| |
| |||||||
Log-Analyse und Auswertung: Windows 7: Befall von mehreren Trojanern/Viren -Win64/Conedex.B + C + I, Win64/Sirefef.AZ+BJWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
20.01.2014, 22:07
| #61 |
 |  Windows 7: Befall von mehreren Trojanern/Viren -Win64/Conedex.B + C + I, Win64/Sirefef.AZ+BJCode:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 19-01-2014 04
Ran by Admin at 2014-01-20 22:03:55 Run:10
Running from C:\Users\Andi\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
HKLM\...\Run: [combofix] - C:\ComboFix\CF29693.3XE /c C:\ComboFix\Combobatch.bat
HKU\Angi\...\Run: [Udbmedia] - regsvr32.exe C:\Users\Angi\AppData\Local\Udbmedia\EP0ICD0.DLL <===== ATTENTION
HKU\Angi\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_170_ActiveX.exe [839560 2013-12-11] (Adobe Systems Incorporated)
C:\Users\Andi\AppData\Local\temp\cvqfudns.exe
C:\Users\Angi\AppData\Local\temp\tnljaqgr.exe
C:\Users\Angi\AppData\Local\Udbmedia
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\combofix => Value deleted successfully.
HKU\Angi\Software\Microsoft\Windows\CurrentVersion\Run\\Udbmedia => Value deleted successfully.
HKU\Angi\Software\Microsoft\Windows\CurrentVersion\RunOnce\\FlashPlayerUpdate => Value not found.
C:\Users\Andi\AppData\Local\temp\cvqfudns.exe => Moved successfully.
"C:\Users\Angi\AppData\Local\temp\tnljaqgr.exe" => File/Directory not found.
C:\Users\Angi\AppData\Local\Udbmedia => Moved successfully.
==== End of Fixlog ====
|
|
21.01.2014, 12:08
| #62 |
| /// the machine /// TB-Ausbilder    | Windows 7: Befall von mehreren Trojanern/Viren -Win64/Conedex.B + C + I, Win64/Sirefef.AZ+BJ Jetzt bitte nochmal ein frisches FRST logfile. Wie läuft der REchner?
__________________
__________________ |
|
21.01.2014, 20:33
| #63 |
| | Windows 7: Befall von mehreren Trojanern/Viren -Win64/Conedex.B + C + I, Win64/Sirefef.AZ+BJ FRST Logfile:
__________________FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-01-2014
Ran by Admin (administrator) on PC on 21-01-2014 20:24:48
Running from C:\Users\Andi\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Wondershare) C:\Program Files (x86)\Wondershare\MobileGo for Android\MobileGoService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Huawei Technologies Co., Ltd.) C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IntelTBRunOnce] - C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs [4526 2010-11-29] ()
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [6330568 2013-03-21] (ESET)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] - C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)
HKLM-x32\...\Run: [ArcadeMovieService] - C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-08-26] (CyberLink Corp.)
HKLM-x32\...\Run: [DataCardMonitor] - C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe [253952 2012-06-02] (Huawei Technologies Co., Ltd.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact] - "C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
HKLM\...\RunOnce: [*WerKernelReporting] - %SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq [415232 2009-07-14] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [HW_OPENEYE_OUC_T-Mobile Internet Manager] - C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\UpdateDog\ouc.exe [110592 2009-12-31] (Huawei Technologies Co., Ltd.)
HKCU\...\Run: [Wondershare Helper Compact] - "C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
HKU\Angi\...\Run: [Google Update] - C:\Users\Angi\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-06-02] (Google Inc.)
HKU\Angi\...\Run: [HW_OPENEYE_OUC_] - C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\UpdateDog\ouc.exe [110592 2009-12-31] (Huawei Technologies Co., Ltd.)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162408 2011-09-13] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162408 2011-09-13] ()
HKU\Hans\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162408 2011-09-13] ()
HKU\UpdatusUser\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [247144 2012-10-08] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [202600 2012-10-08] (NVIDIA Corporation)
Startup: C:\Users\Angi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{4227D410-6AA1-42B3-9995-001DD2C8E53B}: [NameServer]213.162.69.169 213.162.69.1
Tcpip\..\Interfaces\{ACF8C42B-3FAB-4EA1-9E15-28CDA0A662A4}: [NameServer]213.162.69.170 213.162.69.2
Tcpip\..\Interfaces\{EFE5D906-626A-491A-B1CC-69F3BF926A2A}: [NameServer]213.162.69.2 213.162.69.170
FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kpmgns1t.default
FF Homepage: hxxp://www.google.at/
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @garmin.com/GpsControl - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @garmin.com/GpsControl - C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Admin\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Admin\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013-08-03]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013-08-03]
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR DefaultSearchProvider: qvo6
CHR DefaultSearchURL: hxxp://www.google.com
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Admin\AppData\Local\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Admin\AppData\Local\Google\Chrome\Application\23.0.1271.97\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Admin\AppData\Local\Google\Chrome\Application\23.0.1271.97\gcswf32.dll No File
CHR Plugin: (McAfee SiteAdvisor) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.40.135.2_0\McChPlg.dll No File
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (WildTangent Games App Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll No File
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\Admin\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll No File
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-06-02]
CHR Extension: (Google-Suche) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-06-02]
CHR Extension: (Google Mail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-06-02]
==================== Services (Whitelisted) =================
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1341664 2013-03-21] (ESET)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-10-31] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
S3 androidusb; C:\Windows\System32\Drivers\wsadb.sys [40736 2013-10-03] (Google Inc)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [213416 2013-02-20] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [150616 2013-01-10] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [190232 2013-01-10] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [59440 2013-01-10] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [58416 2013-02-20] (ESET)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [243200 2009-10-21] (Huawei Technologies Co., Ltd.)
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114304 2009-10-12] (Huawei Technologies Co., Ltd.)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [204568 2013-08-20] (DEVGURU Co., LTD.(www.devguru.co.kr))
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-20 22:03 - 2014-01-21 20:24 - 02077184 _____ (Farbar) C:\Users\Andi\Desktop\FRST64.exe
2014-01-20 16:46 - 2014-01-20 16:46 - 00002130 _____ C:\Users\Public\Desktop\NWZ-E380 WALKMAN Guide.lnk
2014-01-20 16:45 - 2014-01-20 16:45 - 00000000 ____D C:\Users\Admin\AppData\Local\Downloaded Installations
2014-01-20 16:44 - 2014-01-20 16:44 - 00000562 _____ C:\Windows\wmsetup.log
2014-01-20 16:44 - 2014-01-20 16:44 - 00000000 ____D C:\Program Files (x86)\Sony
2014-01-19 11:01 - 2014-01-19 11:02 - 18864072 _____ C:\Users\Angi\Downloads\CommunicatorPlugin_410 (1).exe
2014-01-19 10:58 - 2014-01-19 10:58 - 00000000 ____D C:\Program Files\Garmin GPS Plugin
2014-01-19 10:58 - 2014-01-19 10:58 - 00000000 ____D C:\Program Files (x86)\Garmin GPS Plugin
2014-01-19 10:55 - 2014-01-19 10:56 - 18864072 _____ C:\Users\Angi\Downloads\CommunicatorPlugin_410.exe
2014-01-16 06:28 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-16 06:28 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-16 06:28 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-16 06:28 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-16 06:28 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-16 06:28 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-16 06:28 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-16 06:28 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-16 06:28 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-10 20:09 - 2014-01-21 20:24 - 00000000 ____D C:\Users\Andi\Desktop\FRST-OlderVersion
2014-01-05 23:01 - 2014-01-05 23:01 - 00262144 _____ C:\Windows\Minidump\010514-30716-01.dmp
2014-01-05 21:32 - 2014-01-10 06:24 - 00000000 ____D C:\Users\Andi\AppData\Local\Udbmedia
2014-01-05 09:36 - 2014-01-10 20:14 - 00000000 ____D C:\Users\Angi\Desktop\FRST-OlderVersion
2014-01-03 21:00 - 2014-01-10 20:14 - 01932166 _____ (Farbar) C:\Users\Angi\Desktop\FRST64.exe
2014-01-03 20:54 - 2014-01-05 09:28 - 00000000 ____D C:\Users\Andi\Downloads\FRST-OlderVersion
2014-01-01 19:35 - 2014-01-01 19:36 - 00074060 _____ C:\Users\Angi\Downloads\FRST.txt
2014-01-01 19:34 - 2014-01-21 20:25 - 00018071 _____ C:\Users\Andi\Desktop\FRST.txt
2014-01-01 19:34 - 2014-01-01 19:32 - 01931396 _____ (Farbar) C:\Users\Angi\Downloads\FRST64(1).exe
2014-01-01 19:33 - 2014-01-05 09:32 - 00053799 _____ C:\Users\Andi\Downloads\FRST.txt
2013-12-24 15:50 - 2013-12-24 15:50 - 06183856 _____ C:\Users\Angi\Downloads\ElfYourself.mov
2013-12-23 01:49 - 2014-01-21 20:24 - 00000000 ____D C:\FRST
==================== One Month Modified Files and Folders =======
2014-01-21 20:25 - 2014-01-01 19:34 - 00018071 _____ C:\Users\Andi\Desktop\FRST.txt
2014-01-21 20:24 - 2014-01-20 22:03 - 02077184 _____ (Farbar) C:\Users\Andi\Desktop\FRST64.exe
2014-01-21 20:24 - 2014-01-10 20:09 - 00000000 ____D C:\Users\Andi\Desktop\FRST-OlderVersion
2014-01-21 20:24 - 2013-12-23 01:49 - 00000000 ____D C:\FRST
2014-01-21 20:23 - 2013-07-08 16:40 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-21 20:23 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-21 20:23 - 2009-07-14 05:51 - 00198187 _____ C:\Windows\setupact.log
2014-01-21 20:22 - 2012-01-15 19:22 - 01862261 _____ C:\Windows\WindowsUpdate.log
2014-01-21 20:22 - 2009-07-14 05:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-21 20:22 - 2009-07-14 05:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-21 16:03 - 2013-12-09 00:58 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cef47153d6009b.job
2014-01-21 15:37 - 2012-10-10 22:33 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-21 15:31 - 2013-11-24 08:26 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2098008458-3402727504-3613341839-1001UA1cee8e678ff332c.job
2014-01-21 15:23 - 2013-10-12 20:12 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2098008458-3402727504-3613341839-1002UA1cec77f502d0aa.job
2014-01-21 15:09 - 2013-12-01 20:43 - 00000000 ___RD C:\Users\Angi\Dropbox
2014-01-21 15:09 - 2013-12-01 20:39 - 00000000 ____D C:\Users\Angi\AppData\Roaming\Dropbox
2014-01-21 08:31 - 2013-09-13 22:21 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2098008458-3402727504-3613341839-1001Core1ceb0c727a22316.job
2014-01-20 19:53 - 2010-11-21 04:47 - 00393070 _____ C:\Windows\PFRO.log
2014-01-20 17:23 - 2012-06-02 13:35 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2098008458-3402727504-3613341839-1002Core.job
2014-01-20 16:46 - 2014-01-20 16:46 - 00002130 _____ C:\Users\Public\Desktop\NWZ-E380 WALKMAN Guide.lnk
2014-01-20 16:45 - 2014-01-20 16:45 - 00000000 ____D C:\Users\Admin\AppData\Local\Downloaded Installations
2014-01-20 16:44 - 2014-01-20 16:44 - 00000562 _____ C:\Windows\wmsetup.log
2014-01-20 16:44 - 2014-01-20 16:44 - 00000000 ____D C:\Program Files (x86)\Sony
2014-01-20 16:44 - 2012-06-07 10:57 - 00000000 ____D C:\ProgramData\Sony Corporation
2014-01-20 16:34 - 2012-06-04 21:30 - 00000000 ____D C:\MP3
2014-01-19 11:02 - 2014-01-19 11:01 - 18864072 _____ C:\Users\Angi\Downloads\CommunicatorPlugin_410 (1).exe
2014-01-19 11:00 - 2012-01-16 04:15 - 00669464 _____ C:\Windows\system32\perfh007.dat
2014-01-19 11:00 - 2012-01-16 04:15 - 00134990 _____ C:\Windows\system32\perfc007.dat
2014-01-19 11:00 - 2009-07-14 06:13 - 01528428 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-19 10:58 - 2014-01-19 10:58 - 00000000 ____D C:\Program Files\Garmin GPS Plugin
2014-01-19 10:58 - 2014-01-19 10:58 - 00000000 ____D C:\Program Files (x86)\Garmin GPS Plugin
2014-01-19 10:56 - 2014-01-19 10:55 - 18864072 _____ C:\Users\Angi\Downloads\CommunicatorPlugin_410.exe
2014-01-18 18:40 - 2012-06-02 16:08 - 00000000 ____D C:\Users\Angi\AppData\Roaming\Adobe
2014-01-18 18:34 - 2012-06-02 13:28 - 00000000 ___RD C:\Users\Angi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-16 19:39 - 2009-07-14 05:45 - 00481440 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-16 06:29 - 2013-08-15 14:17 - 00000000 ____D C:\Windows\system32\MRT
2014-01-16 06:25 - 2013-08-15 14:17 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 13:27 - 2013-09-12 06:01 - 00000000 ____D C:\Program Files\Microsoft Office 15
2014-01-10 20:14 - 2014-01-05 09:36 - 00000000 ____D C:\Users\Angi\Desktop\FRST-OlderVersion
2014-01-10 20:14 - 2014-01-03 21:00 - 01932166 _____ (Farbar) C:\Users\Angi\Desktop\FRST64.exe
2014-01-10 06:27 - 2013-12-01 20:43 - 00001012 _____ C:\Users\Angi\Desktop\Dropbox.lnk
2014-01-10 06:27 - 2013-12-01 20:39 - 00000526 _____ C:\Windows\wininit.ini
2014-01-10 06:27 - 2013-12-01 20:39 - 00000000 ____D C:\Users\Angi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-10 06:24 - 2014-01-05 21:32 - 00000000 ____D C:\Users\Andi\AppData\Local\Udbmedia
2014-01-08 12:32 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-07 08:01 - 2013-08-27 06:26 - 00000000 ____D C:\Users\Andi\AppData\Roaming\vlc
2014-01-07 07:41 - 2013-01-31 23:48 - 00000000 ____D C:\Users\Andi\Documents\Weine
2014-01-05 23:01 - 2014-01-05 23:01 - 00262144 _____ C:\Windows\Minidump\010514-30716-01.dmp
2014-01-05 23:01 - 2012-07-09 11:24 - 00000000 ____D C:\Windows\Minidump
2014-01-05 23:01 - 2012-07-09 11:23 - 530095885 _____ C:\Windows\MEMORY.DMP
2014-01-05 11:11 - 2013-11-10 14:24 - 00000000 ____D C:\Users\Andi\AppData\Roaming\BitTorrent
2014-01-05 09:32 - 2014-01-01 19:33 - 00053799 _____ C:\Users\Andi\Downloads\FRST.txt
2014-01-05 09:28 - 2014-01-03 20:54 - 00000000 ____D C:\Users\Andi\Downloads\FRST-OlderVersion
2014-01-01 19:36 - 2014-01-01 19:35 - 00074060 _____ C:\Users\Angi\Downloads\FRST.txt
2014-01-01 19:32 - 2014-01-01 19:34 - 01931396 _____ (Farbar) C:\Users\Angi\Downloads\FRST64(1).exe
2013-12-26 22:44 - 2013-11-17 16:43 - 00000000 ____D C:\Users\Andi\Download
2013-12-26 22:25 - 2012-06-05 06:01 - 00000000 ____D C:\Users\Andi\AppData\Local\VirtualStore
2013-12-24 15:50 - 2013-12-24 15:50 - 06183856 _____ C:\Users\Angi\Downloads\ElfYourself.mov
2013-12-24 13:52 - 2012-06-04 21:00 - 00000000 ____D C:\Fotos
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-21 08:45
==================== End Of Log ============================
--- --- --- Den Pfad C:\FRST\Quarantine\_OTM\MovedFiles\12162013_202043\C_FRST\Quarantine\Install kann ich noch immer nicht löschen  Und die Fehlermeldung Fehler beim Laden des Moduls "C:\Users\Andi\AppData\Local\Udbmedia\jcstums.dat" kommt auch nach wie vor... |
|
22.01.2014, 13:12
| #64 |
| /// the machine /// TB-Ausbilder | Windows 7: Befall von mehreren Trojanern/Viren -Win64/Conedex.B + C + I, Win64/Sirefef.AZ+BJ Öffne mal bitte FRST, unter Whitelist alle Haken raus, dafür den Haken setzen bei Additional, und scanne. Poste bitte beide Logfiles.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
30.01.2014, 23:17
| #65 |
| | Windows 7: Befall von mehreren Trojanern/Viren -Win64/Conedex.B + C + I, Win64/Sirefef.AZ+BJ FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-01-2014 01
Ran by Andi (ATTENTION: The logged in user is not administrator) on PC on 30-01-2014 23:08:10
Running from C:\Users\Andi\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (All) =========================
(Microsoft Corporation) C:\Windows\System32\taskhost.exe
(Microsoft Corporation) C:\Windows\System32\dwm.exe
(Microsoft Corporation) C:\Windows\explorer.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Wondershare) C:\Program Files (x86)\Wondershare\MobileGo for Android\MobileGoService.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
(Huawei Technologies Co., Ltd.) C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\taskeng.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
(Farbar) C:\Users\Andi\Desktop\FRST64.exe
==================== Registry (All) ===========================
HKLM\...\Run: [IgfxTray] - C:\Windows\system32\igfxtray.exe [167704 2011-06-21] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [392472 2011-06-21] (Intel Corporation)
HKLM\...\Run: [Persistence] - C:\Windows\system32\igfxpers.exe [416024 2011-06-21] (Intel Corporation)
HKLM\...\Run: [IntelTBRunOnce] - C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs [4526 2010-11-29] ()
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [6330568 2013-03-21] (ESET)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] - C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)
HKLM-x32\...\Run: [ArcadeMovieService] - C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-08-26] (CyberLink Corp.)
HKLM-x32\...\Run: [DataCardMonitor] - C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe [253952 2012-06-02] (Huawei Technologies Co., Ltd.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact] - "C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
HKLM\...\RunOnce: [*WerKernelReporting] - %SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq [415232 2009-07-14] (Microsoft Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe, [30720 2010-11-21] (Microsoft Corporation)
HKLM-x32\...\Winlogon: [Userinit] C:\Windows\sysWOW64\userinit.exe [26624 2010-11-21] (Microsoft Corporation)
HKLM\...\Winlogon: [Shell] Explorer.exe [2871808 2011-07-14] (Microsoft Corporation)
HKLM-x32\...\Winlogon: [Shell] explorer.exe [2616320 2011-07-14] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoDrives] 0
HKCU\...\Run: [Orbitum] - C:\Users\Andi\AppData\Local\Orbitum\Application\chrome.exe
HKCU\...\Run: [HW_OPENEYE_OUC_] - C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\UpdateDog\ouc.exe [110592 2009-12-31] (Huawei Technologies Co., Ltd.)
