ (Version: 1.0.0.0)
Sky Aces (Version: 1.00.0000)
Skype™ 6.3 (Version: 6.3.107)
SONIC HEROES
SopCast 3.5.0 (Version: 3.5.0)
Spotify (HKCU Version: 0.8.5.1333.g822e0de8)
Star Wars: The Force Unleashed 2 (Version: 1.0)
Steam (Version: 1.0.0.0)
TeamSpeak 3 Client (Version: 3.0.10.1)
TeamViewer 8 (Version: 8.0.17396)
TERA (Version: 7)
Terraria
Text-To-Speech-Runtime (Version: 1.0.0.0)
Thrustmaster FFB Driver (Version: 2.FFD.2009)
Torchlight II
Total War: SHOGUN 2
Transformers Revenge of the Fallen - The Game
TuxGuitar (Version: 1.2)
TVCenter (Version: 6.4.0.784)
Ubisoft Game Launcher (Version: 1.0.0.0)
Ultimate Control version 1.2 (Version: 1.2)
UltraStar Deluxe (Version: 1.1)
Unity Web Player (HKCU Version: )
Unlocker 1.9.0 (Version: 1.9.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2750147) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
VIA Plattform-Geräte-Manager (Version: 1.34)
VIP Helikopter (Version: 1.00.0000)
War Thunder Launcher 1.0.1.148
WBFS Manager 4.0 (Version: 4.0)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live Fotogalerie (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX control for remote connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinRAR 4.00 (32-Bit) (Version: 4.00.0)
XBMC
XSplit (Version: 1.0.1109.2301)

==================== Restore Points  =========================

17-06-2013 14:22:07 Geplanter Prüfpunkt
17-06-2013 21:04:45 Windows Update
18-06-2013 20:17:32 Windows Update
19-06-2013 20:24:24 Windows Update
20-06-2013 20:23:51 Windows Update
21-06-2013 13:07:48 Windows Update
21-06-2013 21:36:34 Windows Update
22-06-2013 22:16:55 Windows Update
23-06-2013 17:00:09 Windows-Sicherung
23-06-2013 20:50:09 Windows Update
24-06-2013 20:57:05 Windows Update
25-06-2013 20:41:57 Windows Update

==================== Scheduled Tasks (whitelisted) =============

Task: {1B3EFC13-66FD-4ABD-A48B-5159306EEB2A} - System32\Tasks\{3B7FABCB-E25B-4BE9-81ED-102A4DD3EA36} => c:\program files\google\chrome\application\chrome.exe [2013-06-15] (Google Inc.)
Task: {2060F7F2-9A53-4F19-958E-A57FE5698106} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-11-20] (Microsoft Corporation)
Task: {2510486A-0AFF-4E2E-8E0D-D41A381FF10D} - \SidebarExecute No Task File
Task: {403748ED-7B84-483B-8B8D-562413BBEFAD} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe [2012-11-06] ()
Task: {6271EBA8-BC40-4F94-A29A-B4CFD95480AF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-15] (Adobe Systems Incorporated)
Task: {86FC1297-30C1-4891-A57E-ADB4D2182D53} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-20] (Microsoft Corporation)
Task: {89276E2B-94A5-44FD-AA07-B83D0487357A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-05-02] (Google Inc.)
Task: {89DBF4ED-9967-43BA-8FF8-0704F273B761} - System32\Tasks\AdobeAAMUpdater-1.0-admin-PC-admin => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {8B79437C-3965-4858-B52F-FC90FA6F571B} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {9248A402-EF05-4556-847E-1886AEEA6E94} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd)
Task: {991A4473-E3B9-4973-A988-2D747C06A438} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9DA91FC6-6FEF-4874-B143-9C7BEB4B81A8} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12] (Oracle Corporation)
Task: {A0560F82-81D9-4E0C-8580-AFDFCC79EAB6} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-11] (Microsoft Corporation)
Task: {A1740747-4B49-4A6A-BAB5-BC05ECD8DE11} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {A4AAFFDF-B0F3-456E-BB47-AC8BAE2D11EE} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {C054D4D8-72E5-433C-914D-55FCC63D80FB} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-03-07] (AVAST Software)
Task: {C8B9FB7F-915C-4A31-BCC8-6914E3A21C7C} - System32\Tasks\Google Updater and Installer => C:\Users\admin\AppData\Local\Google\Update\GoogleUpdate.exe No File
Task: {D0635049-8DE8-4309-8F6A-F86AD7BD357F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-05-02] (Google Inc.)
Task: {DE17296F-207A-446A-B73F-92EEB0574B5A} - System32\Tasks\AutoKMSDaily => C:\Windows\AutoKMS.exe [2012-11-06] ()
Task: {E71608E8-C0B1-4ABD-B213-9D1996A020EB} - System32\Tasks\{7B2A0164-F514-4ED1-9CF4-BCCF2528D185} => C:\Program Files\Skype\\Phone\Skype.exe [2013-04-19] (Skype Technologies S.A.)
Task: {F2C6D22A-84D1-4BED-8E83-2100CB3A51DE} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files\Razer\Razer Game Booster\AutoUpdate.exe No File
Task: {F36BD853-7B1C-40CD-8D33-D3636C3CCF60} - System32\Tasks\{E50904AE-6317-4B41-B131-520B1CD1DC3A} => c:\program files\mozilla firefox\firefox.exe [2012-08-30] (Mozilla Corporation)
Task: {F503805E-F5BB-445A-AC4B-0CECCC53240F} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS.exe
Task: C:\Windows\Tasks\AutoKMSDaily.job => C:\Windows\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Microsoft_Hardware_Launch_vVX1000_exe.job => C:\Windows\vVX1000.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/26/2013 05:23:12 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -1011.

Error: (06/26/2013 03:59:20 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -1011.

Error: (06/26/2013 03:49:21 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -1011.

Error: (06/26/2013 03:49:21 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -1011.

Error: (06/26/2013 03:49:12 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -1011.

Error: (06/26/2013 03:49:08 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -1011.

Error: (06/26/2013 03:49:08 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -1011.

Error: (06/26/2013 03:49:04 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -1011.

Error: (06/26/2013 03:48:29 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -1011.

Error: (06/26/2013 03:46:21 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -1011.


System errors:
=============
Error: (06/26/2013 04:50:07 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (06/26/2013 04:50:04 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (06/26/2013 03:59:22 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (06/26/2013 01:47:23 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Defender" wurde mit folgendem Fehler beendet: 
%%-2147024882

Error: (06/26/2013 01:47:17 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (06/26/2013 01:47:17 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (06/25/2013 10:42:42 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8000ffff fehlgeschlagen: Update für Internet Explorer 10 unter Windows 7 Service Pack 1 (KB2859903)

Error: (06/25/2013 10:42:36 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8000ffff fehlgeschlagen: Kumulatives Sicherheitsupdate für Internet Explorer 10 unter Windows 7 Service Pack 1 (KB2838727)

Error: (06/25/2013 10:42:19 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8000ffff fehlgeschlagen: Kumulatives Sicherheitsupdate für ActiveX Killbits für Windows 7 (KB2820197)

Error: (06/25/2013 03:02:43 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Defender" wurde mit folgendem Fehler beendet: 
%%-2147024882


Microsoft Office Sessions:
=========================
Error: (06/26/2013 05:23:12 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: -1011

Error: (06/26/2013 03:59:20 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: -1011

Error: (06/26/2013 03:49:21 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: -1011

Error: (06/26/2013 03:49:21 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: -1011

Error: (06/26/2013 03:49:12 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: -1011

Error: (06/26/2013 03:49:08 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: -1011

Error: (06/26/2013 03:49:08 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: -1011

Error: (06/26/2013 03:49:04 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: -1011

Error: (06/26/2013 03:48:29 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: -1011

Error: (06/26/2013 03:46:21 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: -1011


==================== Memory info =========================== 

Percentage of memory in use: 44%
Total physical RAM: 3327.37 MB
Available physical RAM: 1852.29 MB
Total Pagefile: 6653.02 MB
Available Pagefile: 4151.83 MB
Total Virtual: 2989.88 MB
Available Virtual: 2832.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:389.32 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: EF66E471)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

==================== End Of Log ============================

--- --- ---

schrauber · 26.06.2013, 17:18

Zitat:

Inselparadies.part03.rar

Was wird denn das wenns fertig ist?

Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1

WICHTIG - Speichere Combofix auf deinem Desktop

Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

starte den Rechner einfach neu. Dies sollte das Problem beheben.

ShadowBeastz · 26.06.2013, 18:47

Das war ein Erweiterungspack von Sims 3

Combofix Logfile:

Code:

