Weißer Bildschirm Win7, FRST.txt erstellt, weiteres Vorgehen

raya66 · 18.07.2013, 13:34

Hallo,
habe mir gestern auf meinem Asus Laptop mit Windows 7 den Virus eingefangen (weißer Bildschirm, Neustart bringt nichts, im abgesicherten Modus wird sofort ein Neustart durchgeführt, irgendwann kam dann auch eine Aufforderung zu Zahlen mit nem hübschen Cam-Foto).

Habe mir vom Farber Recovery Scan Tool nach Anleitung aus anderen Themen hier den FRST.txt erstellen lassen. Zu entscheiden was jetzt alles genau in den Fixlog.txt soll traue ich mir nicht zu.

FRST.txt :

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-07-2013 02
Ran by SYSTEM on 19-07-2013 01:24:18
Running from E:\
Windows 7 Home Premium (X64) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDWare] - C:\Program Files\Elantech\ETDCtrl.exe [659848 2010-07-18] (ELAN Microelectronic Corp.)
HKLM\...\Run: [ASUS WebStorage] - C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [1754448 2010-03-15] ()
HKLM\...\Run: [NvCplDaemon] - C:\Windows\system32\NvCpl.dll [16336488 2009-08-28] (NVIDIA Corporation)
HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323584 2009-08-31] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-05] (Adobe Systems Incorporated)
HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [Bdagent] - C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe [1569536 2013-07-18] (Bitdefender)
HKLM-x32\...\Run: [UpdateLBPShortCut] - "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] - "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [Boingo Wi-Fi] - "C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk" [2429 2010-09-15] ()
HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [7350912 2010-02-04] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [170624 2010-01-05] (ASUS)
HKLM-x32\...\Run: [facemoods] - "C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe" /md I [362200 2011-09-05] (facemoods.com)
HKLM-x32\...\Run: [VirtualCloneDrive] - "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [163000 2012-12-12] (Geek Software GmbH)
HKU\Anny\...\Run: [Skype] - "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized [17418928 2012-07-13] (Skype Technologies S.A.)
HKU\Anny\...\Run: [DAEMON Tools Lite] - "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [3671872 2012-04-17] (DT Soft Ltd)
HKU\Anny\...\Run: [qcgce2mrvjq91kk1e7pnbb19m52fx] - C:\Users\Anny\AppData\Local\Temp\hixmrhgnywrbsajuoxy.bfg [61440 2013-07-18] (NVIDIA Corporation) <===== ATTENTION
HKU\Anny\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_6_602_180_Plugin.exe -update plugin [x]
HKU\Anny\...\Winlogon: [Shell] cmd.exe [345088 2010-11-20] (Microsoft Corporation) <==== ATTENTION 
HKU\Anny\...\Command Processor: "C:\Users\Anny\AppData\Local\Temp\hixmrhgnywrbsajuoxy.bfg" <===== ATTENTION!
Startup: C:\Users\Anny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk ->  (No File)
Startup: C:\Users\Anny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Services (Whitelisted) =================

S2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2011-03-18] (Adobe Systems)
S2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-07] ()
S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe [69392 2013-04-28] (Bitdefender)
S2 compactd; C:\Windows\system32\webio64.exe [106496 2011-07-18] ()
S2 GFilterSvc; C:\Windows\System32\GFilterSvc.exe [114688 2011-07-18] ()
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
S2 TGCM_ImportWiFiSvc; C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe [199600 2010-11-11] (Telefónica I+D)
S2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2143072 2012-05-29] (TuneUp Software)
S2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe [68856 2013-04-28] (Bitdefender)
S2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe [1646792 2013-07-18] (Bitdefender)

==================== Drivers (Whitelisted) ====================

S2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] ()
S2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] ()
S0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2013-07-18] (BitDefender)
S3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-07-18] (BitDefender)
S1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2013-07-18] (BitDefender LLC)
S1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82384 2013-01-31] (BitDefender SRL)
S0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [147232 2013-04-28] (BitDefender LLC)
S3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [12800 2009-02-03] (ZTE Incorporated)
S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806400 2009-06-05] ()
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [530488 2011-01-03] (Duplex Secure Ltd.)
S0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-07-18] (BitDefender S.R.L.)
S3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [11856 2012-05-08] (TuneUp Software)
S3 tmlwf; 
S3 tmwfp; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-19 01:24 - 2013-07-19 01:24 - 00000000 ____D C:\FRST
2013-07-18 09:55 - 2013-07-18 09:55 - 01084712 _____ C:\Users\Anny\AppData\Roaming\2433f433
2013-07-18 09:55 - 2013-07-18 09:55 - 01084708 _____ C:\Users\Anny\AppData\Local\2433f433
2013-07-18 09:55 - 2013-07-18 09:55 - 01084698 _____ C:\ProgramData\2433f433


==================== One Month Modified Files and Folders =======

2013-07-19 01:24 - 2013-07-19 01:24 - 00000000 ____D C:\FRST
2013-07-18 15:04 - 2009-07-13 20:51 - 00083875 _____ C:\Windows\setupact.log
2013-07-18 13:44 - 2013-01-06 06:01 - 00001426 _____ C:\Users\Anny\Desktop\Registry kostenlos entrümpeln!.lnk
2013-07-18 13:44 - 2010-09-15 00:32 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-18 13:44 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-18 13:43 - 2010-09-15 00:10 - 01350262 _____ C:\Windows\WindowsUpdate.log
2013-07-18 13:36 - 2009-07-13 20:45 - 00010016 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-18 13:36 - 2009-07-13 20:45 - 00010016 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-18 13:31 - 2013-02-16 02:34 - 00003108 _____ C:\Windows\System32\Tasks\RegClean Pro
2013-07-18 13:29 - 2012-12-07 16:02 - 00003120 _____ C:\Windows\System32\Tasks\Advanced System Protector_startup
2013-07-18 13:03 - 2012-11-08 03:22 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-18 12:58 - 2010-09-15 00:32 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-18 10:48 - 2012-07-21 08:46 - 00000000 ____D C:\Windows\rescache
2013-07-18 10:00 - 2010-09-15 00:54 - 00002326 _____ C:\Windows\System32\AutoRunFilter.ini
2013-07-18 09:57 - 2010-09-15 00:39 - 00177550 _____ C:\Windows\PFRO.log
2013-07-18 09:55 - 2013-07-18 09:55 - 01084712 _____ C:\Users\Anny\AppData\Roaming\2433f433
2013-07-18 09:55 - 2013-07-18 09:55 - 01084708 _____ C:\Users\Anny\AppData\Local\2433f433
2013-07-18 09:55 - 2013-07-18 09:55 - 01084698 _____ C:\ProgramData\2433f433
2013-07-18 09:50 - 2011-03-15 13:35 - 00000000 ____D C:\Users\Anny\AppData\Roaming\Skype
2013-07-18 07:55 - 2013-01-31 14:30 - 00718840 _____ (BitDefender) C:\Windows\System32\Drivers\avc3.sys
2013-07-18 07:55 - 2013-01-31 14:30 - 00593144 _____ (BitDefender) C:\Windows\System32\Drivers\avckf.sys
2013-07-18 07:55 - 2013-01-29 04:57 - 00382536 _____ (BitDefender S.R.L.) C:\Windows\System32\Drivers\trufos.sys
2013-07-18 07:53 - 2010-09-15 00:32 - 00004120 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-18 07:53 - 2010-09-15 00:32 - 00003868 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-18 07:05 - 2012-11-08 03:22 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-18 07:04 - 2012-11-08 03:22 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-07-18 07:04 - 2012-11-08 03:22 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-07-18 06:58 - 2011-04-02 07:26 - 00000000 ___RD C:\Users\Anny\Dropbox
2013-07-18 06:58 - 2011-04-02 07:22 - 00000000 ____D C:\Users\Anny\AppData\Roaming\Dropbox
2013-07-18 06:58 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\NDF
2013-07-18 06:52 - 2012-12-07 16:01 - 00000274 _____ C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2013-07-18 06:50 - 2011-03-15 14:44 - 00000446 ____H C:\Windows\Tasks\Norton Security Scan for Anny.job
2013-07-05 11:00 - 2009-08-04 01:51 - 00654844 _____ C:\Windows\System32\perfh007.dat
2013-07-05 11:00 - 2009-08-04 01:51 - 00130426 _____ C:\Windows\System32\perfc007.dat
2013-07-05 11:00 - 2009-07-13 21:13 - 01500254 _____ C:\Windows\System32\PerfStringBackup.INI
2013-07-05 10:56 - 2009-07-13 21:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD

Files to move or delete:
====================
C:\ProgramData\FullRemove.exe
C:\Users\Anny\Launcher.exe
C:\Users\Anny\limbo.exe

==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================


==================== Memory info =========================== 

Percentage of memory in use: 15%
Total physical RAM: 4061.02 MB
Available physical RAM: 3415.25 MB
Total Pagefile: 4059.17 MB
Available Pagefile: 3437.03 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:74.52 GB) (Free:4.45 GB) NTFS (Disk=0 Partition=2) ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:204.03 GB) (Free:112.62 GB) NTFS (Disk=0 Partition=3)
Drive e: () (Removable) (Total:1.88 GB) (Free:1.84 GB) NTFS (Disk=1 Partition=1)
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: E0C5913D)
Partition 1: (Not Active) - (Size=20 GB) - (Type=1C)
Partition 2: (Active) - (Size=75 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=204 GB) - (Type=OF Extended)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 2 GB) (Disk ID: 00000000)
Partition 1: (Active) - (Size=2 GB) - (Type=07 NTFS)


LastRegBack: 2013-07-18 06:52

==================== End Of Log ============================

Vielen Dank schon einmal im Voraus

mfg Raya

aharonov · 18.07.2013, 13:37

Hallo Raya,

Zitat:

Zu entscheiden was jetzt alles genau in den Fixlog.txt soll traue ich mir nicht zu.

Dann versuch mal meine Fixlist.txt.

Startet der Rechner danach wieder normal?

Drücke auf einem Zweitrechner bitte die

+ R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument:

Code:

ATTFilter

2013-07-18 09:55 - 2013-07-18 09:55 - 01084712 _____ C:\Users\Anny\AppData\Roaming\2433f433
2013-07-18 09:55 - 2013-07-18 09:55 - 01084708 _____ C:\Users\Anny\AppData\Local\2433f433
2013-07-18 09:55 - 2013-07-18 09:55 - 01084698 _____ C:\ProgramData\2433f433
HKU\Anny\...\Winlogon: [Shell] cmd.exe [345088 2010-11-20] (Microsoft Corporation) <==== ATTENTION 
HKU\Anny\...\Command Processor: "C:\Users\Anny\AppData\Local\Temp\hixmrhgnywrbsajuoxy.bfg" <===== ATTENTION!
HKU\Anny\...\Run: [qcgce2mrvjq91kk1e7pnbb19m52fx] - C:\Users\Anny\AppData\Local\Temp\hixmrhgnywrbsajuoxy.bfg [61440 2013-07-18] (NVIDIA Corporation) <===== ATTENTION
C:\Users\Anny\AppData\Local\Temp\hixmrhgnywrbsajuoxy.bfg
C:\Users\Anny\AppData\Local\Temp\hixmrhgnywrbsajuoxy.*

Speichere dieses dann bitte unter dem Dateinamen Fixlist.txt auf deinen USB Stick neben FRST.

Schliesse den USB Stick wieder an den infizierten Rechner an.
Starte deinen Rechner erneut in die Reparaturoptionen.
Starte nun wiederum FRST, aber klicke dieses Mal auf den Fix Button.

Das Tool erstellt eine Datei Fixlog.txt auf deinem USB Stick. Poste deren Inhalt bitte hier.

raya66 · 18.07.2013, 14:50

Danke für die flotte Antwort!

Der Laptop startet wieder ins Windows und die FIXLOG sieht wie folgt aus:

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-07-2013 02
Ran by SYSTEM at 2013-07-19 15:58:15 Run:2
Running from E:\
Boot Mode: Recovery
==============================================

C:\Users\Anny\AppData\Roaming\2433f433 => Moved successfully.
C:\Users\Anny\AppData\Local\2433f433 => Moved successfully.
C:\ProgramData\2433f433 => Moved successfully.
HKU\Anny\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value deleted successfully.
HKU\Anny\Software\Microsoft\Command Processor\\AutoRun => Value deleted successfully.
HKU\Anny\Software\Microsoft\Windows\CurrentVersion\Run\\qcgce2mrvjq91kk1e7pnbb19m52fx => Value deleted successfully.
C:\Users\Anny\AppData\Local\Temp\hixmrhgnywrbsajuoxy.bfg => Moved successfully.
"C:\Users\Anny\AppData\Local\Temp\hixmrhgnywrbsajuoxy.*" => File/Directory not found.

==== End of Fixlog ====

aharonov · 18.07.2013, 16:47

Prima. Dann verschiebe die frst64.exe vom USB-Stick auf den Desktop.

Starte dann FRST.
Setze bei Optional Scan den Haken bei Addition.txt und drücke Scan.
Wenn der Scan abgeschlossen ist, werden zwei neue Logfiles FRST.txt und Addition.txt erstellt und auf dem Desktop gespeichert.
Poste den Inhalt dieser beiden Logfiles bitte hier in deinen Thread.

raya66 · 18.07.2013, 17:04

Okay. Danke noch einmal
Hier ist der neue FRST.txt

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-07-2013 02
Ran by Anny (administrator) on 19-07-2013 18:07:17
Running from C:\Users\Anny\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ASUSTeK Computer Inc.) C:\Windows\system32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
() C:\Windows\system32\webio64.exe
() C:\Windows\System32\GFilterSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Telefónica I+D) C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(ASUS) C:\Windows\AsScrPro.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
() C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AlcorMicro Co., Ltd.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
(Dropbox, Inc.) C:\Users\Anny\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Boingo Wireless, Inc.) C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\seccenter.exe
() C:\Program Files (x86)\ASUS\ASUS WebStorage\EeeStorageUploader.exe
(Microsoft Corporation) C:\Windows\system32\consent.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2012\TUMessages.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDWare] - C:\Program Files\Elantech\ETDCtrl.exe [659848 2010-07-19] (ELAN Microelectronic Corp.)
HKLM\...\Run: [ASUS WebStorage] - C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [1754448 2010-03-16] ()
HKLM\...\Run: [NvCplDaemon] - C:\Windows\system32\NvCpl.dll [16336488 2009-08-28] (NVIDIA Corporation)
HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323584 2009-09-01] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [Bdagent] - C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe [1569536 2013-07-18] (Bitdefender)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [17418928 2012-07-13] (Skype Technologies S.A.)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
MountPoints2: {ed34a8c0-1762-11e0-bf84-806e6f6e6963} - E:\Launcher.exe
MountPoints2: {fc57a2ba-1d7a-11e0-a851-20cf305d173c} - F:\LaunchU3.exe -a
HKLM-x32\...\Run: [UpdateLBPShortCut] - "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] - "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [Boingo Wi-Fi] - "C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk" [2429 2010-09-15] ()
HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [7350912 2010-02-04] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [170624 2010-01-05] (ASUS)
HKLM-x32\...\Run: [facemoods] - "C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe" /md I [362200 2011-09-05] (facemoods.com)
HKLM-x32\...\Run: [VirtualCloneDrive] - "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [163000 2012-12-12] (Geek Software GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk
ShortcutTarget: SRS Premium Sound.lnk -> C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe (Acresso Software Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TMMonitor.lnk
ShortcutTarget: TMMonitor.lnk -> C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe (ArcSoft, Inc.)
Startup: C:\Users\Anny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Anny\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Anny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ncr
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
URLSearchHook: (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} -  No File
URLSearchHook: (No Name) - {a51a36e6-31e7-4838-9ff7-76298b527ec0} -  No File
URLSearchHook: (No Name) - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} -  No File
URLSearchHook: (No Name) - {7e111a5c-3d11-4f56-9463-5310c3c69025} -  No File
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
SearchScopes: HKLM-x32 - DefaultScope {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2736476
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2736476
SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=109958&tt=2912_1&babsrc=SP_ss&mntrId=0c10ecf000000000000020cf305d173c
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0D7562AE-8EF6-416d-A838-AB665251703A} URL = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=109958&tt=2912_1&babsrc=SP_ss&mntrId=0c10ecf000000000000020cf305d173c
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=FXTV5&o=101699&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=F4&apn_dtid=YYYYYYYYDE&apn_uid=C8DECE66-EB5A-44B8-BF8F-4AEB8C8046CA&apn_sauid=1A13E12B-03B6-4139-835E-41011ED1D063
SearchScopes: HKCU - {1F096B29-E9DA-4D64-8D63-936BE7762CC5} URL = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=0c10ecf000000000000020cf305d173c&tlver=1.4.19.19&affID=17160
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = 
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={8F944E2E-800E-4557-A82C-41070103FC81}&mid=a06116ed9ae947d1add4f18676b9fecf-d96c135cc945604bf4c0bc180f527599e0414781&lang=de&ds=tt014&pr=sa&d=2011-07-02 20:41:31&v=11.1.0.12&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2736476
SearchScopes: HKCU - {D41CEE1E-0DC1-43A5-8116-8E700C424512} URL = hxxp://search.softonic.com/MON00015/tb_v1?q={searchTerms}&SearchSource=4&cc=&r=77
BHO: Windows Live Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO-x32: DivX HiQ - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO-x32: CescrtHlpr Object - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll (facemoods.com BHO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Softonic Deutsch Toolbar - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files (x86)\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: softonic-Germany Toolbar - {a51a36e6-31e7-4838-9ff7-76298b527ec0} - C:\Program Files (x86)\softonic-Germany\tbsoft.dll (Conduit Ltd.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
BHO-x32: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
BHO-x32: Foxit PDF Creator Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Softonic Helper Object - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files (x86)\Softonic\Softonic\1.5.24.3\bh\Softonic.dll (Softonic.com)
BHO-x32: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dll (Yontoo LLC)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - softonic-Germany Toolbar - {a51a36e6-31e7-4838-9ff7-76298b527ec0} - C:\Program Files (x86)\softonic-Germany\tbsoft.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Softonic Deutsch Toolbar - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files (x86)\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Foxit PDF Creator Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM-x32 - Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files (x86)\Softonic\Softonic\1.5.24.3\SoftonicTlbr.dll (Softonic.com)
Toolbar: HKLM-x32 - facemoods Toolbar - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll (facemoods.com)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} -  No File
Toolbar: HKCU - No Name - {7E111A5C-3D11-4F56-9463-5310C3C69025} -  No File
Toolbar: HKCU - No Name - {8DBB6D8E-E4A6-4E3B-9753-AF78B226441C} -  No File
Toolbar: HKCU - No Name - {A51A36E6-31E7-4838-9FF7-76298B527EC0} -  No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Anny\AppData\Roaming\Mozilla\Firefox\Profiles\gjxyokqc.default
FF user.js: detected! => C:\Users\Anny\AppData\Roaming\Mozilla\Firefox\Profiles\gjxyokqc.default\user.js
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.de/ncr
FF Keyword.URL: hxxp://isearch.avg.com/search?cid=%7B40ef58c6-7401-4312-9f8d-be9ca6c60fe2%7D&mid=a06116ed9ae947d1add4f18676b9fecf-d96c135cc945604bf4c0bc180f527599e0414781&ds=tt014&v=11.1.0.12&lang=de&pr=sa&d=2011-07-02%2020%3A41%3A31&sap=ku&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.13.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.13.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8051.1204 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=12.0.1.609 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=12.0.1.609 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=12.0.1.609 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=12.0.1.609 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Anny\AppData\Roaming\Mozilla\Firefox\Profiles\gjxyokqc.default\searchplugins\softonic.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Anny\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
FF Extension: No Name - C:\Users\Anny\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: Babylon - C:\Users\Anny\AppData\Roaming\Mozilla\Firefox\Profiles\gjxyokqc.default\Extensions\ffxtlbr@babylon.com
FF Extension: Facemoods - C:\Users\Anny\AppData\Roaming\Mozilla\Firefox\Profiles\gjxyokqc.default\Extensions\ffxtlbr@Facemoods.com
FF Extension: softonic.com - C:\Users\Anny\AppData\Roaming\Mozilla\Firefox\Profiles\gjxyokqc.default\Extensions\ffxtlbra@softonic.com
FF Extension: IMinent Toolbar - C:\Users\Anny\AppData\Roaming\Mozilla\Firefox\Profiles\gjxyokqc.default\Extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
FF Extension: plugin - C:\Users\Anny\AppData\Roaming\Mozilla\Firefox\Profiles\gjxyokqc.default\Extensions\plugin@yontoo.com.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext
FF Extension: No Name - C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF Extension: DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext
FF Extension: No Name - C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/ig/redirectdomain?brand=ASUT&bmod=ASUT
CHR RestoreOnStartup: "hxxp://www.google.com/ig/redirectdomain?brand=ASUT&bmod=ASUT"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\pdf.dll No File
CHR Plugin: (Skype Toolbars) - C:\Users\Anny\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll (Skype Technologies S.A.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\Mozilla Firefox\plugins\npdivx32.dll (DivX,Inc.)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U11) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Windows Live\u00AE Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.110.21) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (Google Docs) - C:\Users\Anny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.4_0
CHR Extension: (Google Drive) - C:\Users\Anny\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Anny\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\Anny\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (DivX HiQ) - C:\Users\Anny\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae\2.1.1.94_0
CHR Extension: (Facemoods) - C:\Users\Anny\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.6.4_0
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Anny\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.3_0
CHR Extension: (Skype Click to Call) - C:\Users\Anny\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\Anny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.1.94_0
CHR Extension: (Gmail) - C:\Users\Anny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2011-03-18] (Adobe Systems)
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] ()
S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe [69392 2013-04-28] (Bitdefender)
R2 compactd; C:\Windows\system32\webio64.exe [106496 2011-07-18] ()
R2 GFilterSvc; C:\Windows\System32\GFilterSvc.exe [114688 2011-07-18] ()
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 TGCM_ImportWiFiSvc; C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe [199600 2010-11-11] (Telefónica I+D)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2143072 2012-05-29] (TuneUp Software)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe [68856 2013-04-28] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe [1646792 2013-07-18] (Bitdefender)