HKCU\...\Run: [Udbmedia] - regsvr32.exe C:\Users\Andi\AppData\Local\Udbmedia\jcstums.dll <===== ATTENTION
MountPoints2: E - E:\AutoRun.exe
MountPoints2: F - F:\AutoRun.exe
MountPoints2: {10e3d94e-ad86-11e1-b219-001e101f1f81} - E:\AutoRun.exe
MountPoints2: {8cf2d829-4bc2-11e2-b468-001e101f7fb6} - E:\AutoRun.exe
MountPoints2: {9a409562-acd6-11e1-9bc0-642737311941} - F:\AutoRun.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [247144 2012-10-08] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [202600 2012-10-08] (NVIDIA Corporation)
Lsa: [Authentication Packages] msv1_0
Lsa: [Notification Packages] scecli
SecurityProviders: credssp.dll
Startup: C:\Users\Angi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Andi\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No File
SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No File
==================== Internet (All) ===========================
HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
URLSearchHook: HKCU - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
URLSearchHook: HKCU - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\msvidctl.dll (Microsoft Corporation)
Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - No File
Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\system32\inetcomm.dll (Microsoft Corporation)
Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - No File
Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\msvidctl.dll (Microsoft Corporation)
Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - No File
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - No File
Handler-x32: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
Handler-x32: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\msvidctl.dll (Microsoft Corporation)
Handler-x32: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
Handler-x32: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
Handler-x32: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
Handler-x32: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
Handler-x32: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\msvidctl.dll (Microsoft Corporation)
Handler-x32: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
Handler-x32: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
Handler-x32: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Winsock: Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Winsock: Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Winsock: Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Winsock: Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Winsock: Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Winsock: Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog5-x64 01 %SystemRoot%\system32\NLAapi.dll [70656] (Microsoft Corporation)
Winsock: Catalog5-x64 02 %SystemRoot%\system32\napinsp.dll [68096] (Microsoft Corporation)
Winsock: Catalog5-x64 03 %SystemRoot%\system32\pnrpnsp.dll [86016] (Microsoft Corporation)
Winsock: Catalog5-x64 04 %SystemRoot%\system32\pnrpnsp.dll [86016] (Microsoft Corporation)
Winsock: Catalog5-x64 05 %SystemRoot%\System32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog5-x64 06 %SystemRoot%\System32\winrnr.dll [28672] (Microsoft Corporation)
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
Winsock: Catalog9-x64 01 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 02 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 03 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 04 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 05 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 06 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 07 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 08 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 09 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 10 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{4227D410-6AA1-42B3-9995-001DD2C8E53B}: [NameServer]213.162.69.169 213.162.69.1
Tcpip\..\Interfaces\{ACF8C42B-3FAB-4EA1-9E15-28CDA0A662A4}: [NameServer]213.162.69.170 213.162.69.2
Tcpip\..\Interfaces\{EFE5D906-626A-491A-B1CC-69F3BF926A2A}: [NameServer]213.162.69.2 213.162.69.170
FireFox:
========
FF ProfilePath: C:\Users\Andi\AppData\Roaming\Mozilla\Firefox\Profiles\nt2oyp2q.default-1382384792839
FF Homepage: www.google.at
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @garmin.com/GpsControl - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @garmin.com/GpsControl - C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\bing.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\google.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wikipedia-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2013-12-03]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013-08-03]
FF HKLM-x32\...\Mozilla Firefox 26.0\Extensions: [Components] - C:\Program Files (x86)\Mozilla Firefox\components
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\components [2012-06-02]
FF HKLM-x32\...\Mozilla Firefox 26.0\Extensions: [Plugins] - C:\Program Files (x86)\Mozilla Firefox\plugins
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013-08-03]
FF HKCU\...\Mozilla Firefox 14.0.1\Extensions: [Components] - C:\Program Files (x86)\Mozilla Firefox\components
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\components [2012-06-02]
FF HKCU\...\Mozilla Firefox 14.0.1\Extensions: [Plugins] - C:\Program Files (x86)\Mozilla Firefox\plugins
FF StartMenuInternet: FIREFOX.EXE - "C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
==================== Services (All) ========================
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65432 2013-12-18] (Adobe Systems Incorporated)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [257928 2014-01-27] (Adobe Systems Incorporated)
R3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [72192 2009-07-14] (Microsoft Corporation)
S3 ALG; C:\Windows\System32\alg.exe [79360 2009-07-14] (Microsoft Corporation)
S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [32256 2009-07-14] (Microsoft Corporation)
R3 Appinfo; C:\Windows\System32\appinfo.dll [70144 2013-02-27] (Microsoft Corporation)
R2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [679424 2010-11-21] (Microsoft Corporation)
R2 AudioSrv; C:\Windows\System32\Audiosrv.dll [679424 2010-11-21] (Microsoft Corporation)
S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [114688 2010-11-21] (Microsoft Corporation)
S3 BBSvc; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [191752 2011-06-07] (Microsoft Corporation.)
R2 BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [249648 2011-05-12] (Microsoft Corporation)
S3 BDESVC; C:\Windows\System32\bdesvc.dll [100864 2009-07-14] (Microsoft Corporation)
R2 BFE; C:\Windows\System32\bfe.dll [705024 2010-11-21] (Microsoft Corporation)
R2 BITS; C:\Windows\System32\qmgr.dll [849920 2010-11-21] (Microsoft Corporation)
R2 Browser; C:\Windows\System32\browser.dll [136704 2012-07-04] (Microsoft Corporation)
S3 bthserv; C:\Windows\system32\bthserv.dll [83968 2009-07-14] (Microsoft Corporation)
S3 CertPropSvc; C:\Windows\System32\certprop.dll [80384 2010-11-21] (Microsoft Corporation)
S4 clr_optimization_v2.0.50727_32; C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [66384 2009-06-10] (Microsoft Corporation)
S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [89920 2009-06-10] (Microsoft Corporation)
S2 clr_optimization_v4.0.30319_32; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [130384 2010-03-18] (Microsoft Corporation)
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [138576 2010-03-18] (Microsoft Corporation)
S3 COMSysApp; C:\Windows\system32\dllhost.exe [9728 2009-07-14] (Microsoft Corporation)
S3 COMSysApp; C:\Windows\SysWOW64\dllhost.exe [7168 2009-07-14] (Microsoft Corporation)
R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [184320 2013-07-09] (Microsoft Corporation)
R2 cvhsvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [822504 2013-04-22] (Microsoft Corporation)
R2 DcomLaunch; C:\Windows\system32\rpcss.dll [512000 2010-11-21] (Microsoft Corporation)
S3 defragsvc; C:\Windows\System32\defragsvc.dll [291328 2009-07-14] (Microsoft Corporation)
R2 Dhcp; C:\Windows\system32\dhcpcore.dll [317952 2010-11-21] (Microsoft Corporation)
R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [183296 2011-07-14] (Microsoft Corporation)
S3 dot3svc; C:\Windows\System32\dot3svc.dll [252416 2010-11-21] (Microsoft Corporation)
R2 DPS; C:\Windows\system32\dps.dll [162816 2010-11-21] (Microsoft Corporation)
R2 DsiWMIService; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [353360 2011-07-01] (Dritek System Inc.)
R3 EapHost; C:\Windows\System32\eapsvc.dll [111104 2009-07-14] (Microsoft Corporation)
R2 EFS; C:\Windows\System32\lsass.exe [30720 2013-09-25] (Microsoft Corporation)
S3 EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [173424 2011-06-21] (Egis Technology Inc. )
S3 ehRecvr; C:\Windows\ehome\ehRecvr.exe [696832 2010-11-21] (Microsoft Corporation)
S3 ehSched; C:\Windows\ehome\ehsched.exe [127488 2009-07-14] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1341664 2013-03-21] (ESET)
R2 ePowerSvc; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [872552 2011-08-02] (Acer Incorporated)
R2 eventlog; C:\Windows\System32\wevtsvc.dll [1646080 2010-11-21] (Microsoft Corporation)
R2 EventSystem; C:\Windows\system32\es.dll [402944 2009-07-14] (Microsoft Corporation)
S3 Fax; C:\Windows\system32\fxssvc.exe [689152 2010-11-21] (Microsoft Corporation)
R3 fdPHost; C:\Windows\system32\fdPHost.dll [16384 2009-07-14] (Microsoft Corporation)
R3 FDResPub; C:\Windows\system32\fdrespub.dll [34816 2009-07-14] (Microsoft Corporation)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [655624 2012-01-15] (Acresso Software Inc.)
R2 FontCache; C:\Windows\system32\FntCache.dll [1175552 2013-01-13] (Microsoft Corporation)
S3 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-21] (Microsoft Corporation)
S3 GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [206072 2010-10-12] (WildTangent, Inc.)
R2 gpsvc; C:\Windows\System32\gpsvc.dll [777728 2010-11-21] (Microsoft Corporation)
R2 GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [36456 2011-05-30] (Acer Incorporated)
S2 gupdate; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648 2013-07-08] (Google Inc.)
S3 gupdatem; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648 2013-07-08] (Google Inc.)
R3 hidserv; C:\Windows\System32\hidserv.dll [38912 2009-07-14] (Microsoft Corporation)
S3 hkmsvc; C:\Windows\system32\kmsvc.dll [90624 2010-11-21] (Microsoft Corporation)
U3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [232448 2010-11-21] (Microsoft Corporation)
R3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [187904 2010-11-21] (Microsoft Corporation)
R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13592 2011-04-30] (Intel Corporation)
S3 idsvc; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe [856400 2010-11-21] (Microsoft Corporation)
S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [111616 2013-11-26] (Microsoft Corporation)
R2 IKEEXT; C:\Windows\System32\ikeext.dll [859648 2013-10-12] (Microsoft Corporation)
S3 IPBusEnum; C:\Windows\system32\ipbusenum.dll [101888 2009-07-14] (Microsoft Corporation)
R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [569344 2012-10-03] (Microsoft Corporation)
R3 KeyIso; C:\Windows\system32\lsass.exe [30720 2013-09-25] (Microsoft Corporation)
S3 KtmRm; C:\Windows\system32\msdtckrm.dll [368640 2009-07-14] (Microsoft Corporation)
R2 LanmanServer; C:\Windows\System32\srvsvc.dll [236032 2010-11-21] (Microsoft Corporation)
R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [118784 2010-11-21] (Microsoft Corporation)
R2 Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [244624 2011-04-22] (Acer Incorporated)
S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [300032 2009-07-14] (Microsoft Corporation)
R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [326168 2011-02-01] (Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
S4 Mcx2Svc; C:\Windows\system32\Mcx2Svc.dll [84992 2010-11-21] (Microsoft Corporation)
R2 MMCSS; C:\Windows\system32\mmcss.dll [67584 2009-07-14] (Microsoft Corporation)
S3 MozillaMaintenance; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [119408 2013-12-20] (Mozilla Foundation)
R2 MpsSvc; C:\Windows\system32\mpssvc.dll [828416 2010-11-21] (Microsoft Corporation)
S3 MSDTC; C:\Windows\System32\msdtc.exe [141824 2009-07-14] (Microsoft Corporation)
S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [156672 2009-07-14] (Microsoft Corporation)
S3 msiserver; C:\Windows\System32\msiexec.exe [128000 2010-11-21] (Microsoft Corporation)
S3 msiserver; C:\Windows\SysWOW64\msiexec.exe [73216 2010-11-21] (Microsoft Corporation)
S3 napagent; C:\Windows\system32\qagentRT.dll [476160 2010-11-21] (Microsoft Corporation)
S3 Netlogon; C:\Windows\system32\lsass.exe [30720 2013-09-25] (Microsoft Corporation)
R3 Netman; C:\Windows\System32\netman.dll [360448 2009-07-14] (Microsoft Corporation)
R3 netprofm; C:\Windows\System32\netprofm.dll [459776 2009-07-14] (Microsoft Corporation)
S4 NetTcpPortSharing; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [116560 2009-06-10] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
R2 nvsvc; C:\Windows\system32\nvvsvc.exe [891240 2012-10-02] (NVIDIA Corporation)
S2 nvUpdatusService; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [1258856 2012-10-08] (NVIDIA Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-10-31] (Microsoft Corporation)
S3 ose; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [150600 2013-07-17] (Microsoft Corporation)
S3 osppsvc; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [5132888 2013-07-17] (Microsoft Corporation)
R3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [327168 2009-07-14] (Microsoft Corporation)
R3 p2psvc; C:\Windows\system32\p2psvc.dll [438784 2009-07-14] (Microsoft Corporation)
R2 PcaSvc; C:\Windows\System32\pcasvc.dll [186368 2009-07-14] (Microsoft Corporation)
S3 PerfHost; C:\Windows\SysWow64\perfhost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 pla; C:\Windows\system32\pla.dll [1389056 2010-11-21] (Microsoft Corporation)
R2 PlugPlay; C:\Windows\system32\umpnpmgr.dll [404480 2011-09-21] (Microsoft Corporation)
S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [25088 2009-07-14] (Microsoft Corporation)
R3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [327168 2009-07-14] (Microsoft Corporation)
S3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [501248 2010-11-21] (Microsoft Corporation)
R2 Power; C:\Windows\system32\umpo.dll [163840 2009-07-14] (Microsoft Corporation)
R2 ProfSvc; C:\Windows\system32\profsvc.dll [209920 2012-05-01] (Microsoft Corporation)
S3 ProtectedStorage; C:\Windows\system32\lsass.exe [30720 2013-09-25] (Microsoft Corporation)
S3 QWAVE; C:\Windows\system32\qwave.dll [242688 2009-07-14] (Microsoft Corporation)
S3 RasAuto; C:\Windows\System32\rasauto.dll [99328 2009-07-14] (Microsoft Corporation)
R3 RasMan; C:\Windows\System32\rasmans.dll [344064 2010-11-21] (Microsoft Corporation)
S3 RemoteRegistry; C:\Windows\system32\regsvc.dll [159232 2009-07-14] (Microsoft Corporation)
R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [67072 2009-07-14] (Microsoft Corporation)
S3 RpcLocator; C:\Windows\system32\locator.exe [10240 2009-07-14] (Microsoft Corporation)
R2 RpcSs; C:\Windows\system32\rpcss.dll [512000 2010-11-21] (Microsoft Corporation)
R2 SamSs; C:\Windows\system32\lsass.exe [30720 2013-09-25] (Microsoft Corporation)
S3 SCardSvr; C:\Windows\System32\SCardSvr.dll [190976 2009-07-14] (Microsoft Corporation)
R2 Schedule; C:\Windows\system32\schedsvc.dll [1110016 2010-11-21] (Microsoft Corporation)
S3 SCPolicySvc; C:\Windows\System32\certprop.dll [80384 2010-11-21] (Microsoft Corporation)
R3 SDRSVC; C:\Windows\System32\SDRSVC.dll [170496 2010-11-21] (Microsoft Corporation)
R2 seclogon; C:\Windows\system32\seclogon.dll [30720 2010-11-21] (Microsoft Corporation)
R2 SENS; C:\Windows\system32\sens.dll [64512 2009-07-14] (Microsoft Corporation)
R2 SENS; C:\Windows\SysWOW64\sens.dll [49664 2009-07-14] (Microsoft Corporation)
S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [29184 2009-07-14] (Microsoft Corporation)
S3 SessionEnv; C:\Windows\system32\sessenv.dll [121856 2010-11-21] (Microsoft Corporation)
S3 SessionEnv; C:\Windows\SysWOW64\sessenv.dll [113664 2010-11-21] (Microsoft Corporation)
R2 sftlist; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [523944 2013-06-26] (Microsoft Corporation)
R3 sftvsa; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [207528 2013-06-26] (Microsoft Corporation)
S2 SharedAccess; C:\Windows\System32\ipnathlp.dll [359424 2009-07-14] (Microsoft Corporation)
R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [370688 2010-11-21] (Microsoft Corporation)
R2 ShellHWDetection; C:\Windows\SysWOW64\shsvcs.dll [328192 2010-11-21] (Microsoft Corporation)
S2 SkypeUpdate; C:\Program Files (x86)\Skype\Updater\Updater.exe [160944 2012-07-13] (Skype Technologies)
S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [14336 2009-07-14] (Microsoft Corporation)
R2 Spooler; C:\Windows\System32\spoolsv.exe [559104 2012-02-11] (Microsoft Corporation)
S2 sppsvc; C:\Windows\system32\sppsvc.exe [3524608 2010-11-21] (Microsoft Corporation)
S3 sppuinotify; C:\Windows\system32\sppuinotify.dll [65536 2009-07-14] (Microsoft Corporation)
R3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [193024 2009-07-14] (Microsoft Corporation)
R3 SstpSvc; C:\Windows\system32\sstpsvc.dll [75264 2009-07-14] (Microsoft Corporation)
R2 stisvc; C:\Windows\System32\wiaservc.dll [580096 2010-11-21] (Microsoft Corporation)
S3 swprv; C:\Windows\System32\swprv.dll [524288 2009-07-14] (Microsoft Corporation)
R2 SysMain; C:\Windows\system32\sysmain.dll [1743360 2010-11-21] (Microsoft Corporation)
S3 TabletInputService; C:\Windows\System32\TabSvc.dll [92672 2010-11-21] (Microsoft Corporation)
R3 TapiSrv; C:\Windows\System32\tapisrv.dll [316928 2010-11-21] (Microsoft Corporation)
R3 TapiSrv; C:\Windows\SysWOW64\tapisrv.dll [242176 2010-11-21] (Microsoft Corporation)
S3 TBS; C:\Windows\System32\tbssvc.dll [65536 2009-07-14] (Microsoft Corporation)
S3 TermService; C:\Windows\System32\termsrv.dll [680960 2010-11-21] (Microsoft Corporation)
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2009-07-14] (Microsoft Corporation)
S3 THREADORDER; C:\Windows\system32\mmcss.dll [67584 2009-07-14] (Microsoft Corporation)
R2 TrkWks; C:\Windows\System32\trkwks.dll [119808 2009-07-14] (Microsoft Corporation)
S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [194048 2010-11-21] (Microsoft Corporation)
S3 TurboBoost; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [149504 2010-11-29] (Intel(R) Corporation)
S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [40960 2009-07-14] (Microsoft Corporation)
R2 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2656280 2011-02-01] (Intel Corporation)
R3 upnphost; C:\Windows\System32\upnphost.dll [353792 2009-07-14] (Microsoft Corporation)
R2 UxSms; C:\Windows\System32\uxsms.dll [38912 2009-07-14] (Microsoft Corporation)
S3 VaultSvc; C:\Windows\system32\lsass.exe [30720 2013-09-25] (Microsoft Corporation)
S3 vds; C:\Windows\System32\vds.exe [533504 2010-11-21] (Microsoft Corporation)
S3 VSS; C:\Windows\system32\vssvc.exe [1600512 2010-11-21] (Microsoft Corporation)
S3 W32Time; C:\Windows\system32\w32time.dll [381952 2009-07-14] (Microsoft Corporation)
S3 WatAdminSvc; C:\Windows\system32\Wat\WatAdminSvc.exe [1255736 2012-06-03] (Microsoft Corporation)
S3 wbengine; C:\Windows\system32\wbengine.exe [1504256 2010-11-21] (Microsoft Corporation)
S3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [202240 2009-07-14] (Microsoft Corporation)
S3 wcncsvc; C:\Windows\System32\wcncsvc.dll [367104 2010-11-21] (Microsoft Corporation)
S3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [40960 2009-07-14] (Microsoft Corporation)
R3 WdiServiceHost; C:\Windows\system32\wdi.dll [90624 2009-07-14] (Microsoft Corporation)
S3 WdiSystemHost; C:\Windows\system32\wdi.dll [90624 2009-07-14] (Microsoft Corporation)
S3 WebClient; C:\Windows\System32\webclnt.dll [259584 2013-07-04] (Microsoft Corporation)
S3 Wecsvc; C:\Windows\system32\wecsvc.dll [237568 2009-07-14] (Microsoft Corporation)
S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [84480 2009-07-14] (Microsoft Corporation)
S3 WerSvc; C:\Windows\System32\WerSvc.dll [76800 2009-07-14] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [444416 2010-11-21] (Microsoft Corporation)
R2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [242688 2009-07-14] (Microsoft Corporation)
S3 WinRM; C:\Windows\system32\WsmSvc.dll [2018304 2010-11-21] (Microsoft Corporation)
R2 Wlansvc; C:\Windows\System32\wlansvc.dll [886784 2009-07-14] (Microsoft Corporation)
S4 wlcrasvc; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [57184 2010-09-23] (Microsoft Corporation)
R3 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292096 2011-03-29] (Microsoft Corp.)