ATTFilter

ComboFix 13-06-26.01 - admin 26.06.2013  19:12:55.1.4 - x86
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.49.1031.18.3327.1608 [GMT 2:00]
ausgeführt von:: c:\users\admin\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Outdated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: avast! Antivirus *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
SP: avast! Antivirus *Disabled/Outdated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\windows
c:\programdata\windows\dumd.dat
c:\programdata\windows\xdor.dat
c:\users\admin\AppData\Roaming\AcroIEHelpe.txt
c:\users\admin\AppData\Roaming\chrtmp
c:\users\admin\AppData\Roaming\data.dat
c:\users\admin\AppData\Roaming\Google Talk
c:\users\admin\AppData\Roaming\Microsoft\Windows\Recent\Napoleon Total War.url
c:\users\admin\AppData\Roaming\srvblck2.tmp
c:\windows\InstallDir
c:\windows\system32\frapsvid.dll
c:\windows\system32\muzapp.exe
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-05-26 bis 2013-06-26  ))))))))))))))))))))))))))))))
.
.
2013-06-26 17:25 . 2013-06-26 17:25	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2013-06-26 17:25 . 2013-06-26 17:25	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-06-26 15:23 . 2013-06-26 15:23	--------	d-----w-	C:\FRST
2013-06-25 13:02 . 2013-06-12 04:18	7068072	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{5CF7B630-4757-42C7-9689-DE61052B3798}\mpengine.dll
2013-05-30 22:55 . 2013-05-30 22:55	--------	d-----w-	c:\users\admin\AppData\Roaming\XBMC
2013-05-30 22:51 . 2013-05-30 22:52	--------	d-----w-	c:\program files\XBMC
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-26 11:45 . 2012-11-06 19:54	78848	----a-w-	c:\windows\KMSEmulator.exe
2013-06-15 13:08 . 2012-03-30 10:04	692104	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2013-06-15 13:08 . 2011-05-15 10:56	71048	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-02 11:30 . 2012-08-18 16:49	138184	----a-w-	c:\windows\system32\drivers\PnkBstrK.sys
2013-06-02 11:29 . 2012-08-18 16:18	183112	----a-w-	c:\windows\system32\PnkBstrB.exe
2013-05-15 18:27 . 2010-06-24 10:33	22240	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-13 15:26 . 2011-12-31 14:43	239168	----a-w-	c:\windows\system32\drivers\dtsoftbus01.sys
2013-05-09 08:33 . 2013-05-09 08:33	444952	----a-w-	c:\windows\system32\wrap_oal.dll
2013-05-09 08:33 . 2013-05-09 08:33	109080	----a-w-	c:\windows\system32\OpenAL32.dll
2013-05-06 19:31 . 2013-05-06 19:31	94112	----a-w-	c:\windows\system32\WindowsAccessBridge.dll
2013-05-06 19:31 . 2013-01-19 12:39	866720	----a-w-	c:\windows\system32\npDeployJava1.dll
2013-05-06 19:31 . 2011-02-26 09:22	788896	----a-w-	c:\windows\system32\deployJava1.dll
2013-05-02 00:06 . 2013-03-12 22:45	238872	------w-	c:\windows\system32\MpSigStub.exe
2013-04-27 11:03 . 2013-04-27 11:04	1187697	----a-w-	c:\windows\unins000.exe
2013-04-22 17:36 . 2011-06-07 15:50	410624	------w-	c:\windows\system32\systemcpl.dll.bak
2013-04-22 17:36 . 2011-06-07 15:50	14336	------w-	c:\windows\system32\slwga.dll.bak
2013-04-21 18:38 . 2013-04-21 18:38	2169856	--sha-w-	c:\windows\system32\hale.exe
2013-04-12 13:45 . 2013-04-27 10:34	1211752	----a-w-	c:\windows\system32\drivers\ntfs.sys
2013-04-03 07:58 . 2013-04-28 01:03	181912	----a-w-	c:\windows\system32\drivers\ssudmdm.sys
2013-04-03 07:58 . 2013-04-28 01:03	83864	----a-w-	c:\windows\system32\drivers\ssudbus.sys
2007-11-07 00:19 . 2012-02-18 18:03	568832	----a-w-	c:\program files\opera\program\plugins\msvcp90.dll
2007-11-07 00:19 . 2012-02-18 18:03	655872	----a-w-	c:\program files\opera\program\plugins\msvcr90.dll
2012-08-30 10:30 . 2011-06-05 17:46	266720	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2009-07-13 . ADD2ADE1C2B285AB8378D2DAAF991481 . 17920 . . [6.1.7600.16385] . . c:\windows\System32\drivers\asyncmac.sys
[-] 2009-07-13 . ADD2ADE1C2B285AB8378D2DAAF991481 . 17920 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-rasbase-asyncmac_31bf3856ad364e35_6.1.7600.16385_none_242e2506962cd3e0\asyncmac.sys
.
[-] 2009-07-13 . 505506526A9D467307B3C393DEDAF858 . 6144 . . [6.1.7600.16385] . . c:\windows\System32\drivers\beep.sys
[-] 2009-07-13 . 505506526A9D467307B3C393DEDAF858 . 6144 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_c3f6f77668f0ddcc\beep.sys
.
[-] 2009-07-13 . F9756A98D69098DCA8945D62858A812C . 4608 . . [6.1.7600.16385] . . c:\windows\System32\drivers\null.sys
[-] 2009-07-13 . F9756A98D69098DCA8945D62858A812C . 4608 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-null_31bf3856ad364e35_6.1.7600.16385_none_a93c43a07c50a038\null.sys
.
[-] 2012-07-04 . 28B0CF997DE2852E9D27A36CDD6884C8 . 102912 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-browserservice_31bf3856ad364e35_6.1.7601.22044_none_7b599b801576accc\browser.dll
[-] 2012-07-04 . 3DAA727B5B0A45039B0E1C9A211B8400 . 102912 . . [6.1.7600.16385] . . c:\windows\System32\browser.dll
[-] 2012-07-04 . 3DAA727B5B0A45039B0E1C9A211B8400 . 102912 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-browserservice_31bf3856ad364e35_6.1.7601.17887_none_7aa7e7c0fc769589\browser.dll
[-] 2010-11-20 . 6E11F33D14D020F58D5E02E4D67DFA19 . 102400 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-browserservice_31bf3856ad364e35_6.1.7601.17514_none_7af090a4fc408e78\browser.dll
.
[-] 2012-08-24 . 7ABC23F3D86880AD62ACEDC7479608F8 . 22528 . . [6.1.7601.22099] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22099_none_a889f15ed46779fd\lsass.exe
[-] 2012-06-02 . FA7B950E4CA6AA260C4EABA19E03644D . 22528 . . [6.1.7601.22010] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_a8d76e24d42eb666\lsass.exe
[-] 2011-11-17 . 81951F51E318AECC2D68559E47485CC4 . 22528 . . [6.1.7601.17725] . . c:\windows\System32\lsass.exe
[-] 2011-11-17 . 81951F51E318AECC2D68559E47485CC4 . 22528 . . [6.1.7601.17725] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_a84828d7bb1480d7\lsass.exe
[-] 2011-11-17 . 81951F51E318AECC2D68559E47485CC4 . 22528 . . [6.1.7601.17725] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_a828bb43bb2beb28\lsass.exe
[-] 2011-11-17 . 81951F51E318AECC2D68559E47485CC4 . 22528 . . [6.1.7601.17725] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17940_none_a82d8b59bb293454\lsass.exe
[-] 2011-11-17 . FBCB2DFA40862DAA7B1534C9538208A5 . 22528 . . [6.1.7601.21861] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_a8a284cad4562b09\lsass.exe
[-] 2009-07-14 . F42309C4191C506B71DB5D1126D26318 . 22528 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_a851f4adbb0d5141\lsass.exe
.
[-] 2009-07-14 . 7CCCFCA7510684768DA22092D1FA4DB2 . 280576 . . [6.1.7600.16385] . . c:\windows\System32\netman.dll
[-] 2009-07-14 . 7CCCFCA7510684768DA22092D1FA4DB2 . 280576 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-netman_31bf3856ad364e35_6.1.7600.16385_none_0f9371b9b32368a4\netman.dll
.
[-] 2009-07-14 . 808D8A8B2A3074002852BC856D419576 . 1297408 . . [2001.12.8530.16385] . . c:\windows\System32\comres.dll
[-] 2009-07-14 . 808D8A8B2A3074002852BC856D419576 . 1297408 . . [2001.12.8530.16385] . . c:\windows\winsxs\x86_microsoft-windows-com-complus.res_31bf3856ad364e35_6.1.7600.16385_none_2c8730fb47856e94\comres.dll
.
[-] 2010-11-20 . E585445D5021971FAE10393F0F1C3961 . 585728 . . [7.5.7600.16385] . . c:\windows\System32\qmgr.dll
[-] 2010-11-20 . E585445D5021971FAE10393F0F1C3961 . 585728 . . [7.5.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7601.17514_none_25982ed857b42497\qmgr.dll
.
[-] 2010-11-20 . 7660F01D3B38ACA1747E397D21D790AF . 376832 . . [6.1.7601.17514] . . c:\windows\System32\rpcss.dll
[-] 2010-11-20 . 7660F01D3B38ACA1747E397D21D790AF . 376832 . . [6.1.7601.17514] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_6bd245e79c221747\rpcss.dll
.
[-] 2009-07-14 . 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 . 259072 . . [6.1.7600.16385] . . c:\windows\System32\services.exe
[-] 2009-07-14 . 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 . 259072 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe
.
[-] 2012-02-11 . 9AEA093B8F9C37CF45538382CABA2475 . 317440 . . [6.1.7601.17514] . . c:\windows\System32\spoolsv.exe
[-] 2012-02-11 . 9AEA093B8F9C37CF45538382CABA2475 . 317440 . . [6.1.7601.17514] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17777_none_d815322f1ff8cc1a\spoolsv.exe
[-] 2012-02-11 . CAE10A25F936C053E41CBE0FA06FF15D . 317952 . . [6.1.7601.17514] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.21921_none_d8cedec038f3454c\spoolsv.exe
[-] 2010-11-20 . 866A43013535DC8587C258E43579C764 . 317440 . . [6.1.7601.17514] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17514_none_d8530d0d1fcade21\spoolsv.exe
.
[-] 2010-11-20 . 6D13E1406F50C66E2A95D97F22C47560 . 286720 . . [6.1.7601.17514] . . c:\windows\System32\winlogon.exe
[-] 2010-11-20 . 6D13E1406F50C66E2A95D97F22C47560 . 286720 . . [6.1.7601.17514] . . c:\windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
.
[-] 2010-11-20 . B459575348C20E8121D6039DA063C704 . 74752 . . [6.1.7601.17514] . . c:\windows\System32\drivers\tdx.sys
[-] 2010-11-20 . B459575348C20E8121D6039DA063C704 . 74752 . . [6.1.7601.17514] . . c:\windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.17514_none_ec4532373a57c1c2\tdx.sys
.
[-] 2010-11-20 . BDAC1AA64495D0F7E1FF810EBBF1F018 . 530432 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
[-] 2010-11-20 . BDAC1AA64495D0F7E1FF810EBBF1F018 . 530432 . . [5.82] . . c:\windows\System32\comctl32.dll
[-] 2010-11-20 . BDAC1AA64495D0F7E1FF810EBBF1F018 . 530432 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.17514_none_3ba388ec36399c85\comctl32.dll
[-] 2010-11-20 . 352B3DC62A0D259A82A052238425C872 . 1680896 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
.
[-] 2012-06-02 . 063DD65889D21035311463337BD268E7 . 142336 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[-] 2012-06-02 . 96C0E38905CFD788313BE8E11DAE3F2F . 140288 . . [6.1.7600.16385] . . c:\windows\System32\cryptsvc.dll
[-] 2012-06-02 . 96C0E38905CFD788313BE8E11DAE3F2F . 140288 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[-] 2010-11-20 . A585BEBF7D054BD9618EDA0922D5484A . 136192 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
.
[-] 2009-07-14 . F6916EFC29D9953D5D0DF06882AE8E16 . 271360 . . [2001.12.8530.16385] . . c:\windows\System32\es.dll
[-] 2009-07-14 . F6916EFC29D9953D5D0DF06882AE8E16 . 271360 . . [2001.12.8530.16385] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.1.7600.16385_none_0cc3f540b311359a\es.dll
.
[-] 2010-11-20 . 4A8E2F20809CC161107FAA94F6CF2685 . 118272 . . [6.1.7601.17514] . . c:\windows\System32\imm32.dll
[-] 2010-11-20 . 4A8E2F20809CC161107FAA94F6CF2685 . 118272 . . [6.1.7601.17514] . . c:\windows\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.1.7601.17514_none_5e5d8801d8ad160d\imm32.dll
.
[-] 2013-01-04 . F14125F0B2ACB29963E896E3441DC30C . 868352 . . [6.1.7601.22209] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22209_none_965e9ef5cd9ec94a\kernel32.dll
[-] 2012-11-30 . 6D0D4B00C7CB4FA829F396A83B327894 . 868352 . . [6.1.7601.22177] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22177_none_9610ed07cdd95d0c\kernel32.dll
[-] 2012-11-30 . AE09B85158C66E2C154C5C9B3C0027B3 . 868352 . . [6.1.7601.18015] . . c:\windows\System32\kernel32.dll
[-] 2012-11-30 . AE09B85158C66E2C154C5C9B3C0027B3 . 868352 . . [6.1.7601.18015] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18015_none_95c62f30b48ce2ee\kernel32.dll
[-] 2012-10-04 . 3ED262888758E350C29E02207AF9AC59 . 868352 . . [6.1.7601.17965] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17965_none_95904772b4b53b61\kernel32.dll
[-] 2012-10-04 . 63350392C018D28C87E6FCB638DFCFE8 . 868352 . . [6.1.7601.22125] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22125_none_9644fc0fcdb29ea9\kernel32.dll
[-] 2010-11-20 . 5553784D774CA845380650E010BBDA2C . 857600 . . [6.1.7601.17514] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17514_none_95c54f2cb48da1b9\kernel32.dll
.
[-] 2009-07-14 . 5987EA8A82C53359BCD2C29D6588583E . 22016 . . [6.1.7600.16385] . . c:\windows\System32\linkinfo.dll
[-] 2009-07-14 . 5987EA8A82C53359BCD2C29D6588583E . 22016 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-linkinfo_31bf3856ad364e35_6.1.7600.16385_none_383b884006a7a723\linkinfo.dll
.
[-] 2009-07-14 . 4F154D2C9C6DF951FD6E5AABBAE6B5EE . 26624 . . [6.1.7600.16385] . . c:\windows\System32\lpk.dll
[-] 2009-07-14 . 4F154D2C9C6DF951FD6E5AABBAE6B5EE . 26624 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.17514_none_abda8263b8c87657\lpk.dll
[-] 2009-07-14 . 4F154D2C9C6DF951FD6E5AABBAE6B5EE . 26624 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.18032_none_abc2c1b1b8daa369\lpk.dll
[-] 2009-07-14 . 4F154D2C9C6DF951FD6E5AABBAE6B5EE . 26624 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.22195_none_ac0e7fd2d22636de\lpk.dll
.
[-] 2013-03-12 . E3FA8AEAA2F40EC1BB00FEFB2C4F3AD9 . 14317568 . . [10.00.9200.16521] . . c:\windows\System32\mshtml.dll
[-] 2013-03-12 . E3FA8AEAA2F40EC1BB00FEFB2C4F3AD9 . 14317568 . . [10.00.9200.16521] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.16521_none_34fe10acda3fa7a9\mshtml.dll
[-] 2013-03-12 . 263963D93A3CA8F685EFA5966F1E6581 . 12321792 . . [9.00.8112.16470] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16470_none_2b8ba5743c993eef\mshtml.dll
[-] 2013-02-28 . 95E980E40BD1885D3EDBA6E432D9FA5A . 6032896 . . [8.00.7601.22258] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.22258_none_306703a210a82693\mshtml.dll
[-] 2013-02-28 . 3A060A8D4DE4A2E6E132E437C8773069 . 6032384 . . [8.00.7601.18094] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.18094_none_2fae2418f7ae940a\mshtml.dll
[-] 2010-11-20 . C50799F0D47DFB9774F721521B6C41D5 . 5977600 . . [8.00.7601.17514] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17514_none_3004c3bef76d8ca4\mshtml.dll
.
[-] 2011-12-16 . 2F740C4B458331357E825E94AFB0953A . 690688 . . [7.0.7601.21878] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7601.21878_none_d3a962431672ddd2\msvcrt.dll
[-] 2011-12-16 . 9DC80A8AAAAAC397BDAB3C67165A824E . 690688 . . [7.0.7601.17744] . . c:\windows\System32\msvcrt.dll
[-] 2011-12-16 . 9DC80A8AAAAAC397BDAB3C67165A824E . 690688 . . [7.0.7601.17744] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7601.17744_none_d33c3413fd4084d9\msvcrt.dll
[-] 2009-07-14 . E46D48A7FE961401F1CBF85531CDF05D . 690688 . . [7.0.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7600.16385_none_d12b8c440039b31e\msvcrt.dll
.
[-] 2010-11-20 . 8999B8631C7FD9F7F9EC3CAFD953BA24 . 232448 . . [6.1.7600.16385] . . c:\windows\System32\mswsock.dll
[-] 2010-11-20 . 8999B8631C7FD9F7F9EC3CAFD953BA24 . 232448 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.17514_none_ba5ac0f18b8dd799\mswsock.dll
.
[-] 2010-11-20 . C1809B9907ADEDAF16F50C894100883B . 563712 . . [6.1.7600.16385] . . c:\windows\System32\netlogon.dll
[-] 2010-11-20 . C1809B9907ADEDAF16F50C894100883B . 563712 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
.
[-] 2009-07-14 . 08DFDBD2FD4EA951DC46B1C7661ED35A . 145408 . . [6.1.7600.16385] . . c:\windows\System32\powrprof.dll
[-] 2009-07-14 . 08DFDBD2FD4EA951DC46B1C7661ED35A . 145408 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.1.7600.16385_none_a2eff4845e2bf4e2\powrprof.dll
.
[-] 2010-11-20 . 8124944EC89D6A1815E4E53F5B96AAF4 . 175616 . . [6.1.7600.16385] . . c:\windows\System32\scecli.dll
[-] 2010-11-20 . 8124944EC89D6A1815E4E53F5B96AAF4 . 175616 . . [6.1.7601.17514] . . c:\windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
.
[-] 2009-07-14 . 40CAEEE0EAF1B8569F7C8DF6420F2CB9 . 2560 . . [6.1.7600.16385] . . c:\windows\System32\sfc.dll
[-] 2009-07-14 . 40CAEEE0EAF1B8569F7C8DF6420F2CB9 . 2560 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-sfc_31bf3856ad364e35_6.1.7600.16385_none_a70c196fbd853ae9\sfc.dll
.
[-] 2009-07-14 . 54A47F6B5E09A77E61649109C6A08866 . 20992 . . [6.1.7600.16385] . . c:\windows\System32\svchost.exe
[-] 2009-07-14 . 54A47F6B5E09A77E61649109C6A08866 . 20992 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
.
[-] 2010-11-20 . 613BF4820361543956909043A265C6AC . 242176 . . [6.1.7600.16385] . . c:\windows\System32\tapisrv.dll
[-] 2010-11-20 . 613BF4820361543956909043A265C6AC . 242176 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.1.7601.17514_none_e54442c74334b18a\tapisrv.dll
.
[-] 2010-11-20 . F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 . 811520 . . [6.1.7601.17514] . . c:\windows\System32\user32.dll
[-] 2010-11-20 . F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 . 811520 . . [6.1.7601.17514] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
.
[-] 2010-11-20 . 61AC3EFDFACFDD3F0F11DD4FD4044223 . 26624 . . [6.1.7600.16385] . . c:\windows\System32\userinit.exe
[-] 2010-11-20 . 61AC3EFDFACFDD3F0F11DD4FD4044223 . 26624 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
.
[-] 2013-03-12 . BA15504FA59A8DC304F1CBAEBA6252A1 . 1766912 . . [10.00.9200.16521] . . c:\windows\System32\wininet.dll
[-] 2013-03-12 . BA15504FA59A8DC304F1CBAEBA6252A1 . 1766912 . . [10.00.9200.16521] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.16521_none_23a3f18e59e93e73\wininet.dll
[-] 2013-03-12 . 03728C624D05C2F157BBD46F6B7F6EA0 . 1129472 . . [9.00.8112.16470] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16470_none_1a318655bc42d5b9\wininet.dll
[-] 2013-02-28 . 84DFC6513C2472230E2940B7B12FB21D . 982016 . . [8.00.7601.22258] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.22258_none_1f0ce4839051bd5d\wininet.dll
[-] 2013-02-28 . 989937C1C1333EE55CC2982340CB1DBA . 981504 . . [8.00.7601.18094] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.18094_none_1e5404fa77582ad4\wininet.dll
[-] 2010-11-20 . 44214C94911C7CFB1D52CB64D5E8368D . 980992 . . [8.00.7601.17514] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17514_none_1eaaa4a07717236e\wininet.dll
.
[-] 2010-11-20 . 7FF15A4F092CD4A96055BA69F903E3E9 . 206848 . . [6.1.7600.16385] . . c:\windows\System32\ws2_32.dll
[-] 2010-11-20 . 7FF15A4F092CD4A96055BA69F903E3E9 . 206848 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
.
[-] 2009-07-14 . 808AABDF9337312195CAFF76D1804786 . 4608 . . [6.1.7600.16385] . . c:\windows\System32\ws2help.dll
[-] 2009-07-14 . 808AABDF9337312195CAFF76D1804786 . 4608 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_045b589158ae90da\ws2help.dll
.
[-] 2011-02-26 . 0FB9C74046656D1579A64660AD67B746 . 2616320 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[-] 2011-02-25 . 8B88EBBB05A0E56B7DCC708498C02B3E . 2616320 . . [6.1.7600.16385] . . c:\windows\explorer.exe