==================== Drivers (Whitelisted) ====================

R2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] ()
R2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] ()
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2013-07-18] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-07-18] (BitDefender)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2013-07-18] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82384 2013-02-01] (BitDefender SRL)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [147232 2013-04-28] (BitDefender LLC)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [12800 2009-02-03] (ZTE Incorporated)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806400 2009-06-05] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [530488 2011-01-03] ()
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-07-18] (BitDefender S.R.L.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [11856 2012-05-08] (TuneUp Software)
U3 ayueg5di; C:\Windows\System32\Drivers\ayueg5di.sys [0 ] (Microsoft Corporation)
U3 tmlwf; 
U3 tmwfp; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-19 18:03 - 2013-07-18 00:03 - 01778209 _____ (Farbar) C:\Users\Anny\Desktop\FRST64.exe
2013-07-19 11:24 - 2013-07-19 11:24 - 00000000 ____D C:\FRST
2013-07-19 03:18 - 2013-07-19 03:18 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-19 03:18 - 2013-07-19 03:18 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-19 03:18 - 2013-07-19 03:18 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-19 03:18 - 2013-07-19 03:18 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-07-19 03:18 - 2013-07-19 03:18 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-07-19 03:18 - 2013-07-19 03:18 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-07-19 03:18 - 2013-07-19 03:18 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 01054720 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00905728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-07-19 03:18 - 2013-07-19 03:18 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-07-19 03:18 - 2013-07-19 03:18 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00242200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-07-19 03:18 - 2013-07-19 03:18 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-07-19 03:18 - 2013-07-19 03:18 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-07-19 03:16 - 2013-07-19 03:16 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-07-19 03:14 - 2013-07-19 03:25 - 00010360 _____ C:\Windows\IE10_main.log
2013-07-18 19:35 - 2013-07-13 01:13 - 00000000 ____D C:\Users\Anny\Downloads\Kresley Cole - Immortals - Band 9 - Sehnsucht der Dunkelheit
2013-07-18 19:25 - 2013-07-04 22:39 - 00000000 ____D C:\Users\Anny\Downloads\J. L. Bourne - Tagebuch der Apokalypse 3
2013-07-18 19:10 - 2013-07-18 19:25 - 301457664 _____ C:\Users\Anny\Downloads\ComoseLammas02.part1.rar
2013-07-18 19:10 - 2013-07-18 19:23 - 227665320 _____ C:\Users\Anny\Downloads\ComoseLammas02.part2.rar
2013-07-18 17:49 - 2013-02-27 08:02 - 00111448 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2013-07-18 17:49 - 2013-02-27 07:52 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-07-18 17:49 - 2013-02-27 07:52 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-07-18 17:49 - 2013-02-27 07:48 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-07-18 17:49 - 2013-02-27 07:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2013-07-18 17:49 - 2013-02-27 06:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-07-18 17:49 - 2013-02-27 06:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-07-18 17:49 - 2013-02-27 06:49 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-07-18 17:48 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-18 17:48 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-18 17:48 - 2013-05-08 08:39 - 01910632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-07-18 17:48 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-18 17:48 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-18 17:47 - 2013-06-05 05:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-18 17:47 - 2013-05-10 07:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2013-07-18 17:47 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-07-18 17:47 - 2013-04-26 07:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-07-18 17:47 - 2013-04-26 06:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-07-18 17:46 - 2013-05-13 07:51 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-07-18 17:46 - 2013-05-13 07:51 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-07-18 17:46 - 2013-05-13 07:51 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-07-18 17:46 - 2013-05-13 07:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2013-07-18 17:46 - 2013-05-13 06:45 - 01160192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-07-18 17:46 - 2013-05-13 06:45 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-07-18 17:46 - 2013-05-13 06:45 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-07-18 17:46 - 2013-05-13 05:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2013-07-18 17:46 - 2013-05-13 05:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-07-18 17:46 - 2013-05-13 05:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-07-18 17:45 - 2013-04-26 01:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-07-18 17:45 - 2013-04-01 00:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-07-18 17:40 - 2013-04-10 08:01 - 00983400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-07-18 17:40 - 2013-04-10 08:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2013-07-18 17:40 - 2013-03-19 07:53 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-07-18 17:40 - 2013-03-19 07:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2013-07-18 17:40 - 2011-02-03 13:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2013-07-18 17:36 - 2013-07-11 18:55 - 00000000 ____D C:\Users\Anny\Downloads\Daniel Suarez - DAEMON 2 - Darknet
2013-07-18 17:28 - 2013-07-18 17:36 - 656431956 _____ C:\Users\Anny\Downloads\Surface00.rar
2013-07-18 17:22 - 2013-07-18 19:35 - 209715200 _____ C:\Users\Anny\Downloads\KCI9SdD.part3.rar
2013-07-18 17:12 - 2013-07-18 17:21 - 209715200 _____ C:\Users\Anny\Downloads\KCI9SdD.part1.rar
2013-07-18 17:10 - 2013-07-18 17:21 - 209715200 _____ C:\Users\Anny\Downloads\KCI9SdD.part2.rar
2013-07-18 17:10 - 2013-07-18 17:12 - 62273038 _____ C:\Users\Anny\Downloads\KCI9SdD.part4.rar
2013-07-18 17:10 - 2012-10-09 20:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2013-07-18 17:10 - 2012-10-09 20:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2013-07-18 17:10 - 2012-10-09 19:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2013-07-18 17:10 - 2012-10-09 19:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2013-07-18 17:09 - 2013-07-15 09:18 - 00000000 ____D C:\Users\Anny\Downloads\Louis-Ferdinand Céline - Reise ans Ende der Nacht
2013-07-18 17:02 - 2013-07-18 17:09 - 378750692 _____ C:\Users\Anny\Downloads\Dickicht03.rar

==================== One Month Modified Files and Folders =======

2013-07-19 18:04 - 2011-03-15 23:35 - 00000000 ____D C:\Users\Anny\AppData\Roaming\Skype
2013-07-19 18:04 - 2009-08-04 11:51 - 00654844 _____ C:\Windows\system32\perfh007.dat
2013-07-19 18:04 - 2009-08-04 11:51 - 00130426 _____ C:\Windows\system32\perfc007.dat
2013-07-19 18:04 - 2009-07-14 07:13 - 01500254 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-19 16:08 - 2009-07-14 06:45 - 00010016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-19 16:08 - 2009-07-14 06:45 - 00010016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-19 16:02 - 2011-04-02 17:26 - 00000000 ___RD C:\Users\Anny\Dropbox
2013-07-19 16:02 - 2011-04-02 17:22 - 00000000 ____D C:\Users\Anny\AppData\Roaming\Dropbox
2013-07-19 16:01 - 2010-11-16 22:50 - 00001423 _____ C:\Users\Anny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-07-19 16:01 - 2010-11-16 22:49 - 00000000 ___RD C:\Users\Anny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-19 16:01 - 2010-11-16 22:49 - 00000000 ___RD C:\Users\Anny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-07-19 16:00 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-19 15:59 - 2009-07-14 06:51 - 00084155 _____ C:\Windows\setupact.log
2013-07-19 12:26 - 2010-09-15 10:10 - 01710036 _____ C:\Windows\WindowsUpdate.log
2013-07-19 11:24 - 2013-07-19 11:24 - 00000000 ____D C:\FRST
2013-07-19 04:10 - 2010-11-16 22:41 - 00000000 ____D C:\Users\Anny
2013-07-19 04:10 - 2009-07-14 06:45 - 04849656 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-19 04:04 - 2013-04-28 14:29 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-19 04:04 - 2013-04-28 14:29 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-19 04:02 - 2009-07-14 09:45 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-19 04:02 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-19 04:02 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-19 04:02 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2013-07-19 04:02 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-07-19 04:02 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\zh-HK
2013-07-19 04:02 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\tr-TR
2013-07-19 04:02 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-07-19 03:25 - 2013-07-19 03:14 - 00010360 _____ C:\Windows\IE10_main.log
2013-07-19 03:18 - 2013-07-19 03:18 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-19 03:18 - 2013-07-19 03:18 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-19 03:18 - 2013-07-19 03:18 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-19 03:18 - 2013-07-19 03:18 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-07-19 03:18 - 2013-07-19 03:18 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-07-19 03:18 - 2013-07-19 03:18 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-07-19 03:18 - 2013-07-19 03:18 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 01054720 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00905728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-07-19 03:18 - 2013-07-19 03:18 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-07-19 03:18 - 2013-07-19 03:18 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00242200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-07-19 03:18 - 2013-07-19 03:18 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-07-19 03:18 - 2013-07-19 03:18 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-07-19 03:16 - 2013-07-19 03:16 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-07-18 23:44 - 2013-01-06 16:01 - 00001426 _____ C:\Users\Anny\Desktop\Registry kostenlos entrümpeln!.lnk
2013-07-18 23:44 - 2010-09-15 10:32 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-18 23:31 - 2013-02-16 12:34 - 00003108 _____ C:\Windows\System32\Tasks\RegClean Pro
2013-07-18 23:29 - 2012-12-08 02:02 - 00003120 _____ C:\Windows\System32\Tasks\Advanced System Protector_startup
2013-07-18 23:03 - 2012-11-08 13:22 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-18 22:58 - 2010-09-15 10:32 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-18 20:48 - 2012-07-21 18:46 - 00000000 ____D C:\Windows\rescache
2013-07-18 20:00 - 2010-09-15 10:54 - 00002326 _____ C:\Windows\system32\AutoRunFilter.ini
2013-07-18 19:57 - 2010-09-15 10:39 - 00177550 _____ C:\Windows\PFRO.log
2013-07-18 19:35 - 2013-07-18 17:22 - 209715200 _____ C:\Users\Anny\Downloads\KCI9SdD.part3.rar
2013-07-18 19:25 - 2013-07-18 19:10 - 301457664 _____ C:\Users\Anny\Downloads\ComoseLammas02.part1.rar
2013-07-18 19:23 - 2013-07-18 19:10 - 227665320 _____ C:\Users\Anny\Downloads\ComoseLammas02.part2.rar
2013-07-18 17:55 - 2013-02-01 00:30 - 00718840 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2013-07-18 17:55 - 2013-02-01 00:30 - 00593144 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2013-07-18 17:55 - 2013-01-29 14:57 - 00382536 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2013-07-18 17:53 - 2010-09-15 10:32 - 00004120 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-18 17:53 - 2010-09-15 10:32 - 00003868 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-18 17:36 - 2013-07-18 17:28 - 656431956 _____ C:\Users\Anny\Downloads\Surface00.rar
2013-07-18 17:21 - 2013-07-18 17:12 - 209715200 _____ C:\Users\Anny\Downloads\KCI9SdD.part1.rar
2013-07-18 17:21 - 2013-07-18 17:10 - 209715200 _____ C:\Users\Anny\Downloads\KCI9SdD.part2.rar
2013-07-18 17:12 - 2013-07-18 17:10 - 62273038 _____ C:\Users\Anny\Downloads\KCI9SdD.part4.rar
2013-07-18 17:09 - 2013-07-18 17:02 - 378750692 _____ C:\Users\Anny\Downloads\Dickicht03.rar
2013-07-18 17:05 - 2012-11-08 13:22 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-18 17:04 - 2012-11-08 13:22 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-07-18 17:04 - 2012-11-08 13:22 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-07-18 16:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-07-18 16:52 - 2012-12-08 02:01 - 00000274 _____ C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2013-07-18 16:50 - 2011-03-16 00:44 - 00000446 ____H C:\Windows\Tasks\Norton Security Scan for Anny.job
2013-07-18 00:03 - 2013-07-19 18:03 - 01778209 _____ (Farbar) C:\Users\Anny\Desktop\FRST64.exe
2013-07-15 09:18 - 2013-07-18 17:09 - 00000000 ____D C:\Users\Anny\Downloads\Louis-Ferdinand Céline - Reise ans Ende der Nacht
2013-07-13 01:13 - 2013-07-18 19:35 - 00000000 ____D C:\Users\Anny\Downloads\Kresley Cole - Immortals - Band 9 - Sehnsucht der Dunkelheit
2013-07-11 18:55 - 2013-07-18 17:36 - 00000000 ____D C:\Users\Anny\Downloads\Daniel Suarez - DAEMON 2 - Darknet
2013-07-05 20:56 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-07-04 22:39 - 2013-07-18 19:25 - 00000000 ____D C:\Users\Anny\Downloads\J. L. Bourne - Tagebuch der Apokalypse 3
2013-06-24 00:41 - 2010-12-23 11:08 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Files to move or delete:
====================
C:\ProgramData\FullRemove.exe
C:\Users\Anny\Launcher.exe
C:\Users\Anny\limbo.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-18 16:52

==================== End Of Log ============================

--- --- ---

und der Addition.txt

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-07-2013 02
Ran by Anny at 2013-07-19 18:08:20
Running from C:\Users\Anny\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