S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [203264 2009-07-14] (Microsoft Corporation)
R2 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1525248 2010-11-21] (Microsoft Corporation)
S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [12288 2009-07-14] (Microsoft Corporation)
S3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [117248 2010-11-21] (Microsoft Corporation)
R2 wscsvc; C:\Windows\system32\wscsvc.dll [97280 2009-07-14] (Microsoft Corporation)
R2 WSearch; C:\Windows\system32\SearchIndexer.exe [591872 2011-09-21] (Microsoft Corporation)
R2 WSearch; C:\Windows\SysWOW64\SearchIndexer.exe [427520 2011-09-21] (Microsoft Corporation)
R2 wuauserv; C:\Windows\system32\wuaueng.dll [2428952 2012-06-02] (Microsoft Corporation)
S3 wudfsvc; C:\Windows\System32\WUDFSvc.dll [84992 2012-07-26] (Microsoft Corporation)
R2 WwanSvc; C:\Windows\System32\wwansvc.dll [230400 2013-03-19] (Microsoft Corporation)
==================== Drivers (All) ==========================
S3 1394ohci; C:\Windows\system32\drivers\1394ohci.sys [229888 2010-11-21] (Microsoft Corporation)
R0 ACPI; C:\Windows\System32\drivers\ACPI.sys [334208 2010-11-21] (Microsoft Corporation)
S3 AcpiPmi; C:\Windows\system32\drivers\acpipmi.sys [12800 2010-11-21] (Microsoft Corporation)
S3 adp94xx; C:\Windows\system32\drivers\adp94xx.sys [491088 2009-07-14] (Adaptec, Inc.)
S3 adpahci; C:\Windows\system32\drivers\adpahci.sys [339536 2009-07-14] (Adaptec, Inc.)
S3 adpu320; C:\Windows\system32\drivers\adpu320.sys [182864 2009-07-14] (Adaptec, Inc.)
R1 AFD; C:\Windows\system32\drivers\afd.sys [497152 2013-09-28] (Microsoft Corporation)
S3 agp440; C:\Windows\system32\drivers\agp440.sys [61008 2009-07-14] (Microsoft Corporation)
S3 aliide; C:\Windows\system32\drivers\aliide.sys [15440 2009-07-14] (Acer Laboratories Inc.)
S3 amdide; C:\Windows\system32\drivers\amdide.sys [15440 2009-07-14] (Microsoft Corporation)
S3 AmdK8; C:\Windows\system32\drivers\amdk8.sys [64512 2009-07-14] (Microsoft Corporation)
S3 AmdPPM; C:\Windows\system32\drivers\amdppm.sys [60928 2009-07-14] (Microsoft Corporation)
S3 amdsata; C:\Windows\system32\drivers\amdsata.sys [107904 2011-07-14] (Advanced Micro Devices)
S3 amdsbs; C:\Windows\system32\drivers\amdsbs.sys [194128 2009-07-14] (AMD Technologies Inc.)
R0 amdxata; C:\Windows\System32\drivers\amdxata.sys [27008 2011-07-14] (Advanced Micro Devices)
S3 androidusb; C:\Windows\System32\Drivers\wsadb.sys [40736 2013-10-03] (Google Inc)
S3 AppID; C:\Windows\system32\drivers\appid.sys [61440 2010-11-21] (Microsoft Corporation)
S3 arc; C:\Windows\system32\drivers\arc.sys [87632 2009-07-14] (Adaptec, Inc.)
S3 arcsas; C:\Windows\system32\drivers\arcsas.sys [97856 2009-07-14] (Adaptec, Inc.)
R3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [23040 2009-07-14] (Microsoft Corporation)
R0 atapi; C:\Windows\System32\drivers\atapi.sys [24128 2009-07-14] (Microsoft Corporation)
R3 athr; C:\Windows\System32\DRIVERS\athrx.sys [2755584 2011-07-19] (Atheros Communications, Inc.)
S3 b06bdrv; C:\Windows\system32\drivers\bxvbda.sys [468480 2009-06-10] (Broadcom Corporation)
S3 b57nd60a; C:\Windows\System32\DRIVERS\b57nd60a.sys [270848 2009-06-10] (Broadcom Corporation)
R3 b57xdbd; C:\Windows\System32\DRIVERS\b57xdbd.sys [67624 2011-01-20] (Broadcom Corporation)
R3 b57xdmp; C:\Windows\System32\DRIVERS\b57xdmp.sys [19496 2011-01-20] (Broadcom Corporation)
R1 Beep; C:\Windows\System32\Drivers\Beep.sys [6656 2009-07-14] (Microsoft Corporation)
R1 blbdrive; C:\Windows\system32\drivers\blbdrive.sys [45056 2009-07-14] (Microsoft Corporation)
R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [90624 2011-07-14] (Microsoft Corporation)
S3 BrFiltLo; C:\Windows\system32\drivers\BrFiltLo.sys [18432 2009-06-10] (Brother Industries, Ltd.)
S3 BrFiltUp; C:\Windows\system32\drivers\BrFiltUp.sys [8704 2009-06-10] (Brother Industries, Ltd.)
S3 BridgeMP; C:\Windows\System32\DRIVERS\bridge.sys [95232 2009-07-14] (Microsoft Corporation)
S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [286720 2009-07-14] (Brother Industries Ltd.)
S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [47104 2009-06-10] (Brother Industries Ltd.)
S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [14976 2009-06-10] (Brother Industries Ltd.)
S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [14720 2009-06-10] (Brother Industries Ltd.)
R3 bScsiMSa; C:\Windows\System32\DRIVERS\bScsiMSa.sys [51240 2011-05-16] (Broadcom Corporation)
R3 bScsiSDa; C:\Windows\System32\DRIVERS\bScsiSDa.sys [86056 2011-05-06] (Broadcom Corporation)
S3 BTHMODEM; C:\Windows\system32\drivers\bthmodem.sys [72192 2009-07-14] (Microsoft Corporation)
S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [92160 2009-07-14] (Microsoft Corporation)
R1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [147456 2010-11-21] (Microsoft Corporation)
S3 circlass; C:\Windows\system32\drivers\circlass.sys [45568 2009-07-14] (Microsoft Corporation)
R0 CLFS; C:\Windows\System32\CLFS.sys [367696 2009-07-14] (Microsoft Corporation)
R3 CmBatt; C:\Windows\system32\drivers\CmBatt.sys [17664 2009-07-14] (Microsoft Corporation)
S3 cmdide; C:\Windows\system32\drivers\cmdide.sys [17488 2009-07-14] (CMD Technology, Inc.)
R0 CNG; C:\Windows\System32\Drivers\cng.sys [458712 2013-07-04] (Microsoft Corporation)
R0 Compbatt; C:\Windows\System32\drivers\compbatt.sys [21584 2009-07-14] (Microsoft Corporation)
R3 CompositeBus; C:\Windows\system32\drivers\CompositeBus.sys [38912 2010-11-21] (Microsoft Corporation)
S4 crcdisk; C:\Windows\system32\drivers\crcdisk.sys [24144 2009-07-14] (Microsoft Corporation)
R1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [102400 2010-11-21] (Microsoft Corporation)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [98616 2013-10-03] (DEVGURU Co., LTD.(www.devguru.co.kr))
R1 discache; C:\Windows\System32\drivers\discache.sys [40448 2009-07-14] (Microsoft Corporation)
R0 Disk; C:\Windows\System32\drivers\disk.sys [73280 2009-07-14] (Microsoft Corporation)
S3 drmkaud; C:\Windows\system32\drivers\drmkaud.sys [5632 2009-07-14] (Microsoft Corporation)
R3 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [983488 2013-08-01] (Microsoft Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [213416 2013-02-20] (ESET)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [150616 2013-01-10] (ESET)
S3 elxstor; C:\Windows\system32\drivers\elxstor.sys [530496 2009-07-14] (Emulex)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [190232 2013-01-10] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [59440 2013-01-10] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [58416 2013-02-20] (ESET)
S3 ErrDev; C:\Windows\system32\drivers\errdev.sys [9728 2009-07-14] (Microsoft Corporation)
R3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [142632 2011-04-05] (ELAN Microelectronics Corp.)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [243200 2009-10-21] (Huawei Technologies Co., Ltd.)
S3 exfat; C:\Windows\System32\Drivers\exfat.sys [195072 2009-07-14] (Microsoft Corporation)
S3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [204800 2009-07-14] (Microsoft Corporation)
S3 fdc; C:\Windows\system32\drivers\fdc.sys [29696 2009-07-14] (Microsoft Corporation)
R0 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [70224 2009-07-14] (Microsoft Corporation)
S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34304 2009-07-14] (Microsoft Corporation)
S3 flpydisk; C:\Windows\system32\drivers\flpydisk.sys [24576 2009-07-14] (Microsoft Corporation)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [289664 2010-11-21] (Microsoft Corporation)
S3 FsDepends; C:\Windows\System32\drivers\FsDepends.sys [55376 2009-07-14] (Microsoft Corporation)
U0 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [23408 2012-03-01] (Microsoft Corporation)
R0 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [223752 2013-01-24] (Microsoft Corporation)
S3 gagp30kx; C:\Windows\system32\drivers\gagp30kx.sys [65088 2009-07-14] (Microsoft Corporation)
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [31232 2009-06-10] (Hauppauge Computer Works, Inc.)
S3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [350208 2010-11-21] (Microsoft Corporation)
R3 HDAudBus; C:\Windows\system32\drivers\HDAudBus.sys [122368 2010-11-21] (Microsoft Corporation)
S3 HidBatt; C:\Windows\system32\drivers\HidBatt.sys [26624 2009-07-14] (Microsoft Corporation)
S3 HidBth; C:\Windows\system32\drivers\hidbth.sys [100864 2009-07-14] (Microsoft Corporation)
S3 HidIr; C:\Windows\system32\drivers\hidir.sys [46592 2009-07-14] (Microsoft Corporation)
R3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [30208 2010-11-21] (Microsoft Corporation)
S3 HpSAMD; C:\Windows\system32\drivers\HpSAMD.sys [78720 2010-11-21] (Hewlett-Packard Company)
R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [753664 2010-11-21] (Microsoft Corporation)
S3 hwdatacard; C:\Windows\System32\DRIVERS\ewusbmdm.sys [117248 2009-09-10] (Huawei Technologies Co., Ltd.)
R0 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14720 2010-11-21] (Microsoft Corporation)
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114304 2009-10-12] (Huawei Technologies Co., Ltd.)
R3 i8042prt; C:\Windows\system32\drivers\i8042prt.sys [105472 2009-07-14] (Microsoft Corporation)
R0 iaStor; C:\Windows\System32\drivers\iaStor.sys [557848 2011-04-26] (Intel Corporation)
S3 iaStorV; C:\Windows\system32\drivers\iaStorV.sys [410496 2011-07-14] (Intel Corporation)
R3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [12230912 2011-06-10] (Intel Corporation)
S3 iirsp; C:\Windows\system32\drivers\iirsp.sys [44112 2009-07-14] (Intel Corp./ICP vortex GmbH)
R3 IntcAzAudAddService; C:\Windows\System32\drivers\RTKVHD64.sys [3056360 2011-08-16] (Realtek Semiconductor Corp.)
R3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [317440 2010-10-15] (Intel(R) Corporation)
S3 intelide; C:\Windows\system32\drivers\intelide.sys [16960 2009-07-14] (Microsoft Corporation)
R3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [62464 2009-07-14] (Microsoft Corporation)
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [82944 2010-11-21] (Microsoft Corporation)
S3 IPMIDRV; C:\Windows\system32\drivers\IPMIDrv.sys [78848 2010-11-21] (Microsoft Corporation)
S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [116224 2009-07-14] (Microsoft Corporation)
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2009-07-14] (Microsoft Corporation)
S3 isapnp; C:\Windows\system32\drivers\isapnp.sys [20544 2009-07-14] (Microsoft Corporation)
S3 iScsiPrt; C:\Windows\system32\drivers\msiscsi.sys [273792 2010-11-21] (Microsoft Corporation)
R3 k57nd60a; C:\Windows\System32\DRIVERS\k57nd60a.sys [425000 2011-05-10] (Broadcom Corporation)
R3 kbdclass; C:\Windows\system32\drivers\kbdclass.sys [50768 2009-07-14] (Microsoft Corporation)
S3 kbdhid; C:\Windows\system32\drivers\kbdhid.sys [33280 2010-11-21] (Microsoft Corporation)
R0 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [95680 2013-09-25] (Microsoft Corporation)
R0 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [154560 2013-09-25] (Microsoft Corporation)
R3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [20992 2009-07-14] (Microsoft Corporation)
R2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [60928 2009-07-14] (Microsoft Corporation)
S3 LSI_FC; C:\Windows\system32\drivers\lsi_fc.sys [114752 2009-07-14] (LSI Corporation)
S3 LSI_SAS; C:\Windows\system32\drivers\lsi_sas.sys [106560 2009-07-14] (LSI Corporation)
S3 LSI_SAS2; C:\Windows\system32\drivers\lsi_sas2.sys [65600 2009-07-14] (LSI Corporation)
S3 LSI_SCSI; C:\Windows\system32\drivers\lsi_scsi.sys [115776 2009-07-14] (LSI Corporation)
R2 luafv; C:\Windows\system32\drivers\luafv.sys [113152 2009-07-14] (Microsoft Corporation)
S3 megasas; C:\Windows\system32\drivers\megasas.sys [35392 2009-07-14] (LSI Corporation)
S3 MegaSR; C:\Windows\system32\drivers\MegaSR.sys [284736 2009-07-14] (LSI Corporation, Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\HECIx64.sys [56344 2010-10-20] (Intel Corporation)
S3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2009-07-14] (Microsoft Corporation)
R3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [30208 2009-07-14] (Microsoft Corporation)
R3 mouclass; C:\Windows\System32\DRIVERS\mouclass.sys [49216 2009-07-14] (Microsoft Corporation)
R3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [31232 2009-07-14] (Microsoft Corporation)
R0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94592 2010-11-21] (Microsoft Corporation)
S3 mpio; C:\Windows\system32\drivers\mpio.sys [155008 2010-11-21] (Microsoft Corporation)
R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [77312 2009-07-14] (Microsoft Corporation)
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [140800 2013-07-04] (Microsoft Corporation)
R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [158208 2011-07-14] (Microsoft Corporation)
R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [288768 2011-09-21] (Microsoft Corporation)
R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [128000 2011-07-14] (Microsoft Corporation)
S3 msahci; C:\Windows\system32\drivers\msahci.sys [31104 2010-11-21] (Microsoft Corporation)
S3 msdsm; C:\Windows\system32\drivers\msdsm.sys [140672 2010-11-21] (Microsoft Corporation)
R1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [26112 2009-07-14] (Microsoft Corporation)
S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2009-07-14] (Microsoft Corporation)
R0 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [15424 2009-07-14] (Microsoft Corporation)
S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [11136 2009-07-14] (Microsoft Corporation)
S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [7168 2009-07-14] (Microsoft Corporation)
S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [6784 2009-07-14] (Microsoft Corporation)
S3 MsRPC; C:\Windows\System32\Drivers\MsRPC.sys [366976 2010-11-21] (Microsoft Corporation)
R1 mssmbios; C:\Windows\system32\drivers\mssmbios.sys [32320 2009-07-14] (Microsoft Corporation)
S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [8064 2009-07-14] (Microsoft Corporation)
S3 MTConfig; C:\Windows\system32\drivers\MTConfig.sys [15360 2009-07-14] (Microsoft Corporation)
R0 Mup; C:\Windows\System32\Drivers\mup.sys [60496 2009-07-14] (Microsoft Corporation)
R1 mwlPSDFilter; C:\Windows\System32\DRIVERS\mwlPSDFilter.sys [22648 2012-01-15] (Egis Technology Inc.)
R1 mwlPSDNServ; C:\Windows\System32\DRIVERS\mwlPSDNServ.sys [20520 2012-01-15] (Egis Technology Inc.)
R1 mwlPSDVDisk; C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys [62776 2012-01-15] (Egis Technology Inc.)