[-] 2011-02-25 . 8B88EBBB05A0E56B7DCC708498C02B3E . 2616320 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[-] 2010-11-20 . 40D777B7A95E00593EB1568C68514493 . 2616320 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
.
[-] 2009-07-14 . 8A4883F5E7AC37444F23279239553878 . 398336 . . [6.1.7600.16385] . . c:\windows\regedit.exe
[-] 2009-07-14 . 8A4883F5E7AC37444F23279239553878 . 398336 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_f4050b883d2c3c08\regedit.exe
.
[-] 2010-11-20 . 928CF7268086631F54C3D8E17238C6DD . 1414144 . . [6.1.7600.16385] . . c:\windows\System32\ole32.dll
[-] 2010-11-20 . 928CF7268086631F54C3D8E17238C6DD . 1414144 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.1.7601.17514_none_ae2511475093798f\ole32.dll
.
[-] 2012-11-22 . CA68408922B02E8D955A2967C7CBF8CE . 626688 . . [1.0626.7601.22171] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.22171_none_af477f18d00f9c82\usp10.dll
[-] 2012-11-22 . B7230010D97787AF3D25E4C82F2B06B9 . 626688 . . [1.0626.7601.18009] . . c:\windows\System32\usp10.dll
[-] 2012-11-22 . B7230010D97787AF3D25E4C82F2B06B9 . 626688 . . [1.0626.7601.18009] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.18009_none_af119411b6b203d9\usp10.dll
[-] 2010-11-20 . 804AAAFEBB3AD5F49334DD906BCB1DE5 . 626176 . . [1.0626.7601.17514] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.17514_none_af01e2f9b6be7939\usp10.dll
.
[-] 2009-07-14 . 9C67F6BBDA3881CFD02095160CF91576 . 4608 . . [6.1.7600.16385] . . c:\windows\System32\ksuser.dll
[-] 2009-07-14 . 9C67F6BBDA3881CFD02095160CF91576 . 4608 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-d..tshow-kernelsupport_31bf3856ad364e35_6.1.7601.17514_none_ea090647f58e5d9c\ksuser.dll
.
[-] 2009-07-14 . 4A3CDCEF8ED41B221F3DBEF5792FB52D . 8704 . . [6.1.7600.16385] . . c:\windows\System32\ctfmon.exe
[-] 2009-07-14 . 4A3CDCEF8ED41B221F3DBEF5792FB52D . 8704 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_9d06e2f6f1e51f98\ctfmon.exe
.
[-] 2010-11-20 . 414DA952A35BF5D50192E28263B40577 . 328192 . . [6.1.7600.16385] . . c:\windows\System32\shsvcs.dll
[-] 2010-11-20 . 414DA952A35BF5D50192E28263B40577 . 328192 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.1.7601.17514_none_cf37c7157b2fafed\shsvcs.dll
.
[-] 2009-07-14 . 18AB2E5A40064ED5F7791AC5946A90F3 . 4608 . . [6.1.7600.16385] . . c:\windows\System32\msimg32.dll
[-] 2009-07-14 . 18AB2E5A40064ED5F7791AC5946A90F3 . 4608 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-gdi-painting_31bf3856ad364e35_6.1.7600.16385_none_77422e3e7d5fa732\msimg32.dll
.
[-] 2009-07-14 . 50BA656134F78AF64E4DD3C8B6FEFD7E . 12288 . . [6.1.7600.16385] . . c:\windows\System32\cngaudit.dll
[-] 2009-07-14 . 50BA656134F78AF64E4DD3C8B6FEFD7E . 12288 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
.
[-] 2009-07-14 . B5C5DCAD3899512020D135600129D665 . 96256 . . [6.1.7600.16385] . . c:\windows\System32\wininit.exe
[-] 2009-07-14 . B5C5DCAD3899512020D135600129D665 . 96256 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
.
[-] 2009-07-14 . CB9A8683F4EF2BF99E123D79950D7935 . 112640 . . [6.1.7600.16385] . . c:\windows\System32\regsvc.dll
[-] 2009-07-14 . CB9A8683F4EF2BF99E123D79950D7935 . 112640 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.1.7600.16385_none_893c5bdce4cae672\regsvc.dll
.
[-] 2010-11-20 . A04BB13F8A72F8B6E8B4071723E4E336 . 750592 . . [6.1.7600.16385] . . c:\windows\System32\schedsvc.dll
[-] 2010-11-20 . A04BB13F8A72F8B6E8B4071723E4E336 . 750592 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.1.7601.17514_none_3108887cf54491c3\schedsvc.dll
.
[-] 2009-07-14 . D887C9FD02AC9FA880F6E5027A43E118 . 162816 . . [6.1.7600.16385] . . c:\windows\System32\ssdpsrv.dll
[-] 2009-07-14 . D887C9FD02AC9FA880F6E5027A43E118 . 162816 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-upnpssdp_31bf3856ad364e35_6.1.7600.16385_none_7f9fc90f328bdf26\ssdpsrv.dll
.
[-] 2010-11-20 . 382C804C92811BE57829D8E550A900E2 . 521216 . . [6.1.7601.17514] . . c:\windows\System32\termsrv.dll
[-] 2010-11-20 . 382C804C92811BE57829D8E550A900E2 . 521216 . . [6.1.7601.17514] . . c:\windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7601.17514_none_90a6abb3b286306d\termsrv.dll
.
[-] 2009-07-14 . 6383C60EC0133B14F5705F96369421B2 . 288256 . . [6.1.7600.16385] . . c:\windows\System32\hnetcfg.dll
[-] 2009-07-14 . 6383C60EC0133B14F5705F96369421B2 . 288256 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-i..ectionsharingconfig_31bf3856ad364e35_6.1.7600.16385_none_b00c9bd7f5ed1c02\hnetcfg.dll
.
[-] 2009-07-14 . A45D184DF6A8803DA13A0B329517A64A . 149504 . . [6.1.7600.16385] . . c:\windows\System32\appmgmts.dll
[-] 2009-07-14 . A45D184DF6A8803DA13A0B329517A64A . 149504 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-g..oftwareinstallation_31bf3856ad364e35_6.1.7600.16385_none_81a53e87bd5d36aa\appmgmts.dll
.
[-] 2009-07-14 . A1E91B5B5273573FC132B683E550B5E6 . 19456 . . [6.1.7600.16385] . . c:\windows\System32\ias.dll
[-] 2009-07-14 . A1E91B5B5273573FC132B683E550B5E6 . 19456 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.1.7601.17514_none_fb08448fa0c85c23\ias.dll
.
[-] 2010-11-20 21:29 . AB9EB3745B03AE67AB241A82338DEA7B . 954288 . . [4.1.6140] . . c:\windows\System32\mfc40u.dll
[-] 2010-11-20 21:29 . AB9EB3745B03AE67AB241A82338DEA7B . 954288 . . [4.1.6151] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.1.7601.17514_none_f51a7bf0b3d25294\mfc40u.dll
.
[-] 2009-07-14 . 833FBB672460EFCE8011D262175FAD33 . 266752 . . [6.1.7600.16385] . . c:\windows\System32\upnphost.dll
[-] 2009-07-14 . 833FBB672460EFCE8011D262175FAD33 . 266752 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-upnpdevicehost_31bf3856ad364e35_6.1.7600.16385_none_c1be8a9895d79340\upnphost.dll
.
[-] 2009-07-14 . 0E85C11F8850D524B02181C6E02BA9AE . 453632 . . [6.1.7600.16385] . . c:\windows\System32\dsound.dll
[-] 2009-07-14 . 0E85C11F8850D524B02181C6E02BA9AE . 453632 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.1.7600.16385_none_5872147ba3367471\dsound.dll
.
[-] 2010-11-20 . 6EF5F3F18413C367195F06E503AB86A6 . 1828352 . . [6.1.7601.17514] . . c:\windows\System32\d3d9.dll
[-] 2010-11-20 . 6EF5F3F18413C367195F06E503AB86A6 . 1828352 . . [6.1.7601.17514] . . c:\windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.1.7601.17514_none_c454d690bf084f04\d3d9.dll
.
[-] 2009-07-14 . 198552AEFECA69D646867EC8D792DE95 . 531968 . . [6.1.7600.16385] . . c:\windows\System32\ddraw.dll
[-] 2009-07-14 . 198552AEFECA69D646867EC8D792DE95 . 531968 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-directx-directdraw_31bf3856ad364e35_6.1.7600.16385_none_04dbf9102154d42e\ddraw.dll
.
[-] 2010-11-20 21:29 . 703FFD301AB900B047337C5D40FD6F96 . 90112 . . [6.1.7601.17514] . . c:\windows\System32\olepro32.dll
[-] 2010-11-20 21:29 . 703FFD301AB900B047337C5D40FD6F96 . 90112 . . [6.1.7601.17514] . . c:\windows\winsxs\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.1.7601.17514_none_3c1b247e5ff65f89\olepro32.dll
.
[-] 2009-07-14 . EDD2AD141DEBD425D74A52A4D7BE6AC4 . 39424 . . [6.1.7600.16385] . . c:\windows\System32\perfctrs.dll
[-] 2009-07-14 . EDD2AD141DEBD425D74A52A4D7BE6AC4 . 39424 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.1.7600.16385_none_314993e6be6d6809\perfctrs.dll
.
[-] 2009-07-14 . 702254574E7E52052DE39408457B7149 . 21504 . . [6.1.7600.16385] . . c:\windows\System32\version.dll
[-] 2009-07-14 . 702254574E7E52052DE39408457B7149 . 21504 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-version_31bf3856ad364e35_6.1.7600.16385_none_14d4a552b2395165\version.dll
.
[-] 2009-07-14 . 55187FD710E27D5095D10A472C8BAF1C . 288768 . . [6.1.7600.16385] . . c:\windows\System32\w32time.dll
[-] 2009-07-14 . 55187FD710E27D5095D10A472C8BAF1C . 288768 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-time-service_31bf3856ad364e35_6.1.7600.16385_none_887db9d2ce9e3aa0\w32time.dll
.
[-] 2010-11-20 . E1FB3706030FB4578A0D72C2FC3689E4 . 463360 . . [6.1.7600.16385] . . c:\windows\System32\wiaservc.dll
[-] 2010-11-20 . E1FB3706030FB4578A0D72C2FC3689E4 . 463360 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-w..sition-coreservices_31bf3856ad364e35_6.1.7601.17514_none_349ba4fd11957512\wiaservc.dll
.
[-] 2009-07-14 . 5A12C364AD1D4FCC0AD0E56DBBC34462 . 16896 . . [6.1.7600.16385] . . c:\windows\System32\midimap.dll
[-] 2009-07-14 . 5A12C364AD1D4FCC0AD0E56DBBC34462 . 16896 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.1.7600.16385_none_8cd41e2771e37717\midimap.dll
.
[-] 2009-07-14 . ED6EE83D61EBC683C2CD8E899EA6FEBE . 11776 . . [6.1.7600.16385] . . c:\windows\System32\rasadhlp.dll
[-] 2009-07-14 . ED6EE83D61EBC683C2CD8E899EA6FEBE . 11776 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.1.7600.16385_none_0fb054d9c6a6b4d4\rasadhlp.dll
.
[-] 2009-07-14 . EE5C8E27C37B79CB54A2FCEEED2DC262 . 9216 . . [6.1.7600.16385] . . c:\windows\System32\WSHTCPIP.DLL
[-] 2009-07-14 . EE5C8E27C37B79CB54A2FCEEED2DC262 . 9216 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-winsock-helper-tcpip_31bf3856ad364e35_6.1.7600.16385_none_cb895be592db1acb\WSHTCPIP.DLL
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 22:32	121968	----a-w-	c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-24 17:59	130736	----a-w-	c:\users\admin\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-24 17:59	130736	----a-w-	c:\users\admin\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-24 17:59	130736	----a-w-	c:\users\admin\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2013-05-07 844168]
"KiesPreload"="c:\program files\Samsung\Kies\Kies.exe" [2013-04-23 1561968]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"Spotify Web Helper"="c:\users\admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-11-16 1199576]
"GoogleChromeAutoLaunch_A822CA3D40D4B8944864CFEA751D8D57"="c:\program files\Google\Chrome\Application\chrome.exe" [2013-06-15 825808]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-11-10 3514176]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-09-20 444904]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-02-20 152392]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
.
c:\users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\admin\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968]
OpenOffice.org 3.4.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2012-8-13 1199104]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Reboot.exe [2009-11-16 370176]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{F791A188-699D-4FD4-955A-EB59E89B1907}"= "c:\program files\The Skins Factory\Hyperdesk\Common\AveStartButtonChangerInProc.dll" [2010-01-28 104448]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer5"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wisdom-soft AutoScreenRecorder 3.1 Free]
0 [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
2010-08-20 11:03	33120	----a-w-	c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-11-10 09:17	3514176	----a-w-	c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
2013-05-07 20:14	844168	----a-w-	c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
2013-04-23 04:48	1561968	----a-w-	c:\program files\Samsung\Kies\Kies.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess]
2012-01-20 20:03	719672	----a-w-	c:\program files\Microsoft Office\Office14\MSOSYNC.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
2008-11-14 12:35	305064	----a-r-	c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]
2012-11-16 17:52	7880664	----a-w-	c:\users\admin\AppData\Roaming\Spotify\spotify.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
2012-11-16 17:52	1199576	----a-w-	c:\users\admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VX1000]
2010-05-20 14:27	762736	----a-w-	c:\windows\vVX1000.exe
.
R2 Freemake Improver;Freemake Improver;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2012-06-27 96768]
R2 KMService;KMService;c:\windows\system32\srvany.exe [2003-04-18 8192]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-02-28 161384]
R3 aswVmm;aswVmm; [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2013-04-03 83864]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 netr73;RT73 USB-Drahtlos-LAN-Kartentreiber für Vista;c:\windows\system32\DRIVERS\netr73.sys [2009-07-13 545792]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2010-11-30 4023760]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2013-04-03 181912]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;c:\windows\system32\drivers\Synth3dVsc.sys [2010-11-20 77184]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2012-08-23 24064]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 27136]
R3 tsusbhub;Remote Deskotop USB Hub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2013-04-22 1343400]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys [2013-03-06 12112]
S0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [2013-03-06 199384]
S0 aswRvrt;aswRvrt; [x]
S1 aswFW;avast! TDI Firewall Driver;c:\windows\system32\drivers\aswFW.sys [2013-03-06 101656]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-05-13 239168]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-03-06 66336]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [2013-03-06 136912]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2013-02-05 233472]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files\Hi-Rez Studios\HiPatchService.exe [2012-08-15 8704]
S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2011-03-29 598312]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
S2 TeamViewer8;TeamViewer 8;c:\program files\TeamViewer\Version8\TeamViewer_Service.exe [2013-03-06 3560288]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2013-02-05 37344]
S3 Ltn_stk7070P;PCTV based TV tuner device;c:\windows\system32\DRIVERS\Ltn_stk7070P.sys [2007-10-19 466048]
S3 Ltn_stkrc;PCTV Infrared Receiver;c:\windows\system32\DRIVERS\Ltn_stkrc.sys [2007-10-19 13440]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-09-17 1086976]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*Deregistered* - RegFilter
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-19 19:24	1165776	----a-w-	c:\program files\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-06-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 13:08]
.
2013-06-26 c:\windows\Tasks\AutoKMS.job
- c:\windows\AutoKMS.exe [2012-11-06 19:54]
.
2013-06-26 c:\windows\Tasks\AutoKMSDaily.job
- c:\windows\AutoKMS.exe [2012-11-06 19:54]
.
2013-06-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-05-02 15:18]
.
2013-06-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-05-02 15:18]
.
2013-04-26 c:\windows\Tasks\Microsoft_Hardware_Launch_vVX1000_exe.job
- c:\windows\vVX1000.exe [2010-05-20 14:27]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.bing.com
mStart Page = hxxp://www.yahoo.com
uInternet Settings,ProxyOverride = *.local
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\l3ixncps.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=17770
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/firefox
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF - prefs.js: network.proxy.http - www-proxy.t-online.de
FF - prefs.js: network.proxy.http_port - 80
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2013-04-26 20:00; quickstores@quickstores.de; c:\program files\Mozilla Firefox\extensions\quickstores@quickstores.de
FF - ExtSQL: 2013-04-27 12:46; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2019-09-25 22:40; {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}; c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\l3ixncps.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: extensions.claro.tlbrSrchUrl - 
FF - user.js: extensions.claro.id - 8c7bd15500000000000000ffaee193b0
FF - user.js: extensions.claro.appId - {C3110516-8EFC-49D6-8B72-69354F332062}
FF - user.js: extensions.claro.instlDay - 15739
FF - user.js: extensions.claro.vrsn - 1.8.8.5
FF - user.js: extensions.claro.vrsni - 1.8.8.5
FF - user.js: extensions.claro_i.vrsnTs - 1.8.8.520:07
FF - user.js: extensions.claro.prtnrId - claro
FF - user.js: extensions.claro.prdct - claro
FF - user.js: extensions.claro.aflt - babsst
FF - user.js: extensions.claro_i.smplGrp - none
FF - user.js: extensions.claro.tlbrId - base
FF - user.js: extensions.claro.instlRef - sst
FF - user.js: extensions.claro.dfltLng - en
FF - user.js: extensions.claro_i.excTlbr - false
FF - user.js: extensions.claro.excTlbr - false
FF - user.js: extensions.claro.admin - false
FF - user.js: extensions.claro.autoRvrt - false
FF - user.js: extensions.claro.rvrt - false
FF - user.js: extensions.claro_i.newTab - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKCU-Run-Rainlendar2 - c:\program files\Rainlendar2\Rainlendar2.exe
MSConfigStartUp-ApnUpdater - c:\program files\Ask.com\Updater\Updater.exe
MSConfigStartUp-ffdwnd - c:\users\admin\AppData\Local\Mozilla\Firefox\firefox.exe
MSConfigStartUp-Google Update - c:\users\admin\AppData\Local\Google\Update\GoogleUpdate.exe
MSConfigStartUp-LogMeIn Hamachi Ui - c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\SAMSUNG\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\SAMSUNG\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\SAMSUNG\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\SAMSUNG\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\SAMSUNG\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\SAMSUNG\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\SAMSUNG\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\SAMSUNG\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1033583875-3596906622-2468237366-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1033583875-3596906622-2468237366-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-1033583875-3596906622-2468237366-1000\Software\SecuROM\License information*]
"datasecu"=hex:10,86,58,e7,da,01,8c,1c,a4,76,50,1f,7e,b8,bf,f7,b1,6c,d9,65,a3,
   b4,57,fe,da,c7,c0,66,41,88,85,18,7c,34,79,e3,17,f5,d3,94,1d,83,75,0f,91,87,\
"rkeysecu"=hex:1f,53,84,b9,31,31,e5,db,37,1a,7a,70,be,f7,d4,d2
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-06-26  19:36:57
ComboFix-quarantined-files.txt  2013-06-26 17:36
.
Vor Suchlauf: 15 Verzeichnis(se), 416.533.168.128 Bytes frei
Nach Suchlauf: 22 Verzeichnis(se), 416.738.230.272 Bytes frei
.
- - End Of File - - 0AEC1B1F9208112EDD2638B267100F6B