   
Acrobat.com (x32 Version: 1.6.65)
Adobe AIR (x32 Version: 1.5.3.9120)
Adobe Community Help (x32 Version: 3.0.0)
Adobe Community Help (x32 Version: 3.0.0.400)
Adobe Flash Player 10 ActiveX (x32 Version: 10.0.42.34)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)
Adobe Media Player (x32 Version: 1.8)
Adobe Photoshop CS2 (x32 Version: 9.0)
Adobe Reader XI (11.0.02) - Deutsch (x32 Version: 11.0.02)
Alcor Micro USB Card Reader (x32 Version: 1.5.17.25482)
AMR to MP3 Converter 1.4 (x32)
ArcSoft TotalMedia 3.5 (x32 Version: 3.5.7.307)
Ask Toolbar (x32 Version: 1.11.3.0)
ASUS AI Recovery (x32 Version: 1.0.8)
ASUS AP Bank (x32 Version: 1.0.0.0)
ASUS FancyStart (x32 Version: 1.0.8)
ASUS LifeFrame3 (x32 Version: 3.0.20)
ASUS Live Update (x32 Version: 2.5.9)
ASUS MultiFrame (x32 Version: 1.0.0021)
ASUS Power4Gear Hybrid (Version: 1.1.31)
ASUS SmartLogon (x32 Version: 1.0.0008)
ASUS Virtual Camera (x32 Version: 1.0.19)
ASUS WebStorage (x32 Version: 2.0.46.1429)
ASUS_UL_Series_Screensaver (x32)
ATK Generic Function Service (x32 Version: 1.00.0008)
ATK Hotkey (x32 Version: 1.0.0056)
ATK Media (x32 Version: 2.0.0007)
ATKOSD2 (x32 Version: 7.0.0010)
BabylonObjectInstaller (x32 Version: 2.0.0.3)
Boingo Wi-Fi (x32 Version: 1.7.0048)
Canon MP490 series MP Drivers
Choice Guard (x32 Version: 1.2.87.0)
Conduit Engine (x32 Version: )
ControlDeck (x32 Version: 1.0.5)
CyberLink LabelPrint (x32 Version: 2.5.1908)
CyberLink Power2Go (x32 Version: 6.1.3602c)
DAEMON Tools Lite (x32 Version: 4.45.4.0315)
defender Internet Security 2013 (Version: 16.20.0.1483)
DivX Web Player (x32 Version: 1.5.0)
Dropbox (HKCU Version: 1.6.18)
ETDWare PS/2-x64 7.0.5.12_SmartArea_WHQL (Version: 7.0.5.12)
Express Gate (x32 Version: 1.2.13.40)
Facemoods Toolbar (x32)
Falk Navi-Manager (x32 Version: 2.10.0)
Falk Navi-Manager (x32 Version: 2.3.0)
Fast Boot (Version: 1.0.5)
FileZilla Client 3.4.0 (x32 Version: 3.4.0)
Foxit PDF Editor (x32 Version: 2.2.0.0205)
Foxit Reader (x32 Version: 4.3.1.323)
FoxTab PDF Converter (x32)
FreeMind (x32 Version: 0.8.1)
GIMP 2.6.10 (x32 Version: 2.6.10)
Google Chrome (x32 Version: 28.0.1500.72)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0)
Google Toolbar for Internet Explorer (x32)
Google Update Helper (x32 Version: 1.3.21.153)
gutscheinfilter.de (HKCU)
IBM ILOG CPLEX Optimization Studio Preview Edition 12.2 (64 bits) (Version: 12.2.0.0)
Java 7 Update 13 (x32 Version: 7.0.130)
Java Auto Updater (x32 Version: 2.1.9.0)
Java(TM) 6 Update 22 (x32 Version: 6.0.220)
JDownloader 0.9 (x32 Version: 0.9)
Junk Mail filter update (x32 Version: 14.0.8050.1202)
McAfee Security Scan Plus (x32 Version: 3.0.318.3)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000)
Microsoft Office Klick-und-Los 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - Deutsch (x32 Version: 14.0.4763.1000)
Microsoft Office Word Viewer 2003 (x32 Version: 11.0.8173.0)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (x32 Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (x32 Version: 1.0.1215.0)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Minecraft Beta Version 1.7.3 (x32 Version: 1.7.3)
Mobile Connection Manager (x32)
Mozilla Firefox 20.0.1 (x86 de) (x32 Version: 20.0.1)
Mozilla Maintenance Service (x32 Version: 20.0.1)
Mozilla Thunderbird (3.1.9) (x32 Version: 3.1.9 (de))
MSVCRT (x32 Version: 14.0.1468.721)
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (KB973685) (x32 Version: 4.30.2107.0)
Norton Security Scan (x32 Version: 3.5.1.8)
NVIDIA Drivers (Version: 1.3)
OpenOffice.org 3.2 (x32 Version: 3.2.9502)
PDF24 Creator 5.2.0 (x32)
Pony Friends 2 (x32 Version: 1.0)
Pony Friends 2 (x32)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0)
RealPlayer (x32)
REALTEK DTV USB DEVICE (x32 Version: 1.00.0000)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.5958)
RealUpgrade 1.1 (x32 Version: 1.1.0)
RegClean Pro (x32 Version: 6.21)
Samsung ML-1860 Series (x32)
Secure Download Manager (x32 Version: 3.0.5)
Skype Click to Call (x32 Version: 5.6.8442)
Skype™ 5.10 (x32 Version: 5.10.116)
Softonic toolbar  on IE (x32)
Softonic_Deutsch Toolbar (x32 Version: )
softonic-Germany Toolbar (x32 Version: 6.2.7.3)
SRS Premium Sound Control Panel (Version: 1.8.1700)
syncables desktop SE (x32 Version: 5.5.615.9518)
TeXnicCenter Version 1.0 Stable RC1 (x32 Version: Version 1.0 Stable RC1)
The Clockwork Man 2 (x32 Version: 1.0)
TotalMedia Setup (x32 Version: 1.00.0000)
TuneUp Utilities 2012 (x32 Version: 12.0.3600.73)
TuneUp Utilities Language Pack (de-DE) (x32 Version: 12.0.3600.73)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
USB 2.0 VGA UVC WebCam
VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0)
VirtualCloneDrive (x32)
Windows 7 USB/DVD Download Tool (x32 Version: 1.0.30)
Windows Live Anmelde-Assistent (x32 Version: 5.000.818.6)
Windows Live Call (x32 Version: 14.0.8050.1202)
Windows Live Communications Platform (x32 Version: 14.0.8050.1202)
Windows Live Essentials (x32 Version: 14.0.8050.1202)
Windows Live Family Safety (Version: 14.0.8052.1208)
Windows Live Fotogalerie (x32 Version: 14.0.8051.1204)
Windows Live Mail (x32 Version: 14.0.8050.1202)
Windows Live Messenger (x32 Version: 14.0.8050.1202)
Windows Live Sync (x32 Version: 14.0.8050.1202)
Windows Live Writer (x32 Version: 14.0.8050.1202)
Windows Live-Uploadtool (x32 Version: 14.0.8014.1029)
Windows Mobile-Gerätecenter (Version: 6.1.6965.0)
WinFlash (x32 Version: 2.30.1)
WinRAR 4.01 (64-Bit) (Version: 4.01.0)
WinZip 14.5 (x32 Version: 14.5.9095)
Wireless Console 3 (x32 Version: 3.0.15)
Yontoo Layers Runtime 1.10.01 (Version: 1.10.01)
ZTE USB Driver (Version: 1.0.1.25_TME)

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0604BD93-4E91-48D4-82AB-B14AADAC898E} - System32\Tasks\{F0088260-CCE5-4B1C-B6CF-CEDB253EE3F2} => C:\program files (x86)\mozilla firefox\firefox.exe [2013-04-27] (Mozilla Corporation)
Task: {12052FA6-0595-491F-9C73-0BF555B8FB52} - System32\Tasks\WC3 => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2010-01-05] ()
Task: {3C6EFFDE-8C47-4338-9DFE-B786F076E50E} - System32\Tasks\Real Player-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [2010-11-19] (RealNetworks, Inc.)
Task: {4664C766-6408-428D-B47E-64C440ADAF98} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2009-07-31] (ASUS)
Task: {50132DE3-5495-4A35-8789-C2916F3F325E} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2615487275-358060393-2942834397-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2010-11-05] (RealNetworks, Inc.)
Task: {54E13D23-80D7-4468-934E-7AEB6DD58EFC} - System32\Tasks\{48642877-F5EE-48D5-B011-BCBC37D42C12} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2012-07-13] (Skype Technologies S.A.)
Task: {559AD3CE-A0B9-4B34-9A15-AE239AEAC690} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-18] (Adobe Systems Incorporated)
Task: {5847F6D5-0CA8-448D-84D2-E6B6BD90A9A8} - System32\Tasks\ArcSoft Connect Daemon => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27] (ArcSoft Inc.)
Task: {6A493FC4-0AFB-49E8-9746-6FED89366E1A} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2012-09-21] (Systweak Inc)
Task: {72161269-0AD1-4830-9AA6-55461B8996C3} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-20] (Microsoft Corporation)
Task: {870A043E-167D-48E2-AB11-010A203F5C13} - System32\Tasks\RegClean Pro_DEFAULT => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2012-09-21] (Systweak Inc)
Task: {89EE6977-9BC3-47A5-82AB-37B670DA0EFD} - System32\Tasks\AdobeAAMUpdater-1.0-Anny-PC-Anny => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {8C19DFA5-C1EE-41E5-A7D4-D439A6396FA2} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {98385CD2-A7ED-49DF-84CA-A39AB08F3BA9} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2010-02-06] (ATK)
Task: {A0CF2FF3-6ED7-4BAC-BA49-A68720279684} - System32\Tasks\Norton Security Scan for Anny => C:\PROGRA~2\NORTON~2\Engine\351~1.8\Nss.exe [2012-04-03] (Symantec Corporation)
Task: {A29D7B0F-4335-4ECB-A2D8-3CDDD47D97EB} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2012 => C:\Program Files (x86)\TuneUp Utilities 2012\OneClick.exe [2012-05-29] (TuneUp Software)
Task: {A72284BD-A533-4C0B-BA37-002CD92538BE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-09-15] (Google Inc.)
Task: {BB72C418-956E-42FC-973F-88A9CE86B47A} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-11-20] (Microsoft Corporation)
Task: {BE450B3D-93CF-4979-AB40-D062C774FAB2} - System32\Tasks\RegClean Pro => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2012-09-21] (Systweak Inc)
Task: {C4832264-9517-492C-A962-9A27AEDEA191} - System32\Tasks\ASUSControlDeck => C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe [2009-11-24] ()
Task: {C6654E9C-C9D7-42FC-B071-4A239D140A81} - System32\Tasks\P4G Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {CE9470C1-247E-402D-B673-2163B3C8D9FF} - System32\Tasks\Divx-Online-Aktualisierungsprogramm => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2011-02-15] ()
Task: {D57BDBBA-EA84-4569-B165-3057518B1C07} - System32\Tasks\Advanced System Protector_startup => C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe [2012-10-31] (Systweak)
Task: {DC06B598-DAB0-4581-9CE1-62720DC53E29} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03] (Sun Microsystems, Inc.)
Task: {DC13D5B6-311E-4C4F-BEFB-6406F7BFFFA9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-09-15] (Google Inc.)
Task: {FC087BB0-A209-4928-A438-99641E2B3648} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2011-02-01] ()
Task: {FE20C6E5-E929-4BB8-A68A-8926782E5F5D} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-18] (Adobe Systems Incorporated)
Task: {FF106024-F809-4B4F-A53E-730B45ECE6F3} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2615487275-358060393-2942834397-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2010-11-05] (RealNetworks, Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Norton Security Scan for Anny.job => C:\PROGRA~2\NORTON~2\Engine\351~1.8\Nss.exe
Task: C:\Windows\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe
Task: C:\Windows\Tasks\RegClean Pro_UPDATES.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/19/2013 01:40:25 AM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
Error: BITS connection error Type: 150::InternetConnectionFailure.

Error: (07/18/2013 11:21:53 PM) (Source: Application Hang) (User: )
Description: Programm AIRecoveryRemind.exe, Version 1.0.8.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: d64

Startzeit: 01ce83fcc0d0da1c

Endzeit: 16

Anwendungspfad: C:\Program Files (x86)\ASUS\AI Recovery\AIRecoveryRemind.exe

Berichts-ID: 0ae26f4a-eff0-11e2-acdf-20cf305d173c

Error: (07/18/2013 08:43:00 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (07/18/2013 08:41:24 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.

Error: (07/18/2013 08:10:56 PM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (07/18/2013 07:55:14 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: regsvr32.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bca28
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec49b8f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000300fa
ID des fehlerhaften Prozesses: 0xc9c
Startzeit der fehlerhaften Anwendung: 0xregsvr32.exe0
Pfad der fehlerhaften Anwendung: regsvr32.exe1
Pfad des fehlerhaften Moduls: regsvr32.exe2
Berichtskennung: regsvr32.exe3

Error: (07/18/2013 04:57:13 PM) (Source: RasClient) (User: )
Description: CoID={2C8FFB39-1083-43B4-B4BF-FA7FD22931DC}: Der Benutzer "Anny-PC\Anny" hat eine Verbindung mit dem Namen "o2 Internet" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 797.

Error: (07/18/2013 04:50:45 PM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (07/05/2013 09:05:24 PM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (07/05/2013 08:11:39 PM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:


System errors:
=============
Error: (07/19/2013 06:00:19 PM) (Source: Ntfs) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "C:" den Befehl "chkdsk" aus.

Error: (07/19/2013 05:00:19 PM) (Source: Ntfs) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "C:" den Befehl "chkdsk" aus.

Error: (07/19/2013 04:50:42 PM) (Source: Ntfs) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "OS" den Befehl "chkdsk" aus.

Error: (07/19/2013 04:07:03 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (07/19/2013 04:07:03 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (07/19/2013 04:07:03 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (07/19/2013 04:07:03 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (07/19/2013 04:07:03 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (07/19/2013 04:07:03 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (07/19/2013 04:07:03 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.


Microsoft Office Sessions:
=========================
Error: (07/19/2013 01:40:25 AM) (Source: CVHSVC)(User: )
Description: Error: BITS connection error Type: 150::InternetConnectionFailure.

Error: (07/18/2013 11:21:53 PM) (Source: Application Hang)(User: )
Description: AIRecoveryRemind.exe1.0.8.1d6401ce83fcc0d0da1c16C:\Program Files (x86)\ASUS\AI Recovery\AIRecoveryRemind.exe0ae26f4a-eff0-11e2-acdf-20cf305d173c

Error: (07/18/2013 08:43:00 PM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (07/18/2013 08:41:24 PM) (Source: SideBySide)(User: )
Description: C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exeC:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe2

Error: (07/18/2013 08:10:56 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (07/18/2013 07:55:14 PM) (Source: Application Error)(User: )
Description: regsvr32.exe6.1.7600.163854a5bca28ntdll.dll6.1.7601.177254ec49b8fc0000005000300fac9c01ce83dff2394af6C:\Windows\SysWOW64\regsvr32.exeC:\Windows\SysWOW64\ntdll.dll32663120-efd3-11e2-9e1d-20cf305d173c

Error: (07/18/2013 04:57:13 PM) (Source: RasClient)(User: )
Description: {2C8FFB39-1083-43B4-B4BF-FA7FD22931DC}Anny-PC\Annyo2 Internet797

Error: (07/18/2013 04:50:45 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (07/05/2013 09:05:24 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (07/05/2013 08:11:39 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:


CodeIntegrity Errors:
===================================
  Date: 2013-02-01 03:17:01.692
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00176_003\avcuf64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-01-31 23:27:27.361
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_002\avcuf64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-01-31 23:10:57.701
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_002\avcuf64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-01-31 22:39:20.763
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_002\avcuf64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-01-31 21:37:13.162
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_002\avcuf64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-01-31 20:52:57.596
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_002\avcuf64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-01-31 20:27:32.924
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_002\avcuf64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-01-31 17:42:57.282
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_002\avcuf64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-01-31 17:08:12.364
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_002\avcuf64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-01-31 16:34:24.042
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_002\avcuf64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 41%
Total physical RAM: 4061.02 MB
Available physical RAM: 2362.77 MB
Total Pagefile: 8120.23 MB
Available Pagefile: 6207.74 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:74.52 GB) (Free:4.14 GB) NTFS (Disk=0 Partition=2) ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:204.03 GB) (Free:112.62 GB) NTFS (Disk=0 Partition=3)
Drive f: () (Removable) (Total:14.83 GB) (Free:5.98 GB) FAT32 (Disk=1 Partition=1)
Drive g: () (Removable) (Total:1.88 GB) (Free:1.84 GB) NTFS (Disk=2 Partition=1)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: E0C5913D)
Partition 1: (Not Active) - (Size=20 GB) - (Type=1C)
Partition 2: (Active) - (Size=75 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=204 GB) - (Type=OF Extended)

========================================================
Disk: 1 (Size: 15 GB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=15 GB) - (Type=0C)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 2 GB) (Disk ID: 00000000)
Partition 1: (Active) - (Size=2 GB) - (Type=07 NTFS)

==================== End Of Log ============================

aharonov · 18.07.2013, 17:11

Hi,

dann so weiter:

Schritt 1

Gehe zu Start --> Systemsteuerung und öffne Programme und Funktionen.
Suche und deinstalliere dort der Reihe nach folgende Einträge:
- Ask Toolbar
- BabylonObjectInstaller
- Conduit Engine
- Facemoods Toolbar
- gutscheinfilter.de
- Softonic toolbar on IE
- Softonic_Deutsch Toolbar
- softonic-Germany Toolbar
- Yontoo Layers Runtime 1.10.01
Schliesse das Fenster wieder und führe einen Neustart durch, wenn das gefordert wurde.

Schritt 2

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 3

Starte noch einmal FRST.

Ändere keine der Voreinstellungen und drücke auf Scan.
Wenn der Scan abgeschlossen ist, werden ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.

Bitte poste in deiner nächsten Antwort:

Log von AdwCleaner
Log von FRST

raya66 · 24.07.2013, 13:15

Soo, kurze Pause und ich bin wieder Zuhause beim Problemkind

Ich habe die genannten Programme gelöscht und AdwCleaner durchlaufen lassen.

Der AdwCleaner hat ergeben:
AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v2.306 - Datei am 25/07/2013 um 14:02:17 erstellt
# Aktualisiert am 19/07/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Anny - ANNY-PC
# Bootmodus : Normal
# Ausgef¸hrt unter : C:\Users\Anny\Downloads\adwcleaner06 (3).exe
# Option [Lˆschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelˆscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
Datei Gelˆscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
Datei Gelˆscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\fcmdSrch.xml
Datei Gelˆscht : C:\user.js
Datei Gelˆscht : C:\Users\Anny\AppData\Local\Temp\Uninstall.exe
Datei Gelˆscht : C:\Users\Anny\AppData\Roaming\Mozilla\Firefox\Profiles\gjxyokqc.default\extensions\plugin@yontoo.com.xpi
Datei Gelˆscht : C:\Users\Anny\AppData\Roaming\Mozilla\Firefox\Profiles\gjxyokqc.default\searchplugins\softonic.xml
Datei Gelˆscht : C:\Windows\Tasks\RegClean Pro_DEFAULT.job
Datei Gelˆscht : C:\Windows\Tasks\RegClean Pro_UPDATES.job
Ordner Gelˆscht : C:\Program Files (x86)\Advanced System Protector
Ordner Gelˆscht : C:\Program Files (x86)\AVG Secure Search
Ordner Gelˆscht : C:\Program Files (x86)\Iminent
Ordner Gelˆscht : C:\Program Files (x86)\RegClean Pro
Ordner Gelˆscht : C:\Program Files (x86)\Softonic
Ordner Gelˆscht : C:\ProgramData\Babylon
Ordner Gelˆscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
Ordner Gelˆscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
Ordner Gelˆscht : C:\ProgramData\Partner
Ordner Gelˆscht : C:\Users\Anny\AppData\Local\Conduit
Ordner Gelˆscht : C:\Users\Anny\AppData\Local\PackageAware
Ordner Gelˆscht : C:\Users\Anny\AppData\Local\Temp\AskSearch
Ordner Gelˆscht : C:\Users\Anny\AppData\Local\Temp\avg@toolbar
Ordner Gelˆscht : C:\Users\Anny\AppData\Local\Temp\BabylonToolbar
Ordner Gelˆscht : C:\Users\Anny\AppData\Local\Temp\Iminent
Ordner Gelˆscht : C:\Users\Anny\AppData\LocalLow\BabylonToolbar
Ordner Gelˆscht : C:\Users\Anny\AppData\LocalLow\boost_interprocess
Ordner Gelˆscht : C:\Users\Anny\AppData\LocalLow\Conduit
Ordner Gelˆscht : C:\Users\Anny\AppData\LocalLow\Softonic
Ordner Gelˆscht : C:\Users\Anny\AppData\LocalLow\Toolbar4
Ordner Gelˆscht : C:\Users\Anny\AppData\Roaming\Babylon
Ordner Gelˆscht : C:\Users\Anny\AppData\Roaming\Mozilla\Firefox\Profiles\gjxyokqc.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
Ordner Gelˆscht : C:\Users\Anny\AppData\Roaming\Mozilla\Firefox\Profiles\gjxyokqc.default\extensions\ffxtlbr@babylon.com
Ordner Gelˆscht : C:\Users\Anny\AppData\Roaming\Mozilla\Firefox\Profiles\gjxyokqc.default\extensions\ffxtlbra@softonic.com

***** [Registrierungsdatenbank] *****

Schl¸ssel Gelˆscht : HKCU\Software\AppDataLow\Software\Toolbar
Schl¸ssel Gelˆscht : HKCU\Software\IGearSettings
Schl¸ssel Gelˆscht : HKCU\Software\Iminent
Schl¸ssel Gelˆscht : HKCU\Software\InstallCore
Schl¸ssel Gelˆscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schl¸ssel Gelˆscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schl¸ssel Gelˆscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schl¸ssel Gelˆscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schl¸ssel Gelˆscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schl¸ssel Gelˆscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schl¸ssel Gelˆscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schl¸ssel Gelˆscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Schl¸ssel Gelˆscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schl¸ssel Gelˆscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schl¸ssel Gelˆscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schl¸ssel Gelˆscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schl¸ssel Gelˆscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schl¸ssel Gelˆscht : HKCU\Software\systweak
Schl¸ssel Gelˆscht : HKCU\Software\YahooPartnerToolbar
Schl¸ssel Gelˆscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Schl¸ssel Gelˆscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schl¸ssel Gelˆscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Schl¸ssel Gelˆscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}
Schl¸ssel Gelˆscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schl¸ssel Gelˆscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schl¸ssel Gelˆscht : HKLM\Software\Babylon
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Conduit.Engine
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Prod.cap
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Toolbar.CT2449729
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Toolbar.CT2736476
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Schl¸ssel Gelˆscht : HKLM\Software\Conduit
Schl¸ssel Gelˆscht : HKLM\Software\DeviceVM
Schl¸ssel Gelˆscht : HKLM\Software\Iminent
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Tracing\BabylonToolbarsrv_RASAPI32
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Tracing\BabylonToolbarsrv_RASMANCS
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASAPI32
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASMANCS
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASAPI32
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASMANCS
Schl¸ssel Gelˆscht : HKLM\Software\systweak
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Wert Gelˆscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}]
Wert Gelˆscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gelˆscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]

***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16635

Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4 --> hxxp://www.google.com

-\\ Mozilla Firefox v20.0.1 (de)

Datei : C:\Users\Anny\AppData\Roaming\Mozilla\Firefox\Profiles\gjxyokqc.default\prefs.js

C:\Users\Anny\AppData\Roaming\Mozilla\Firefox\Profiles\gjxyokqc.default\user.js ... Gelˆscht !