R3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [318976 2009-07-14] (Microsoft Corporation)
R0 NDIS; C:\Windows\System32\drivers\ndis.sys [950128 2012-08-22] (Microsoft Corporation)
S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [35328 2009-07-14] (Microsoft Corporation)
R3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [24064 2009-07-14] (Microsoft Corporation)
R3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [56832 2010-11-21] (Microsoft Corporation)
R3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [164352 2010-11-21] (Microsoft Corporation)
R3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [57856 2010-11-21] (Microsoft Corporation)
R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [44544 2009-07-14] (Microsoft Corporation)
R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [261632 2010-11-21] (Microsoft Corporation)
S3 nfrd960; C:\Windows\system32\drivers\nfrd960.sys [51264 2009-07-14] (IBM Corporation)
R1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [44032 2009-07-14] (Microsoft Corporation)
R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [24576 2009-07-14] (Microsoft Corporation)
R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1656680 2013-04-12] (Microsoft Corporation)
R3 NTIDrvr; C:\Windows\system32\drivers\NTIDrvr.sys [18432 2011-09-20] (NTI Corporation)
R1 Null; C:\Windows\System32\Drivers\Null.sys [6144 2009-07-14] (Microsoft Corporation)
R3 nvlddmkm; C:\Windows\System32\DRIVERS\nvlddmkm.sys [13443944 2012-10-08] (NVIDIA Corporation)
R0 nvpciflt; C:\Windows\System32\DRIVERS\nvpciflt.sys [30056 2012-10-08] (NVIDIA Corporation)
S3 nvraid; C:\Windows\system32\drivers\nvraid.sys [148352 2011-07-14] (NVIDIA Corporation)
S3 nvstor; C:\Windows\system32\drivers\nvstor.sys [166272 2011-07-14] (NVIDIA Corporation)
S3 nv_agp; C:\Windows\system32\drivers\nv_agp.sys [122960 2009-07-14] (Microsoft Corporation)
S3 ohci1394; C:\Windows\system32\drivers\ohci1394.sys [72832 2009-07-14] (Microsoft Corporation)
S3 Parport; C:\Windows\system32\drivers\parport.sys [97280 2009-07-14] (Microsoft Corporation)
R0 partmgr; C:\Windows\System32\drivers\partmgr.sys [75120 2012-03-17] (Microsoft Corporation)
R0 pci; C:\Windows\System32\drivers\pci.sys [184704 2010-11-21] (Microsoft Corporation)
S3 pciide; C:\Windows\system32\drivers\pciide.sys [12352 2009-07-14] (Microsoft Corporation)
S3 pcmcia; C:\Windows\system32\drivers\pcmcia.sys [220752 2009-07-14] (Microsoft Corporation)
R0 pcw; C:\Windows\System32\drivers\pcw.sys [50768 2009-07-14] (Microsoft Corporation)
R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [651264 2009-07-14] (Microsoft Corporation)
R3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [111104 2010-11-21] (Microsoft Corporation)
S3 Processor; C:\Windows\system32\drivers\processr.sys [60416 2009-07-14] (Microsoft Corporation)
R1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [131584 2010-11-21] (Microsoft Corporation)
S3 ql2300; C:\Windows\system32\drivers\ql2300.sys [1524816 2009-07-14] (QLogic Corporation)
S3 ql40xx; C:\Windows\system32\drivers\ql40xx.sys [128592 2009-07-14] (QLogic Corporation)
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [46592 2009-07-14] (Microsoft Corporation)
S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [14848 2009-07-14] (Microsoft Corporation)
R3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [60416 2009-07-14] (Microsoft Corporation)
R3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [129536 2010-11-21] (Microsoft Corporation)
R3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [92672 2009-07-14] (Microsoft Corporation)
R3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [83968 2009-07-14] (Microsoft Corporation)
R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [309248 2010-11-21] (Microsoft Corporation)
S3 rdpbus; C:\Windows\system32\drivers\rdpbus.sys [24064 2009-07-14] (Microsoft Corporation)
R1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7680 2009-07-14] (Microsoft Corporation)
R1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [7680 2009-07-14] (Microsoft Corporation)
R1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [8192 2009-07-14] (Microsoft Corporation)
S3 RdpVideoMiniport; C:\Windows\System32\drivers\rdpvideominiport.sys [19456 2012-08-23] (Microsoft Corporation)
S3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [210944 2012-04-28] (Microsoft Corporation)
R0 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [213888 2010-11-21] (Microsoft Corporation)
R2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [76800 2009-07-14] (Microsoft Corporation)
S3 sbp2port; C:\Windows\system32\drivers\sbp2port.sys [103808 2010-11-21] (Microsoft Corporation)
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [29696 2010-11-21] (Microsoft Corporation)
S3 sdbus; C:\Windows\System32\DRIVERS\sdbus.sys [109056 2010-11-21] (Microsoft Corporation)
R2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-10] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
S3 Serenum; C:\Windows\system32\drivers\serenum.sys [23552 2009-07-14] (Microsoft Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Microsoft Corporation)
S3 sermouse; C:\Windows\system32\drivers\sermouse.sys [26624 2009-07-14] (Microsoft Corporation)
S3 sffdisk; C:\Windows\system32\drivers\sffdisk.sys [14336 2009-07-14] (Microsoft Corporation)
S3 sffp_mmc; C:\Windows\system32\drivers\sffp_mmc.sys [13824 2009-07-14] (Microsoft Corporation)
S3 sffp_sd; C:\Windows\system32\drivers\sffp_sd.sys [14336 2010-11-21] (Microsoft Corporation)
S3 sfloppy; C:\Windows\system32\drivers\sfloppy.sys [16896 2009-07-14] (Microsoft Corporation)
R3 Sftfs; C:\Windows\System32\DRIVERS\Sftfslh.sys [767144 2013-06-26] (Microsoft Corporation)
R3 Sftplay; C:\Windows\System32\DRIVERS\Sftplaylh.sys [273576 2013-06-26] (Microsoft Corporation)
R3 Sftredir; C:\Windows\System32\DRIVERS\Sftredirlh.sys [28840 2013-06-26] (Microsoft Corporation)
R3 Sftvol; C:\Windows\System32\DRIVERS\Sftvollh.sys [23208 2013-06-26] (Microsoft Corporation)
S3 SiSRaid2; C:\Windows\system32\drivers\SiSRaid2.sys [43584 2009-07-14] (Silicon Integrated Systems Corp.)
S3 SiSRaid4; C:\Windows\system32\drivers\sisraid4.sys [80464 2009-07-14] (Silicon Integrated Systems)
S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [93184 2009-07-14] (Microsoft Corporation)
R0 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-14] (Microsoft Corporation)
R3 srv; C:\Windows\System32\DRIVERS\srv.sys [467456 2011-07-14] (Microsoft Corporation)
R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [410112 2011-07-14] (Microsoft Corporation)
R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [168448 2011-07-14] (Microsoft Corporation)
S3 ssadbus; C:\Windows\System32\DRIVERS\ssadbus.sys [157672 2011-05-13] (MCCI Corporation)
S3 ssadmdfl; C:\Windows\System32\DRIVERS\ssadmdfl.sys [16872 2011-05-13] (MCCI Corporation)
S3 ssadmdm; C:\Windows\System32\DRIVERS\ssadmdm.sys [177640 2011-05-13] (MCCI Corporation)
S3 ssadserd; C:\Windows\System32\DRIVERS\ssadserd.sys [146920 2011-05-13] (MCCI Corporation)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [204568 2013-08-20] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [204568 2013-08-20] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 stexstor; C:\Windows\system32\drivers\stexstor.sys [24656 2009-07-14] (Promise Technology)
R3 swenum; C:\Windows\system32\drivers\swenum.sys [12496 2009-07-14] (Microsoft Corporation)
R0 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1903552 2013-09-08] (Microsoft Corporation)
S3 TCPIP6; C:\Windows\System32\DRIVERS\tcpip.sys [1903552 2013-09-08] (Microsoft Corporation)
R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [45568 2012-10-03] (Microsoft Corporation)
S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [15872 2009-07-14] (Microsoft Corporation)
S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [23552 2012-02-17] (Microsoft Corporation)
R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [119296 2010-11-21] (Microsoft Corporation)
R1 TermDD; C:\Windows\system32\drivers\termdd.sys [63360 2010-11-21] (Microsoft Corporation)
S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [39936 2013-06-15] (Microsoft Corporation)
S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [57856 2012-08-23] (Microsoft Corporation)
S3 TsUsbGD; C:\Windows\system32\drivers\TsUsbGD.sys [30208 2012-08-23] (Microsoft Corporation)
R3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [125440 2010-11-21] (Microsoft Corporation)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [16120 2010-11-29] (Intel(R) Corporation)
S3 uagp35; C:\Windows\system32\drivers\uagp35.sys [64080 2009-07-14] (Microsoft Corporation)
R3 UBHelper; C:\Windows\system32\drivers\UBHelper.sys [17408 2011-09-20] (NTI Corporation)
S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [328192 2010-11-21] (Microsoft Corporation)
S3 uliagpkx; C:\Windows\system32\drivers\uliagpkx.sys [64592 2009-07-14] (Microsoft Corporation)
R3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [48640 2010-11-21] (Microsoft Corporation)
S3 UmPass; C:\Windows\system32\drivers\umpass.sys [9728 2009-07-14] (Microsoft Corporation)
R3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [99840 2013-11-27] (Microsoft Corporation)
S3 usbcir; C:\Windows\system32\drivers\usbcir.sys [100864 2013-07-12] (Microsoft Corporation)
R3 usbehci; C:\Windows\system32\drivers\usbehci.sys [53248 2013-11-27] (Microsoft Corporation)
R3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [343040 2013-11-27] (Microsoft Corporation)
S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [25600 2013-11-27] (Microsoft Corporation)
S3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [25088 2009-07-14] (Microsoft Corporation)
S3 usbscan; C:\Windows\system32\drivers\usbscan.sys [42496 2013-07-03] (Microsoft Corporation)
S3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [91648 2011-07-14] (Microsoft Corporation)
S3 usbuhci; C:\Windows\system32\drivers\usbuhci.sys [30720 2013-11-27] (Microsoft Corporation)
R3 usbvideo; C:\Windows\System32\Drivers\usbvideo.sys [185344 2013-07-12] (Microsoft Corporation)
R0 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [36432 2009-07-14] (Microsoft Corporation)
S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [29184 2009-07-14] (Microsoft Corporation)
R1 VgaSave; C:\Windows\System32\drivers\vga.sys [29184 2009-07-14] (Microsoft Corporation)
S3 vhdmp; C:\Windows\system32\drivers\vhdmp.sys [215936 2010-11-21] (Microsoft Corporation)
S3 viaide; C:\Windows\system32\drivers\viaide.sys [17488 2009-07-14] (VIA Technologies, Inc.)
R0 volmgr; C:\Windows\System32\drivers\volmgr.sys [71552 2010-11-21] (Microsoft Corporation)
R0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363392 2010-11-21] (Microsoft Corporation)
R0 volsnap; C:\Windows\System32\drivers\volsnap.sys [295808 2010-11-21] (Microsoft Corporation)
S3 vsmraid; C:\Windows\system32\drivers\vsmraid.sys [161872 2009-07-14] (VIA Technologies Inc.,Ltd)
R3 vwifibus; C:\Windows\System32\DRIVERS\vwifibus.sys [24576 2009-07-14] (Microsoft Corporation)
R1 vwififlt; C:\Windows\System32\DRIVERS\vwififlt.sys [59904 2009-07-14] (Microsoft Corporation)
R3 vwifimp; C:\Windows\System32\DRIVERS\vwifimp.sys [17920 2009-07-14] (Microsoft Corporation)
S3 WacomPen; C:\Windows\system32\drivers\wacompen.sys [27776 2009-07-14] (Microsoft Corporation)
S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-21] (Microsoft Corporation)
R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-21] (Microsoft Corporation)
S3 Wd; C:\Windows\system32\drivers\wd.sys [21056 2009-07-14] (Microsoft Corporation)
R0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [785624 2013-06-25] (Microsoft Corporation)
R1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [12800 2009-07-14] (Microsoft Corporation)
S3 WIMMount; C:\Windows\System32\drivers\wimmount.sys [22096 2009-07-14] (Microsoft Corporation)
S3 WIMMount; C:\Windows\SysWOW64\drivers\wimmount.sys [19008 2009-07-14] (Microsoft Corporation)
U3 Winsock; No ImagePath
S3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [41984 2010-11-21] (Microsoft Corporation)
R3 WmiAcpi; C:\Windows\system32\drivers\wmiacpi.sys [14336 2009-07-14] (Microsoft Corporation)
R1 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [21504 2009-07-14] (Microsoft Corporation)
S3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [87040 2012-07-26] (Microsoft Corporation)
S3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
U5 BattC; C:\Windows\System32\Drivers\BattC.sys [28240 2009-07-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-28 00:11 - 2014-01-28 00:46 - 110100481 _____ C:\Users\Andi\Downloads\Medi.part03.rar
2014-01-28 00:09 - 2014-01-28 00:52 - 110100483 _____ C:\Users\Andi\Downloads\Medi.part02.rar
2014-01-28 00:09 - 2014-01-28 00:46 - 110100487 _____ C:\Users\Andi\Downloads\Medi.part01.rar
2014-01-26 17:06 - 2014-01-26 17:06 - 00000000 ____D C:\Users\Andi\AppData\Roaming\Garmin
2014-01-22 13:52 - 2014-01-22 13:53 - 00000000 ____D C:\Users\Angi\AppData\Local\Udbmedia
2014-01-21 20:26 - 2014-01-21 20:26 - 00033206 _____ C:\Users\Andi\Desktop\Addition.txt
2014-01-20 22:03 - 2014-01-30 23:07 - 02079744 _____ (Farbar) C:\Users\Andi\Desktop\FRST64.exe
2014-01-20 16:46 - 2014-01-20 16:46 - 00002130 _____ C:\Users\Public\Desktop\NWZ-E380 WALKMAN Guide.lnk
2014-01-20 16:45 - 2014-01-20 16:45 - 00000000 ____D C:\Users\Admin\AppData\Local\Downloaded Installations
2014-01-20 16:44 - 2014-01-20 16:44 - 00000562 _____ C:\Windows\wmsetup.log
2014-01-20 16:44 - 2014-01-20 16:44 - 00000000 ____D C:\Program Files (x86)\Sony
2014-01-19 11:01 - 2014-01-19 11:02 - 18864072 _____ C:\Users\Angi\Downloads\CommunicatorPlugin_410 (1).exe
2014-01-19 10:58 - 2014-01-19 10:58 - 00000000 ____D C:\Program Files\Garmin GPS Plugin
2014-01-19 10:58 - 2014-01-19 10:58 - 00000000 ____D C:\Program Files (x86)\Garmin GPS Plugin
2014-01-19 10:55 - 2014-01-19 10:56 - 18864072 _____ C:\Users\Angi\Downloads\CommunicatorPlugin_410.exe
2014-01-16 06:28 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-16 06:28 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-16 06:28 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-16 06:28 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-16 06:28 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-16 06:28 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-16 06:28 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-16 06:28 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-16 06:28 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-10 20:09 - 2014-01-30 23:07 - 00000000 ____D C:\Users\Andi\Desktop\FRST-OlderVersion
2014-01-05 21:32 - 2014-01-10 06:24 - 00000000 ____D C:\Users\Andi\AppData\Local\Udbmedia
2014-01-05 09:36 - 2014-01-10 20:14 - 00000000 ____D C:\Users\Angi\Desktop\FRST-OlderVersion
2014-01-03 21:00 - 2014-01-10 20:14 - 01932166 _____ (Farbar) C:\Users\Angi\Desktop\FRST64.exe
2014-01-03 20:54 - 2014-01-05 09:28 - 00000000 ____D C:\Users\Andi\Downloads\FRST-OlderVersion
2014-01-01 19:35 - 2014-01-01 19:36 - 00074060 _____ C:\Users\Angi\Downloads\FRST.txt
2014-01-01 19:34 - 2014-01-30 23:08 - 00070477 _____ C:\Users\Andi\Desktop\FRST.txt
2014-01-01 19:34 - 2014-01-01 19:32 - 01931396 _____ (Farbar) C:\Users\Angi\Downloads\FRST64(1).exe
2014-01-01 19:33 - 2014-01-05 09:32 - 00053799 _____ C:\Users\Andi\Downloads\FRST.txt
==================== One Month Modified Files and Folders =======
2014-01-30 23:08 - 2014-01-01 19:34 - 00070477 _____ C:\Users\Andi\Desktop\FRST.txt
2014-01-30 23:08 - 2013-12-23 01:49 - 00000000 ____D C:\FRST
2014-01-30 23:07 - 2014-01-20 22:03 - 02079744 _____ (Farbar) C:\Users\Andi\Desktop\FRST64.exe
2014-01-30 23:07 - 2014-01-10 20:09 - 00000000 ____D C:\Users\Andi\Desktop\FRST-OlderVersion
2014-01-30 23:04 - 2013-12-09 00:58 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cef47153d6009b.job
2014-01-30 23:04 - 2013-11-24 08:26 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2098008458-3402727504-3613341839-1001UA1cee8e678ff332c.job
2014-01-30 23:04 - 2013-10-12 20:12 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2098008458-3402727504-3613341839-1002UA1cec77f502d0aa.job
2014-01-30 23:04 - 2012-10-10 22:33 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-30 22:06 - 2013-07-08 16:40 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-30 22:05 - 2009-07-14 05:51 - 00200147 _____ C:\Windows\setupact.log
2014-01-30 17:23 - 2012-06-02 13:35 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2098008458-3402727504-3613341839-1002Core.job
2014-01-30 14:03 - 2009-07-14 05:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-30 14:03 - 2009-07-14 05:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-30 13:58 - 2012-01-15 19:22 - 01436149 _____ C:\Windows\WindowsUpdate.log
2014-01-30 13:56 - 2013-12-01 20:43 - 00000000 ___RD C:\Users\Angi\Dropbox
2014-01-30 13:56 - 2013-12-01 20:39 - 00000000 ____D C:\Users\Angi\AppData\Roaming\Dropbox
2014-01-30 13:56 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-29 12:10 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-29 06:36 - 2012-01-16 04:15 - 00669464 _____ C:\Windows\system32\perfh007.dat
2014-01-29 06:36 - 2012-01-16 04:15 - 00134990 _____ C:\Windows\system32\perfc007.dat
2014-01-29 06:36 - 2009-07-14 06:13 - 01528428 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-28 08:31 - 2013-09-13 22:21 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2098008458-3402727504-3613341839-1001Core1ceb0c727a22316.job
2014-01-28 08:11 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2014-01-28 00:52 - 2014-01-28 00:09 - 110100483 _____ C:\Users\Andi\Downloads\Medi.part02.rar
2014-01-28 00:46 - 2014-01-28 00:11 - 110100481 _____ C:\Users\Andi\Downloads\Medi.part03.rar
2014-01-28 00:46 - 2014-01-28 00:09 - 110100487 _____ C:\Users\Andi\Downloads\Medi.part01.rar
2014-01-27 15:25 - 2013-12-09 23:49 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-27 15:25 - 2013-12-09 23:48 - 00000000 ____D C:\Users\Admin\AppData\Local\Adobe
2014-01-27 15:25 - 2011-10-14 04:49 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-27 11:54 - 2012-08-14 20:29 - 00000000 ____D C:\Users\Andi\AppData\Roaming\SoftGrid Client
2014-01-27 01:54 - 2013-09-26 22:52 - 00000000 ____D C:\Users\Andi\Documents\Urlaub
2014-01-26 17:06 - 2014-01-26 17:06 - 00000000 ____D C:\Users\Andi\AppData\Roaming\Garmin
2014-01-25 09:06 - 2012-07-09 11:24 - 00000000 ____D C:\Windows\Minidump
2014-01-25 09:06 - 2012-07-09 11:23 - 538541837 _____ C:\Windows\MEMORY.DMP
2014-01-22 15:21 - 2012-06-04 21:30 - 00000000 ____D C:\MP3
2014-01-22 13:53 - 2014-01-22 13:52 - 00000000 ____D C:\Users\Angi\AppData\Local\Udbmedia
2014-01-22 13:37 - 2012-06-02 16:08 - 00000000 ____D C:\Users\Angi\AppData\Roaming\Adobe
2014-01-21 20:26 - 2014-01-21 20:26 - 00033206 _____ C:\Users\Andi\Desktop\Addition.txt
2014-01-20 19:53 - 2010-11-21 04:47 - 00393070 _____ C:\Windows\PFRO.log
2014-01-20 16:46 - 2014-01-20 16:46 - 00002130 _____ C:\Users\Public\Desktop\NWZ-E380 WALKMAN Guide.lnk
2014-01-20 16:45 - 2014-01-20 16:45 - 00000000 ____D C:\Users\Admin\AppData\Local\Downloaded Installations
2014-01-20 16:44 - 2014-01-20 16:44 - 00000562 _____ C:\Windows\wmsetup.log
2014-01-20 16:44 - 2014-01-20 16:44 - 00000000 ____D C:\Program Files (x86)\Sony
2014-01-20 16:44 - 2012-06-07 10:57 - 00000000 ____D C:\ProgramData\Sony Corporation
2014-01-19 11:02 - 2014-01-19 11:01 - 18864072 _____ C:\Users\Angi\Downloads\CommunicatorPlugin_410 (1).exe
2014-01-19 10:58 - 2014-01-19 10:58 - 00000000 ____D C:\Program Files\Garmin GPS Plugin
2014-01-19 10:58 - 2014-01-19 10:58 - 00000000 ____D C:\Program Files (x86)\Garmin GPS Plugin
2014-01-19 10:56 - 2014-01-19 10:55 - 18864072 _____ C:\Users\Angi\Downloads\CommunicatorPlugin_410.exe
2014-01-18 18:34 - 2012-06-02 13:28 - 00000000 ___RD C:\Users\Angi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-16 19:39 - 2009-07-14 05:45 - 00481440 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-16 06:29 - 2013-08-15 14:17 - 00000000 ____D C:\Windows\system32\MRT
2014-01-16 06:25 - 2013-08-15 14:17 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 13:27 - 2013-09-12 06:01 - 00000000 ____D C:\Program Files\Microsoft Office 15
2014-01-10 20:14 - 2014-01-05 09:36 - 00000000 ____D C:\Users\Angi\Desktop\FRST-OlderVersion
2014-01-10 20:14 - 2014-01-03 21:00 - 01932166 _____ (Farbar) C:\Users\Angi\Desktop\FRST64.exe
2014-01-10 06:27 - 2013-12-01 20:43 - 00001012 _____ C:\Users\Angi\Desktop\Dropbox.lnk
2014-01-10 06:27 - 2013-12-01 20:39 - 00000526 _____ C:\Windows\wininit.ini
2014-01-10 06:27 - 2013-12-01 20:39 - 00000000 ____D C:\Users\Angi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-10 06:24 - 2014-01-05 21:32 - 00000000 ____D C:\Users\Andi\AppData\Local\Udbmedia
2014-01-07 08:01 - 2013-08-27 06:26 - 00000000 ____D C:\Users\Andi\AppData\Roaming\vlc
2014-01-07 07:41 - 2013-01-31 23:48 - 00000000 ____D C:\Users\Andi\Documents\Weine
2014-01-05 11:11 - 2013-11-10 14:24 - 00000000 ____D C:\Users\Andi\AppData\Roaming\BitTorrent
2014-01-05 09:32 - 2014-01-01 19:33 - 00053799 _____ C:\Users\Andi\Downloads\FRST.txt
2014-01-05 09:28 - 2014-01-03 20:54 - 00000000 ____D C:\Users\Andi\Downloads\FRST-OlderVersion
2014-01-01 19:36 - 2014-01-01 19:35 - 00074060 _____ C:\Users\Angi\Downloads\FRST.txt
2014-01-01 19:32 - 2014-01-01 19:34 - 01931396 _____ (Farbar) C:\Users\Angi\Downloads\FRST64(1).exe
Some content of TEMP:
====================
C:\Users\Angi\AppData\Local\Temp\dttxyztz.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== End Of Log ============================
--- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-01-2014 01
Ran by Andi at 2014-01-30 23:08:38
Running from C:\Users\Andi\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: ESET Smart Security 6.0 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET Smart Security 6.0 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal firewall (Enabled) {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
==================== Installed Programs ======================
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0 - Igor Pavlov)
Acer Backup Manager (x32 Version: 3.0.0.99 - NTI Corporation)
Acer Crystal Eye Webcam (x32 Version: 1.0.1904 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.0.1904 - CyberLink Corp.) Hidden
Acer ePower Management (x32 Version: 6.00.3008 - Acer Incorporated)
Acer eRecovery Management (x32 Version: 5.00.3504 - Acer Incorporated)
Acer Games (x32 Version: 1.0.2.5 - WildTangent)
Acer Registration (x32 Version: 1.04.3504 - Acer Incorporated)
Acer ScreenSaver (x32 Version: 1.1.0913.2011 - Acer Incorporated)
Acer Updater (x32 Version: 1.02.3500 - Acer Incorporated)
Adobe AIR (x32 Version: 2.7.1.19610 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.7.1.19610 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.43 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) MUI (x32 Version: 10.1.9 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Apple Application Support (x32 Version: 2.3 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Backup Manager V3 (x32 Version: 3.0.0.99 - NTI Corporation) Hidden
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Bar (x32 Version: 7.0.765.0 - Microsoft Corporation)
BitTorrent (HKCU Version: 7.8.2.30265 - BitTorrent Inc.)