--- --- ---
A36C5E4F47E84449FF07ED3517B43A31

schrauber · 26.06.2013, 19:42

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST Log bitte.

ShadowBeastz · 27.06.2013, 11:20

Danke für die ganze Mühe wollte ich jetzt schon sagen

AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v2.303 - Datei am 27/06/2013 um 10:59:30 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (32 bits)
# Benutzer : admin - ADMIN-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\admin\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
Datei Gelöscht : C:\Program Files\Mozilla Firefox\searchplugins\fcmdSrch.xml
Datei Gelöscht : C:\Users\admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url
Datei Gelöscht : C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\eBay.lnk
Datei Gelöscht : C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\QuickStores.url
Datei Gelöscht : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\l3ixncps.default\bProtector_extensions.rdf
Datei Gelöscht : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\l3ixncps.default\searchplugins\Askcom.xml
Datei Gelöscht : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\l3ixncps.default\searchplugins\claro.xml
Datei Gelöscht : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\l3ixncps.default\searchplugins\daemon-search.xml
Ordner Gelöscht : C:\Program Files\Astroburn Toolbar
Ordner Gelöscht : C:\Program Files\Mozilla Firefox\Extensions\quickstores@quickstores.de
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\boost_interprocess
Ordner Gelöscht : C:\Users\admin\AppData\Local\Babylon
Ordner Gelöscht : C:\Users\admin\AppData\Local\OpenCandy
Ordner Gelöscht : C:\Users\admin\AppData\Local\Smartbar
Ordner Gelöscht : C:\Users\admin\AppData\LocalLow\BabylonToolbar
Ordner Gelöscht : C:\Users\admin\AppData\LocalLow\facemoods.com
Ordner Gelöscht : C:\Users\admin\AppData\LocalLow\FunWebProducts
Ordner Gelöscht : C:\Users\admin\AppData\LocalLow\MyWebSearch
Ordner Gelöscht : C:\Users\admin\AppData\LocalLow\Smartbar
Ordner Gelöscht : C:\Users\admin\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\admin\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\admin\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\admin\AppData\Roaming\QuickStoresToolbar
Ordner Gelöscht : C:\Windows\assembly\GAC_MSIL\QuickStoresToolbar

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\5355d98be03de944
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Fun Web Products
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\FunWebProducts
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\MyWebSearch
Schlüssel Gelöscht : HKCU\Software\Babylon
Schlüssel Gelöscht : HKCU\Software\BabylonToolbar
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{5F970FDE-702B-4EF9-920C-5F2848A5AF26}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C99FDC39-A1AE-4B24-8D71-E5274F8D7C54}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\SmartbarBackup
Schlüssel Gelöscht : HKCU\Software\SmartbarLog
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B16632F1-24E0-4D99-A68D-70BFB6447C48}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C0CEA572-2978-4DFC-A672-8100FF0E276A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BabyGloss
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BabylonIEPI.BabylonIEBho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BabylonOfficeAddin.OfficeAddin
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BabylonTC.GingerApplication
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BabyOptFile
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IESmartBar.BandObjectAttribute
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IESmartBar.BHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IESmartBar.DockingPanel
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IESmartBar.IESmartBar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IESmartBar.IESmartBarBandObject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IESmartBar.SmartbarDisplayState
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IESmartBar.SmartbarMenuForm
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0194532A-A99C-4337-937E-2A452C8957BE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5F339F0B-716F-408F-A627-DEEB5DEB4020}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{95734BDE-B702-45B9-86E5-27676729F904}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B7EA2226-F876-4BE4-B478-76EBAE2A668A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D0482C8E-BAEA-4943-911A-B661060F56A7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QuickStores-Toolbar_is1
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16521

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v15.0 (de)

Datei : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\l3ixncps.default\prefs.js

C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\l3ixncps.default\user.js ... Gelöscht !