Gelˆscht : user_pref("browser.search.defaultengine", "Ask.com");
Gelˆscht : user_pref("browser.search.defaultthis.engineName", "Freeware.de Customized Web Search");
Gelˆscht : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2736476&Sea[...]
Gelˆscht : user_pref("browser.search.order.1", "Ask.com");
Gelˆscht : user_pref("extensions.BabylonToolbar.admin", false);
Gelˆscht : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Gelˆscht : user_pref("extensions.BabylonToolbar.babExt", "");
Gelˆscht : user_pref("extensions.BabylonToolbar.babTrack", "affID=109958&tt=2912_1");
Gelˆscht : user_pref("extensions.BabylonToolbar.bbDpng", 28);
Gelˆscht : user_pref("extensions.BabylonToolbar.cntry", "DE");
Gelˆscht : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Gelˆscht : user_pref("extensions.BabylonToolbar.dfltSrch", true);
Gelˆscht : user_pref("extensions.BabylonToolbar.firstRun", false);
Gelˆscht : user_pref("extensions.BabylonToolbar.hdrMd5", "E8186721BAA1875AE15BC32BB3DA4FC8");
Gelˆscht : user_pref("extensions.BabylonToolbar.hmpg", true);
Gelˆscht : user_pref("extensions.BabylonToolbar.id", "0c10ecf000000000000020cf305d173c");
Gelˆscht : user_pref("extensions.BabylonToolbar.instlDay", "15173");
Gelˆscht : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Gelˆscht : user_pref("extensions.BabylonToolbar.keyWordUrl", "hxxp://search.babylon.com/?affID=109958&tt=2912_1[...]
Gelˆscht : user_pref("extensions.BabylonToolbar.lastActv", "4");
Gelˆscht : user_pref("extensions.BabylonToolbar.lastDP", 28);
Gelˆscht : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.5.3.1719:10:05");
Gelˆscht : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "20.0");
Gelˆscht : user_pref("extensions.BabylonToolbar.newTab", false);
Gelˆscht : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_FFUP");
Gelˆscht : user_pref("extensions.BabylonToolbar.noFFXTlbr", false);
Gelˆscht : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Gelˆscht : user_pref("extensions.BabylonToolbar.propectorlck", 105711899);
Gelˆscht : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Gelˆscht : user_pref("extensions.BabylonToolbar.ptch_0717", true);
Gelˆscht : user_pref("extensions.BabylonToolbar.smplGrp", "none");
Gelˆscht : user_pref("extensions.BabylonToolbar.srcExt", "ss");
Gelˆscht : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Gelˆscht : user_pref("extensions.BabylonToolbar.vrsn", "1.5.3.17");
Gelˆscht : user_pref("extensions.BabylonToolbar.vrsnTs", "1.5.3.1719:10:05");
Gelˆscht : user_pref("extensions.BabylonToolbar.vrsni", "1.5.3.17");
Gelˆscht : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Gelˆscht : user_pref("extensions.BabylonToolbar_i.babExt", "");
Gelˆscht : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109958&tt=2912_1");
Gelˆscht : user_pref("extensions.BabylonToolbar_i.hardId", "0c10ecf000000000000020cf305d173c");
Gelˆscht : user_pref("extensions.BabylonToolbar_i.id", "0c10ecf000000000000020cf305d173c");
Gelˆscht : user_pref("extensions.BabylonToolbar_i.instlDay", "15173");
Gelˆscht : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Gelˆscht : user_pref("extensions.BabylonToolbar_i.newTab", false);
Gelˆscht : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Gelˆscht : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Gelˆscht : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Gelˆscht : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Gelˆscht : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
Gelˆscht : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Gelˆscht : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1719:10:05");
Gelˆscht : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Gelˆscht : user_pref("extensions.Softonic.admin", false);
Gelˆscht : user_pref("extensions.Softonic.aflt", "SD");
Gelˆscht : user_pref("extensions.Softonic.autoRvrt", "false");
Gelˆscht : user_pref("extensions.Softonic.cntry", "DE");
Gelˆscht : user_pref("extensions.Softonic.cv", "cv5");
Gelˆscht : user_pref("extensions.Softonic.dfltLng", "de");
Gelˆscht : user_pref("extensions.Softonic.dfltSrch", true);
Gelˆscht : user_pref("extensions.Softonic.dfltlng", "de");
Gelˆscht : user_pref("extensions.Softonic.dfltsrch", true);
Gelˆscht : user_pref("extensions.Softonic.dspNew", "Search the web (Softonic)");
Gelˆscht : user_pref("extensions.Softonic.dspOld", "");
Gelˆscht : user_pref("extensions.Softonic.envrmnt", "production");
Gelˆscht : user_pref("extensions.Softonic.excTlbr", false);
Gelˆscht : user_pref("extensions.Softonic.hdrMd5", "21CDBA7A704C5EBA34CC2E47AF7C36B4");
Gelˆscht : user_pref("extensions.Softonic.hmpg", true);
Gelˆscht : user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=13&[...]
Gelˆscht : user_pref("extensions.Softonic.hpNew", "hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=13&cc[...]
Gelˆscht : user_pref("extensions.Softonic.hpOld", "hxxp://isearch.avg.com?cid=%7B336ce695-3816-4f88-bce9-a239f5[...]
Gelˆscht : user_pref("extensions.Softonic.hrdid", "0c10ecf000000000000020cf305d173c");
Gelˆscht : user_pref("extensions.Softonic.id", "0c10ecf000000000000020cf305d173c");
Gelˆscht : user_pref("extensions.Softonic.instlDay", "15157");
Gelˆscht : user_pref("extensions.Softonic.instlRef", "MON00015");
Gelˆscht : user_pref("extensions.Softonic.instlday", "15157");
Gelˆscht : user_pref("extensions.Softonic.instlref", "MON00015");
Gelˆscht : user_pref("extensions.Softonic.isdcmntcmplt", "false");
Gelˆscht : user_pref("extensions.Softonic.keyWordUrl", "hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=[...]
Gelˆscht : user_pref("extensions.Softonic.keywordurl", "hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=[...]
Gelˆscht : user_pref("extensions.Softonic.lastVrsnTs", "1.5.24.323:04:13");
Gelˆscht : user_pref("extensions.Softonic.mntrvrsn", "1.3.0");
Gelˆscht : user_pref("extensions.Softonic.newTab", true);
Gelˆscht : user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=1[...]
Gelˆscht : user_pref("extensions.Softonic.newtab", true);
Gelˆscht : user_pref("extensions.Softonic.newtaburl", "hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=1[...]
Gelˆscht : user_pref("extensions.Softonic.noFFXTlbr", false);
Gelˆscht : user_pref("extensions.Softonic.prdct", "Softonic");
Gelˆscht : user_pref("extensions.Softonic.prtnrId", "softonic");
Gelˆscht : user_pref("extensions.Softonic.prtnrid", "softonic");
Gelˆscht : user_pref("extensions.Softonic.rvrtMsg", "Click Yes to keep current home page and default search set[...]
Gelˆscht : user_pref("extensions.Softonic.savedVrsnTs", "1");
Gelˆscht : user_pref("extensions.Softonic.sg", "az");
Gelˆscht : user_pref("extensions.Softonic.smplGrp", "none");
Gelˆscht : user_pref("extensions.Softonic.smplgrp", "none");
Gelˆscht : user_pref("extensions.Softonic.srch", "");
Gelˆscht : user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");
Gelˆscht : user_pref("extensions.Softonic.srchprvdr", "Search the web (Softonic)");
Gelˆscht : user_pref("extensions.Softonic.tlbrId", "base");
Gelˆscht : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MON00015/tb_v1?SearchSource[...]
Gelˆscht : user_pref("extensions.Softonic.tlbrid", "base");
Gelˆscht : user_pref("extensions.Softonic.tlbrsrchurl", "hxxp://search.softonic.com/MON00015/tb_v1?SearchSource[...]
Gelˆscht : user_pref("extensions.Softonic.vrsn", "1.5.24.3");
Gelˆscht : user_pref("extensions.Softonic.vrsnTs", "1.5.24.323:04:13");
Gelˆscht : user_pref("extensions.Softonic.vrsni", "1.5.24.3");
Gelˆscht : user_pref("extensions.Softonic.vrsnts", "1.5.24.323:04:13");
Gelˆscht : user_pref("extensions.Softonic_i.dnsErr", true);
Gelˆscht : user_pref("extensions.Softonic_i.hmpg", true);
Gelˆscht : user_pref("extensions.Softonic_i.newTab", true);
Gelˆscht : user_pref("extensions.Softonic_i.smplGrp", "none");
Gelˆscht : user_pref("extensions.Softonic_i.vrsnTs", "1.5.24.323:04:13");
Gelˆscht : user_pref("extensions.enabledAddons", "ffxtlbr%40babylon.com:1.2.0,ffxtlbra%40softonic.com:1.5.0,plu[...]
Gelˆscht : user_pref("extensions.facemoods.DNSErrUrl", "hxxp://start.facemoods.com/?a=ddrnw&f=5");
Gelˆscht : user_pref("extensions.facemoods.aflt", "_#ddrnw");
Gelˆscht : user_pref("extensions.facemoods.dfltSrch", true);
Gelˆscht : user_pref("extensions.facemoods.dfltSrchPrvdr", "Facemoods Search");
Gelˆscht : user_pref("extensions.facemoods.dnsErr", true);
Gelˆscht : user_pref("extensions.facemoods.fcmdVrsn", "1.2.7.5.4");
Gelˆscht : user_pref("extensions.facemoods.firstRun", false);
Gelˆscht : user_pref("extensions.facemoods.first_time", false);
Gelˆscht : user_pref("extensions.facemoods.hmpg", false);
Gelˆscht : user_pref("extensions.facemoods.hmpgUrl", "hxxp://start.facemoods.com/?a=ddrnw");
Gelˆscht : user_pref("extensions.facemoods.id", "_#0c10ecf000000000000020cf305d173c");
Gelˆscht : user_pref("extensions.facemoods.instlDay", "_#15157");
Gelˆscht : user_pref("extensions.facemoods.lastVrsnTs", "");
Gelˆscht : user_pref("extensions.facemoods.mntz", "");
Gelˆscht : user_pref("extensions.facemoods.newTab", false);
Gelˆscht : user_pref("extensions.facemoods.newTabUrl", "hxxp://start.facemoods.com/?a=ddrnw&f=2");
Gelˆscht : user_pref("extensions.facemoods.prtnrId", "_#facemoods.com");
Gelˆscht : user_pref("extensions.facemoods.searchProviderAdded", true);
Gelˆscht : user_pref("extensions.facemoods.sid", "_#8adfc9e485fc4c718053640d171202ae");
Gelˆscht : user_pref("extensions.facemoods.smplGrp", "free");
Gelˆscht : user_pref("extensions.facemoods.tlbrSrchUrl", "hxxp://start.facemoods.com/?a=ddrnw&f=3");
Gelˆscht : user_pref("extensions.facemoods.update", "_#v1.4.0");
Gelˆscht : user_pref("extensions.facemoods.vrsn", "_#1.4.17.11");
Gelˆscht : user_pref("extentions.y2layers.installId", "f66d6e42-ab5c-438c-9907-b2904f603ad2");
Gelˆscht : user_pref("extentions.y2layers.lastDnsTest", 363332);
Gelˆscht : user_pref("keyword.URL", "hxxp://isearch.avg.com/search?cid=%7B40ef58c6-7401-4312-9f8d-be9ca6c60fe2%[...]

-\\ Google Chrome v28.0.1500.72

Datei : C:\Users\Anny\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S1].txt - [21831 octets] - [25/07/2013 14:02:17]

########## EOF - C:\AdwCleaner[S1].txt - [21892 octets] ##########

--- --- ---

und der FRST-Text:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-07-2013 02 (ATTENTION: FRST version is 8 days old)
Ran by Anny (administrator) on 25-07-2013 14:13:28
Running from C:\Users\Anny\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
(ASUSTeK Computer Inc.) C:\Windows\system32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
() C:\Windows\system32\webio64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Telefónica I+D) C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(ASUS) C:\Windows\AsScrPro.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
() C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(AlcorMicro Co., Ltd.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
(Boingo Wireless, Inc.) C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
(ASUS) C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Dropbox, Inc.) C:\Users\Anny\AppData\Roaming\Dropbox\bin\Dropbox.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe
() C:\Program Files (x86)\ASUS\ASUS WebStorage\EeeStorageUploader.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDWare] - C:\Program Files\Elantech\ETDCtrl.exe [659848 2010-07-19] (ELAN Microelectronic Corp.)
HKLM\...\Run: [ASUS WebStorage] - C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [1754448 2010-03-16] ()
HKLM\...\Run: [NvCplDaemon] - C:\Windows\system32\NvCpl.dll [16336488 2009-08-28] (NVIDIA Corporation)
HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323584 2009-09-01] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [Bdagent] - C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe [1569536 2013-07-18] (Bitdefender)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [17418928 2012-07-13] (Skype Technologies S.A.)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
MountPoints2: {ed34a8c0-1762-11e0-bf84-806e6f6e6963} - E:\Launcher.exe
MountPoints2: {fc57a2ba-1d7a-11e0-a851-20cf305d173c} - F:\LaunchU3.exe -a
HKLM-x32\...\Run: [UpdateLBPShortCut] - "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] - "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [Boingo Wi-Fi] - "C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk" [2429 2010-09-15] ()
HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [7350912 2010-02-04] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [170624 2010-01-05] (ASUS)
HKLM-x32\...\Run: [VirtualCloneDrive] - "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [163000 2012-12-12] (Geek Software GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk
ShortcutTarget: SRS Premium Sound.lnk -> C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe (Acresso Software Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TMMonitor.lnk
ShortcutTarget: TMMonitor.lnk -> C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe (ArcSoft, Inc.)
Startup: C:\Users\Anny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Anny\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Anny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ncr
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
URLSearchHook: (No Name) - {a51a36e6-31e7-4838-9ff7-76298b527ec0} -  No File
URLSearchHook: (No Name) - {7e111a5c-3d11-4f56-9463-5310c3c69025} -  No File
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&r=
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = 
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO: Windows Live Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO-x32: DivX HiQ - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
BHO-x32: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {7E111A5C-3D11-4F56-9463-5310C3C69025} -  No File
Toolbar: HKCU - No Name - {A51A36E6-31E7-4838-9FF7-76298B527EC0} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Anny\AppData\Roaming\Mozilla\Firefox\Profiles\gjxyokqc.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.de/ncr
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.13.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.13.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8051.1204 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=12.0.1.609 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=12.0.1.609 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=12.0.1.609 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=12.0.1.609 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Anny\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
FF Extension: No Name - C:\Users\Anny\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext
FF Extension: No Name - C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF Extension: DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext
FF Extension: No Name - C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/ig/redirectdomain?brand=ASUT&bmod=ASUT
CHR RestoreOnStartup: "hxxp://www.google.com/ig/redirectdomain?brand=ASUT&bmod=ASUT"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\pdf.dll ()
CHR Plugin: (Skype Toolbars) - C:\Users\Anny\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll (Skype Technologies S.A.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\Mozilla Firefox\plugins\npdivx32.dll (DivX,Inc.)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U11) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Windows Live\u00AE Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.110.21) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (Google Docs) - C:\Users\Anny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Anny\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Anny\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\Anny\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (DivX HiQ) - C:\Users\Anny\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae\2.1.1.94_0
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Anny\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.3_0
CHR Extension: (Skype Click to Call) - C:\Users\Anny\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\Anny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.1.94_0
CHR Extension: (Gmail) - C:\Users\Anny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2011-03-18] (Adobe Systems)
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] ()
S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe [69392 2013-04-28] (Bitdefender)
R2 compactd; C:\Windows\system32\webio64.exe [106496 2011-07-18] ()
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 TGCM_ImportWiFiSvc; C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe [199600 2010-11-11] (Telefónica I+D)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2143072 2012-05-29] (TuneUp Software)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe [68856 2013-04-28] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe [1646792 2013-07-18] (Bitdefender)