Broadcom Card Reader Driver Installer (Version: 14.8.2.2 - Broadcom Corporation)
Broadcom NetLink Controller (Version: 14.8.4.1 - Broadcom Corporation)
Canon MP550 series MP Drivers (Version: - )
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
clear.fi (x32 Version: 1.0.1517_36458 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 1.0.2024.00 - CyberLink Corp.)
clear.fi (x32 Version: 1.0.2024.00 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 9.0.8026 - CyberLink Corp.) Hidden
clear.fi Client (x32 Version: 1.00.3500 - Acer Incorporated)
Crazy Chicken Kart 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Advanced Audio v2 (x32 Version: 7.2.7000.7 - Dolby Laboratories Inc)
eBay Worldwide (x32 Version: 2.2.0409 - OEM)
ESET Smart Security (Version: 6.0.316.0 - ESET, spol s r. o.)
ETDWare PS/2-X64 8.0.6.3_WHQL (Version: 8.0.6.3 - ELAN Microelectronic Corp.)
Evernote v. 4.5.1 (x32 Version: 4.5.1.5451 - Evernote Corp.)
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fooz Kids (x32 Version: 3.0.8 - FUHU, Inc.)
Fooz Kids (x32 Version: 3.0.8 - FUHU, Inc.) Hidden
Fooz Kids Platform (x32 Version: 2.1 - FUHU, Inc.)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Garmin Communicator Plugin (x32 Version: 4.1.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (Version: 4.1.0 - Garmin Ltd or its subsidiaries)
Google Earth Plug-in (x32 Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
HappyFoto-Designer 5.1 (x32 Version: - )
Identity Card (x32 Version: 1.00.3501 - Acer Incorporated)
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
Intel(R) Control Center (x32 Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (x32 Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (x32 Version: 8.15.10.2418 - Intel Corporation)
Intel(R) Rapid Storage Technology (x32 Version: 10.5.0.1026 - Intel Corporation)
Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (x32 Version: 5.1.7 - Acer Inc.)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
McAfee Security Scan Plus (Version: 3.8.130.10 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 365 Home Premium - de-de (Version: 15.0.4551.1512 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Klick-und-Los 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (x32 Version: 14.0.5128.5002 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
MyWinLocker (Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker Suite (x32 Version: 4.0.14.19 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.19 - Egis Technology Inc.) Hidden
Need For Speed™ World (x32 Version: 1.0.0.1055 - Electronic Arts)
newsXpresso (x32 Version: 1.0.0.40 - esobi Inc.)
newsXpresso (x32 Version: 1.0.0.40 - esobi Inc.) Hidden
Norton Online Backup (x32 Version: 2.1.17869 - Symantec Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9002 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9002 - NTI Corporation) Hidden
NVIDIA Grafiktreiber 306.97 (Version: 306.97 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.85.551 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.10.8 (Version: 1.10.8 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Systemsteuerung 306.97 (Version: 306.97 - NVIDIA Corporation) Hidden
NVIDIA Update 1.10.8 (Version: 1.10.8 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
NWZ-E380 WALKMAN Guide (x32 Version: 2.2.0.05230 - Sony Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
OpenOffice 4.0.0 (x32 Version: 4.00.9702 - Apache Software Foundation)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PerformanceTest v7.0 (64-bit) (Version: 7.0 - Passmark Software)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
QuickTime (x32 Version: 7.74.80.86 - Apple Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6438 - Realtek Semiconductor Corp.)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype™ 5.10 (x32 Version: 5.10.116 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
StreamTorrent 1.0 (x32 Version: - )
Tinypic 3.18 (x32 Version: Tinypic 3.18 - E. Fiedler)
T-Mobile Internet Manager (x32 Version: 11.301.05.34.55 - Huawei Technologies Co.,Ltd)
Torchlight (x32 Version: 2.2.0.97 - WildTangent) Hidden
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (Version: 2.1.23.0 - Intel)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden
VLC Codec Pack 2.0.5 (x32 Version: 2.0.5 - VLC Codec Pack)
VLC media player 2.0.7 (x32 Version: 2.0.7 - VideoLAN)
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (x32 Version: 1.02.3504 - Acer Incorporated)
WildTangent Games App (Acer Games) (x32 Version: 4.0.5.14 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Корпорация Майкрософт) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 影像中心 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Wondershare MobileGo for Android ( Version 4.1.0 ) (x32 Version: 4.1.0 - Wondershare)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Restore Points =========================
Could not list Restore Points. Check WMI.
==================== Hosts content: ==========================
2009-07-14 03:34 - 2013-11-24 20:32 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cef47153d6009b.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2098008458-3402727504-3613341839-1001Core1ceb0c727a22316.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2098008458-3402727504-3613341839-1001UA1cee8e678ff332c.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2098008458-3402727504-3613341839-1002Core.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2098008458-3402727504-3613341839-1002UA1cec77f502d0aa.job => ?
==================== Loaded Modules (whitelisted) =============
2013-11-23 17:15 - 2013-11-23 17:15 - 02492416 _____ () C:\ProgramData\Microsoft\BingDesktop\BingCore\BingDesktopOverlays.dll
2013-11-23 17:15 - 2013-11-23 17:15 - 02179072 _____ () C:\ProgramData\Microsoft\BingDesktop\BingCore\BingDesktopCore.dll
2011-10-14 04:57 - 2011-06-10 18:36 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-04-24 02:29 - 2011-04-24 02:29 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2011-08-24 18:03 - 2011-08-24 18:03 - 00206216 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
2012-06-02 13:17 - 2013-12-20 17:48 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-01-27 15:25 - 2014-01-27 15:25 - 16287624 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/30/2014 03:34:45 PM) (Source: Office 2013 Licensing Service) (User: )
Description: Subscription licensing service failed: -1073415161
Error: (01/30/2014 01:56:34 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/30/2014 06:30:37 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/29/2014 11:30:26 PM) (Source: Office 2013 Licensing Service) (User: )
Description: Subscription licensing service failed: -1073415161
Error: (01/29/2014 11:20:41 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/29/2014 00:53:32 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005
Error: (01/29/2014 00:11:17 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/29/2014 00:10:01 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/29/2014 06:32:32 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/28/2014 10:46:17 PM) (Source: Office 2013 Licensing Service) (User: )
Description: Subscription licensing service failed: -1073415161
System errors:
=============
Error: (01/30/2014 01:58:32 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (01/30/2014 01:58:32 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (01/30/2014 06:32:38 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (01/30/2014 06:32:38 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (01/29/2014 11:22:37 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (01/29/2014 11:22:37 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (01/29/2014 00:12:19 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (01/29/2014 00:12:19 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (01/29/2014 00:12:13 PM) (Source: Service Control Manager) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Benutzerprofildienst" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (01/29/2014 00:12:13 PM) (Source: Service Control Manager) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "RAS-Verbindungsverwaltung" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Microsoft Office Sessions:
=========================
Error: (01/30/2014 03:34:45 PM) (Source: Office 2013 Licensing Service)(User: )
Description: Subscription licensing service failed: -1073415161
Error: (01/30/2014 01:56:34 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/30/2014 06:30:37 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/29/2014 11:30:26 PM) (Source: Office 2013 Licensing Service)(User: )
Description: Subscription licensing service failed: -1073415161
Error: (01/29/2014 11:20:41 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/29/2014 00:53:32 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005
Error: (01/29/2014 00:11:17 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/29/2014 00:10:01 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/29/2014 06:32:32 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/28/2014 10:46:17 PM) (Source: Office 2013 Licensing Service)(User: )
Description: Subscription licensing service failed: -1073415161
CodeIntegrity Errors:
===================================
Date: 2013-11-24 20:28:57.489
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-24 20:28:57.427
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-24 20:28:57.380
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-24 20:28:57.317
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-24 16:53:36.298
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-24 16:53:36.251
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 27%
Total physical RAM: 8043.86 MB
Available physical RAM: 5796.98 MB
Total Pagefile: 16085.9 MB
Available Pagefile: 13711.39 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:913.41 GB) (Free:593.27 GB) NTFS
==================== MBR & Partition Table ==================
==================== End Of Log ============================
|
|
31.01.2014, 16:59
| #66 |
| /// the machine /// TB-Ausbilder | Windows 7: Befall von mehreren Trojanern/Viren -Win64/Conedex.B + C + I, Win64/Sirefef.AZ+BJ Ich habs glaub schon mal erwähnt. Unsere Tools brauchen Adminrechte.....
__________________ --> Windows 7: Befall von mehreren Trojanern/Viren -Win64/Conedex.B + C + I, Win64/Sirefef.AZ+BJ |
|
31.01.2014, 17:46
| #67 |
| | Windows 7: Befall von mehreren Trojanern/Viren -Win64/Conedex.B + C + I, Win64/Sirefef.AZ+BJ Natürlich - sorry...  FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-01-2014 01
Ran by Admin (administrator) on PC on 31-01-2014 17:39:44
Running from C:\Users\Andi\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (All) =========================
(Microsoft Corporation) C:\Windows\System32\csrss.exe
(Microsoft Corporation) C:\Windows\System32\wininit.exe
(Microsoft Corporation) C:\Windows\System32\services.exe
(Microsoft Corporation) C:\Windows\System32\lsass.exe
(Microsoft Corporation) C:\Windows\System32\lsm.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\spoolsv.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnetwk.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\taskeng.exe
(Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe
(Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe
(Microsoft Corporation) C:\Windows\System32\csrss.exe
(Microsoft Corporation) C:\Windows\System32\winlogon.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\taskhost.exe
(Microsoft Corporation) C:\Windows\System32\dwm.exe
(Microsoft Corporation) C:\Windows\explorer.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WmiPrvSE.exe
(Wondershare) C:\Program Files (x86)\Wondershare\MobileGo for Android\MobileGoService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Huawei Technologies Co., Ltd.) C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WmiPrvSE.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\taskeng.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(Wondershare) C:\Program Files (x86)\Wondershare\MobileGo for Android\MGNotification.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
(Farbar) C:\Users\Andi\Desktop\FRST64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (All) ===========================
HKLM\...\Run: [IgfxTray] - C:\Windows\system32\igfxtray.exe [167704 2011-06-21] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [392472 2011-06-21] (Intel Corporation)
HKLM\...\Run: [Persistence] - C:\Windows\system32\igfxpers.exe [416024 2011-06-21] (Intel Corporation)
HKLM\...\Run: [IntelTBRunOnce] - C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs [4526 2010-11-29] ()
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [6330568 2013-03-21] (ESET)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] - C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)
HKLM-x32\...\Run: [ArcadeMovieService] - C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-08-26] (CyberLink Corp.)
HKLM-x32\...\Run: [DataCardMonitor] - C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe [253952 2012-06-02] (Huawei Technologies Co., Ltd.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact] - "C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
HKLM\...\RunOnce: [*WerKernelReporting] - %SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq [415232 2009-07-14] (Microsoft Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe, [30720 2010-11-21] (Microsoft Corporation)
HKLM-x32\...\Winlogon: [Userinit] C:\Windows\sysWOW64\userinit.exe [26624 2010-11-21] (Microsoft Corporation)
HKLM\...\Winlogon: [Shell] Explorer.exe [2871808 2011-07-14] (Microsoft Corporation)
HKLM-x32\...\Winlogon: [Shell] explorer.exe [2616320 2011-07-14] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoDrives] 0
HKCU\...\Run: [HW_OPENEYE_OUC_T-Mobile Internet Manager] - C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\UpdateDog\ouc.exe [110592 2009-12-31] (Huawei Technologies Co., Ltd.)
HKCU\...\Run: [Wondershare Helper Compact] - "C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
HKCU\...\Policies\system: [disableregistrytools] 0
HKCU\...\Policies\Explorer: [NoDrives] 0
HKU\Angi\...\Run: [Google Update] - C:\Users\Angi\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-06-02] (Google Inc.)
HKU\Angi\...\Run: [HW_OPENEYE_OUC_] - C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\UpdateDog\ouc.exe [110592 2009-12-31] (Huawei Technologies Co., Ltd.)