Gelöscht : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Gelöscht : user_pref("browser.search.defaulturl", "hxxp://search.babylon.com/web/{searchTerms}?babsrc=browserse[...]
Gelöscht : user_pref("extensions.BabylonToolbar.bbDpng", 5);
Gelöscht : user_pref("extensions.BabylonToolbar.cntry", "DE");
Gelöscht : user_pref("extensions.BabylonToolbar.hdrMd5", "A38E0EFD516D402B5E4A138EAAB39649");
Gelöscht : user_pref("extensions.BabylonToolbar.lastActv", "5");
Gelöscht : user_pref("extensions.BabylonToolbar.lastDP", 5);
Gelöscht : user_pref("extensions.BabylonToolbar_i.newTab", true);
Gelöscht : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://www.claro-search.com/?affID=117453&tt=310[...]
Gelöscht : user_pref("extensions.claro.admin", false);
Gelöscht : user_pref("extensions.claro.aflt", "babsst");
Gelöscht : user_pref("extensions.claro.appId", "{C3110516-8EFC-49D6-8B72-69354F332062}");
Gelöscht : user_pref("extensions.claro.autoRvrt", "false");
Gelöscht : user_pref("extensions.claro.dfltLng", "en");
Gelöscht : user_pref("extensions.claro.excTlbr", false);
Gelöscht : user_pref("extensions.claro.id", "8c7bd15500000000000000ffaee193b0");
Gelöscht : user_pref("extensions.claro.instlDay", "15739");
Gelöscht : user_pref("extensions.claro.instlRef", "sst");
Gelöscht : user_pref("extensions.claro.prdct", "claro");
Gelöscht : user_pref("extensions.claro.prtnrId", "claro");
Gelöscht : user_pref("extensions.claro.rvrt", "false");
Gelöscht : user_pref("extensions.claro.tlbrId", "base");
Gelöscht : user_pref("extensions.claro.tlbrSrchUrl", "");
Gelöscht : user_pref("extensions.claro.vrsn", "1.8.8.5");
Gelöscht : user_pref("extensions.claro.vrsni", "1.8.8.5");
Gelöscht : user_pref("extensions.claro_i.excTlbr", false);
Gelöscht : user_pref("extensions.claro_i.newTab", false);
Gelöscht : user_pref("extensions.claro_i.smplGrp", "none");
Gelöscht : user_pref("extensions.claro_i.vrsnTs", "1.8.8.520:07:30");
Gelöscht : user_pref("extensions.enabledAddons", "info@maltegoetz.de:1.0.1,battlefieldheroespatcher@ea.com:5.0.[...]
Gelöscht : user_pref("extensions.facemoods._xpiupdate", true);
Gelöscht : user_pref("extensions.facemoods.aflt", "_#ddrnw");
Gelöscht : user_pref("extensions.facemoods.fcmdVrsn", "1.2.7.5.4");
Gelöscht : user_pref("extensions.facemoods.firstRun", false);
Gelöscht : user_pref("extensions.facemoods.first_time", false);
Gelöscht : user_pref("extensions.facemoods.id", "_#5309c6a9f4a54da38fb1d72a8eeac578");
Gelöscht : user_pref("extensions.facemoods.instlDay", "_#15205");
Gelöscht : user_pref("extensions.facemoods.lastActv", "18");
Gelöscht : user_pref("extensions.facemoods.prtnrId", "_#facemoods.com");
Gelöscht : user_pref("extensions.facemoods.sid", "_#5309c6a9f4a54da38fb1d72a8eeac578");
Gelöscht : user_pref("extensions.facemoods.update", "_#v1.4.0");
Gelöscht : user_pref("extensions.facemoods.vrsn", "_#1.4.17.5");
Gelöscht : user_pref("quickstores.toolbar.affid", "2017");
Gelöscht : user_pref("quickstores.toolbar.guid", "{629523A4-15E9-EA60-796B-BDCA9E7EF585}");

-\\ Google Chrome v27.0.1453.116

Datei : C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

-\\ Chromium v      directory_upgrade: true
   }

Datei : C:\Users\admin\AppData\Local\Chromium\User Data\Default\Preferences

[OK] Die Datei ist sauber.

-\\ Opera v11.11.2109.0

Datei : C:\Users\admin\AppData\Roaming\Opera\Opera\operaprefs.ini

Gelöscht : Home URL=hxxp://my.daemon-search.com/

*************************

AdwCleaner[S1].txt - [12695 octets] - [27/06/2013 10:59:30]

########## EOF - C:\AdwCleaner[S1].txt - [12756 octets] ##########

--- --- ---

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Ultimate x86
Ran by admin on 27.06.2013 at 11:06:09,83
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\office\powerpoint\addins\babylonofficeaddin.officeaddin
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\office\word\addins\babylonofficeaddin.officeaddin

~~~ Files

Successfully deleted: [File] "C:\Program Files\adobe\reader 10.0\reader\plug_ins\babylon\babylonrpi.api"

~~~ Folders

Successfully deleted: [Folder] "C:\Users\admin\AppData\Roaming\software informer"
Successfully deleted: [Folder] "C:\Users\admin\appdata\local\savings explorer"
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{1973821C-46EE-4909-BA77-7BE49B7E0B60}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{2C2C360B-DB6A-4F1D-9D02-ACF360E1512D}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{30CA67C0-2BFF-49F4-903A-CD9CF7159324}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{3384BBB0-89C7-491B-A382-1FD929176DCD}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{34532DD2-9193-4556-ACEC-0583D5F36EB1}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{3474FF63-D65C-4244-A874-3214C0C4AF19}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{38ADD6DA-93CC-4087-8886-A93B2CB2D5CE}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{3C973DB2-84E9-4911-936C-3413154EA220}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{3E03D199-A188-43E9-87F9-2F95F13578D8}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{5225A59C-1B78-47BF-959A-BF96DB04B203}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{5967B3DF-6842-490E-9FA3-152705EE1BA0}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{610B4FCD-48F8-41FC-AAD9-8CBDDE6FBD5D}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{635EEF26-5C1A-405B-BB8C-C10C7F9F85B8}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{6F664FBD-7436-4A4B-84CB-2CFCC0C6AA3D}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{774BE833-D6C2-40D5-AD6E-747F3EECE813}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{8E6E78E4-83BD-4667-8CED-2A9D45C6B659}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{99C6482D-9410-47ED-9BAA-694B1C82280F}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{A9A499DA-A683-4427-898A-36DAB0A5648B}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{AB767807-176C-48D7-AA14-DEE506CA6EF3}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{ACB90F7F-3D24-41BC-8A76-787D201EF44D}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{AE5B0BDB-C062-4738-890B-BADF305EB690}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{BBCDC527-6571-4124-A579-0A797D3C0629}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{BEA1B732-9E9E-47F6-9C0B-A4D9F439C0A0}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{C68C5310-8A32-4067-ACF7-E2EF90AEDBBF}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{C923FD72-9A48-44D1-AFF0-AC7572DA3A65}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{D361B1F9-9BDE-4A08-9DF0-E1FEEFFC9620}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{D5DF602B-73DB-47A5-A53B-0BA699E8086A}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{DC0F68E2-3E25-4673-A0C2-5259DB148A35}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{E3CB90AA-D554-4F8F-B4F8-4BF6DBEEBC55}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{EB0AE14D-C287-4B26-8029-AB2B6D6CDA04}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{ECE61028-7833-4C58-B074-A8497E464D31}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{F8521DC4-8FA2-4BBB-A4BE-AE95654E3D90}

~~~ FireFox

Successfully deleted: [File] C:\Users\admin\AppData\Roaming\mozilla\firefox\profiles\l3ixncps.default\searchplugins\absearch-search.xml
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions\\{184AA5E6-741D-464A-820E-94B3ABC2F3B4}
Emptied folder: C:\Users\admin\AppData\Roaming\mozilla\firefox\profiles\l3ixncps.default\minidumps [17 files]

~~~ Chrome

Successfully deleted: [Registry Key] hkey_local_machine\software\policies\google\chrome\extensioninstallforcelist

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27.06.2013 at 11:08:07,64
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-06-2013 02
Ran by admin (administrator) on 27-06-2013 12:20:02
Running from C:\Users\admin\Downloads
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Teruten) C:\Windows\system32\FsUsbExService.Exe
(Hi-Rez Studios) C:\Program Files\Hi-Rez Studios\HiPatchService.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
() C:\Windows\system32\PnkBstrA.exe
(StarWind Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.21.145\GoogleCrashHandler.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
(DT Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTLite.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4767304 2013-03-07] (AVAST Software)
HKLM\...\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime [421888 2012-10-25] (Apple Inc.)
HKLM\...\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-01-28] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" [152392 2013-02-20] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKCU\...\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844168 2013-05-07] (Samsung)
HKCU\...\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload [1561968 2013-04-23] (Samsung)
HKCU\...\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" [495616 2007-09-02] ()
HKCU\...\Run: [Spotify Web Helper] "C:\Users\admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [1199576 2012-11-16] (Spotify Ltd)
HKCU\...\Run: [GoogleChromeAutoLaunch_A822CA3D40D4B8944864CFEA751D8D57] "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window [825808 2013-06-15] (Google Inc.)
HKCU\...\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun [3514176 2011-11-10] (DT Soft Ltd)
HKU\UpdatusUser\...\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade [ 2010-11-20] (Microsoft Corporation)
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\ProgramData\Start Menu\Programs\Startup\Reboot.exe (Elitegroup Computer Systems Ltd.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yahoo.com
SearchScopes: HKCU - {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://search.yahoo.com/search?p={searchTerms}
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU -Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\l3ixncps.default
FF NewTab: hxxp://www.google.com/firefox
FF SearchEngine: Google
FF Homepage: hxxp://www.google.com/firefox
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF NetworkProxy: "http", "www-proxy.t-online.de"
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 - C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
FF Extension: No Name - C:\Users\admin\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: Battlefield Heroes Updater - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\l3ixncps.default\Extensions\battlefieldheroespatcher@ea.com
FF Extension: Personas - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\l3ixncps.default\Extensions\personas@christopher.beard
FF Extension: FireShot - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\l3ixncps.default\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
FF Extension: DownloadHelper - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\l3ixncps.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: info - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\l3ixncps.default\Extensions\info@maltegoetz.de.xpi
FF Extension: nasanightlaunch - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\l3ixncps.default\Extensions\nasanightlaunch@example.com.xpi
FF Extension: survey-remover - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\l3ixncps.default\Extensions\survey-remover@gmx.com.xpi
FF Extension: No Name - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\l3ixncps.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
FF Extension: No Name - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\l3ixncps.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