==================== Drivers (Whitelisted) ====================

R2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] ()
R2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] ()
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2013-07-18] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-07-18] (BitDefender)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2013-07-18] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82384 2013-02-01] (BitDefender SRL)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [147232 2013-04-28] (BitDefender LLC)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [12800 2009-02-03] (ZTE Incorporated)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806400 2009-06-05] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [530488 2011-01-03] ()
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-07-18] (BitDefender S.R.L.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [11856 2012-05-08] (TuneUp Software)
U3 ahhzzpw7; C:\Windows\System32\Drivers\ahhzzpw7.sys [0 ] (Advanced Micro Devices)
U3 tmlwf; 
U3 tmwfp; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-25 14:11 - 2013-07-25 14:11 - 00021940 _____ C:\Users\Anny\Desktop\AdwCleaner[S1].txt
2013-07-25 14:02 - 2013-07-25 14:02 - 00021940 _____ C:\AdwCleaner[S1].txt
2013-07-25 14:01 - 2013-07-25 14:01 - 00666633 _____ C:\Users\Anny\Downloads\adwcleaner06 (3).exe
2013-07-25 14:00 - 2013-07-25 14:00 - 00666633 _____ C:\Users\Anny\Downloads\adwcleaner06 (2).exe
2013-07-25 14:00 - 2013-07-25 14:00 - 00666633 _____ C:\Users\Anny\Downloads\adwcleaner06 (1).exe
2013-07-25 13:59 - 2013-07-25 13:59 - 00666633 _____ C:\Users\Anny\Downloads\adwcleaner06.exe
2013-07-25 13:15 - 2013-07-25 13:15 - 00003416 ____N C:\bootsqm.dat
2013-07-25 13:12 - 2013-07-25 13:12 - 00000000 __SHD C:\found.000
2013-07-19 18:08 - 2013-07-19 18:08 - 00025730 _____ C:\Users\Anny\Desktop\Addition.txt
2013-07-19 18:03 - 2013-07-18 00:03 - 01778209 _____ (Farbar) C:\Users\Anny\Desktop\FRST64.exe
2013-07-19 11:24 - 2013-07-19 11:24 - 00000000 ____D C:\FRST
2013-07-19 03:18 - 2013-07-19 03:18 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-19 03:18 - 2013-07-19 03:18 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-19 03:18 - 2013-07-19 03:18 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-19 03:18 - 2013-07-19 03:18 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-07-19 03:18 - 2013-07-19 03:18 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-07-19 03:18 - 2013-07-19 03:18 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-07-19 03:18 - 2013-07-19 03:18 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 01054720 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00905728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-07-19 03:18 - 2013-07-19 03:18 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-07-19 03:18 - 2013-07-19 03:18 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00242200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-07-19 03:18 - 2013-07-19 03:18 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-07-19 03:18 - 2013-07-19 03:18 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-07-19 03:16 - 2013-07-19 03:16 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-07-19 03:14 - 2013-07-19 03:25 - 00010360 _____ C:\Windows\IE10_main.log
2013-07-18 17:49 - 2013-02-27 08:02 - 00111448 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2013-07-18 17:49 - 2013-02-27 07:52 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-07-18 17:49 - 2013-02-27 07:52 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-07-18 17:49 - 2013-02-27 07:48 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-07-18 17:49 - 2013-02-27 07:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2013-07-18 17:49 - 2013-02-27 06:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-07-18 17:49 - 2013-02-27 06:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-07-18 17:49 - 2013-02-27 06:49 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-07-18 17:48 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-18 17:48 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-18 17:48 - 2013-05-08 08:39 - 01910632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-07-18 17:48 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-18 17:48 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-18 17:47 - 2013-06-05 05:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-18 17:47 - 2013-05-10 07:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2013-07-18 17:47 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-07-18 17:47 - 2013-04-26 07:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-07-18 17:47 - 2013-04-26 06:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-07-18 17:46 - 2013-05-13 07:51 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-07-18 17:46 - 2013-05-13 07:51 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-07-18 17:46 - 2013-05-13 07:51 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-07-18 17:46 - 2013-05-13 07:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2013-07-18 17:46 - 2013-05-13 06:45 - 01160192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-07-18 17:46 - 2013-05-13 06:45 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-07-18 17:46 - 2013-05-13 06:45 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-07-18 17:46 - 2013-05-13 05:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2013-07-18 17:46 - 2013-05-13 05:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-07-18 17:46 - 2013-05-13 05:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-07-18 17:45 - 2013-04-26 01:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-07-18 17:45 - 2013-04-01 00:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-07-18 17:40 - 2013-04-10 08:01 - 00983400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-07-18 17:40 - 2013-04-10 08:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2013-07-18 17:40 - 2013-03-19 07:53 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-07-18 17:40 - 2013-03-19 07:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2013-07-18 17:40 - 2011-02-03 13:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2013-07-18 17:10 - 2012-10-09 20:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2013-07-18 17:10 - 2012-10-09 20:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2013-07-18 17:10 - 2012-10-09 19:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2013-07-18 17:10 - 2012-10-09 19:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll

==================== One Month Modified Files and Folders =======

2013-07-25 14:13 - 2009-07-14 06:45 - 00010016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-25 14:13 - 2009-07-14 06:45 - 00010016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-25 14:12 - 2010-11-19 23:01 - 00003336 _____ C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2615487275-358060393-2942834397-1000
2013-07-25 14:12 - 2010-11-19 23:01 - 00003200 _____ C:\Windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2615487275-358060393-2942834397-1000
2013-07-25 14:12 - 2009-08-04 11:51 - 00654844 _____ C:\Windows\system32\perfh007.dat
2013-07-25 14:12 - 2009-08-04 11:51 - 00130426 _____ C:\Windows\system32\perfc007.dat
2013-07-25 14:12 - 2009-07-14 07:13 - 01500254 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-25 14:11 - 2013-07-25 14:11 - 00021940 _____ C:\Users\Anny\Desktop\AdwCleaner[S1].txt
2013-07-25 14:07 - 2011-04-02 17:22 - 00000000 ____D C:\Users\Anny\AppData\Roaming\Dropbox
2013-07-25 14:07 - 2011-03-15 23:35 - 00000000 ____D C:\Users\Anny\AppData\Roaming\Skype
2013-07-25 14:06 - 2011-04-02 17:26 - 00000000 ___RD C:\Users\Anny\Dropbox
2013-07-25 14:05 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-25 14:04 - 2009-07-14 06:51 - 00084323 _____ C:\Windows\setupact.log
2013-07-25 14:03 - 2010-09-15 10:39 - 00180130 _____ C:\Windows\PFRO.log
2013-07-25 14:03 - 2010-09-15 10:10 - 01831795 _____ C:\Windows\WindowsUpdate.log
2013-07-25 14:02 - 2013-07-25 14:02 - 00021940 _____ C:\AdwCleaner[S1].txt
2013-07-25 14:01 - 2013-07-25 14:01 - 00666633 _____ C:\Users\Anny\Downloads\adwcleaner06 (3).exe
2013-07-25 14:00 - 2013-07-25 14:00 - 00666633 _____ C:\Users\Anny\Downloads\adwcleaner06 (2).exe
2013-07-25 14:00 - 2013-07-25 14:00 - 00666633 _____ C:\Users\Anny\Downloads\adwcleaner06 (1).exe
2013-07-25 13:59 - 2013-07-25 13:59 - 00666633 _____ C:\Users\Anny\Downloads\adwcleaner06.exe
2013-07-25 13:20 - 2011-04-02 17:26 - 00001017 _____ C:\Users\Anny\Desktop\Dropbox.lnk
2013-07-25 13:20 - 2011-04-02 17:23 - 00000000 ____D C:\Users\Anny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-07-25 13:20 - 2010-11-16 22:49 - 00000000 ___RD C:\Users\Anny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-25 13:15 - 2013-07-25 13:15 - 00003416 ____N C:\bootsqm.dat
2013-07-25 13:12 - 2013-07-25 13:12 - 00000000 __SHD C:\found.000
2013-07-25 12:54 - 2009-07-14 07:08 - 00032618 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-19 18:08 - 2013-07-19 18:08 - 00025730 _____ C:\Users\Anny\Desktop\Addition.txt
2013-07-19 16:01 - 2010-11-16 22:50 - 00001423 _____ C:\Users\Anny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-07-19 16:01 - 2010-11-16 22:49 - 00000000 ___RD C:\Users\Anny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-07-19 11:24 - 2013-07-19 11:24 - 00000000 ____D C:\FRST
2013-07-19 04:10 - 2010-11-16 22:41 - 00000000 ____D C:\Users\Anny
2013-07-19 04:10 - 2009-07-14 06:45 - 04849656 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-19 04:04 - 2013-04-28 14:29 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-19 04:04 - 2013-04-28 14:29 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-19 04:02 - 2009-07-14 09:45 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-19 04:02 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-19 04:02 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-19 04:02 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2013-07-19 04:02 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-07-19 04:02 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\zh-HK
2013-07-19 04:02 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\tr-TR
2013-07-19 04:02 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-07-19 03:25 - 2013-07-19 03:14 - 00010360 _____ C:\Windows\IE10_main.log
2013-07-19 03:18 - 2013-07-19 03:18 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-19 03:18 - 2013-07-19 03:18 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-19 03:18 - 2013-07-19 03:18 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-19 03:18 - 2013-07-19 03:18 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-07-19 03:18 - 2013-07-19 03:18 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-07-19 03:18 - 2013-07-19 03:18 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-07-19 03:18 - 2013-07-19 03:18 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 01054720 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00905728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-07-19 03:18 - 2013-07-19 03:18 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-07-19 03:18 - 2013-07-19 03:18 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00242200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-07-19 03:18 - 2013-07-19 03:18 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-07-19 03:18 - 2013-07-19 03:18 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-07-19 03:18 - 2013-07-19 03:18 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-07-19 03:18 - 2013-07-19 03:18 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-07-19 03:16 - 2013-07-19 03:16 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-07-19 03:16 - 2013-07-19 03:16 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-07-18 23:44 - 2013-01-06 16:01 - 00001426 _____ C:\Users\Anny\Desktop\Registry kostenlos entrümpeln!.lnk
2013-07-18 23:44 - 2010-09-15 10:32 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-18 23:31 - 2013-02-16 12:34 - 00003108 _____ C:\Windows\System32\Tasks\RegClean Pro
2013-07-18 23:29 - 2012-12-08 02:02 - 00003120 _____ C:\Windows\System32\Tasks\Advanced System Protector_startup
2013-07-18 23:03 - 2012-11-08 13:22 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-18 22:58 - 2010-09-15 10:32 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-18 20:48 - 2012-07-21 18:46 - 00000000 ____D C:\Windows\rescache
2013-07-18 20:00 - 2010-09-15 10:54 - 00002326 _____ C:\Windows\system32\AutoRunFilter.ini
2013-07-18 17:55 - 2013-02-01 00:30 - 00718840 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2013-07-18 17:55 - 2013-02-01 00:30 - 00593144 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2013-07-18 17:55 - 2013-01-29 14:57 - 00382536 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2013-07-18 17:53 - 2010-09-15 10:32 - 00004120 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-18 17:53 - 2010-09-15 10:32 - 00003868 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-18 17:05 - 2012-11-08 13:22 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-18 17:04 - 2012-11-08 13:22 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-07-18 17:04 - 2012-11-08 13:22 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-07-18 16:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-07-18 16:50 - 2011-03-16 00:44 - 00000446 ____H C:\Windows\Tasks\Norton Security Scan for Anny.job
2013-07-18 00:03 - 2013-07-19 18:03 - 01778209 _____ (Farbar) C:\Users\Anny\Desktop\FRST64.exe
2013-07-05 20:56 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD

Files to move or delete:
====================
C:\ProgramData\FullRemove.exe
C:\Users\Anny\Launcher.exe
C:\Users\Anny\limbo.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-18 16:52

==================== End Of Log ============================

--- --- ---

LG raya

aharonov · 24.07.2013, 20:25

Hallo Raya,

Schritt 1

Bitte gehe zu Virustotal und lass dort folgendermassen eine Datei überprüfen:

Klicke auf Wählen Sie eine.
Kopiere dann Folgendes in das Eingabefeld für den Dateinamen
Code:
ATTFilter
```
C:\Windows\System32\Drivers\ahhzzpw7.sys
         
```
und klicke auf Öffnen.
Klicke auf Scannen!.
Solltest du folgende Meldung bekommen:

Zitat:

Datei wurde bereits analysiert - Diese Datei wurde bereits von VirusTotal analysiert am ...

dann klicke auf Neu analysieren.
Warte, bis die Analyse beendet ist, und kopiere dann die URL aus deiner Adresszeile und poste sie hier.

Schritt 2

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte poste in deiner nächsten Antwort:

Link zur VT-Analyse
Log von TDSSKiller

raya66 · 24.07.2013, 21:10

Guten abend

Hm.. also dieses ahhzzpw7.sys wird von Virustotal nicht gefunden bzw. finde ich sie nicht (im Ordner Drivers von System32 oder sonst wo aufm Rechner). Unsichtbare Dateien ausblenden ist auch nicht eingestellt. Ich habe dann noch einmal den FRST Scan durchlaufen lassen, da wird der Pfad zum ahhzzpw7.sys noch genau so angegeben.
Übersehe ich da was?

LG Raya

aharonov · 24.07.2013, 21:13

Ok, dann überspring das mal und mach noch Schritt 2.

raya66 · 24.07.2013, 21:33

OK, Schritt übersprungen.
Die TDSKiller-datei sagt folgendes:

Code:

ATTFilter

22:37:49.0597 5696  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
22:37:50.0388 5696  ============================================================
22:37:50.0388 5696  Current date / time: 2013/07/25 22:37:50.0388
22:37:50.0389 5696  SystemInfo:
22:37:50.0389 5696  
22:37:50.0389 5696  OS Version: 6.1.7601 ServicePack: 1.0
22:37:50.0389 5696  Product type: Workstation
22:37:50.0389 5696  ComputerName: ANNY-PC
22:37:50.0389 5696  UserName: Anny
22:37:50.0389 5696  Windows directory: C:\Windows
22:37:50.0390 5696  System windows directory: C:\Windows
22:37:50.0390 5696  Running under WOW64
22:37:50.0390 5696  Processor architecture: Intel x64
22:37:50.0390 5696  Number of processors: 2
22:37:50.0390 5696  Page size: 0x1000
22:37:50.0390 5696  Boot type: Normal boot
22:37:50.0390 5696  ============================================================
22:37:51.0081 5696  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:37:51.0088 5696  ============================================================
22:37:51.0088 5696  \Device\Harddisk0\DR0:
22:37:51.0089 5696  MBR partitions:
22:37:51.0089 5696  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2711676, BlocksNum 0x950A408
22:37:51.0105 5696  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xBC1C800, BlocksNum 0x19811800
22:37:51.0105 5696  ============================================================
22:37:51.0147 5696  C: <-> \Device\Harddisk0\DR0\Partition1
22:37:51.0196 5696  D: <-> \Device\Harddisk0\DR0\Partition2
22:37:51.0196 5696  ============================================================
22:37:51.0196 5696  Initialize success
22:37:51.0196 5696  ============================================================
22:38:12.0859 1120  ============================================================
22:38:12.0859 1120  Scan started
22:38:12.0859 1120  Mode: Manual; 
22:38:12.0859 1120  ============================================================
22:38:13.0558 1120  ================ Scan system memory ========================
22:38:13.0559 1120  System memory - ok
22:38:13.0559 1120  ================ Scan services =============================
22:38:13.0732 1120  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
22:38:13.0752 1120  1394ohci - ok
22:38:13.0897 1120  [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon        C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
22:38:13.0902 1120  ACDaemon - ok
22:38:13.0947 1120  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
22:38:13.0953 1120  ACPI - ok
22:38:14.0001 1120  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
22:38:14.0004 1120  AcpiPmi - ok
22:38:14.0077 1120  [ 6EF096317E127AECF4CB61081D88AD0B ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
22:38:14.0079 1120  Adobe LM Service - ok
22:38:14.0167 1120  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:38:14.0169 1120  AdobeARMservice - ok
22:38:14.0288 1120  [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:38:14.0293 1120  AdobeFlashPlayerUpdateSvc - ok
22:38:14.0365 1120  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
22:38:14.0387 1120  adp94xx - ok
22:38:14.0429 1120  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
22:38:14.0436 1120  adpahci - ok
22:38:14.0453 1120  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
22:38:14.0457 1120  adpu320 - ok
22:38:14.0482 1120  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
22:38:14.0484 1120  AeLookupSvc - ok
22:38:14.0520 1120  [ 2D00D3DADC1D3326BA788EB071F2726E ] AFBAgent        C:\Windows\system32\FBAgent.exe
22:38:14.0527 1120  AFBAgent - ok
22:38:14.0575 1120  [ 6CCD1135320109D6B219F1A6E04AD9F6 ] Afc             C:\Windows\syswow64\drivers\Afc.sys
22:38:14.0578 1120  Afc - ok
22:38:14.0618 1120  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
22:38:14.0638 1120  AFD - ok
22:38:14.0679 1120  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
22:38:14.0682 1120  agp440 - ok
22:38:14.0719 1120  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
22:38:14.0722 1120  ALG - ok
22:38:14.0757 1120  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
22:38:14.0760 1120  aliide - ok
22:38:14.0801 1120  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
22:38:14.0804 1120  amdide - ok
22:38:14.0843 1120  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
22:38:14.0846 1120  AmdK8 - ok
22:38:14.0866 1120  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
22:38:14.0869 1120  AmdPPM - ok
22:38:14.0914 1120  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
22:38:14.0917 1120  amdsata - ok
22:38:14.0943 1120  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
22:38:14.0949 1120  amdsbs - ok
22:38:14.0972 1120  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
22:38:14.0974 1120  amdxata - ok
22:38:15.0018 1120  [ 9C7F164B49CADC658D1B3C575782F346 ] AmUStor         C:\Windows\system32\drivers\AmUStor.SYS
22:38:15.0020 1120  AmUStor - ok
22:38:15.0072 1120  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
22:38:15.0075 1120  AppID - ok
22:38:15.0105 1120  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
22:38:15.0107 1120  AppIDSvc - ok
22:38:15.0131 1120  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
22:38:15.0134 1120  Appinfo - ok
22:38:15.0179 1120  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
22:38:15.0181 1120  arc - ok
22:38:15.0197 1120  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
22:38:15.0200 1120  arcsas - ok
22:38:15.0264 1120  [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
22:38:15.0266 1120  ASLDRService - ok
22:38:15.0344 1120  [ 2DB34EDD17D3A8DA7105A19C95A3DD68 ] ASMMAP64        C:\Program Files\ATKGFNEX\ASMMAP64.sys
22:38:15.0346 1120  ASMMAP64 - ok
22:38:15.0370 1120  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
22:38:15.0372 1120  AsyncMac - ok
22:38:15.0408 1120  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
22:38:15.0410 1120  atapi - ok
22:38:15.0475 1120  [ 0ACC06FCF46F64ED4F11E57EE461C1F4 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
22:38:15.0546 1120  athr - ok
22:38:15.0564 1120  [ 7C157574A181B19B9DCF5F339E25337E ] ATKGFNEXSrv     C:\Program Files\ATKGFNEX\GFNEXSrv.exe
22:38:15.0565 1120  ATKGFNEXSrv - ok
22:38:15.0618 1120  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:38:15.0641 1120  AudioEndpointBuilder - ok
22:38:15.0670 1120  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
22:38:15.0675 1120  AudioSrv - ok
22:38:15.0733 1120  [ AAE1DAE483DD57D0E267FCA42FCB5133 ] avc3            C:\Windows\system32\DRIVERS\avc3.sys
22:38:15.0758 1120  avc3 - ok
22:38:15.0803 1120  [ 3B9549FEF98AB1768A1D6A919F355B70 ] avchv           C:\Windows\system32\DRIVERS\avchv.sys
22:38:15.0813 1120  avchv - ok
22:38:15.0856 1120  [ 8183B715BD56561C27BEBB68B1192B7A ] avckf           C:\Windows\system32\DRIVERS\avckf.sys
22:38:15.0879 1120  avckf - ok
22:38:15.0951 1120  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
22:38:15.0955 1120  AxInstSV - ok
22:38:16.0004 1120  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
22:38:16.0014 1120  b06bdrv - ok
22:38:16.0065 1120  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
22:38:16.0073 1120  b57nd60a - ok
22:38:16.0134 1120  [ EBD3B67D51F58F45FBDA2BDE853322AA ] BdDesktopParental C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe
22:38:16.0137 1120  BdDesktopParental - ok
22:38:16.0175 1120  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
22:38:16.0177 1120  BDESVC - ok
22:38:16.0257 1120  [ 3FAFE12C5D1D4D5F3567E7A0A2F15A7C ] BdfNdisf        c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys
22:38:16.0261 1120  BdfNdisf - ok
22:38:16.0302 1120  [ 4CE4B0098FC315C237FA8867F07886C4 ] bdfwfpf         C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
22:38:16.0305 1120  bdfwfpf - ok
22:38:16.0339 1120  [ E311541A584A29C0D91DD73730B1DCBE ] BDSandBox       C:\Windows\system32\drivers\bdsandbox.sys
22:38:16.0343 1120  BDSandBox - ok
22:38:16.0368 1120  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
22:38:16.0371 1120  Beep - ok
22:38:16.0436 1120  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
22:38:16.0446 1120  BFE - ok
22:38:16.0482 1120  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
22:38:16.0525 1120  BITS - ok
22:38:16.0550 1120  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
22:38:16.0552 1120  blbdrive - ok
22:38:16.0594 1120  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
22:38:16.0598 1120  bowser - ok
22:38:16.0634 1120  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:38:16.0636 1120  BrFiltLo - ok
22:38:16.0654 1120  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:38:16.0655 1120  BrFiltUp - ok
22:38:16.0687 1120  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
22:38:16.0690 1120  Browser - ok
22:38:16.0717 1120  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
22:38:16.0723 1120  Brserid - ok
22:38:16.0742 1120  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
22:38:16.0744 1120  BrSerWdm - ok
22:38:16.0765 1120  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
22:38:16.0767 1120  BrUsbMdm - ok
22:38:16.0787 1120  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
22:38:16.0789 1120  BrUsbSer - ok
22:38:16.0819 1120  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
22:38:16.0821 1120  BTHMODEM - ok
22:38:16.0856 1120  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
22:38:16.0859 1120  bthserv - ok
22:38:16.0871 1120  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
22:38:16.0874 1120  cdfs - ok
22:38:16.0914 1120  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
22:38:16.0918 1120  cdrom - ok
22:38:16.0968 1120  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
22:38:16.0971 1120  CertPropSvc - ok
22:38:17.0005 1120  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
22:38:17.0007 1120  circlass - ok
22:38:17.0044 1120  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
22:38:17.0051 1120  CLFS - ok
22:38:17.0105 1120  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:38:17.0108 1120  clr_optimization_v2.0.50727_32 - ok
22:38:17.0134 1120  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:38:17.0138 1120  clr_optimization_v2.0.50727_64 - ok
22:38:17.0186 1120  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:38:17.0189 1120  clr_optimization_v4.0.30319_32 - ok
22:38:17.0207 1120  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:38:17.0210 1120  clr_optimization_v4.0.30319_64 - ok
22:38:17.0245 1120  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
22:38:17.0246 1120  CmBatt - ok
22:38:17.0268 1120  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
22:38:17.0271 1120  cmdide - ok
22:38:17.0311 1120  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
22:38:17.0319 1120  CNG - ok
22:38:17.0348 1120  [ 6C64705E79E02E37C4B8CAAEDA9F34AC ] compactd        C:\Windows\system32\webio64.exe
22:38:17.0352 1120  compactd - ok
22:38:17.0396 1120  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
22:38:17.0399 1120  Compbatt - ok
22:38:17.0432 1120  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
22:38:17.0434 1120  CompositeBus - ok
22:38:17.0447 1120  COMSysApp - ok
22:38:17.0476 1120  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
22:38:17.0477 1120  crcdisk - ok
22:38:17.0505 1120  [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc        C:\Windows\system32\cryptsvc.dll
22:38:17.0509 1120  CryptSvc - ok
22:38:17.0589 1120  [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
22:38:17.0599 1120  cvhsvc - ok
22:38:17.0658 1120  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
22:38:17.0668 1120  DcomLaunch - ok
22:38:17.0709 1120  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
22:38:17.0715 1120  defragsvc - ok
22:38:17.0749 1120  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
22:38:17.0752 1120  DfsC - ok
22:38:17.0807 1120  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
22:38:17.0815 1120  Dhcp - ok
22:38:17.0847 1120  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
22:38:17.0849 1120  discache - ok
22:38:17.0869 1120  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
22:38:17.0871 1120  Disk - ok
22:38:17.0892 1120  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
22:38:17.0896 1120  Dnscache - ok
22:38:17.0940 1120  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
22:38:17.0945 1120  dot3svc - ok
22:38:17.0992 1120  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
22:38:17.0998 1120  DPS - ok
22:38:18.0030 1120  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
22:38:18.0032 1120  drmkaud - ok
22:38:18.0071 1120  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
22:38:18.0108 1120  DXGKrnl - ok
22:38:18.0146 1120  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
22:38:18.0151 1120  EapHost - ok
22:38:18.0245 1120  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
22:38:18.0356 1120  ebdrv - ok
22:38:18.0385 1120  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
22:38:18.0388 1120  EFS - ok
22:38:18.0461 1120  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
22:38:18.0483 1120  ehRecvr - ok
22:38:18.0513 1120  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
22:38:18.0517 1120  ehSched - ok
22:38:18.0574 1120  [ A05FC7ECA0966EBB70E4D17B855A853B ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
22:38:18.0577 1120  ElbyCDIO - ok
22:38:18.0640 1120  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
22:38:18.0663 1120  elxstor - ok
22:38:18.0697 1120  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
22:38:18.0699 1120  ErrDev - ok
22:38:18.0757 1120  [ 4E2F44F2B6335CD4FAF9057DD0A9A61B ] ETD             C:\Windows\system32\DRIVERS\ETD.sys
22:38:18.0761 1120  ETD - ok
22:38:18.0810 1120  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
22:38:18.0820 1120  EventSystem - ok
22:38:18.0860 1120  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
22:38:18.0866 1120  exfat - ok
22:38:18.0889 1120  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
22:38:18.0894 1120  fastfat - ok
22:38:18.0957 1120  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
22:38:18.0990 1120  Fax - ok
22:38:19.0021 1120  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
22:38:19.0024 1120  fdc - ok
22:38:19.0051 1120  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
22:38:19.0054 1120  fdPHost - ok
22:38:19.0064 1120  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
22:38:19.0067 1120  FDResPub - ok
22:38:19.0076 1120  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
22:38:19.0078 1120  FileInfo - ok
22:38:19.0087 1120  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
22:38:19.0089 1120  Filetrace - ok
22:38:19.0105 1120  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
22:38:19.0107 1120  flpydisk - ok
22:38:19.0146 1120  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
22:38:19.0152 1120  FltMgr - ok
22:38:19.0217 1120  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
22:38:19.0264 1120  FontCache - ok
22:38:19.0364 1120  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:38:19.0366 1120  FontCache3.0.0.0 - ok
22:38:19.0392 1120  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
22:38:19.0395 1120  FsDepends - ok
22:38:19.0431 1120  [ 5814011B2F6E088E29D689B5FCD49B8F ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
22:38:19.0434 1120  fssfltr - ok
22:38:19.0477 1120  [ F6717211C1EC2CDDAA81B97B0727C2E9 ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
22:38:19.0486 1120  fsssvc - ok
22:38:19.0506 1120  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
22:38:19.0507 1120  Fs_Rec - ok
22:38:19.0551 1120  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
22:38:19.0555 1120  fvevol - ok
22:38:19.0577 1120  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
22:38:19.0579 1120  gagp30kx - ok
22:38:19.0629 1120  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
22:38:19.0652 1120  gpsvc - ok
22:38:19.0710 1120  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:38:19.0712 1120  gupdate - ok
22:38:19.0735 1120  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:38:19.0737 1120  gupdatem - ok
22:38:19.0764 1120  [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
22:38:19.0766 1120  gusvc - ok
22:38:19.0820 1120  [ DB8A82239139348D6666434128D6F5DC ] gzflt           C:\Windows\system32\DRIVERS\gzflt.sys
22:38:19.0824 1120  gzflt - ok
22:38:19.0854 1120  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
22:38:19.0857 1120  hcw85cir - ok
22:38:19.0920 1120  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:38:19.0928 1120  HdAudAddService - ok
22:38:19.0963 1120  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
22:38:19.0966 1120  HDAudBus - ok
22:38:19.0991 1120  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
22:38:19.0992 1120  HidBatt - ok
22:38:20.0011 1120  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
22:38:20.0014 1120  HidBth - ok
22:38:20.0032 1120  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
22:38:20.0035 1120  HidIr - ok
22:38:20.0064 1120  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
22:38:20.0067 1120  hidserv - ok
22:38:20.0081 1120  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
22:38:20.0083 1120  HidUsb - ok
22:38:20.0127 1120  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
22:38:20.0131 1120  hkmsvc - ok
22:38:20.0173 1120  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:38:20.0180 1120  HomeGroupListener - ok
22:38:20.0226 1120  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:38:20.0234 1120  HomeGroupProvider - ok
22:38:20.0257 1120  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
22:38:20.0260 1120  HpSAMD - ok
22:38:20.0305 1120  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
22:38:20.0327 1120  HTTP - ok
22:38:20.0340 1120  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
22:38:20.0341 1120  hwpolicy - ok
22:38:20.0379 1120  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
22:38:20.0382 1120  i8042prt - ok
22:38:20.0419 1120  [ BBB3B6DF1ABB0FE35802EDE85CC1C011 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
22:38:20.0423 1120  iaStor - ok
22:38:20.0465 1120  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
22:38:20.0472 1120  iaStorV - ok
22:38:20.0535 1120  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:38:20.0558 1120  idsvc - ok
22:38:20.0769 1120  [ DFEAF0A1D98D397035012C8E28D1520F ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
22:38:20.0989 1120  igfx - ok
22:38:21.0036 1120  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
22:38:21.0038 1120  iirsp - ok
22:38:21.0095 1120  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
22:38:21.0127 1120  IKEEXT - ok
22:38:21.0216 1120  [ D45DD81112A179255A06E030F818BAE8 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
22:38:21.0282 1120  IntcAzAudAddService - ok
22:38:21.0306 1120  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
22:38:21.0308 1120  intelide - ok
22:38:21.0353 1120  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
22:38:21.0384 1120  intelppm - ok
22:38:21.0414 1120  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
22:38:21.0419 1120  IPBusEnum - ok
22:38:21.0451 1120  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:38:21.0453 1120  IpFilterDriver - ok
22:38:21.0496 1120  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
22:38:21.0519 1120  iphlpsvc - ok
22:38:21.0555 1120  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
22:38:21.0559 1120  IPMIDRV - ok
22:38:21.0594 1120  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
22:38:21.0597 1120  IPNAT - ok
22:38:21.0632 1120  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
22:38:21.0636 1120  IRENUM - ok
22:38:21.0661 1120  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
22:38:21.0664 1120  isapnp - ok
22:38:21.0690 1120  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
22:38:21.0697 1120  iScsiPrt - ok
22:38:21.0732 1120  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
22:38:21.0735 1120  kbdclass - ok
22:38:21.0754 1120  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
22:38:21.0756 1120  kbdhid - ok
22:38:21.0790 1120  [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr         C:\Windows\system32\DRIVERS\kbfiltr.sys
22:38:21.0792 1120  kbfiltr - ok
22:38:21.0809 1120  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
22:38:21.0812 1120  KeyIso - ok
22:38:21.0849 1120  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
22:38:21.0852 1120  KSecDD - ok
22:38:21.0877 1120  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
22:38:21.0882 1120  KSecPkg - ok
22:38:21.0920 1120  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
22:38:21.0922 1120  ksthunk - ok
22:38:21.0959 1120  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
22:38:21.0969 1120  KtmRm - ok
22:38:22.0007 1120  [ B4A3A05B0F9C81D098B96AB6AA915042 ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
22:38:22.0010 1120  L1C - ok
22:38:22.0065 1120  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
22:38:22.0074 1120  LanmanServer - ok
22:38:22.0114 1120  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:38:22.0119 1120  LanmanWorkstation - ok
22:38:22.0160 1120  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
22:38:22.0162 1120  lltdio - ok
22:38:22.0196 1120  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
22:38:22.0203 1120  lltdsvc - ok
22:38:22.0224 1120  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
22:38:22.0227 1120  lmhosts - ok
22:38:22.0261 1120  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
22:38:22.0264 1120  LSI_FC - ok
22:38:22.0277 1120  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
22:38:22.0280 1120  LSI_SAS - ok
22:38:22.0299 1120  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:38:22.0302 1120  LSI_SAS2 - ok
22:38:22.0315 1120  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:38:22.0319 1120  LSI_SCSI - ok
22:38:22.0348 1120  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
22:38:22.0350 1120  luafv - ok
22:38:22.0388 1120  [ 1B4DBCAA0321BBB76255983148051F09 ] massfilter      C:\Windows\system32\drivers\massfilter.sys
22:38:22.0390 1120  massfilter - ok
22:38:22.0408 1120  [ 7AD627CDB12F5F451F24C8A97CA6E175 ] massfilter_hs   C:\Windows\system32\drivers\massfilter_hs.sys
22:38:22.0410 1120  massfilter_hs - ok
22:38:22.0497 1120  [ DDCC236009C707761D60E5C76D639176 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
22:38:22.0502 1120  McComponentHostService - ok
22:38:22.0547 1120  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
22:38:22.0551 1120  Mcx2Svc - ok
22:38:22.0564 1120  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
22:38:22.0566 1120  megasas - ok
22:38:22.0607 1120  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
22:38:22.0615 1120  MegaSR - ok
22:38:22.0645 1120  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
22:38:22.0653 1120  MMCSS - ok
22:38:22.0668 1120  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
22:38:22.0670 1120  Modem - ok
22:38:22.0698 1120  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
22:38:22.0699 1120  monitor - ok
22:38:22.0724 1120  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
22:38:22.0727 1120  mouclass - ok
22:38:22.0749 1120  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
22:38:22.0751 1120  mouhid - ok
22:38:22.0792 1120  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
22:38:22.0795 1120  mountmgr - ok
22:38:22.0836 1120  [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:38:22.0837 1120  MozillaMaintenance - ok
22:38:22.0853 1120  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
22:38:22.0858 1120  mpio - ok
22:38:22.0895 1120  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
22:38:22.0898 1120  mpsdrv - ok
22:38:22.0946 1120  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
22:38:22.0984 1120  MpsSvc - ok
22:38:23.0024 1120  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
22:38:23.0030 1120  MRxDAV - ok
22:38:23.0074 1120  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
22:38:23.0077 1120  mrxsmb - ok
22:38:23.0110 1120  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:38:23.0117 1120  mrxsmb10 - ok
22:38:23.0147 1120  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:38:23.0151 1120  mrxsmb20 - ok
22:38:23.0174 1120  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
22:38:23.0177 1120  msahci - ok
22:38:23.0211 1120  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
22:38:23.0214 1120  msdsm - ok
22:38:23.0236 1120  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
22:38:23.0242 1120  MSDTC - ok
22:38:23.0274 1120  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
22:38:23.0276 1120  Msfs - ok
22:38:23.0284 1120  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
22:38:23.0286 1120  mshidkmdf - ok
22:38:23.0299 1120  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
22:38:23.0300 1120  msisadrv - ok
22:38:23.0329 1120  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
22:38:23.0335 1120  MSiSCSI - ok
22:38:23.0339 1120  msiserver - ok
22:38:23.0370 1120  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
22:38:23.0372 1120  MSKSSRV - ok
22:38:23.0382 1120  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
22:38:23.0384 1120  MSPCLOCK - ok
22:38:23.0405 1120  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
22:38:23.0407 1120  MSPQM - ok
22:38:23.0448 1120  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
22:38:23.0455 1120  MsRPC - ok
22:38:23.0480 1120  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
22:38:23.0481 1120  mssmbios - ok
22:38:23.0501 1120  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
22:38:23.0503 1120  MSTEE - ok
22:38:23.0518 1120  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
22:38:23.0520 1120  MTConfig - ok
22:38:23.0549 1120  [ 032D35C996F21D19A205A7C8F0B76F3C ] MTsensor        C:\Windows\system32\DRIVERS\ATK64AMD.sys
22:38:23.0551 1120  MTsensor - ok
22:38:23.0563 1120  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
22:38:23.0570 1120  Mup - ok
22:38:23.0616 1120  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
22:38:23.0625 1120  napagent - ok
22:38:23.0661 1120  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
22:38:23.0667 1120  NativeWifiP - ok
22:38:23.0723 1120  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
22:38:23.0754 1120  NDIS - ok
22:38:23.0777 1120  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
22:38:23.0779 1120  NdisCap - ok