HKU\Angi\...\Run: [Udbmedia] - regsvr32.exe C:\Users\Angi\AppData\Local\Udbmedia\EP0NGR00.DLL <===== ATTENTION
HKU\Default\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-21] (Microsoft Corporation)
HKU\Default\...\RunOnce: [mctadmin] - C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162408 2011-09-13] ()
HKU\Default User\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-21] (Microsoft Corporation)
HKU\Default User\...\RunOnce: [mctadmin] - C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162408 2011-09-13] ()
HKU\Hans\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-21] (Microsoft Corporation)
HKU\Hans\...\RunOnce: [mctadmin] - C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\Hans\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162408 2011-09-13] ()
HKU\UpdatusUser\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-21] (Microsoft Corporation)
HKU\UpdatusUser\...\RunOnce: [mctadmin] - C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\UpdatusUser\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [247144 2012-10-08] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [202600 2012-10-08] (NVIDIA Corporation)
Lsa: [Authentication Packages] msv1_0
Lsa: [Notification Packages] scecli
SecurityProviders: credssp.dll
Startup: C:\Users\Angi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No File
SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No File
==================== Internet (All) ===========================
HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
URLSearchHook: HKCU - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
URLSearchHook: HKCU - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\msvidctl.dll (Microsoft Corporation)
Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - No File
Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\system32\inetcomm.dll (Microsoft Corporation)
Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - No File
Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\msvidctl.dll (Microsoft Corporation)
Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - No File
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - No File
Handler-x32: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
Handler-x32: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\msvidctl.dll (Microsoft Corporation)
Handler-x32: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
Handler-x32: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
Handler-x32: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
Handler-x32: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
Handler-x32: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\msvidctl.dll (Microsoft Corporation)
Handler-x32: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
Handler-x32: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
Handler-x32: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Winsock: Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Winsock: Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Winsock: Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Winsock: Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Winsock: Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Winsock: Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog5-x64 01 %SystemRoot%\system32\NLAapi.dll [70656] (Microsoft Corporation)
Winsock: Catalog5-x64 02 %SystemRoot%\system32\napinsp.dll [68096] (Microsoft Corporation)
Winsock: Catalog5-x64 03 %SystemRoot%\system32\pnrpnsp.dll [86016] (Microsoft Corporation)
Winsock: Catalog5-x64 04 %SystemRoot%\system32\pnrpnsp.dll [86016] (Microsoft Corporation)
Winsock: Catalog5-x64 05 %SystemRoot%\System32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog5-x64 06 %SystemRoot%\System32\winrnr.dll [28672] (Microsoft Corporation)
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
Winsock: Catalog9-x64 01 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 02 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 03 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 04 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 05 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 06 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 07 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 08 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 09 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Winsock: Catalog9-x64 10 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{4227D410-6AA1-42B3-9995-001DD2C8E53B}: [NameServer]213.162.69.169 213.162.69.1
Tcpip\..\Interfaces\{ACF8C42B-3FAB-4EA1-9E15-28CDA0A662A4}: [NameServer]213.162.69.170 213.162.69.2
Tcpip\..\Interfaces\{EFE5D906-626A-491A-B1CC-69F3BF926A2A}: [NameServer]213.162.69.2 213.162.69.170
FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kpmgns1t.default
FF Homepage: hxxp://www.google.at/
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @garmin.com/GpsControl - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @garmin.com/GpsControl - C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Admin\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Admin\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\bing.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\google.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wikipedia-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2013-12-03]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013-08-03]
FF HKLM-x32\...\Mozilla Firefox 26.0\Extensions: [Components] - C:\Program Files (x86)\Mozilla Firefox\components
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\components [2012-06-02]
FF HKLM-x32\...\Mozilla Firefox 26.0\Extensions: [Plugins] - C:\Program Files (x86)\Mozilla Firefox\plugins
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013-08-03]
FF StartMenuInternet: FIREFOX.EXE - "C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR DefaultSearchKeyword: google.com
CHR DefaultSearchProvider: qvo6
CHR DefaultSearchURL: hxxp://www.google.com
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Admin\AppData\Local\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Admin\AppData\Local\Google\Chrome\Application\23.0.1271.97\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Admin\AppData\Local\Google\Chrome\Application\23.0.1271.97\gcswf32.dll No File
CHR Plugin: (McAfee SiteAdvisor) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.40.135.2_0\McChPlg.dll No File
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (WildTangent Games App Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll No File
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\Admin\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll No File
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-06-02]
CHR Extension: (Google-Suche) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-06-02]
CHR Extension: (Google Mail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-06-02]
CHR StartMenuInternet: Google Chrome - "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
==================== Services (All) ========================
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65432 2013-12-18] (Adobe Systems Incorporated)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [257928 2014-01-27] (Adobe Systems Incorporated)
R3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [72192 2009-07-14] (Microsoft Corporation)
S3 ALG; C:\Windows\System32\alg.exe [79360 2009-07-14] (Microsoft Corporation)
S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [32256 2009-07-14] (Microsoft Corporation)
R3 Appinfo; C:\Windows\System32\appinfo.dll [70144 2013-02-27] (Microsoft Corporation)
R2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [679424 2010-11-21] (Microsoft Corporation)
R2 AudioSrv; C:\Windows\System32\Audiosrv.dll [679424 2010-11-21] (Microsoft Corporation)
S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [114688 2010-11-21] (Microsoft Corporation)
S3 BBSvc; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [191752 2011-06-07] (Microsoft Corporation.)
R2 BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [249648 2011-05-12] (Microsoft Corporation)
S3 BDESVC; C:\Windows\System32\bdesvc.dll [100864 2009-07-14] (Microsoft Corporation)
R2 BFE; C:\Windows\System32\bfe.dll [705024 2010-11-21] (Microsoft Corporation)
R2 BITS; C:\Windows\System32\qmgr.dll [849920 2010-11-21] (Microsoft Corporation)
R2 Browser; C:\Windows\System32\browser.dll [136704 2012-07-04] (Microsoft Corporation)
S3 bthserv; C:\Windows\system32\bthserv.dll [83968 2009-07-14] (Microsoft Corporation)
S3 CertPropSvc; C:\Windows\System32\certprop.dll [80384 2010-11-21] (Microsoft Corporation)
S4 clr_optimization_v2.0.50727_32; C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [66384 2009-06-10] (Microsoft Corporation)
S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [89920 2009-06-10] (Microsoft Corporation)
S2 clr_optimization_v4.0.30319_32; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [130384 2010-03-18] (Microsoft Corporation)
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [138576 2010-03-18] (Microsoft Corporation)
S3 COMSysApp; C:\Windows\system32\dllhost.exe [9728 2009-07-14] (Microsoft Corporation)
S3 COMSysApp; C:\Windows\SysWOW64\dllhost.exe [7168 2009-07-14] (Microsoft Corporation)
R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [184320 2013-07-09] (Microsoft Corporation)
R2 cvhsvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [822504 2013-04-22] (Microsoft Corporation)
R2 DcomLaunch; C:\Windows\system32\rpcss.dll [512000 2010-11-21] (Microsoft Corporation)
S3 defragsvc; C:\Windows\System32\defragsvc.dll [291328 2009-07-14] (Microsoft Corporation)
R2 Dhcp; C:\Windows\system32\dhcpcore.dll [317952 2010-11-21] (Microsoft Corporation)
R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [183296 2011-07-14] (Microsoft Corporation)
S3 dot3svc; C:\Windows\System32\dot3svc.dll [252416 2010-11-21] (Microsoft Corporation)
R2 DPS; C:\Windows\system32\dps.dll [162816 2010-11-21] (Microsoft Corporation)
R2 DsiWMIService; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [353360 2011-07-01] (Dritek System Inc.)
R3 EapHost; C:\Windows\System32\eapsvc.dll [111104 2009-07-14] (Microsoft Corporation)
R2 EFS; C:\Windows\System32\lsass.exe [30720 2013-09-25] (Microsoft Corporation)
S3 EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [173424 2011-06-21] (Egis Technology Inc. )
S3 ehRecvr; C:\Windows\ehome\ehRecvr.exe [696832 2010-11-21] (Microsoft Corporation)
S3 ehSched; C:\Windows\ehome\ehsched.exe [127488 2009-07-14] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1341664 2013-03-21] (ESET)
R2 ePowerSvc; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [872552 2011-08-02] (Acer Incorporated)
R2 eventlog; C:\Windows\System32\wevtsvc.dll [1646080 2010-11-21] (Microsoft Corporation)
R2 EventSystem; C:\Windows\system32\es.dll [402944 2009-07-14] (Microsoft Corporation)
S3 Fax; C:\Windows\system32\fxssvc.exe [689152 2010-11-21] (Microsoft Corporation)
R3 fdPHost; C:\Windows\system32\fdPHost.dll [16384 2009-07-14] (Microsoft Corporation)
R3 FDResPub; C:\Windows\system32\fdrespub.dll [34816 2009-07-14] (Microsoft Corporation)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [655624 2012-01-15] (Acresso Software Inc.)
R2 FontCache; C:\Windows\system32\FntCache.dll [1175552 2013-01-13] (Microsoft Corporation)
S3 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-21] (Microsoft Corporation)
S3 GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [206072 2010-10-12] (WildTangent, Inc.)
R2 gpsvc; C:\Windows\System32\gpsvc.dll [777728 2010-11-21] (Microsoft Corporation)
R2 GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [36456 2011-05-30] (Acer Incorporated)
S2 gupdate; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648 2013-07-08] (Google Inc.)
S3 gupdatem; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648 2013-07-08] (Google Inc.)
R3 hidserv; C:\Windows\System32\hidserv.dll [38912 2009-07-14] (Microsoft Corporation)
S3 hkmsvc; C:\Windows\system32\kmsvc.dll [90624 2010-11-21] (Microsoft Corporation)
R3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [232448 2010-11-21] (Microsoft Corporation)
R3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [187904 2010-11-21] (Microsoft Corporation)
R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13592 2011-04-30] (Intel Corporation)
S3 idsvc; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe [856400 2010-11-21] (Microsoft Corporation)
S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [111616 2013-11-26] (Microsoft Corporation)
R2 IKEEXT; C:\Windows\System32\ikeext.dll [859648 2013-10-12] (Microsoft Corporation)
S3 IPBusEnum; C:\Windows\system32\ipbusenum.dll [101888 2009-07-14] (Microsoft Corporation)
R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [569344 2012-10-03] (Microsoft Corporation)
R3 KeyIso; C:\Windows\system32\lsass.exe [30720 2013-09-25] (Microsoft Corporation)
S3 KtmRm; C:\Windows\system32\msdtckrm.dll [368640 2009-07-14] (Microsoft Corporation)
R2 LanmanServer; C:\Windows\System32\srvsvc.dll [236032 2010-11-21] (Microsoft Corporation)
R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [118784 2010-11-21] (Microsoft Corporation)
R2 Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [244624 2011-04-22] (Acer Incorporated)
S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [300032 2009-07-14] (Microsoft Corporation)
R2 lmhosts; C:\Windows\System32\lmhsvc.dll [23552 2009-07-14] (Microsoft Corporation)
R2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [326168 2011-02-01] (Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
S4 Mcx2Svc; C:\Windows\system32\Mcx2Svc.dll [84992 2010-11-21] (Microsoft Corporation)
R2 MMCSS; C:\Windows\system32\mmcss.dll [67584 2009-07-14] (Microsoft Corporation)
S3 MozillaMaintenance; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [119408 2013-12-20] (Mozilla Foundation)
R2 MpsSvc; C:\Windows\system32\mpssvc.dll [828416 2010-11-21] (Microsoft Corporation)
S3 MSDTC; C:\Windows\System32\msdtc.exe [141824 2009-07-14] (Microsoft Corporation)
S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [156672 2009-07-14] (Microsoft Corporation)
S3 msiserver; C:\Windows\System32\msiexec.exe [128000 2010-11-21] (Microsoft Corporation)
S3 msiserver; C:\Windows\SysWOW64\msiexec.exe [73216 2010-11-21] (Microsoft Corporation)
S3 napagent; C:\Windows\system32\qagentRT.dll [476160 2010-11-21] (Microsoft Corporation)
S3 Netlogon; C:\Windows\system32\lsass.exe [30720 2013-09-25] (Microsoft Corporation)
R3 Netman; C:\Windows\System32\netman.dll [360448 2009-07-14] (Microsoft Corporation)
R3 netprofm; C:\Windows\System32\netprofm.dll [459776 2009-07-14] (Microsoft Corporation)
S4 NetTcpPortSharing; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [116560 2009-06-10] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\System32\nlasvc.dll [303104 2012-10-03] (Microsoft Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 nsi; C:\Windows\system32\nsisvc.dll [25600 2009-07-14] (Microsoft Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
R2 nvsvc; C:\Windows\system32\nvvsvc.exe [891240 2012-10-02] (NVIDIA Corporation)
S2 nvUpdatusService; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [1258856 2012-10-08] (NVIDIA Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-10-31] (Microsoft Corporation)
S3 ose; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [150600 2013-07-17] (Microsoft Corporation)
S3 osppsvc; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [5132888 2013-07-17] (Microsoft Corporation)
R3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [327168 2009-07-14] (Microsoft Corporation)
R3 p2psvc; C:\Windows\system32\p2psvc.dll [438784 2009-07-14] (Microsoft Corporation)
R2 PcaSvc; C:\Windows\System32\pcasvc.dll [186368 2009-07-14] (Microsoft Corporation)
S3 PerfHost; C:\Windows\SysWow64\perfhost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 pla; C:\Windows\system32\pla.dll [1389056 2010-11-21] (Microsoft Corporation)
R2 PlugPlay; C:\Windows\system32\umpnpmgr.dll [404480 2011-09-21] (Microsoft Corporation)
S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [25088 2009-07-14] (Microsoft Corporation)
R3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [327168 2009-07-14] (Microsoft Corporation)
S3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [501248 2010-11-21] (Microsoft Corporation)
R2 Power; C:\Windows\system32\umpo.dll [163840 2009-07-14] (Microsoft Corporation)
R2 ProfSvc; C:\Windows\system32\profsvc.dll [209920 2012-05-01] (Microsoft Corporation)
S3 ProtectedStorage; C:\Windows\system32\lsass.exe [30720 2013-09-25] (Microsoft Corporation)
S3 QWAVE; C:\Windows\system32\qwave.dll [242688 2009-07-14] (Microsoft Corporation)
S3 RasAuto; C:\Windows\System32\rasauto.dll [99328 2009-07-14] (Microsoft Corporation)
R3 RasMan; C:\Windows\System32\rasmans.dll [344064 2010-11-21] (Microsoft Corporation)
S3 RemoteRegistry; C:\Windows\system32\regsvc.dll [159232 2009-07-14] (Microsoft Corporation)
R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [67072 2009-07-14] (Microsoft Corporation)
S3 RpcLocator; C:\Windows\system32\locator.exe [10240 2009-07-14] (Microsoft Corporation)
R2 RpcSs; C:\Windows\system32\rpcss.dll [512000 2010-11-21] (Microsoft Corporation)
R2 SamSs; C:\Windows\system32\lsass.exe [30720 2013-09-25] (Microsoft Corporation)
S3 SCardSvr; C:\Windows\System32\SCardSvr.dll [190976 2009-07-14] (Microsoft Corporation)
R2 Schedule; C:\Windows\system32\schedsvc.dll [1110016 2010-11-21] (Microsoft Corporation)
S3 SCPolicySvc; C:\Windows\System32\certprop.dll [80384 2010-11-21] (Microsoft Corporation)
R3 SDRSVC; C:\Windows\System32\SDRSVC.dll [170496 2010-11-21] (Microsoft Corporation)
R2 seclogon; C:\Windows\system32\seclogon.dll [30720 2010-11-21] (Microsoft Corporation)
R2 SENS; C:\Windows\system32\sens.dll [64512 2009-07-14] (Microsoft Corporation)
R2 SENS; C:\Windows\SysWOW64\sens.dll [49664 2009-07-14] (Microsoft Corporation)
S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [29184 2009-07-14] (Microsoft Corporation)
S3 SessionEnv; C:\Windows\system32\sessenv.dll [121856 2010-11-21] (Microsoft Corporation)
S3 SessionEnv; C:\Windows\SysWOW64\sessenv.dll [113664 2010-11-21] (Microsoft Corporation)
R2 sftlist; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [523944 2013-06-26] (Microsoft Corporation)
R3 sftvsa; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [207528 2013-06-26] (Microsoft Corporation)
S2 SharedAccess; C:\Windows\System32\ipnathlp.dll [359424 2009-07-14] (Microsoft Corporation)
R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [370688 2010-11-21] (Microsoft Corporation)
R2 ShellHWDetection; C:\Windows\SysWOW64\shsvcs.dll [328192 2010-11-21] (Microsoft Corporation)
S2 SkypeUpdate; C:\Program Files (x86)\Skype\Updater\Updater.exe [160944 2012-07-13] (Skype Technologies)
S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [14336 2009-07-14] (Microsoft Corporation)
R2 Spooler; C:\Windows\System32\spoolsv.exe [559104 2012-02-11] (Microsoft Corporation)
S2 sppsvc; C:\Windows\system32\sppsvc.exe [3524608 2010-11-21] (Microsoft Corporation)
S3 sppuinotify; C:\Windows\system32\sppuinotify.dll [65536 2009-07-14] (Microsoft Corporation)
R3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [193024 2009-07-14] (Microsoft Corporation)
R3 SstpSvc; C:\Windows\system32\sstpsvc.dll [75264 2009-07-14] (Microsoft Corporation)
R2 stisvc; C:\Windows\System32\wiaservc.dll [580096 2010-11-21] (Microsoft Corporation)
S3 swprv; C:\Windows\System32\swprv.dll [524288 2009-07-14] (Microsoft Corporation)
R2 SysMain; C:\Windows\system32\sysmain.dll [1743360 2010-11-21] (Microsoft Corporation)
S3 TabletInputService; C:\Windows\System32\TabSvc.dll [92672 2010-11-21] (Microsoft Corporation)
R3 TapiSrv; C:\Windows\System32\tapisrv.dll [316928 2010-11-21] (Microsoft Corporation)
R3 TapiSrv; C:\Windows\SysWOW64\tapisrv.dll [242176 2010-11-21] (Microsoft Corporation)
S3 TBS; C:\Windows\System32\tbssvc.dll [65536 2009-07-14] (Microsoft Corporation)
S3 TermService; C:\Windows\System32\termsrv.dll [680960 2010-11-21] (Microsoft Corporation)
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2009-07-14] (Microsoft Corporation)
S3 THREADORDER; C:\Windows\system32\mmcss.dll [67584 2009-07-14] (Microsoft Corporation)
R2 TrkWks; C:\Windows\System32\trkwks.dll [119808 2009-07-14] (Microsoft Corporation)
S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [194048 2010-11-21] (Microsoft Corporation)
S3 TurboBoost; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [149504 2010-11-29] (Intel(R) Corporation)
S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [40960 2009-07-14] (Microsoft Corporation)
R2 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2656280 2011-02-01] (Intel Corporation)
R3 upnphost; C:\Windows\System32\upnphost.dll [353792 2009-07-14] (Microsoft Corporation)
R2 UxSms; C:\Windows\System32\uxsms.dll [38912 2009-07-14] (Microsoft Corporation)
S3 VaultSvc; C:\Windows\system32\lsass.exe [30720 2013-09-25] (Microsoft Corporation)
S3 vds; C:\Windows\System32\vds.exe [533504 2010-11-21] (Microsoft Corporation)
S3 VSS; C:\Windows\system32\vssvc.exe [1600512 2010-11-21] (Microsoft Corporation)
S3 W32Time; C:\Windows\system32\w32time.dll [381952 2009-07-14] (Microsoft Corporation)
S3 WatAdminSvc; C:\Windows\system32\Wat\WatAdminSvc.exe [1255736 2012-06-03] (Microsoft Corporation)
S3 wbengine; C:\Windows\system32\wbengine.exe [1504256 2010-11-21] (Microsoft Corporation)
S3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [202240 2009-07-14] (Microsoft Corporation)
S3 wcncsvc; C:\Windows\System32\wcncsvc.dll [367104 2010-11-21] (Microsoft Corporation)
S3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [40960 2009-07-14] (Microsoft Corporation)
R3 WdiServiceHost; C:\Windows\system32\wdi.dll [90624 2009-07-14] (Microsoft Corporation)
R3 WdiSystemHost; C:\Windows\system32\wdi.dll [90624 2009-07-14] (Microsoft Corporation)
S3 WebClient; C:\Windows\System32\webclnt.dll [259584 2013-07-04] (Microsoft Corporation)
S3 Wecsvc; C:\Windows\system32\wecsvc.dll [237568 2009-07-14] (Microsoft Corporation)
S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [84480 2009-07-14] (Microsoft Corporation)
R3 WerSvc; C:\Windows\System32\WerSvc.dll [76800 2009-07-14] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [444416 2010-11-21] (Microsoft Corporation)
R2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [242688 2009-07-14] (Microsoft Corporation)
S3 WinRM; C:\Windows\system32\WsmSvc.dll [2018304 2010-11-21] (Microsoft Corporation)
R2 Wlansvc; C:\Windows\System32\wlansvc.dll [886784 2009-07-14] (Microsoft Corporation)
S4 wlcrasvc; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [57184 2010-09-23] (Microsoft Corporation)
R3 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292096 2011-03-29] (Microsoft Corp.)