Chrome: 
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\27.0.1453.116\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Yahoo! activeX Plug-in Bridge) - C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (AdobeExManDetect) - C:\Program Files\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
CHR Plugin: (AdobeAAMDetect) - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java(TM) Platform SE 7 U21) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (Uplay PC) - C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Unity Player) - C:\Users\admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.210.11) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (avast! WebRep) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [45248 2013-03-07] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [136912 2013-03-07] (AVAST Software)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [96768 2012-06-27] (Freemake)
R2 HiPatchService; C:\Program Files\Hi-Rez Studios\HiPatchService.exe [8704 2012-08-15] (Hi-Rez Studios)
S2 KMService; C:\Windows\system32\srvany.exe [8192 2003-04-18] ()
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [598312 2011-03-29] (Nero AG)
S3 npggsvc; C:\Windows\system32\GameMon.des [4023760 2010-12-01] (INCA Internet Co., Ltd.)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [14848 2011-12-15] ()
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75136 2012-08-18] ()
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-03-07] (AVAST Software)
R1 aswFW; C:\Windows\system32\drivers\aswFW.sys [101656 2013-03-07] (AVAST Software)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21576 2013-03-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66336 2013-03-07] (AVAST Software)
R0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12112 2013-03-07] (ALWIL Software)
R0 aswNdis2; C:\Windows\System32\drivers\aswNdis2.sys [199384 2013-03-07] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [60656 2013-03-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49248 2013-03-07] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [765736 2013-03-07] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [368176 2013-03-07] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [62376 2013-03-07] (AVAST Software)
S3 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [164736 2013-03-07] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2011-05-28] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [239168 2013-05-13] (DT Soft Ltd)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2013-02-05] ()
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2011-05-28] ()
R3 Ltn_stk7070P; C:\Windows\System32\DRIVERS\Ltn_stk7070P.sys [466048 2007-10-19] (LITEON)
R3 Ltn_stkrc; C:\Windows\System32\DRIVERS\Ltn_stkrc.sys [13440 2007-10-19] (LITEON)
S3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [32768 2010-09-22] (AnchorFree Inc)
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1086976 2009-09-17] (VIA Technologies, Inc.)
R3 VX1000; C:\Windows\System32\DRIVERS\VX1000.sys [1961072 2010-05-20] (Microsoft Corporation)
S3 athr; system32\DRIVERS\athr.sys [x]
R3 catchme; \??\C:\Users\admin\AppData\Local\Temp\catchme.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
U3 mbr; \??\C:\ComboFix\mbr.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-06-27 12:19 - 2013-06-27 12:19 - 01370369 ____A (Farbar) C:\Users\admin\Downloads\FRST.exe
2013-06-27 12:17 - 2013-06-27 12:17 - 00045704 ____A C:\ComboFix.txt
2013-06-27 12:03 - 2013-06-27 12:17 - 00000000 ____D C:\ComboFix
2013-06-27 11:08 - 2013-06-27 11:08 - 00005082 ____A C:\Users\admin\Documents\JRT.txt
2013-06-27 11:06 - 2013-06-27 11:06 - 00000000 ____D C:\Windows\ERUNT
2013-06-27 11:05 - 2013-06-27 11:05 - 00000000 ____D C:\JRT
2013-06-27 11:04 - 2013-06-27 11:04 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\admin\Downloads\JRT.exe
2013-06-27 10:59 - 2013-06-27 11:00 - 00012826 ____A C:\AdwCleaner[S1].txt
2013-06-26 20:44 - 2013-06-26 20:44 - 00648201 ____A C:\Users\admin\Downloads\adwcleaner.exe
2013-06-26 19:49 - 2013-06-27 11:01 - 00000994 ____A C:\Windows\PFRO.log
2013-06-26 19:11 - 2011-06-26 08:45 - 00256000 ____A C:\Windows\PEV.exe
2013-06-26 19:11 - 2010-11-07 19:20 - 00208896 ____A C:\Windows\MBR.exe
2013-06-26 19:11 - 2009-04-20 06:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2013-06-26 19:11 - 2000-08-31 02:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2013-06-26 19:11 - 2000-08-31 02:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2013-06-26 19:11 - 2000-08-31 02:00 - 00098816 ____A C:\Windows\sed.exe
2013-06-26 19:11 - 2000-08-31 02:00 - 00080412 ____A C:\Windows\grep.exe
2013-06-26 19:11 - 2000-08-31 02:00 - 00068096 ____A C:\Windows\zip.exe
2013-06-26 19:10 - 2013-06-26 19:10 - 05083236 ____R (Swearware) C:\Users\admin\Downloads\ComboFix.exe
2013-06-26 19:09 - 2013-06-27 12:17 - 00000000 ____D C:\Qoobox
2013-06-26 19:09 - 2013-06-26 19:29 - 00000000 ____D C:\Windows\erdnt
2013-06-26 17:24 - 2013-06-26 17:24 - 00036050 ____A C:\Users\admin\Documents\FRST.txt
2013-06-26 17:24 - 2013-06-26 17:24 - 00027009 ____A C:\Users\admin\Documents\Addition.txt
2013-06-26 17:23 - 2013-06-26 17:23 - 00000000 ____D C:\FRST
2013-06-26 16:00 - 2013-06-26 16:00 - 00011889 ____A C:\Users\admin\Documents\hijackthis.log
2013-06-15 21:42 - 2013-06-15 21:43 - 12115496 ____A C:\Users\admin\Downloads\505 Drum Kit.zip
2013-06-15 21:41 - 2013-06-15 21:42 - 08067151 ____A C:\Users\admin\Downloads\Lil Jon Crunk Kit.zip
2013-06-15 21:40 - 2013-06-15 21:40 - 01152897 ____A C:\Users\admin\Downloads\East Coast Sound Kit.zip
2013-06-15 21:39 - 2013-06-15 21:39 - 05326278 ____A C:\Users\admin\Downloads\Soulja Boy Sound Kit.zip
2013-06-15 21:39 - 2013-06-15 21:39 - 02292849 ____A C:\Users\admin\Downloads\Hip Hop Sound Kit.zip
2013-06-15 21:38 - 2013-06-15 21:38 - 08461096 ____A C:\Users\admin\Downloads\Jay-Z Sound Kit.zip
2013-06-15 21:37 - 2013-06-15 21:38 - 09225984 ____A C:\Users\admin\Downloads\Lex Luger Drum Kit.zip
2013-06-15 21:32 - 2013-06-15 21:33 - 13388445 ____A C:\Users\admin\Downloads\Dr. Dre Sound Kit.zip
2013-06-08 11:30 - 2013-06-08 11:30 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2013-05-31 16:29 - 2013-06-27 11:03 - 00010792 ____A C:\Windows\AutoKMS.log
2013-05-31 16:27 - 2013-05-31 16:27 - 00169728 ____A C:\Users\admin\AppData\Local\GDIPFONTCACHEV1.DAT
2013-05-31 16:26 - 2013-05-31 16:26 - 03958584 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-31 15:44 - 2013-06-27 12:02 - 35548938 ____A C:\Windows\setupact.log
2013-05-31 15:44 - 2013-05-31 15:44 - 00000000 ____A C:\Windows\setuperr.log
2013-05-31 00:55 - 2013-05-31 00:55 - 00000000 ____D C:\Users\admin\AppData\Roaming\XBMC
2013-05-31 00:54 - 2013-05-31 00:54 - 00001823 ____A C:\Users\admin\Desktop\XBMC.lnk
2013-05-31 00:51 - 2013-05-31 00:52 - 00000000 ____D C:\Program Files\XBMC

==================== One Month Modified Files and Folders ========

2013-06-27 12:19 - 2013-06-27 12:19 - 01370369 ____A (Farbar) C:\Users\admin\Downloads\FRST.exe
2013-06-27 12:17 - 2013-06-27 12:17 - 00045704 ____A C:\ComboFix.txt
2013-06-27 12:17 - 2013-06-27 12:03 - 00000000 ____D C:\ComboFix
2013-06-27 12:17 - 2013-06-26 19:09 - 00000000 ____D C:\Qoobox
2013-06-27 12:13 - 2009-07-14 04:04 - 00000215 ____A C:\Windows\system.ini
2013-06-27 12:08 - 2012-03-30 12:04 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-27 12:04 - 2013-04-26 19:28 - 02028588 ____A C:\Windows\WindowsUpdate.log
2013-06-27 12:02 - 2013-05-31 15:44 - 35548938 ____A C:\Windows\setupact.log
2013-06-27 12:01 - 2011-03-05 00:00 - 00000000 ____D C:\Users\admin\Desktop\neben Programme
2013-06-27 11:24 - 2013-05-02 17:19 - 00001096 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-27 11:12 - 2011-03-11 13:17 - 00000000 ____D C:\Users\admin\AppData\Local\Adobe
2013-06-27 11:10 - 2009-07-14 06:34 - 00033984 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-27 11:10 - 2009-07-14 06:34 - 00033984 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-27 11:08 - 2013-06-27 11:08 - 00005082 ____A C:\Users\admin\Documents\JRT.txt
2013-06-27 11:06 - 2013-06-27 11:06 - 00000000 ____D C:\Windows\ERUNT
2013-06-27 11:05 - 2013-06-27 11:05 - 00000000 ____D C:\JRT
2013-06-27 11:04 - 2013-06-27 11:04 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\admin\Downloads\JRT.exe
2013-06-27 11:03 - 2013-05-31 16:29 - 00010792 ____A C:\Windows\AutoKMS.log
2013-06-27 11:03 - 2012-11-06 21:54 - 00078848 ____A C:\Windows\KMSEmulator.exe
2013-06-27 11:03 - 2012-11-06 21:54 - 00000202 ____A C:\Windows\Tasks\AutoKMSDaily.job
2013-06-27 11:03 - 2012-11-06 21:54 - 00000200 ____A C:\Windows\Tasks\AutoKMS.job
2013-06-27 11:02 - 2013-05-05 15:56 - 00000000 ____D C:\Users\admin\AppData\Roaming\Dropbox
2013-06-27 11:02 - 2013-05-02 17:18 - 00001092 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-27 11:02 - 2013-01-26 14:29 - 00000000 ___RD C:\Users\admin\Dropbox
2013-06-27 11:02 - 2011-04-06 14:03 - 00065536 _____ C:\Windows\System32\Ikeext.etl
2013-06-27 11:02 - 2009-07-14 06:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-27 11:02 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\tracing
2013-06-27 11:01 - 2013-06-26 19:49 - 00000994 ____A C:\Windows\PFRO.log
2013-06-27 11:01 - 2013-04-26 19:29 - 00000000 ____D C:\ProgramData\NVIDIA
2013-06-27 11:00 - 2013-06-27 10:59 - 00012826 ____A C:\AdwCleaner[S1].txt
2013-06-26 23:27 - 2013-04-28 20:46 - 00000000 ____D C:\Users\admin\AppData\Roaming\Skype
2013-06-26 23:27 - 2011-06-02 17:47 - 00000000 ____D C:\Users\admin\AppData\Local\PMB Files
2013-06-26 23:27 - 2011-06-02 17:47 - 00000000 ____D C:\ProgramData\PMB Files
2013-06-26 20:44 - 2013-06-26 20:44 - 00648201 ____A C:\Users\admin\Downloads\adwcleaner.exe
2013-06-26 19:37 - 2009-07-14 04:37 - 00000000 __RHD C:\users\Default
2013-06-26 19:37 - 2009-07-14 04:37 - 00000000 ___RD C:\users\Public
2013-06-26 19:29 - 2013-06-26 19:09 - 00000000 ____D C:\Windows\erdnt
2013-06-26 19:10 - 2013-06-26 19:10 - 05083236 ____R (Swearware) C:\Users\admin\Downloads\ComboFix.exe
2013-06-26 19:01 - 2011-03-04 15:39 - 00000000 ____D C:\Users\admin\Desktop\Rocket Dock, Spiele
2013-06-26 18:59 - 2011-02-26 10:54 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-06-26 18:48 - 2013-04-26 13:20 - 00000000 ____D C:\Program Files\JDownloader 2
2013-06-26 17:50 - 2011-02-26 10:54 - 00000000 ____D C:\Program Files\Electronic Arts
2013-06-26 17:24 - 2013-06-26 17:24 - 00036050 ____A C:\Users\admin\Documents\FRST.txt
2013-06-26 17:24 - 2013-06-26 17:24 - 00027009 ____A C:\Users\admin\Documents\Addition.txt
2013-06-26 17:23 - 2013-06-26 17:23 - 00000000 ____D C:\FRST
2013-06-26 16:00 - 2013-06-26 16:00 - 00011889 ____A C:\Users\admin\Documents\hijackthis.log
2013-06-23 21:02 - 2012-12-06 21:35 - 00000000 ____D C:\Users\admin\AppData\Roaming\TS3Client
2013-06-22 18:46 - 2011-02-27 15:39 - 00000000 ____D C:\Program Files\Steam
2013-06-22 18:41 - 2011-02-27 15:39 - 00000000 ____D C:\Program Files\Common Files\Steam
2013-06-19 21:26 - 2013-05-02 17:20 - 00002129 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2013-06-15 23:11 - 2012-01-01 22:22 - 00000000 ____D C:\Program Files\Image-Line
2013-06-15 21:43 - 2013-06-15 21:42 - 12115496 ____A C:\Users\admin\Downloads\505 Drum Kit.zip
2013-06-15 21:42 - 2013-06-15 21:41 - 08067151 ____A C:\Users\admin\Downloads\Lil Jon Crunk Kit.zip
2013-06-15 21:40 - 2013-06-15 21:40 - 01152897 ____A C:\Users\admin\Downloads\East Coast Sound Kit.zip
2013-06-15 21:39 - 2013-06-15 21:39 - 05326278 ____A C:\Users\admin\Downloads\Soulja Boy Sound Kit.zip
2013-06-15 21:39 - 2013-06-15 21:39 - 02292849 ____A C:\Users\admin\Downloads\Hip Hop Sound Kit.zip
2013-06-15 21:38 - 2013-06-15 21:38 - 08461096 ____A C:\Users\admin\Downloads\Jay-Z Sound Kit.zip
2013-06-15 21:38 - 2013-06-15 21:37 - 09225984 ____A C:\Users\admin\Downloads\Lex Luger Drum Kit.zip
2013-06-15 21:33 - 2013-06-15 21:32 - 13388445 ____A C:\Users\admin\Downloads\Dr. Dre Sound Kit.zip
2013-06-15 18:33 - 2012-01-01 22:24 - 00000000 ____D C:\Program Files\VstPlugins
2013-06-15 15:08 - 2012-03-30 12:04 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-06-15 15:08 - 2011-05-15 12:56 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-06-15 01:39 - 2013-03-13 01:23 - 73381792 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-15 00:40 - 2010-11-20 23:01 - 01618320 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-08 14:36 - 2013-05-02 17:25 - 00000000 ___RD C:\Program Files\Skype
2013-06-08 14:36 - 2011-02-26 14:25 - 00000000 ____D C:\ProgramData\Skype
2013-06-08 11:30 - 2013-06-08 11:30 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2013-06-06 16:03 - 2013-05-02 17:18 - 00000000 ____D C:\Program Files\Google
2013-06-06 16:03 - 2011-04-28 17:34 - 00000000 ____D C:\Users\admin\AppData\Local\Google
2013-06-02 13:30 - 2012-08-18 18:49 - 00138184 ____A C:\Windows\System32\Drivers\PnkBstrK.sys
2013-06-02 13:29 - 2012-08-18 18:18 - 00183112 ____A C:\Windows\System32\PnkBstrB.exe
2013-06-01 18:54 - 2013-05-05 15:59 - 00001017 ____A C:\Users\admin\Desktop\Dropbox.lnk
2013-06-01 12:50 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\LogFiles
2013-05-31 17:20 - 2009-07-14 04:37 - 00000000 __RHD C:\Users\Public\Libraries
2013-05-31 16:27 - 2013-05-31 16:27 - 00169728 ____A C:\Users\admin\AppData\Local\GDIPFONTCACHEV1.DAT
2013-05-31 16:26 - 2013-05-31 16:26 - 03958584 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-31 16:25 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\DriverStore
2013-05-31 15:44 - 2013-05-31 15:44 - 00000000 ____A C:\Windows\setuperr.log
2013-05-31 15:24 - 2011-03-17 19:41 - 00000000 ____D C:\Users\admin\AppData\Roaming\DAEMON Tools Lite
2013-05-31 15:22 - 2013-05-04 03:02 - 00000000 ____D C:\Windows\Minidump
2013-05-31 00:55 - 2013-05-31 00:55 - 00000000 ____D C:\Users\admin\AppData\Roaming\XBMC
2013-05-31 00:54 - 2013-05-31 00:54 - 00001823 ____A C:\Users\admin\Desktop\XBMC.lnk
2013-05-31 00:52 - 2013-05-31 00:51 - 00000000 ____D C:\Program Files\XBMC