22:38:23.0804 1120  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
22:38:23.0806 1120  NdisTapi - ok
22:38:23.0859 1120  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
22:38:23.0862 1120  Ndisuio - ok
22:38:23.0915 1120  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
22:38:23.0920 1120  NdisWan - ok
22:38:23.0951 1120  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
22:38:23.0953 1120  NDProxy - ok
22:38:23.0969 1120  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
22:38:23.0971 1120  NetBIOS - ok
22:38:23.0986 1120  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
22:38:23.0991 1120  NetBT - ok
22:38:24.0021 1120  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
22:38:24.0022 1120  Netlogon - ok
22:38:24.0065 1120  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
22:38:24.0074 1120  Netman - ok
22:38:24.0104 1120  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
22:38:24.0127 1120  netprofm - ok
22:38:24.0157 1120  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:38:24.0160 1120  NetTcpPortSharing - ok
22:38:24.0190 1120  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
22:38:24.0192 1120  nfrd960 - ok
22:38:24.0232 1120  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
22:38:24.0239 1120  NlaSvc - ok
22:38:24.0256 1120  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
22:38:24.0258 1120  Npfs - ok
22:38:24.0283 1120  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
22:38:24.0286 1120  nsi - ok
22:38:24.0302 1120  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
22:38:24.0302 1120  nsiproxy - ok
22:38:24.0367 1120  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
22:38:24.0413 1120  Ntfs - ok
22:38:24.0428 1120  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
22:38:24.0430 1120  Null - ok
22:38:24.0455 1120  [ 6E41A4DF26340A07A489B721F9721EC1 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
22:38:24.0457 1120  NVHDA - ok
22:38:24.0749 1120  [ 5A9A416F77E98686079E4D7F90A55498 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:38:25.0035 1120  nvlddmkm - ok
22:38:25.0070 1120  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
22:38:25.0074 1120  nvraid - ok
22:38:25.0091 1120  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
22:38:25.0095 1120  nvstor - ok
22:38:25.0155 1120  [ 72545FE7BD0410E72D00B0029DAE3700 ] nvsvc           C:\Windows\system32\nvvsvc.exe
22:38:25.0163 1120  nvsvc - ok
22:38:25.0184 1120  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
22:38:25.0187 1120  nv_agp - ok
22:38:25.0211 1120  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
22:38:25.0214 1120  ohci1394 - ok
22:38:25.0244 1120  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:38:25.0247 1120  ose - ok
22:38:25.0386 1120  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:38:25.0531 1120  osppsvc - ok
22:38:25.0557 1120  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
22:38:25.0564 1120  p2pimsvc - ok
22:38:25.0597 1120  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
22:38:25.0605 1120  p2psvc - ok
22:38:25.0634 1120  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
22:38:25.0637 1120  Parport - ok
22:38:25.0669 1120  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
22:38:25.0671 1120  partmgr - ok
22:38:25.0692 1120  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
22:38:25.0698 1120  PcaSvc - ok
22:38:25.0724 1120  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
22:38:25.0728 1120  pci - ok
22:38:25.0746 1120  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
22:38:25.0748 1120  pciide - ok
22:38:25.0771 1120  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
22:38:25.0776 1120  pcmcia - ok
22:38:25.0792 1120  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
22:38:25.0794 1120  pcw - ok
22:38:25.0822 1120  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
22:38:25.0832 1120  PEAUTH - ok
22:38:25.0913 1120  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
22:38:25.0916 1120  PerfHost - ok
22:38:26.0004 1120  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
22:38:26.0074 1120  pla - ok
22:38:26.0123 1120  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
22:38:26.0131 1120  PlugPlay - ok
22:38:26.0164 1120  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
22:38:26.0168 1120  PNRPAutoReg - ok
22:38:26.0184 1120  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
22:38:26.0188 1120  PNRPsvc - ok
22:38:26.0229 1120  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
22:38:26.0239 1120  PolicyAgent - ok
22:38:26.0266 1120  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
22:38:26.0271 1120  Power - ok
22:38:26.0323 1120  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
22:38:26.0327 1120  PptpMiniport - ok
22:38:26.0364 1120  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
22:38:26.0366 1120  Processor - ok
22:38:26.0394 1120  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
22:38:26.0401 1120  ProfSvc - ok
22:38:26.0420 1120  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:38:26.0421 1120  ProtectedStorage - ok
22:38:26.0469 1120  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
22:38:26.0472 1120  Psched - ok
22:38:26.0525 1120  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
22:38:26.0581 1120  ql2300 - ok
22:38:26.0619 1120  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
22:38:26.0622 1120  ql40xx - ok
22:38:26.0649 1120  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
22:38:26.0656 1120  QWAVE - ok
22:38:26.0675 1120  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
22:38:26.0677 1120  QWAVEdrv - ok
22:38:26.0758 1120  [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr         C:\Windows\WindowsMobile\rapimgr.dll
22:38:26.0762 1120  RapiMgr - ok
22:38:26.0776 1120  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
22:38:26.0777 1120  RasAcd - ok
22:38:26.0812 1120  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
22:38:26.0815 1120  RasAgileVpn - ok
22:38:26.0844 1120  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
22:38:26.0848 1120  RasAuto - ok
22:38:26.0885 1120  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
22:38:26.0888 1120  Rasl2tp - ok
22:38:26.0960 1120  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
22:38:26.0982 1120  RasMan - ok
22:38:27.0005 1120  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
22:38:27.0007 1120  RasPppoe - ok
22:38:27.0018 1120  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
22:38:27.0020 1120  RasSstp - ok
22:38:27.0064 1120  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
22:38:27.0072 1120  rdbss - ok
22:38:27.0090 1120  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
22:38:27.0093 1120  rdpbus - ok
22:38:27.0117 1120  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
22:38:27.0118 1120  RDPCDD - ok
22:38:27.0143 1120  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
22:38:27.0145 1120  RDPENCDD - ok
22:38:27.0159 1120  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
22:38:27.0167 1120  RDPREFMP - ok
22:38:27.0198 1120  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
22:38:27.0206 1120  RDPWD - ok
22:38:27.0265 1120  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
22:38:27.0295 1120  rdyboost - ok
22:38:27.0325 1120  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
22:38:27.0348 1120  RemoteAccess - ok
22:38:27.0389 1120  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
22:38:27.0395 1120  RemoteRegistry - ok
22:38:27.0409 1120  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
22:38:27.0414 1120  RpcEptMapper - ok
22:38:27.0432 1120  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
22:38:27.0436 1120  RpcLocator - ok
22:38:27.0476 1120  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
22:38:27.0484 1120  RpcSs - ok
22:38:27.0531 1120  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
22:38:27.0536 1120  rspndr - ok
22:38:27.0577 1120  [ 646B22BADBD24C6D528AA6B8ABE0EC0E ] RTL2832UBDA     C:\Windows\system32\drivers\RTL2832UBDA.sys
22:38:27.0583 1120  RTL2832UBDA - ok
22:38:27.0606 1120  [ C4D4EF0FF8F43A4D5C4F5F05A7F13631 ] RTL2832UUSB     C:\Windows\system32\Drivers\RTL2832UUSB.sys
22:38:27.0614 1120  RTL2832UUSB - ok
22:38:27.0630 1120  [ 19FAA5E7CF3D5263F4E79450A03E50CA ] RTL2832U_IRHID  C:\Windows\system32\DRIVERS\RTL2832U_IRHID.sys
22:38:27.0633 1120  RTL2832U_IRHID - ok
22:38:27.0674 1120  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
22:38:27.0678 1120  SamSs - ok
22:38:27.0717 1120  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
22:38:27.0719 1120  sbp2port - ok
22:38:27.0751 1120  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
22:38:27.0751 1120  SCardSvr - ok
22:38:27.0783 1120  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
22:38:27.0783 1120  scfilter - ok
22:38:27.0970 1120  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
22:38:28.0017 1120  Schedule - ok
22:38:28.0048 1120  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
22:38:28.0048 1120  SCPolicySvc - ok
22:38:28.0079 1120  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
22:38:28.0095 1120  SDRSVC - ok
22:38:28.0126 1120  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
22:38:28.0126 1120  secdrv - ok
22:38:28.0173 1120  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
22:38:28.0173 1120  seclogon - ok
22:38:28.0204 1120  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
22:38:28.0204 1120  SENS - ok
22:38:28.0235 1120  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
22:38:28.0235 1120  SensrSvc - ok
22:38:28.0266 1120  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
22:38:28.0266 1120  Serenum - ok
22:38:28.0297 1120  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
22:38:28.0313 1120  Serial - ok
22:38:28.0329 1120  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
22:38:28.0344 1120  sermouse - ok
22:38:28.0375 1120  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
22:38:28.0391 1120  SessionEnv - ok
22:38:28.0422 1120  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
22:38:28.0422 1120  sffdisk - ok
22:38:28.0438 1120  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
22:38:28.0438 1120  sffp_mmc - ok
22:38:28.0469 1120  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
22:38:28.0469 1120  sffp_sd - ok
22:38:28.0485 1120  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
22:38:28.0485 1120  sfloppy - ok
22:38:28.0547 1120  [ C6CC9297BD53E5229653303E556AA539 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
22:38:28.0578 1120  Sftfs - ok
22:38:28.0641 1120  [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
22:38:28.0641 1120  sftlist - ok
22:38:28.0672 1120  [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
22:38:28.0672 1120  Sftplay - ok
22:38:28.0687 1120  [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
22:38:28.0687 1120  Sftredir - ok
22:38:28.0719 1120  [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
22:38:28.0719 1120  Sftvol - ok
22:38:28.0734 1120  [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
22:38:28.0734 1120  sftvsa - ok
22:38:28.0765 1120  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
22:38:28.0765 1120  SharedAccess - ok
22:38:28.0828 1120  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:38:28.0828 1120  ShellHWDetection - ok
22:38:28.0875 1120  [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH        C:\Windows\system32\DRIVERS\SiSG664.sys
22:38:28.0875 1120  SiSGbeLH - ok
22:38:28.0890 1120  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:38:28.0890 1120  SiSRaid2 - ok
22:38:28.0906 1120  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
22:38:28.0921 1120  SiSRaid4 - ok
22:38:28.0968 1120  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
22:38:28.0968 1120  SkypeUpdate - ok
22:38:28.0999 1120  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
22:38:28.0999 1120  Smb - ok
22:38:29.0046 1120  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
22:38:29.0062 1120  SNMPTRAP - ok
22:38:29.0140 1120  [ 1D8474722CDFFBB8FCA5FA12C50A05A2 ] SNP2UVC         C:\Windows\system32\DRIVERS\snp2uvc.sys
22:38:29.0218 1120  SNP2UVC - ok
22:38:29.0249 1120  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
22:38:29.0249 1120  spldr - ok
22:38:29.0280 1120  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
22:38:29.0296 1120  Spooler - ok
22:38:29.0421 1120  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
22:38:29.0530 1120  sppsvc - ok
22:38:29.0545 1120  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
22:38:29.0561 1120  sppuinotify - ok
22:38:29.0592 1120  [ D519AD2DE7968CD2B47FEA807C5B29B2 ] sptd            C:\Windows\System32\Drivers\sptd.sys
22:38:29.0592 1120  Suspicious file (NoAccess): C:\Windows\System32\Drivers\sptd.sys. md5: D519AD2DE7968CD2B47FEA807C5B29B2
22:38:29.0608 1120  sptd ( LockedFile.Multi.Generic ) - warning
22:38:29.0608 1120  sptd - detected LockedFile.Multi.Generic (1)
22:38:29.0655 1120  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
22:38:29.0655 1120  srv - ok
22:38:29.0686 1120  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
22:38:29.0701 1120  srv2 - ok
22:38:29.0717 1120  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
22:38:29.0717 1120  srvnet - ok
22:38:29.0748 1120  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
22:38:29.0748 1120  SSDPSRV - ok
22:38:29.0795 1120  [ 0211AB46B73A2623B86C1CFCB30579AB ] SSPORT          C:\Windows\system32\Drivers\SSPORT.sys
22:38:29.0811 1120  SSPORT - ok
22:38:29.0811 1120  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
22:38:29.0826 1120  SstpSvc - ok
22:38:29.0842 1120  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
22:38:29.0842 1120  stexstor - ok
22:38:29.0904 1120  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
22:38:29.0935 1120  stisvc - ok
22:38:30.0029 1120  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
22:38:30.0045 1120  swenum - ok
22:38:30.0076 1120  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
22:38:30.0076 1120  swprv - ok
22:38:30.0154 1120  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
22:38:30.0232 1120  SysMain - ok
22:38:30.0279 1120  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:38:30.0294 1120  TabletInputService - ok
22:38:30.0325 1120  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
22:38:30.0325 1120  TapiSrv - ok
22:38:30.0357 1120  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
22:38:30.0357 1120  TBS - ok
22:38:30.0419 1120  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
22:38:30.0497 1120  Tcpip - ok
22:38:30.0575 1120  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
22:38:30.0591 1120  TCPIP6 - ok
22:38:30.0637 1120  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
22:38:30.0637 1120  tcpipreg - ok
22:38:30.0669 1120  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
22:38:30.0669 1120  TDPIPE - ok
22:38:30.0700 1120  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
22:38:30.0700 1120  TDTCP - ok
22:38:30.0747 1120  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
22:38:30.0747 1120  tdx - ok
22:38:30.0793 1120  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
22:38:30.0793 1120  TermDD - ok
22:38:30.0825 1120  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
22:38:30.0856 1120  TermService - ok
22:38:30.0918 1120  [ 8F14DE79EBE73D6D717B8455E64DDA86 ] TGCM_ImportWiFiSvc C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe
22:38:30.0918 1120  TGCM_ImportWiFiSvc - ok
22:38:30.0949 1120  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
22:38:30.0949 1120  Themes - ok
22:38:30.0981 1120  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
22:38:30.0981 1120  THREADORDER - ok
22:38:31.0027 1120  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
22:38:31.0027 1120  TrkWks - ok
22:38:31.0090 1120  [ 132C0E39AF0312E6B9611E2E1B344D41 ] trufos          C:\Windows\system32\DRIVERS\trufos.sys
22:38:31.0105 1120  trufos - ok
22:38:31.0168 1120  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:38:31.0168 1120  TrustedInstaller - ok
22:38:31.0215 1120  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
22:38:31.0215 1120  tssecsrv - ok
22:38:31.0261 1120  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
22:38:31.0261 1120  TsUsbFlt - ok
22:38:31.0371 1120  [ 811A229718C85356BC81EB20F35EB7F6 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
22:38:31.0449 1120  TuneUp.UtilitiesSvc - ok
22:38:31.0496 1120  [ DCC94C51D27C7EC0DADECA8F64C94FCF ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys
22:38:31.0496 1120  TuneUpUtilitiesDrv - ok
22:38:31.0558 1120  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
22:38:31.0574 1120  tunnel - ok
22:38:31.0589 1120  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
22:38:31.0589 1120  uagp35 - ok
22:38:31.0652 1120  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
22:38:31.0652 1120  udfs - ok
22:38:31.0698 1120  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
22:38:31.0698 1120  UI0Detect - ok
22:38:31.0714 1120  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
22:38:31.0730 1120  uliagpkx - ok
22:38:31.0761 1120  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
22:38:31.0761 1120  umbus - ok
22:38:31.0808 1120  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
22:38:31.0808 1120  UmPass - ok
22:38:31.0886 1120  [ 3B709E63B35A6949F4CFB05A6F6A180C ] UPDATESRV       C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe
22:38:31.0886 1120  UPDATESRV - ok
22:38:31.0932 1120  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
22:38:31.0948 1120  upnphost - ok
22:38:31.0964 1120  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
22:38:31.0979 1120  usbccgp - ok
22:38:32.0010 1120  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
22:38:32.0010 1120  usbcir - ok
22:38:32.0042 1120  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
22:38:32.0042 1120  usbehci - ok
22:38:32.0073 1120  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
22:38:32.0073 1120  usbhub - ok
22:38:32.0104 1120  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
22:38:32.0104 1120  usbohci - ok
22:38:32.0151 1120  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
22:38:32.0151 1120  usbprint - ok
22:38:32.0182 1120  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
22:38:32.0182 1120  usbscan - ok
22:38:32.0213 1120  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\drivers\USBSTOR.SYS
22:38:32.0213 1120  USBSTOR - ok
22:38:32.0229 1120  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
22:38:32.0229 1120  usbuhci - ok
22:38:32.0260 1120  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
22:38:32.0260 1120  usbvideo - ok
22:38:32.0307 1120  [ 7B28E2FBE75115660FAB31079C0A9F29 ] usb_rndisx      C:\Windows\system32\drivers\usb8023x.sys
22:38:32.0307 1120  usb_rndisx - ok
22:38:32.0338 1120  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
22:38:32.0338 1120  UxSms - ok
22:38:32.0354 1120  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
22:38:32.0354 1120  VaultSvc - ok
22:38:32.0369 1120  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
22:38:32.0385 1120  vdrvroot - ok
22:38:32.0432 1120  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
22:38:32.0432 1120  vds - ok
22:38:32.0463 1120  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
22:38:32.0463 1120  vga - ok
22:38:32.0478 1120  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
22:38:32.0478 1120  VgaSave - ok
22:38:32.0494 1120  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
22:38:32.0510 1120  vhdmp - ok
22:38:32.0525 1120  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
22:38:32.0525 1120  viaide - ok
22:38:32.0556 1120  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
22:38:32.0556 1120  volmgr - ok
22:38:32.0603 1120  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
22:38:32.0603 1120  volmgrx - ok
22:38:32.0634 1120  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
22:38:32.0634 1120  volsnap - ok
22:38:32.0666 1120  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
22:38:32.0681 1120  vsmraid - ok
22:38:32.0759 1120  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
22:38:32.0837 1120  VSS - ok
22:38:32.0900 1120  [ 11DF4A46471F1555AEB41E0DF049E32F ] VSSERV          C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe
22:38:32.0978 1120  VSSERV - ok
22:38:32.0993 1120  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
22:38:32.0993 1120  vwifibus - ok
22:38:33.0009 1120  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
22:38:33.0009 1120  vwififlt - ok
22:38:33.0056 1120  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
22:38:33.0056 1120  W32Time - ok
22:38:33.0087 1120  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
22:38:33.0087 1120  WacomPen - ok
22:38:33.0149 1120  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
22:38:33.0149 1120  WANARP - ok
22:38:33.0165 1120  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
22:38:33.0165 1120  Wanarpv6 - ok
22:38:33.0243 1120  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
22:38:33.0305 1120  wbengine - ok
22:38:33.0336 1120  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
22:38:33.0352 1120  WbioSrvc - ok
22:38:33.0414 1120  [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm        C:\Windows\WindowsMobile\wcescomm.dll
22:38:33.0430 1120  WcesComm - ok
22:38:33.0477 1120  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
22:38:33.0492 1120  wcncsvc - ok
22:38:33.0524 1120  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:38:33.0524 1120  WcsPlugInService - ok
22:38:33.0555 1120  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
22:38:33.0555 1120  Wd - ok
22:38:33.0602 1120  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
22:38:33.0633 1120  Wdf01000 - ok
22:38:33.0664 1120  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
22:38:33.0664 1120  WdiServiceHost - ok
22:38:33.0664 1120  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
22:38:33.0680 1120  WdiSystemHost - ok
22:38:33.0726 1120  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
22:38:33.0742 1120  WebClient - ok
22:38:33.0758 1120  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
22:38:33.0773 1120  Wecsvc - ok
22:38:33.0789 1120  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
22:38:33.0789 1120  wercplsupport - ok
22:38:33.0820 1120  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
22:38:33.0820 1120  WerSvc - ok
22:38:33.0851 1120  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
22:38:33.0851 1120  WfpLwf - ok
22:38:33.0882 1120  [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
22:38:33.0882 1120  WimFltr - ok
22:38:33.0914 1120  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
22:38:33.0914 1120  WIMMount - ok
22:38:33.0929 1120  WinHttpAutoProxySvc - ok
22:38:33.0976 1120  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
22:38:33.0992 1120  Winmgmt - ok
22:38:34.0085 1120  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
22:38:34.0148 1120  WinRM - ok
22:38:34.0210 1120  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\drivers\WinUSB.SYS
22:38:34.0210 1120  WinUsb - ok
22:38:34.0272 1120  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
22:38:34.0304 1120  Wlansvc - ok
22:38:34.0335 1120  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
22:38:34.0335 1120  WmiAcpi - ok
22:38:34.0366 1120  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
22:38:34.0366 1120  wmiApSrv - ok
22:38:34.0413 1120  WMPNetworkSvc - ok
22:38:34.0428 1120  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
22:38:34.0444 1120  WPCSvc - ok
22:38:34.0475 1120  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
22:38:34.0475 1120  WPDBusEnum - ok
22:38:34.0506 1120  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
22:38:34.0506 1120  ws2ifsl - ok
22:38:34.0522 1120  WSearch - ok
22:38:34.0616 1120  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
22:38:34.0709 1120  wuauserv - ok
22:38:34.0740 1120  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
22:38:34.0740 1120  WudfPf - ok
22:38:34.0772 1120  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
22:38:34.0772 1120  WUDFRd - ok
22:38:34.0803 1120  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
22:38:34.0803 1120  wudfsvc - ok
22:38:34.0834 1120  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
22:38:34.0834 1120  WwanSvc - ok
22:38:34.0881 1120  [ AD6558FBC66691959BA4AC55A57C3921 ] ZTEusbmdm6k     C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
22:38:34.0881 1120  ZTEusbmdm6k - ok
22:38:34.0896 1120  [ AD6558FBC66691959BA4AC55A57C3921 ] ZTEusbnmea      C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
22:38:34.0912 1120  ZTEusbnmea - ok
22:38:34.0928 1120  [ AD6558FBC66691959BA4AC55A57C3921 ] ZTEusbser6k     C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
22:38:34.0928 1120  ZTEusbser6k - ok
22:38:34.0959 1120  ================ Scan global ===============================
22:38:34.0974 1120  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
22:38:35.0006 1120  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
22:38:35.0021 1120  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
22:38:35.0052 1120  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
22:38:35.0068 1120  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
22:38:35.0084 1120  [Global] - ok
22:38:35.0084 1120  ================ Scan MBR ==================================
22:38:35.0084 1120  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:38:35.0536 1120  \Device\Harddisk0\DR0 - ok
22:38:35.0536 1120  ================ Scan VBR ==================================
22:38:35.0552 1120  [ F9E829B6C67CD6F5BAEE6A43337FF88F ] \Device\Harddisk0\DR0\Partition1
22:38:35.0552 1120  \Device\Harddisk0\DR0\Partition1 - ok
22:38:35.0583 1120  [ 95011FEBD5BEB8A7F69DB74C3EA5E72B ] \Device\Harddisk0\DR0\Partition2
22:38:35.0583 1120  \Device\Harddisk0\DR0\Partition2 - ok
22:38:35.0583 1120  ============================================================
22:38:35.0583 1120  Scan finished
22:38:35.0583 1120  ============================================================
22:38:35.0614 3048  Detected object count: 1
22:38:35.0614 3048  Actual detected object count: 1
22:38:54.0100 3048  sptd ( LockedFile.Multi.Generic ) - skipped by user
22:38:54.0100 3048  sptd ( LockedFile.Multi.Generic ) - User select action: Skip 
22:39:09.0450 5340  Deinitialize success