S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [203264 2009-07-14] (Microsoft Corporation)
R2 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1525248 2010-11-21] (Microsoft Corporation)
S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [12288 2009-07-14] (Microsoft Corporation)
S3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [117248 2010-11-21] (Microsoft Corporation)
R2 wscsvc; C:\Windows\system32\wscsvc.dll [97280 2009-07-14] (Microsoft Corporation)
R2 WSearch; C:\Windows\system32\SearchIndexer.exe [591872 2011-09-21] (Microsoft Corporation)
R2 WSearch; C:\Windows\SysWOW64\SearchIndexer.exe [427520 2011-09-21] (Microsoft Corporation)
R2 wuauserv; C:\Windows\system32\wuaueng.dll [2428952 2012-06-02] (Microsoft Corporation)
S3 wudfsvc; C:\Windows\System32\WUDFSvc.dll [84992 2012-07-26] (Microsoft Corporation)
R2 WwanSvc; C:\Windows\System32\wwansvc.dll [230400 2013-03-19] (Microsoft Corporation)
==================== Drivers (All) ==========================
S3 1394ohci; C:\Windows\system32\drivers\1394ohci.sys [229888 2010-11-21] (Microsoft Corporation)
R0 ACPI; C:\Windows\System32\drivers\ACPI.sys [334208 2010-11-21] (Microsoft Corporation)
S3 AcpiPmi; C:\Windows\system32\drivers\acpipmi.sys [12800 2010-11-21] (Microsoft Corporation)
S3 adp94xx; C:\Windows\system32\drivers\adp94xx.sys [491088 2009-07-14] (Adaptec, Inc.)
S3 adpahci; C:\Windows\system32\drivers\adpahci.sys [339536 2009-07-14] (Adaptec, Inc.)
S3 adpu320; C:\Windows\system32\drivers\adpu320.sys [182864 2009-07-14] (Adaptec, Inc.)
R1 AFD; C:\Windows\system32\drivers\afd.sys [497152 2013-09-28] (Microsoft Corporation)
S3 agp440; C:\Windows\system32\drivers\agp440.sys [61008 2009-07-14] (Microsoft Corporation)
S3 aliide; C:\Windows\system32\drivers\aliide.sys [15440 2009-07-14] (Acer Laboratories Inc.)
S3 amdide; C:\Windows\system32\drivers\amdide.sys [15440 2009-07-14] (Microsoft Corporation)
S3 AmdK8; C:\Windows\system32\drivers\amdk8.sys [64512 2009-07-14] (Microsoft Corporation)
S3 AmdPPM; C:\Windows\system32\drivers\amdppm.sys [60928 2009-07-14] (Microsoft Corporation)
S3 amdsata; C:\Windows\system32\drivers\amdsata.sys [107904 2011-07-14] (Advanced Micro Devices)
S3 amdsbs; C:\Windows\system32\drivers\amdsbs.sys [194128 2009-07-14] (AMD Technologies Inc.)
R0 amdxata; C:\Windows\System32\drivers\amdxata.sys [27008 2011-07-14] (Advanced Micro Devices)
S3 androidusb; C:\Windows\System32\Drivers\wsadb.sys [40736 2013-10-03] (Google Inc)
S3 AppID; C:\Windows\system32\drivers\appid.sys [61440 2010-11-21] (Microsoft Corporation)
S3 arc; C:\Windows\system32\drivers\arc.sys [87632 2009-07-14] (Adaptec, Inc.)
S3 arcsas; C:\Windows\system32\drivers\arcsas.sys [97856 2009-07-14] (Adaptec, Inc.)
R3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [23040 2009-07-14] (Microsoft Corporation)
R0 atapi; C:\Windows\System32\drivers\atapi.sys [24128 2009-07-14] (Microsoft Corporation)
R3 athr; C:\Windows\System32\DRIVERS\athrx.sys [2755584 2011-07-19] (Atheros Communications, Inc.)
S3 b06bdrv; C:\Windows\system32\drivers\bxvbda.sys [468480 2009-06-10] (Broadcom Corporation)
S3 b57nd60a; C:\Windows\System32\DRIVERS\b57nd60a.sys [270848 2009-06-10] (Broadcom Corporation)
R3 b57xdbd; C:\Windows\System32\DRIVERS\b57xdbd.sys [67624 2011-01-20] (Broadcom Corporation)
R3 b57xdmp; C:\Windows\System32\DRIVERS\b57xdmp.sys [19496 2011-01-20] (Broadcom Corporation)
R1 Beep; C:\Windows\System32\Drivers\Beep.sys [6656 2009-07-14] (Microsoft Corporation)
R1 blbdrive; C:\Windows\system32\drivers\blbdrive.sys [45056 2009-07-14] (Microsoft Corporation)
R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [90624 2011-07-14] (Microsoft Corporation)
S3 BrFiltLo; C:\Windows\system32\drivers\BrFiltLo.sys [18432 2009-06-10] (Brother Industries, Ltd.)
S3 BrFiltUp; C:\Windows\system32\drivers\BrFiltUp.sys [8704 2009-06-10] (Brother Industries, Ltd.)
S3 BridgeMP; C:\Windows\System32\DRIVERS\bridge.sys [95232 2009-07-14] (Microsoft Corporation)
S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [286720 2009-07-14] (Brother Industries Ltd.)
S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [47104 2009-06-10] (Brother Industries Ltd.)
S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [14976 2009-06-10] (Brother Industries Ltd.)
S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [14720 2009-06-10] (Brother Industries Ltd.)
R3 bScsiMSa; C:\Windows\System32\DRIVERS\bScsiMSa.sys [51240 2011-05-16] (Broadcom Corporation)
R3 bScsiSDa; C:\Windows\System32\DRIVERS\bScsiSDa.sys [86056 2011-05-06] (Broadcom Corporation)
S3 BTHMODEM; C:\Windows\system32\drivers\bthmodem.sys [72192 2009-07-14] (Microsoft Corporation)
S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [92160 2009-07-14] (Microsoft Corporation)
R1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [147456 2010-11-21] (Microsoft Corporation)
S3 circlass; C:\Windows\system32\drivers\circlass.sys [45568 2009-07-14] (Microsoft Corporation)
R0 CLFS; C:\Windows\System32\CLFS.sys [367696 2009-07-14] (Microsoft Corporation)
R3 CmBatt; C:\Windows\system32\drivers\CmBatt.sys [17664 2009-07-14] (Microsoft Corporation)
S3 cmdide; C:\Windows\system32\drivers\cmdide.sys [17488 2009-07-14] (CMD Technology, Inc.)
R0 CNG; C:\Windows\System32\Drivers\cng.sys [458712 2013-07-04] (Microsoft Corporation)
R0 Compbatt; C:\Windows\System32\drivers\compbatt.sys [21584 2009-07-14] (Microsoft Corporation)
R3 CompositeBus; C:\Windows\system32\drivers\CompositeBus.sys [38912 2010-11-21] (Microsoft Corporation)
S4 crcdisk; C:\Windows\system32\drivers\crcdisk.sys [24144 2009-07-14] (Microsoft Corporation)
R1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [102400 2010-11-21] (Microsoft Corporation)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [98616 2013-10-03] (DEVGURU Co., LTD.(www.devguru.co.kr))
R1 discache; C:\Windows\System32\drivers\discache.sys [40448 2009-07-14] (Microsoft Corporation)
R0 Disk; C:\Windows\System32\drivers\disk.sys [73280 2009-07-14] (Microsoft Corporation)
S3 drmkaud; C:\Windows\system32\drivers\drmkaud.sys [5632 2009-07-14] (Microsoft Corporation)
R3 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [983488 2013-08-01] (Microsoft Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [213416 2013-02-20] (ESET)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [150616 2013-01-10] (ESET)
S3 elxstor; C:\Windows\system32\drivers\elxstor.sys [530496 2009-07-14] (Emulex)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [190232 2013-01-10] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [59440 2013-01-10] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [58416 2013-02-20] (ESET)
S3 ErrDev; C:\Windows\system32\drivers\errdev.sys [9728 2009-07-14] (Microsoft Corporation)
R3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [142632 2011-04-05] (ELAN Microelectronics Corp.)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [243200 2009-10-21] (Huawei Technologies Co., Ltd.)
S3 exfat; C:\Windows\System32\Drivers\exfat.sys [195072 2009-07-14] (Microsoft Corporation)
S3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [204800 2009-07-14] (Microsoft Corporation)
S3 fdc; C:\Windows\system32\drivers\fdc.sys [29696 2009-07-14] (Microsoft Corporation)
R0 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [70224 2009-07-14] (Microsoft Corporation)
S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34304 2009-07-14] (Microsoft Corporation)
S3 flpydisk; C:\Windows\system32\drivers\flpydisk.sys [24576 2009-07-14] (Microsoft Corporation)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [289664 2010-11-21] (Microsoft Corporation)
S3 FsDepends; C:\Windows\System32\drivers\FsDepends.sys [55376 2009-07-14] (Microsoft Corporation)
U0 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [23408 2012-03-01] (Microsoft Corporation)
R0 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [223752 2013-01-24] (Microsoft Corporation)
S3 gagp30kx; C:\Windows\system32\drivers\gagp30kx.sys [65088 2009-07-14] (Microsoft Corporation)
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [31232 2009-06-10] (Hauppauge Computer Works, Inc.)
S3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [350208 2010-11-21] (Microsoft Corporation)
R3 HDAudBus; C:\Windows\system32\drivers\HDAudBus.sys [122368 2010-11-21] (Microsoft Corporation)
S3 HidBatt; C:\Windows\system32\drivers\HidBatt.sys [26624 2009-07-14] (Microsoft Corporation)
S3 HidBth; C:\Windows\system32\drivers\hidbth.sys [100864 2009-07-14] (Microsoft Corporation)
S3 HidIr; C:\Windows\system32\drivers\hidir.sys [46592 2009-07-14] (Microsoft Corporation)
R3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [30208 2010-11-21] (Microsoft Corporation)
S3 HpSAMD; C:\Windows\system32\drivers\HpSAMD.sys [78720 2010-11-21] (Hewlett-Packard Company)
R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [753664 2010-11-21] (Microsoft Corporation)
S3 hwdatacard; C:\Windows\System32\DRIVERS\ewusbmdm.sys [117248 2009-09-10] (Huawei Technologies Co., Ltd.)
R0 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14720 2010-11-21] (Microsoft Corporation)
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114304 2009-10-12] (Huawei Technologies Co., Ltd.)
R3 i8042prt; C:\Windows\system32\drivers\i8042prt.sys [105472 2009-07-14] (Microsoft Corporation)
R0 iaStor; C:\Windows\System32\drivers\iaStor.sys [557848 2011-04-26] (Intel Corporation)
S3 iaStorV; C:\Windows\system32\drivers\iaStorV.sys [410496 2011-07-14] (Intel Corporation)
R3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [12230912 2011-06-10] (Intel Corporation)
S3 iirsp; C:\Windows\system32\drivers\iirsp.sys [44112 2009-07-14] (Intel Corp./ICP vortex GmbH)
R3 IntcAzAudAddService; C:\Windows\System32\drivers\RTKVHD64.sys [3056360 2011-08-16] (Realtek Semiconductor Corp.)
R3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [317440 2010-10-15] (Intel(R) Corporation)
S3 intelide; C:\Windows\system32\drivers\intelide.sys [16960 2009-07-14] (Microsoft Corporation)
R3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [62464 2009-07-14] (Microsoft Corporation)
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [82944 2010-11-21] (Microsoft Corporation)
S3 IPMIDRV; C:\Windows\system32\drivers\IPMIDrv.sys [78848 2010-11-21] (Microsoft Corporation)
S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [116224 2009-07-14] (Microsoft Corporation)
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2009-07-14] (Microsoft Corporation)
S3 isapnp; C:\Windows\system32\drivers\isapnp.sys [20544 2009-07-14] (Microsoft Corporation)
S3 iScsiPrt; C:\Windows\system32\drivers\msiscsi.sys [273792 2010-11-21] (Microsoft Corporation)
R3 k57nd60a; C:\Windows\System32\DRIVERS\k57nd60a.sys [425000 2011-05-10] (Broadcom Corporation)
R3 kbdclass; C:\Windows\system32\drivers\kbdclass.sys [50768 2009-07-14] (Microsoft Corporation)
S3 kbdhid; C:\Windows\system32\drivers\kbdhid.sys [33280 2010-11-21] (Microsoft Corporation)
R0 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [95680 2013-09-25] (Microsoft Corporation)
R0 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [154560 2013-09-25] (Microsoft Corporation)
R3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [20992 2009-07-14] (Microsoft Corporation)
R2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [60928 2009-07-14] (Microsoft Corporation)
S3 LSI_FC; C:\Windows\system32\drivers\lsi_fc.sys [114752 2009-07-14] (LSI Corporation)
S3 LSI_SAS; C:\Windows\system32\drivers\lsi_sas.sys [106560 2009-07-14] (LSI Corporation)
S3 LSI_SAS2; C:\Windows\system32\drivers\lsi_sas2.sys [65600 2009-07-14] (LSI Corporation)
S3 LSI_SCSI; C:\Windows\system32\drivers\lsi_scsi.sys [115776 2009-07-14] (LSI Corporation)
R2 luafv; C:\Windows\system32\drivers\luafv.sys [113152 2009-07-14] (Microsoft Corporation)
S3 megasas; C:\Windows\system32\drivers\megasas.sys [35392 2009-07-14] (LSI Corporation)
S3 MegaSR; C:\Windows\system32\drivers\MegaSR.sys [284736 2009-07-14] (LSI Corporation, Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\HECIx64.sys [56344 2010-10-20] (Intel Corporation)
S3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2009-07-14] (Microsoft Corporation)
R3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [30208 2009-07-14] (Microsoft Corporation)
R3 mouclass; C:\Windows\System32\DRIVERS\mouclass.sys [49216 2009-07-14] (Microsoft Corporation)
R3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [31232 2009-07-14] (Microsoft Corporation)
R0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94592 2010-11-21] (Microsoft Corporation)
S3 mpio; C:\Windows\system32\drivers\mpio.sys [155008 2010-11-21] (Microsoft Corporation)
R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [77312 2009-07-14] (Microsoft Corporation)
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [140800 2013-07-04] (Microsoft Corporation)
R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [158208 2011-07-14] (Microsoft Corporation)
R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [288768 2011-09-21] (Microsoft Corporation)
R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [128000 2011-07-14] (Microsoft Corporation)
S3 msahci; C:\Windows\system32\drivers\msahci.sys [31104 2010-11-21] (Microsoft Corporation)
S3 msdsm; C:\Windows\system32\drivers\msdsm.sys [140672 2010-11-21] (Microsoft Corporation)
R1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [26112 2009-07-14] (Microsoft Corporation)
S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2009-07-14] (Microsoft Corporation)
R0 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [15424 2009-07-14] (Microsoft Corporation)
S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [11136 2009-07-14] (Microsoft Corporation)
S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [7168 2009-07-14] (Microsoft Corporation)
S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [6784 2009-07-14] (Microsoft Corporation)
S3 MsRPC; C:\Windows\System32\Drivers\MsRPC.sys [366976 2010-11-21] (Microsoft Corporation)
R1 mssmbios; C:\Windows\system32\drivers\mssmbios.sys [32320 2009-07-14] (Microsoft Corporation)
S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [8064 2009-07-14] (Microsoft Corporation)
S3 MTConfig; C:\Windows\system32\drivers\MTConfig.sys [15360 2009-07-14] (Microsoft Corporation)
R0 Mup; C:\Windows\System32\Drivers\mup.sys [60496 2009-07-14] (Microsoft Corporation)
R1 mwlPSDFilter; C:\Windows\System32\DRIVERS\mwlPSDFilter.sys [22648 2012-01-15] (Egis Technology Inc.)
R1 mwlPSDNServ; C:\Windows\System32\DRIVERS\mwlPSDNServ.sys [20520 2012-01-15] (Egis Technology Inc.)
R1 mwlPSDVDisk; C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys [62776 2012-01-15] (Egis Technology Inc.)