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-23 13:28

==================== End Of Log ============================

--- --- ---

schrauber · 27.06.2013, 11:23

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST Log bitte. Noch Probleme?

ShadowBeastz · 27.06.2013, 14:50

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=2aebaca14cf928458832e8cf9ed4c24f
# engine=14167
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-06-27 01:44:27
# local_time=2013-06-27 03:44:27 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=772 16777213 83 94 5280025 149054139 0 0
# compatibility_mode=5893 16776574 100 94 175312 123971858 0 0
# scanned=467863
# found=3
# cleaned=0
# scan_time=11217

Wenn ich SecurityCheck öffnen will kommt die Meldung:
UNSUPPORTED OPERATING SYSTEM! ABORTED!

schrauber · 27.06.2013, 16:15

ESET Log ist unvollständig, ich will sehen was gefunden wurde.

Zitat:

und ein frisches FRST Log bitte. Noch Probleme?

ShadowBeastz · 27.06.2013, 16:37

Ich habe das Programm leider schon deinstalliert und den Ordner unter Programme auch. Da stand aber bei den gelöschten Datein was von google chrome facemods oder sowas drin und bei system32 irgendeine dll. Datei.
FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-06-2013 02
Ran by admin (administrator) on 27-06-2013 17:32:41
Running from C:\Users\admin\Downloads
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Teruten) C:\Windows\system32\FsUsbExService.Exe
(Hi-Rez Studios) C:\Program Files\Hi-Rez Studios\HiPatchService.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
() C:\Windows\system32\PnkBstrA.exe
(StarWind Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.21.145\GoogleCrashHandler.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
(DT Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTLite.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmplayer.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4767304 2013-03-07] (AVAST Software)
HKLM\...\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime [421888 2012-10-25] (Apple Inc.)
HKLM\...\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-01-28] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" [152392 2013-02-20] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKCU\...\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844168 2013-05-07] (Samsung)
HKCU\...\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload [1561968 2013-04-23] (Samsung)
HKCU\...\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" [495616 2007-09-02] ()
HKCU\...\Run: [Spotify Web Helper] "C:\Users\admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [1199576 2012-11-16] (Spotify Ltd)
HKCU\...\Run: [GoogleChromeAutoLaunch_A822CA3D40D4B8944864CFEA751D8D57] "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window [825808 2013-06-15] (Google Inc.)
HKCU\...\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun [3514176 2011-11-10] (DT Soft Ltd)
HKU\UpdatusUser\...\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade [ 2010-11-20] (Microsoft Corporation)
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\ProgramData\Start Menu\Programs\Startup\Reboot.exe (Elitegroup Computer Systems Ltd.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yahoo.com
SearchScopes: HKCU - {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://search.yahoo.com/search?p={searchTerms}
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU -Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\l3ixncps.default
FF NewTab: hxxp://www.google.com/firefox
FF SearchEngine: Google
FF Homepage: hxxp://www.google.com/firefox
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF NetworkProxy: "http", "www-proxy.t-online.de"
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 - C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
FF Extension: No Name - C:\Users\admin\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: Battlefield Heroes Updater - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\l3ixncps.default\Extensions\battlefieldheroespatcher@ea.com
FF Extension: Personas - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\l3ixncps.default\Extensions\personas@christopher.beard
FF Extension: FireShot - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\l3ixncps.default\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
FF Extension: DownloadHelper - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\l3ixncps.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: info - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\l3ixncps.default\Extensions\info@maltegoetz.de.xpi
FF Extension: nasanightlaunch - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\l3ixncps.default\Extensions\nasanightlaunch@example.com.xpi
FF Extension: survey-remover - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\l3ixncps.default\Extensions\survey-remover@gmx.com.xpi
FF Extension: No Name - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\l3ixncps.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
FF Extension: No Name - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\l3ixncps.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

Chrome: 
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\27.0.1453.116\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Yahoo! activeX Plug-in Bridge) - C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (AdobeExManDetect) - C:\Program Files\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
CHR Plugin: (AdobeAAMDetect) - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java(TM) Platform SE 7 U21) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (Uplay PC) - C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Unity Player) - C:\Users\admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.210.11) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (AdBlock) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.2_0

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [45248 2013-03-07] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [136912 2013-03-07] (AVAST Software)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [96768 2012-06-27] (Freemake)
R2 HiPatchService; C:\Program Files\Hi-Rez Studios\HiPatchService.exe [8704 2012-08-15] (Hi-Rez Studios)
S2 KMService; C:\Windows\system32\srvany.exe [8192 2003-04-18] ()
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [598312 2011-03-29] (Nero AG)
S3 npggsvc; C:\Windows\system32\GameMon.des [4023760 2010-12-01] (INCA Internet Co., Ltd.)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [14848 2011-12-15] ()
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75136 2012-08-18] ()
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-03-07] (AVAST Software)
R1 aswFW; C:\Windows\system32\drivers\aswFW.sys [101656 2013-03-07] (AVAST Software)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21576 2013-03-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66336 2013-03-07] (AVAST Software)
R0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12112 2013-03-07] (ALWIL Software)
R0 aswNdis2; C:\Windows\System32\drivers\aswNdis2.sys [199384 2013-03-07] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [60656 2013-03-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49248 2013-03-07] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [765736 2013-03-07] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [368176 2013-03-07] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [62376 2013-03-07] (AVAST Software)
S3 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [164736 2013-03-07] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2011-05-28] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [239168 2013-05-13] (DT Soft Ltd)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2013-02-05] ()
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2011-05-28] ()
R3 Ltn_stk7070P; C:\Windows\System32\DRIVERS\Ltn_stk7070P.sys [466048 2007-10-19] (LITEON)
R3 Ltn_stkrc; C:\Windows\System32\DRIVERS\Ltn_stkrc.sys [13440 2007-10-19] (LITEON)
S3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [32768 2010-09-22] (AnchorFree Inc)
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1086976 2009-09-17] (VIA Technologies, Inc.)
R3 VX1000; C:\Windows\System32\DRIVERS\VX1000.sys [1961072 2010-05-20] (Microsoft Corporation)
S3 athr; system32\DRIVERS\athr.sys [x]
R3 catchme; \??\C:\Users\admin\AppData\Local\Temp\catchme.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
U3 mbr; \??\C:\ComboFix\mbr.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-06-27 14:47 - 2013-06-27 14:47 - 00890988 ____A C:\Users\admin\Downloads\SecurityCheck.exe
2013-06-27 14:47 - 2013-06-27 14:47 - 00890988 ____A C:\Users\admin\Desktop\SecurityCheck.exe
2013-06-27 12:35 - 2013-06-27 12:35 - 00000000 ____D C:\Program Files\ESET
2013-06-27 12:33 - 2013-06-27 12:33 - 02347384 ____A (ESET) C:\Users\admin\Downloads\esetsmartinstaller_enu.exe
2013-06-27 12:19 - 2013-06-27 12:19 - 01370369 ____A (Farbar) C:\Users\admin\Downloads\FRST.exe
2013-06-27 12:17 - 2013-06-27 12:17 - 00045704 ____A C:\ComboFix.txt
2013-06-27 12:03 - 2013-06-27 12:17 - 00000000 ____D C:\ComboFix
2013-06-27 11:08 - 2013-06-27 11:08 - 00005082 ____A C:\Users\admin\Documents\JRT.txt
2013-06-27 11:06 - 2013-06-27 11:06 - 00000000 ____D C:\Windows\ERUNT
2013-06-27 11:05 - 2013-06-27 11:05 - 00000000 ____D C:\JRT
2013-06-27 11:04 - 2013-06-27 11:04 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\admin\Downloads\JRT.exe
2013-06-27 10:59 - 2013-06-27 11:00 - 00012826 ____A C:\AdwCleaner[S1].txt
2013-06-26 20:44 - 2013-06-26 20:44 - 00648201 ____A C:\Users\admin\Downloads\adwcleaner.exe
2013-06-26 19:49 - 2013-06-27 11:01 - 00000994 ____A C:\Windows\PFRO.log
2013-06-26 19:11 - 2011-06-26 08:45 - 00256000 ____A C:\Windows\PEV.exe
2013-06-26 19:11 - 2010-11-07 19:20 - 00208896 ____A C:\Windows\MBR.exe
2013-06-26 19:11 - 2009-04-20 06:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2013-06-26 19:11 - 2000-08-31 02:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2013-06-26 19:11 - 2000-08-31 02:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2013-06-26 19:11 - 2000-08-31 02:00 - 00098816 ____A C:\Windows\sed.exe
2013-06-26 19:11 - 2000-08-31 02:00 - 00080412 ____A C:\Windows\grep.exe
2013-06-26 19:11 - 2000-08-31 02:00 - 00068096 ____A C:\Windows\zip.exe
2013-06-26 19:10 - 2013-06-26 19:10 - 05083236 ____R (Swearware) C:\Users\admin\Downloads\ComboFix.exe
2013-06-26 19:09 - 2013-06-27 12:17 - 00000000 ____D C:\Qoobox
2013-06-26 19:09 - 2013-06-26 19:29 - 00000000 ____D C:\Windows\erdnt
2013-06-26 17:24 - 2013-06-26 17:24 - 00036050 ____A C:\Users\admin\Documents\FRST.txt
2013-06-26 17:24 - 2013-06-26 17:24 - 00027009 ____A C:\Users\admin\Documents\Addition.txt
2013-06-26 17:23 - 2013-06-26 17:23 - 00000000 ____D C:\FRST
2013-06-26 16:00 - 2013-06-26 16:00 - 00011889 ____A C:\Users\admin\Documents\hijackthis.log
2013-06-15 21:42 - 2013-06-15 21:43 - 12115496 ____A C:\Users\admin\Downloads\505 Drum Kit.zip
2013-06-15 21:41 - 2013-06-15 21:42 - 08067151 ____A C:\Users\admin\Downloads\Lil Jon Crunk Kit.zip
2013-06-15 21:40 - 2013-06-15 21:40 - 01152897 ____A C:\Users\admin\Downloads\East Coast Sound Kit.zip
2013-06-15 21:39 - 2013-06-15 21:39 - 05326278 ____A C:\Users\admin\Downloads\Soulja Boy Sound Kit.zip
2013-06-15 21:39 - 2013-06-15 21:39 - 02292849 ____A C:\Users\admin\Downloads\Hip Hop Sound Kit.zip
2013-06-15 21:38 - 2013-06-15 21:38 - 08461096 ____A C:\Users\admin\Downloads\Jay-Z Sound Kit.zip
2013-06-15 21:37 - 2013-06-15 21:38 - 09225984 ____A C:\Users\admin\Downloads\Lex Luger Drum Kit.zip
2013-06-15 21:32 - 2013-06-15 21:33 - 13388445 ____A C:\Users\admin\Downloads\Dr. Dre Sound Kit.zip
2013-06-08 11:30 - 2013-06-08 11:30 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2013-05-31 16:29 - 2013-06-27 11:03 - 00010792 ____A C:\Windows\AutoKMS.log
2013-05-31 16:27 - 2013-05-31 16:27 - 00169728 ____A C:\Users\admin\AppData\Local\GDIPFONTCACHEV1.DAT
2013-05-31 16:26 - 2013-05-31 16:26 - 03958584 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-31 15:44 - 2013-06-27 16:39 - 36703858 ____A C:\Windows\setupact.log
2013-05-31 15:44 - 2013-05-31 15:44 - 00000000 ____A C:\Windows\setuperr.log
2013-05-31 00:55 - 2013-05-31 00:55 - 00000000 ____D C:\Users\admin\AppData\Roaming\XBMC
2013-05-31 00:54 - 2013-05-31 00:54 - 00001823 ____A C:\Users\admin\Desktop\XBMC.lnk
2013-05-31 00:51 - 2013-05-31 00:52 - 00000000 ____D C:\Program Files\XBMC