aharonov · 24.07.2013, 21:42

Ok.

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

raya66 · 26.07.2013, 10:18

Combofix hat ergeben:

Code:

ATTFilter

ComboFix 13-07-24.03 - Anny 25.07.2013  23:19:50.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4061.1939 [GMT 2:00]
ausgeführt von:: c:\users\Anny\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\esupport\eDriver\Software\ASUS\MULTIFRAME\XP32_VISTA32_VISTA64_WIN7_32_WIN7_64_1.0.0021\DESKTOP_.INI
c:\programdata\1359464215.bdinstall.bin
c:\programdata\1374786762.bdinstall.bin
c:\programdata\FullRemove.exe
c:\users\Anny\Launcher.exe
c:\users\Anny\steam_api.dll
c:\users\Anny\Steamclient.dll
c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe
D:\install.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-06-25 bis 2013-07-25  ))))))))))))))))))))))))))))))
.
.
2013-07-25 21:34 . 2013-07-25 21:34	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-07-25 11:12 . 2013-07-25 11:12	--------	d-----w-	C:\found.000
2013-07-19 09:24 . 2013-07-19 09:24	--------	d-----w-	C:\FRST
2013-07-19 02:02 . 2013-07-19 02:02	--------	d-----w-	c:\windows\SysWow64\wbem\en-US
2013-07-19 02:02 . 2013-07-19 02:02	--------	d-----w-	c:\windows\system32\wbem\en-US
2013-07-19 01:16 . 2013-07-19 01:16	9728	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-07-18 15:49 . 2013-02-27 05:52	14172672	----a-w-	c:\windows\system32\shell32.dll
2013-07-18 15:49 . 2013-02-27 05:52	197120	----a-w-	c:\windows\system32\shdocvw.dll
2013-07-18 15:49 . 2013-02-27 05:48	1930752	----a-w-	c:\windows\system32\authui.dll
2013-07-18 15:49 . 2013-02-27 06:02	111448	----a-w-	c:\windows\system32\consent.exe
2013-07-18 15:49 . 2013-02-27 05:47	70144	----a-w-	c:\windows\system32\appinfo.dll
2013-07-18 15:49 . 2013-02-27 04:49	1796096	----a-w-	c:\windows\SysWow64\authui.dll
2013-07-18 15:48 . 2013-05-08 06:39	1910632	----a-w-	c:\windows\system32\drivers\tcpip.sys
2013-07-18 15:48 . 2013-05-27 05:50	1011712	----a-w-	c:\program files\Windows Defender\MpSvc.dll
2013-07-18 15:48 . 2013-05-27 05:50	571904	----a-w-	c:\program files\Windows Defender\MpClient.dll
2013-07-18 15:48 . 2013-05-27 05:50	314880	----a-w-	c:\program files\Windows Defender\MpCommu.dll
2013-07-18 15:48 . 2013-05-27 04:57	54784	----a-w-	c:\program files (x86)\Windows Defender\MpOAV.dll
2013-07-18 15:48 . 2013-05-27 04:57	392704	----a-w-	c:\program files (x86)\Windows Defender\MpClient.dll
2013-07-18 15:48 . 2013-05-27 03:15	9216	----a-w-	c:\program files (x86)\Windows Defender\MpAsDesc.dll
2013-07-18 15:48 . 2013-06-04 06:00	624128	----a-w-	c:\windows\system32\qedit.dll
2013-07-18 15:48 . 2013-05-27 04:57	4608	----a-w-	c:\program files (x86)\Windows Defender\MsMpLics.dll
2013-07-18 15:48 . 2013-06-04 04:53	509440	----a-w-	c:\windows\SysWow64\qedit.dll
2013-07-18 15:48 . 2013-05-06 06:03	1887744	----a-w-	c:\windows\system32\WMVDECOD.DLL
2013-07-18 15:48 . 2013-05-06 04:56	1620480	----a-w-	c:\windows\SysWow64\WMVDECOD.DLL
2013-07-18 15:47 . 2013-04-26 05:51	751104	----a-w-	c:\windows\system32\win32spl.dll
2013-07-18 15:47 . 2013-04-26 04:55	492544	----a-w-	c:\windows\SysWow64\win32spl.dll
2013-07-18 15:47 . 2013-06-05 03:34	3153920	----a-w-	c:\windows\system32\win32k.sys
2013-07-18 15:47 . 2013-05-10 05:49	30720	----a-w-	c:\windows\system32\cryptdlg.dll
2013-07-18 15:47 . 2013-05-10 03:20	24576	----a-w-	c:\windows\SysWow64\cryptdlg.dll
2013-07-18 15:47 . 2013-04-10 05:48	1732608	----a-w-	c:\program files\Windows Journal\NBDoc.DLL
2013-07-18 15:47 . 2013-04-10 05:46	1402880	----a-w-	c:\program files\Windows Journal\JNWDRV.dll
2013-07-18 15:47 . 2013-04-10 05:46	1393152	----a-w-	c:\program files\Windows Journal\JNTFiltr.dll
2013-07-18 15:47 . 2013-04-10 05:46	1367040	----a-w-	c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-18 15:47 . 2013-04-10 05:03	936448	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-07-18 15:46 . 2013-05-13 03:43	1192448	----a-w-	c:\windows\system32\certutil.exe
2013-07-18 15:46 . 2013-05-13 05:51	184320	----a-w-	c:\windows\system32\cryptsvc.dll
2013-07-18 15:46 . 2013-05-13 05:51	1464320	----a-w-	c:\windows\system32\crypt32.dll
2013-07-18 15:46 . 2013-05-13 05:51	139776	----a-w-	c:\windows\system32\cryptnet.dll
2013-07-18 15:46 . 2013-05-13 04:45	140288	----a-w-	c:\windows\SysWow64\cryptsvc.dll
2013-07-18 15:46 . 2013-05-13 04:45	1160192	----a-w-	c:\windows\SysWow64\crypt32.dll
2013-07-18 15:46 . 2013-05-13 04:45	103936	----a-w-	c:\windows\SysWow64\cryptnet.dll
2013-07-18 15:46 . 2013-05-13 03:08	903168	----a-w-	c:\windows\SysWow64\certutil.exe
2013-07-18 15:46 . 2013-05-13 05:50	52224	----a-w-	c:\windows\system32\certenc.dll
2013-07-18 15:46 . 2013-05-13 03:08	43008	----a-w-	c:\windows\SysWow64\certenc.dll
2013-07-18 15:45 . 2013-04-25 23:30	1505280	----a-w-	c:\windows\SysWow64\d3d11.dll
2013-07-18 15:45 . 2013-03-31 22:52	1887232	----a-w-	c:\windows\system32\d3d11.dll
2013-07-18 15:40 . 2013-04-10 06:01	265064	----a-w-	c:\windows\system32\drivers\dxgmms1.sys
2013-07-18 15:40 . 2013-04-10 06:01	983400	----a-w-	c:\windows\system32\drivers\dxgkrnl.sys
2013-07-18 15:40 . 2011-02-03 11:25	144384	----a-w-	c:\windows\system32\cdd.dll
2013-07-18 15:40 . 2013-03-19 05:53	48640	----a-w-	c:\windows\system32\wwanprotdim.dll
2013-07-18 15:40 . 2013-03-19 05:53	230400	----a-w-	c:\windows\system32\wwansvc.dll
2013-07-18 15:10 . 2012-10-09 18:17	55296	----a-w-	c:\windows\system32\dhcpcsvc6.dll
2013-07-18 15:10 . 2012-10-09 18:17	226816	----a-w-	c:\windows\system32\dhcpcore6.dll
2013-07-18 15:10 . 2012-10-09 17:40	44032	----a-w-	c:\windows\SysWow64\dhcpcsvc6.dll
2013-07-18 15:10 . 2012-10-09 17:40	193536	----a-w-	c:\windows\SysWow64\dhcpcore6.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-25 13:35 . 2013-01-31 22:30	597776	----a-w-	c:\windows\system32\drivers\avckf.sys
2013-07-18 15:55 . 2013-01-31 22:30	718840	----a-w-	c:\windows\system32\drivers\avc3.sys
2013-07-18 15:55 . 2013-01-29 12:57	382536	----a-w-	c:\windows\system32\drivers\trufos.sys
2013-07-18 15:04 . 2012-11-08 11:22	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-18 15:04 . 2012-11-08 11:22	692104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-23 22:41 . 2010-12-23 09:08	78185248	----a-w-	c:\windows\system32\MRT.exe
2013-04-28 18:07 . 2013-04-28 18:07	147232	----a-w-	c:\windows\system32\drivers\gzflt.sys
2013-04-28 17:20 . 2009-07-14 02:36	152576	----a-w-	c:\windows\SysWow64\msclmd.dll
2013-04-28 17:20 . 2009-07-14 02:36	175616	----a-w-	c:\windows\system32\msclmd.dll
2012-03-28 08:14 . 2012-10-27 11:16	1456640	----a-w-	c:\program files (x86)\Common Files\Falk Navi-Manager.msi
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	130736	----a-w-	c:\users\Anny\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	130736	----a-w-	c:\users\Anny\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	130736	----a-w-	c:\users\Anny\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17418928]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"Boingo Wi-Fi"="c:\program files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk" [2010-09-15 2429]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2010-02-04 7350912]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2010-01-05 170624]
"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-18 946352]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe" [2012-12-12 163000]
.
c:\users\Anny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Anny\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968]
OpenOffice.org 3.2.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-5-20 1195008]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe -d [2010-9-15 12862]
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe [2013-2-5 272248]
TMMonitor.lnk - c:\program files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe [2011-5-18 258048]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"ArcSoft Connection Service"=c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
R3 BDSandBox;BDSandBox;c:\windows\system32\drivers\bdsandbox.sys;c:\windows\SYSNATIVE\drivers\bdsandbox.sys [x]
R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys;c:\windows\SYSNATIVE\drivers\massfilter.sys [x]
R3 massfilter_hs;USB Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter_hs.sys;c:\windows\SYSNATIVE\drivers\massfilter_hs.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe;c:\program files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [x]
R3 RTL2832U_IRHID;HID Infrared Remote Receiver;c:\windows\system32\DRIVERS\RTL2832U_IRHID.sys;c:\windows\SYSNATIVE\DRIVERS\RTL2832U_IRHID.sys [x]
R3 RTL2832UBDA;REALTEK 2832U BDA Driver;c:\windows\system32\drivers\RTL2832UBDA.sys;c:\windows\SYSNATIVE\drivers\RTL2832UBDA.sys [x]
R3 RTL2832UUSB;REALTEK 2832U USB Driver;c:\windows\system32\Drivers\RTL2832UUSB.sys;c:\windows\SYSNATIVE\Drivers\RTL2832UUSB.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R4 BdDesktopParental;Bitdefender Desktop Parental Control;c:\program files\Bitdefender\Bitdefender 2013\bdparentalservice.exe;c:\program files\Bitdefender\Bitdefender 2013\bdparentalservice.exe [x]
S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys;c:\windows\SYSNATIVE\DRIVERS\avc3.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [x]
S1 bdfwfpf;bdfwfpf;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe;c:\windows\SYSNATIVE\FBAgent.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys;c:\program files\ATKGFNEX\ASMMAP64.sys [x]
S2 compactd;Windows-Dienst PNRP-Computernamenveröffentlichungs-Dienst Net.Tcp-Portfreigabedienst;c:\windows\system32\webio64.exe;c:\windows\SYSNATIVE\webio64.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys;c:\windows\SYSNATIVE\Drivers\SSPORT.sys [x]
S2 TGCM_ImportWiFiSvc;TGCM_ImportWiFiSvc;c:\program files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe;c:\program files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [x]
S2 UPDATESRV;Bitdefender Desktop Update Service;c:\program files\Bitdefender\Bitdefender 2013\updatesrv.exe;c:\program files\Bitdefender\Bitdefender 2013\updatesrv.exe [x]
S3 avchv;avchv Function Driver;c:\windows\system32\DRIVERS\avchv.sys;c:\windows\SYSNATIVE\DRIVERS\avchv.sys [x]
S3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys;c:\windows\SYSNATIVE\DRIVERS\avckf.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 gzflt;gzflt;c:\windows\system32\DRIVERS\gzflt.sys;c:\windows\SYSNATIVE\DRIVERS\gzflt.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-07-18 15:59	1173456	----a-w-	c:\program files (x86)\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-07-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-08 15:05]
.
2013-07-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-15 08:32]
.
2013-07-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-15 08:32]
.
2013-07-18 c:\windows\Tasks\Norton Security Scan for Anny.job
- c:\progra~2\NORTON~2\Engine\351~1.8\Nss.exe [2011-04-18 00:45]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49	70656	----a-w-	c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49	70656	----a-w-	c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	164016	----a-w-	c:\users\Anny\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	164016	----a-w-	c:\users\Anny\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	164016	----a-w-	c:\users\Anny\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	164016	----a-w-	c:\users\Anny\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-08-05 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-08-05 387608]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-08-05 365592]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-08-28 16336488]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-01 323584]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"Bdagent"="c:\program files\Bitdefender\Bitdefender 2013\bdagent.exe" [2013-07-25 1568512]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/ncr
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearchAssistant = hxxp://www.google.com
Trusted Zone: samsungsetup.com\www
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Anny\AppData\Roaming\Mozilla\Firefox\Profiles\gjxyokqc.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/ncr
.
.
------- Dateityp-Verknüpfung -------
.
JSEFile=%SystemRoot%\SysWow64\CScript.exe "%1" %*
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{a51a36e6-31e7-4838-9ff7-76298b527ec0} - (no file)
URLSearchHooks-{7e111a5c-3d11-4f56-9463-5310c3c69025} - (no file)
Toolbar-Locked - (no file)
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe /f=srs_premium_sound_nopreset.zip /h
Toolbar-Locked - (no file)
WebBrowser-{7E111A5C-3D11-4F56-9463-5310C3C69025} - (no file)
WebBrowser-{A51A36E6-31E7-4838-9FF7-76298B527EC0} - (no file)
HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-ASUS_UL_Series_Screensaver - c:\windows\system32\ASUS_UL_Series_Screensaver.scr
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\à1*]
@="c:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscoreei.dll"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-07-25  23:40:38
ComboFix-quarantined-files.txt  2013-07-25 21:40
.
Vor Suchlauf: 5.840.629.760 Bytes frei
Nach Suchlauf: 6.382.682.112 Bytes frei
.
- - End Of File - - 10D7A4178D805C58D224ACBA1AC495F1
A36C5E4F47E84449FF07ED3517B43A31

LG raya

aharonov · 29.07.2013, 00:18

Wie läuft der Rechner jetzt?

Schritt 1

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 2

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 3

Starte noch einmal FRST.

Ändere keine der Voreinstellungen und drücke auf Scan.
Wenn der Scan abgeschlossen ist, werden ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.

Bitte poste in deiner nächsten Antwort:

Log von MBAM
Log von ESET
Log von FRST

aharonov · 03.08.2013, 00:46

Hi,

ich hab schon länger keine Antwort mehr von dir erhalten. Brauchst du weiterhin noch Hilfe?

Wenn ich in den nächsten 24 Stunden nichts von dir höre, gehe ich davon aus, dass sich das Thema erledigt hat und lösche es aus meinen Abos.

Hinweis: Wir sind noch nicht fertig! Auch wenn die Symptome verschwunden sein sollten, kann dein System weiterhin infiziert sein und über Sicherheitslücken verfügen, welche eine erneute Infektion möglich machen.

24.07.2013, 21:13	#10
aharonov /// TB-Ausbilder	Weißer Bildschirm Win7, FRST.txt erstellt, weiteres Vorgehen Ok, dann überspring das mal und mach noch Schritt 2. __________________ cheers, Leo

Weißer Bildschirm Win7, FRST.txt erstellt, weiteres Vorgehen

Log-Analyse und Auswertung: Weißer Bildschirm Win7, FRST.txt erstellt, weiteres Vorgehen