==================== One Month Modified Files and Folders ========

2013-06-27 17:24 - 2013-05-02 17:19 - 00001096 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-27 17:23 - 2013-05-02 17:18 - 00001092 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-27 17:08 - 2012-03-30 12:04 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-27 16:39 - 2013-05-31 15:44 - 36703858 ____A C:\Windows\setupact.log
2013-06-27 14:58 - 2013-04-26 19:28 - 02028909 ____A C:\Windows\WindowsUpdate.log
2013-06-27 14:54 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\tracing
2013-06-27 14:47 - 2013-06-27 14:47 - 00890988 ____A C:\Users\admin\Downloads\SecurityCheck.exe
2013-06-27 14:47 - 2013-06-27 14:47 - 00890988 ____A C:\Users\admin\Desktop\SecurityCheck.exe
2013-06-27 12:35 - 2013-06-27 12:35 - 00000000 ____D C:\Program Files\ESET
2013-06-27 12:35 - 2010-11-20 23:01 - 01618320 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-27 12:33 - 2013-06-27 12:33 - 02347384 ____A (ESET) C:\Users\admin\Downloads\esetsmartinstaller_enu.exe
2013-06-27 12:19 - 2013-06-27 12:19 - 01370369 ____A (Farbar) C:\Users\admin\Downloads\FRST.exe
2013-06-27 12:17 - 2013-06-27 12:17 - 00045704 ____A C:\ComboFix.txt
2013-06-27 12:17 - 2013-06-27 12:03 - 00000000 ____D C:\ComboFix
2013-06-27 12:17 - 2013-06-26 19:09 - 00000000 ____D C:\Qoobox
2013-06-27 12:13 - 2009-07-14 04:04 - 00000215 ____A C:\Windows\system.ini
2013-06-27 12:01 - 2011-03-05 00:00 - 00000000 ____D C:\Users\admin\Desktop\neben Programme
2013-06-27 11:12 - 2011-03-11 13:17 - 00000000 ____D C:\Users\admin\AppData\Local\Adobe
2013-06-27 11:10 - 2009-07-14 06:34 - 00033984 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-27 11:10 - 2009-07-14 06:34 - 00033984 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-27 11:08 - 2013-06-27 11:08 - 00005082 ____A C:\Users\admin\Documents\JRT.txt
2013-06-27 11:06 - 2013-06-27 11:06 - 00000000 ____D C:\Windows\ERUNT
2013-06-27 11:05 - 2013-06-27 11:05 - 00000000 ____D C:\JRT
2013-06-27 11:04 - 2013-06-27 11:04 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\admin\Downloads\JRT.exe
2013-06-27 11:03 - 2013-05-31 16:29 - 00010792 ____A C:\Windows\AutoKMS.log
2013-06-27 11:03 - 2012-11-06 21:54 - 00078848 ____A C:\Windows\KMSEmulator.exe
2013-06-27 11:03 - 2012-11-06 21:54 - 00000202 ____A C:\Windows\Tasks\AutoKMSDaily.job
2013-06-27 11:03 - 2012-11-06 21:54 - 00000200 ____A C:\Windows\Tasks\AutoKMS.job
2013-06-27 11:02 - 2013-05-05 15:56 - 00000000 ____D C:\Users\admin\AppData\Roaming\Dropbox
2013-06-27 11:02 - 2013-01-26 14:29 - 00000000 ___RD C:\Users\admin\Dropbox
2013-06-27 11:02 - 2011-04-06 14:03 - 00065536 _____ C:\Windows\System32\Ikeext.etl
2013-06-27 11:02 - 2009-07-14 06:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-27 11:01 - 2013-06-26 19:49 - 00000994 ____A C:\Windows\PFRO.log
2013-06-27 11:01 - 2013-04-26 19:29 - 00000000 ____D C:\ProgramData\NVIDIA
2013-06-27 11:00 - 2013-06-27 10:59 - 00012826 ____A C:\AdwCleaner[S1].txt
2013-06-26 23:27 - 2013-04-28 20:46 - 00000000 ____D C:\Users\admin\AppData\Roaming\Skype
2013-06-26 23:27 - 2011-06-02 17:47 - 00000000 ____D C:\Users\admin\AppData\Local\PMB Files
2013-06-26 23:27 - 2011-06-02 17:47 - 00000000 ____D C:\ProgramData\PMB Files
2013-06-26 20:44 - 2013-06-26 20:44 - 00648201 ____A C:\Users\admin\Downloads\adwcleaner.exe
2013-06-26 19:37 - 2009-07-14 04:37 - 00000000 __RHD C:\users\Default
2013-06-26 19:37 - 2009-07-14 04:37 - 00000000 ___RD C:\users\Public
2013-06-26 19:29 - 2013-06-26 19:09 - 00000000 ____D C:\Windows\erdnt
2013-06-26 19:10 - 2013-06-26 19:10 - 05083236 ____R (Swearware) C:\Users\admin\Downloads\ComboFix.exe
2013-06-26 19:01 - 2011-03-04 15:39 - 00000000 ____D C:\Users\admin\Desktop\Rocket Dock, Spiele
2013-06-26 18:59 - 2011-02-26 10:54 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-06-26 18:48 - 2013-04-26 13:20 - 00000000 ____D C:\Program Files\JDownloader 2
2013-06-26 17:50 - 2011-02-26 10:54 - 00000000 ____D C:\Program Files\Electronic Arts
2013-06-26 17:24 - 2013-06-26 17:24 - 00036050 ____A C:\Users\admin\Documents\FRST.txt
2013-06-26 17:24 - 2013-06-26 17:24 - 00027009 ____A C:\Users\admin\Documents\Addition.txt
2013-06-26 17:23 - 2013-06-26 17:23 - 00000000 ____D C:\FRST
2013-06-26 16:00 - 2013-06-26 16:00 - 00011889 ____A C:\Users\admin\Documents\hijackthis.log
2013-06-23 21:02 - 2012-12-06 21:35 - 00000000 ____D C:\Users\admin\AppData\Roaming\TS3Client
2013-06-22 18:46 - 2011-02-27 15:39 - 00000000 ____D C:\Program Files\Steam
2013-06-22 18:41 - 2011-02-27 15:39 - 00000000 ____D C:\Program Files\Common Files\Steam
2013-06-19 21:26 - 2013-05-02 17:20 - 00002129 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2013-06-15 23:11 - 2012-01-01 22:22 - 00000000 ____D C:\Program Files\Image-Line
2013-06-15 21:43 - 2013-06-15 21:42 - 12115496 ____A C:\Users\admin\Downloads\505 Drum Kit.zip
2013-06-15 21:42 - 2013-06-15 21:41 - 08067151 ____A C:\Users\admin\Downloads\Lil Jon Crunk Kit.zip
2013-06-15 21:40 - 2013-06-15 21:40 - 01152897 ____A C:\Users\admin\Downloads\East Coast Sound Kit.zip
2013-06-15 21:39 - 2013-06-15 21:39 - 05326278 ____A C:\Users\admin\Downloads\Soulja Boy Sound Kit.zip
2013-06-15 21:39 - 2013-06-15 21:39 - 02292849 ____A C:\Users\admin\Downloads\Hip Hop Sound Kit.zip
2013-06-15 21:38 - 2013-06-15 21:38 - 08461096 ____A C:\Users\admin\Downloads\Jay-Z Sound Kit.zip
2013-06-15 21:38 - 2013-06-15 21:37 - 09225984 ____A C:\Users\admin\Downloads\Lex Luger Drum Kit.zip
2013-06-15 21:33 - 2013-06-15 21:32 - 13388445 ____A C:\Users\admin\Downloads\Dr. Dre Sound Kit.zip
2013-06-15 18:33 - 2012-01-01 22:24 - 00000000 ____D C:\Program Files\VstPlugins
2013-06-15 15:08 - 2012-03-30 12:04 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-06-15 15:08 - 2011-05-15 12:56 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-06-15 01:39 - 2013-03-13 01:23 - 73381792 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-08 14:36 - 2013-05-02 17:25 - 00000000 ___RD C:\Program Files\Skype
2013-06-08 14:36 - 2011-02-26 14:25 - 00000000 ____D C:\ProgramData\Skype
2013-06-08 11:30 - 2013-06-08 11:30 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2013-06-06 16:03 - 2013-05-02 17:18 - 00000000 ____D C:\Program Files\Google
2013-06-06 16:03 - 2011-04-28 17:34 - 00000000 ____D C:\Users\admin\AppData\Local\Google
2013-06-02 13:30 - 2012-08-18 18:49 - 00138184 ____A C:\Windows\System32\Drivers\PnkBstrK.sys
2013-06-02 13:29 - 2012-08-18 18:18 - 00183112 ____A C:\Windows\System32\PnkBstrB.exe
2013-06-01 18:54 - 2013-05-05 15:59 - 00001017 ____A C:\Users\admin\Desktop\Dropbox.lnk
2013-06-01 12:50 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\LogFiles
2013-05-31 17:20 - 2009-07-14 04:37 - 00000000 __RHD C:\Users\Public\Libraries
2013-05-31 16:27 - 2013-05-31 16:27 - 00169728 ____A C:\Users\admin\AppData\Local\GDIPFONTCACHEV1.DAT
2013-05-31 16:26 - 2013-05-31 16:26 - 03958584 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-31 16:25 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\DriverStore
2013-05-31 15:44 - 2013-05-31 15:44 - 00000000 ____A C:\Windows\setuperr.log
2013-05-31 15:24 - 2011-03-17 19:41 - 00000000 ____D C:\Users\admin\AppData\Roaming\DAEMON Tools Lite
2013-05-31 15:22 - 2013-05-04 03:02 - 00000000 ____D C:\Windows\Minidump
2013-05-31 00:55 - 2013-05-31 00:55 - 00000000 ____D C:\Users\admin\AppData\Roaming\XBMC
2013-05-31 00:54 - 2013-05-31 00:54 - 00001823 ____A C:\Users\admin\Desktop\XBMC.lnk
2013-05-31 00:52 - 2013-05-31 00:51 - 00000000 ____D C:\Program Files\XBMC

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-23 13:28

==================== End Of Log ============================

--- --- ---

schrauber · 27.06.2013, 19:09

Noch Probleme mit dem Rechner?

ShadowBeastz · 27.06.2013, 20:49

Der ist merkbar schneller geworden

Aber Die Downloadrate ist immernoch langsamer als bei den anderen PCs :/

schrauber · 28.06.2013, 06:29

Wieviel weniger? Wo gemessen? Mal mit deaktiviertem AV Programm getestet?

ShadowBeastz · 28.06.2013, 10:14

Der eine hat eine Downloadrate von ca.1,7MB und der Laptop mit W-Lan lädt ca. 1.5MB. hab ich mal bei wieistmeineip . de gemessen und dsl-speedtest.computerbild . de. Meine Downloadrate ist aber ca.500kb. Ich habs schon ohne Firewall und ohne AV Programm getestet und wie gesagt auch schon ein neues Kabel gekauft mit einer besseren Schirmung.

27.06.2013, 19:09	#12
schrauber /// the machine /// TB-Ausbilder	Internet viel zu langsam, vlt. ein Virus? Noch Probleme mit dem Rechner? __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

28.06.2013, 06:29	#14
schrauber /// the machine /// TB-Ausbilder	Internet viel zu langsam, vlt. ein Virus? Wieviel weniger? Wo gemessen? Mal mit deaktiviertem AV Programm getestet? __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Internet viel zu langsam, vlt. ein Virus?

Log-Analyse und Auswertung: Internet viel zu langsam, vlt. ein Virus?