R3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [318976 2009-07-14] (Microsoft Corporation)
R0 NDIS; C:\Windows\System32\drivers\ndis.sys [950128 2012-08-22] (Microsoft Corporation)
S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [35328 2009-07-14] (Microsoft Corporation)
R3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [24064 2009-07-14] (Microsoft Corporation)
R3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [56832 2010-11-21] (Microsoft Corporation)
R3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [164352 2010-11-21] (Microsoft Corporation)
R3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [57856 2010-11-21] (Microsoft Corporation)
R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [44544 2009-07-14] (Microsoft Corporation)
R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [261632 2010-11-21] (Microsoft Corporation)
S3 nfrd960; C:\Windows\system32\drivers\nfrd960.sys [51264 2009-07-14] (IBM Corporation)
R1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [44032 2009-07-14] (Microsoft Corporation)
R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [24576 2009-07-14] (Microsoft Corporation)
R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1656680 2013-04-12] (Microsoft Corporation)
R3 NTIDrvr; C:\Windows\system32\drivers\NTIDrvr.sys [18432 2011-09-20] (NTI Corporation)
R1 Null; C:\Windows\System32\Drivers\Null.sys [6144 2009-07-14] (Microsoft Corporation)
R3 nvlddmkm; C:\Windows\System32\DRIVERS\nvlddmkm.sys [13443944 2012-10-08] (NVIDIA Corporation)
R0 nvpciflt; C:\Windows\System32\DRIVERS\nvpciflt.sys [30056 2012-10-08] (NVIDIA Corporation)
S3 nvraid; C:\Windows\system32\drivers\nvraid.sys [148352 2011-07-14] (NVIDIA Corporation)
S3 nvstor; C:\Windows\system32\drivers\nvstor.sys [166272 2011-07-14] (NVIDIA Corporation)
S3 nv_agp; C:\Windows\system32\drivers\nv_agp.sys [122960 2009-07-14] (Microsoft Corporation)
S3 ohci1394; C:\Windows\system32\drivers\ohci1394.sys [72832 2009-07-14] (Microsoft Corporation)
S3 Parport; C:\Windows\system32\drivers\parport.sys [97280 2009-07-14] (Microsoft Corporation)
R0 partmgr; C:\Windows\System32\drivers\partmgr.sys [75120 2012-03-17] (Microsoft Corporation)
R0 pci; C:\Windows\System32\drivers\pci.sys [184704 2010-11-21] (Microsoft Corporation)
S3 pciide; C:\Windows\system32\drivers\pciide.sys [12352 2009-07-14] (Microsoft Corporation)
S3 pcmcia; C:\Windows\system32\drivers\pcmcia.sys [220752 2009-07-14] (Microsoft Corporation)
R0 pcw; C:\Windows\System32\drivers\pcw.sys [50768 2009-07-14] (Microsoft Corporation)
R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [651264 2009-07-14] (Microsoft Corporation)
R3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [111104 2010-11-21] (Microsoft Corporation)
S3 Processor; C:\Windows\system32\drivers\processr.sys [60416 2009-07-14] (Microsoft Corporation)
R1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [131584 2010-11-21] (Microsoft Corporation)
S3 ql2300; C:\Windows\system32\drivers\ql2300.sys [1524816 2009-07-14] (QLogic Corporation)
S3 ql40xx; C:\Windows\system32\drivers\ql40xx.sys [128592 2009-07-14] (QLogic Corporation)
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [46592 2009-07-14] (Microsoft Corporation)
S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [14848 2009-07-14] (Microsoft Corporation)
R3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [60416 2009-07-14] (Microsoft Corporation)
R3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [129536 2010-11-21] (Microsoft Corporation)
R3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [92672 2009-07-14] (Microsoft Corporation)
R3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [83968 2009-07-14] (Microsoft Corporation)
R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [309248 2010-11-21] (Microsoft Corporation)
S3 rdpbus; C:\Windows\system32\drivers\rdpbus.sys [24064 2009-07-14] (Microsoft Corporation)
R1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7680 2009-07-14] (Microsoft Corporation)
R1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [7680 2009-07-14] (Microsoft Corporation)
R1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [8192 2009-07-14] (Microsoft Corporation)
S3 RdpVideoMiniport; C:\Windows\System32\drivers\rdpvideominiport.sys [19456 2012-08-23] (Microsoft Corporation)
S3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [210944 2012-04-28] (Microsoft Corporation)
R0 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [213888 2010-11-21] (Microsoft Corporation)
R2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [76800 2009-07-14] (Microsoft Corporation)
S3 sbp2port; C:\Windows\system32\drivers\sbp2port.sys [103808 2010-11-21] (Microsoft Corporation)
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [29696 2010-11-21] (Microsoft Corporation)
S3 sdbus; C:\Windows\System32\DRIVERS\sdbus.sys [109056 2010-11-21] (Microsoft Corporation)
R2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-10] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
S3 Serenum; C:\Windows\system32\drivers\serenum.sys [23552 2009-07-14] (Microsoft Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Microsoft Corporation)
S3 sermouse; C:\Windows\system32\drivers\sermouse.sys [26624 2009-07-14] (Microsoft Corporation)
S3 sffdisk; C:\Windows\system32\drivers\sffdisk.sys [14336 2009-07-14] (Microsoft Corporation)
S3 sffp_mmc; C:\Windows\system32\drivers\sffp_mmc.sys [13824 2009-07-14] (Microsoft Corporation)
S3 sffp_sd; C:\Windows\system32\drivers\sffp_sd.sys [14336 2010-11-21] (Microsoft Corporation)
S3 sfloppy; C:\Windows\system32\drivers\sfloppy.sys [16896 2009-07-14] (Microsoft Corporation)
R3 Sftfs; C:\Windows\System32\DRIVERS\Sftfslh.sys [767144 2013-06-26] (Microsoft Corporation)
R3 Sftplay; C:\Windows\System32\DRIVERS\Sftplaylh.sys [273576 2013-06-26] (Microsoft Corporation)
R3 Sftredir; C:\Windows\System32\DRIVERS\Sftredirlh.sys [28840 2013-06-26] (Microsoft Corporation)
R3 Sftvol; C:\Windows\System32\DRIVERS\Sftvollh.sys [23208 2013-06-26] (Microsoft Corporation)
S3 SiSRaid2; C:\Windows\system32\drivers\SiSRaid2.sys [43584 2009-07-14] (Silicon Integrated Systems Corp.)
S3 SiSRaid4; C:\Windows\system32\drivers\sisraid4.sys [80464 2009-07-14] (Silicon Integrated Systems)
S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [93184 2009-07-14] (Microsoft Corporation)
R0 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-14] (Microsoft Corporation)
R3 srv; C:\Windows\System32\DRIVERS\srv.sys [467456 2011-07-14] (Microsoft Corporation)
R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [410112 2011-07-14] (Microsoft Corporation)
R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [168448 2011-07-14] (Microsoft Corporation)
S3 ssadbus; C:\Windows\System32\DRIVERS\ssadbus.sys [157672 2011-05-13] (MCCI Corporation)
S3 ssadmdfl; C:\Windows\System32\DRIVERS\ssadmdfl.sys [16872 2011-05-13] (MCCI Corporation)
S3 ssadmdm; C:\Windows\System32\DRIVERS\ssadmdm.sys [177640 2011-05-13] (MCCI Corporation)
S3 ssadserd; C:\Windows\System32\DRIVERS\ssadserd.sys [146920 2011-05-13] (MCCI Corporation)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [204568 2013-08-20] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [204568 2013-08-20] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 stexstor; C:\Windows\system32\drivers\stexstor.sys [24656 2009-07-14] (Promise Technology)
R3 swenum; C:\Windows\system32\drivers\swenum.sys [12496 2009-07-14] (Microsoft Corporation)
R0 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1903552 2013-09-08] (Microsoft Corporation)
S3 TCPIP6; C:\Windows\System32\DRIVERS\tcpip.sys [1903552 2013-09-08] (Microsoft Corporation)
R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [45568 2012-10-03] (Microsoft Corporation)
S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [15872 2009-07-14] (Microsoft Corporation)
S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [23552 2012-02-17] (Microsoft Corporation)
R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [119296 2010-11-21] (Microsoft Corporation)
R1 TermDD; C:\Windows\system32\drivers\termdd.sys [63360 2010-11-21] (Microsoft Corporation)
S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [39936 2013-06-15] (Microsoft Corporation)
S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [57856 2012-08-23] (Microsoft Corporation)
S3 TsUsbGD; C:\Windows\system32\drivers\TsUsbGD.sys [30208 2012-08-23] (Microsoft Corporation)
R3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [125440 2010-11-21] (Microsoft Corporation)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [16120 2010-11-29] (Intel(R) Corporation)
S3 uagp35; C:\Windows\system32\drivers\uagp35.sys [64080 2009-07-14] (Microsoft Corporation)
R3 UBHelper; C:\Windows\system32\drivers\UBHelper.sys [17408 2011-09-20] (NTI Corporation)
S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [328192 2010-11-21] (Microsoft Corporation)
S3 uliagpkx; C:\Windows\system32\drivers\uliagpkx.sys [64592 2009-07-14] (Microsoft Corporation)
R3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [48640 2010-11-21] (Microsoft Corporation)
S3 UmPass; C:\Windows\system32\drivers\umpass.sys [9728 2009-07-14] (Microsoft Corporation)
R3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [99840 2013-11-27] (Microsoft Corporation)
S3 usbcir; C:\Windows\system32\drivers\usbcir.sys [100864 2013-07-12] (Microsoft Corporation)
R3 usbehci; C:\Windows\system32\drivers\usbehci.sys [53248 2013-11-27] (Microsoft Corporation)
R3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [343040 2013-11-27] (Microsoft Corporation)
S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [25600 2013-11-27] (Microsoft Corporation)
S3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [25088 2009-07-14] (Microsoft Corporation)
S3 usbscan; C:\Windows\system32\drivers\usbscan.sys [42496 2013-07-03] (Microsoft Corporation)
S3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [91648 2011-07-14] (Microsoft Corporation)
S3 usbuhci; C:\Windows\system32\drivers\usbuhci.sys [30720 2013-11-27] (Microsoft Corporation)
R3 usbvideo; C:\Windows\System32\Drivers\usbvideo.sys [185344 2013-07-12] (Microsoft Corporation)
R0 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [36432 2009-07-14] (Microsoft Corporation)
S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [29184 2009-07-14] (Microsoft Corporation)
R1 VgaSave; C:\Windows\System32\drivers\vga.sys [29184 2009-07-14] (Microsoft Corporation)
S3 vhdmp; C:\Windows\system32\drivers\vhdmp.sys [215936 2010-11-21] (Microsoft Corporation)
S3 viaide; C:\Windows\system32\drivers\viaide.sys [17488 2009-07-14] (VIA Technologies, Inc.)
R0 volmgr; C:\Windows\System32\drivers\volmgr.sys [71552 2010-11-21] (Microsoft Corporation)
R0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363392 2010-11-21] (Microsoft Corporation)
R0 volsnap; C:\Windows\System32\drivers\volsnap.sys [295808 2010-11-21] (Microsoft Corporation)
S3 vsmraid; C:\Windows\system32\drivers\vsmraid.sys [161872 2009-07-14] (VIA Technologies Inc.,Ltd)
R3 vwifibus; C:\Windows\System32\DRIVERS\vwifibus.sys [24576 2009-07-14] (Microsoft Corporation)
R1 vwififlt; C:\Windows\System32\DRIVERS\vwififlt.sys [59904 2009-07-14] (Microsoft Corporation)
R3 vwifimp; C:\Windows\System32\DRIVERS\vwifimp.sys [17920 2009-07-14] (Microsoft Corporation)
S3 WacomPen; C:\Windows\system32\drivers\wacompen.sys [27776 2009-07-14] (Microsoft Corporation)
S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-21] (Microsoft Corporation)
R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-21] (Microsoft Corporation)
S3 Wd; C:\Windows\system32\drivers\wd.sys [21056 2009-07-14] (Microsoft Corporation)
R0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [785624 2013-06-25] (Microsoft Corporation)
R1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [12800 2009-07-14] (Microsoft Corporation)
S3 WIMMount; C:\Windows\System32\drivers\wimmount.sys [22096 2009-07-14] (Microsoft Corporation)
S3 WIMMount; C:\Windows\SysWOW64\drivers\wimmount.sys [19008 2009-07-14] (Microsoft Corporation)
U3 Winsock; No ImagePath
S3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [41984 2010-11-21] (Microsoft Corporation)
R3 WmiAcpi; C:\Windows\system32\drivers\wmiacpi.sys [14336 2009-07-14] (Microsoft Corporation)
R1 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [21504 2009-07-14] (Microsoft Corporation)
S3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [87040 2012-07-26] (Microsoft Corporation)
S3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
U5 BattC; C:\Windows\System32\Drivers\BattC.sys [28240 2009-07-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-28 00:11 - 2014-01-28 00:46 - 110100481 _____ C:\Users\Andi\Downloads\Medi.part03.rar
2014-01-28 00:09 - 2014-01-28 00:52 - 110100483 _____ C:\Users\Andi\Downloads\Medi.part02.rar
2014-01-28 00:09 - 2014-01-28 00:46 - 110100487 _____ C:\Users\Andi\Downloads\Medi.part01.rar
2014-01-26 17:06 - 2014-01-26 17:06 - 00000000 ____D C:\Users\Andi\AppData\Roaming\Garmin
2014-01-25 09:06 - 2014-01-25 09:06 - 00262144 _____ C:\Windows\Minidump\012514-23290-01.dmp
2014-01-22 13:52 - 2014-01-22 13:53 - 00000000 ____D C:\Users\Angi\AppData\Local\Udbmedia
2014-01-21 20:26 - 2014-01-30 23:10 - 00028583 _____ C:\Users\Andi\Desktop\Addition.txt
2014-01-20 22:03 - 2014-01-30 23:07 - 02079744 _____ (Farbar) C:\Users\Andi\Desktop\FRST64.exe
2014-01-20 16:46 - 2014-01-20 16:46 - 00002130 _____ C:\Users\Public\Desktop\NWZ-E380 WALKMAN Guide.lnk
2014-01-20 16:45 - 2014-01-20 16:45 - 00000000 ____D C:\Users\Admin\AppData\Local\Downloaded Installations
2014-01-20 16:44 - 2014-01-20 16:44 - 00000562 _____ C:\Windows\wmsetup.log
2014-01-20 16:44 - 2014-01-20 16:44 - 00000000 ____D C:\Program Files (x86)\Sony
2014-01-19 11:01 - 2014-01-19 11:02 - 18864072 _____ C:\Users\Angi\Downloads\CommunicatorPlugin_410 (1).exe
2014-01-19 10:58 - 2014-01-19 10:58 - 00000000 ____D C:\Program Files\Garmin GPS Plugin
2014-01-19 10:58 - 2014-01-19 10:58 - 00000000 ____D C:\Program Files (x86)\Garmin GPS Plugin
2014-01-19 10:55 - 2014-01-19 10:56 - 18864072 _____ C:\Users\Angi\Downloads\CommunicatorPlugin_410.exe
2014-01-16 06:28 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-16 06:28 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-16 06:28 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-16 06:28 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-16 06:28 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-16 06:28 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-16 06:28 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-16 06:28 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-16 06:28 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-10 20:09 - 2014-01-30 23:07 - 00000000 ____D C:\Users\Andi\Desktop\FRST-OlderVersion
2014-01-05 23:01 - 2014-01-05 23:01 - 00262144 _____ C:\Windows\Minidump\010514-30716-01.dmp
2014-01-05 21:32 - 2014-01-10 06:24 - 00000000 ____D C:\Users\Andi\AppData\Local\Udbmedia
2014-01-05 09:36 - 2014-01-10 20:14 - 00000000 ____D C:\Users\Angi\Desktop\FRST-OlderVersion
2014-01-03 21:00 - 2014-01-10 20:14 - 01932166 _____ (Farbar) C:\Users\Angi\Desktop\FRST64.exe
2014-01-03 20:54 - 2014-01-05 09:28 - 00000000 ____D C:\Users\Andi\Downloads\FRST-OlderVersion
2014-01-01 19:35 - 2014-01-01 19:36 - 00074060 _____ C:\Users\Angi\Downloads\FRST.txt
2014-01-01 19:34 - 2014-01-31 17:39 - 00077836 _____ C:\Users\Andi\Desktop\FRST.txt
2014-01-01 19:34 - 2014-01-01 19:32 - 01931396 _____ (Farbar) C:\Users\Angi\Downloads\FRST64(1).exe
2014-01-01 19:33 - 2014-01-05 09:32 - 00053799 _____ C:\Users\Andi\Downloads\FRST.txt
==================== One Month Modified Files and Folders =======
2014-01-31 17:39 - 2014-01-01 19:34 - 00077836 _____ C:\Users\Andi\Desktop\FRST.txt
2014-01-31 17:39 - 2013-12-23 01:49 - 00000000 ____D C:\FRST
2014-01-31 17:39 - 2013-07-08 16:40 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-31 17:37 - 2012-10-10 22:33 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-31 17:31 - 2013-11-24 08:26 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2098008458-3402727504-3613341839-1001UA1cee8e678ff332c.job
2014-01-31 17:23 - 2013-10-12 20:12 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2098008458-3402727504-3613341839-1002UA1cec77f502d0aa.job
2014-01-31 17:23 - 2012-06-02 13:35 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2098008458-3402727504-3613341839-1002Core.job
2014-01-31 17:03 - 2013-12-09 00:58 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cef47153d6009b.job
2014-01-31 16:29 - 2009-07-14 05:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-31 16:29 - 2009-07-14 05:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-31 16:23 - 2012-01-15 19:22 - 01492856 _____ C:\Windows\WindowsUpdate.log
2014-01-31 16:22 - 2013-12-01 20:43 - 00000000 ___RD C:\Users\Angi\Dropbox
2014-01-31 16:22 - 2013-12-01 20:39 - 00000000 ____D C:\Users\Angi\AppData\Roaming\Dropbox
2014-01-31 16:21 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-31 16:21 - 2009-07-14 05:51 - 00200371 _____ C:\Windows\setupact.log
2014-01-30 23:10 - 2014-01-21 20:26 - 00028583 _____ C:\Users\Andi\Desktop\Addition.txt
2014-01-30 23:07 - 2014-01-20 22:03 - 02079744 _____ (Farbar) C:\Users\Andi\Desktop\FRST64.exe
2014-01-30 23:07 - 2014-01-10 20:09 - 00000000 ____D C:\Users\Andi\Desktop\FRST-OlderVersion
2014-01-29 12:10 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-29 06:36 - 2012-01-16 04:15 - 00669464 _____ C:\Windows\system32\perfh007.dat
2014-01-29 06:36 - 2012-01-16 04:15 - 00134990 _____ C:\Windows\system32\perfc007.dat
2014-01-29 06:36 - 2009-07-14 06:13 - 01528428 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-28 08:31 - 2013-09-13 22:21 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2098008458-3402727504-3613341839-1001Core1ceb0c727a22316.job
2014-01-28 08:11 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2014-01-28 00:52 - 2014-01-28 00:09 - 110100483 _____ C:\Users\Andi\Downloads\Medi.part02.rar
2014-01-28 00:46 - 2014-01-28 00:11 - 110100481 _____ C:\Users\Andi\Downloads\Medi.part03.rar
2014-01-28 00:46 - 2014-01-28 00:09 - 110100487 _____ C:\Users\Andi\Downloads\Medi.part01.rar
2014-01-27 15:25 - 2013-12-09 23:49 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-27 15:25 - 2013-12-09 23:48 - 00000000 ____D C:\Users\Admin\AppData\Local\Adobe
2014-01-27 15:25 - 2012-10-10 22:33 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-27 15:25 - 2011-10-14 04:49 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-27 11:54 - 2012-08-14 20:29 - 00000000 ____D C:\Users\Andi\AppData\Roaming\SoftGrid Client
2014-01-27 01:54 - 2013-09-26 22:52 - 00000000 ____D C:\Users\Andi\Documents\Urlaub
2014-01-26 17:06 - 2014-01-26 17:06 - 00000000 ____D C:\Users\Andi\AppData\Roaming\Garmin
2014-01-25 09:06 - 2014-01-25 09:06 - 00262144 _____ C:\Windows\Minidump\012514-23290-01.dmp
2014-01-25 09:06 - 2012-07-09 11:24 - 00000000 ____D C:\Windows\Minidump
2014-01-25 09:06 - 2012-07-09 11:23 - 538541837 _____ C:\Windows\MEMORY.DMP
2014-01-22 15:21 - 2012-06-04 21:30 - 00000000 ____D C:\MP3
2014-01-22 13:53 - 2014-01-22 13:52 - 00000000 ____D C:\Users\Angi\AppData\Local\Udbmedia
2014-01-22 13:37 - 2012-06-02 16:08 - 00000000 ____D C:\Users\Angi\AppData\Roaming\Adobe
2014-01-20 19:53 - 2010-11-21 04:47 - 00393070 _____ C:\Windows\PFRO.log
2014-01-20 16:46 - 2014-01-20 16:46 - 00002130 _____ C:\Users\Public\Desktop\NWZ-E380 WALKMAN Guide.lnk
2014-01-20 16:45 - 2014-01-20 16:45 - 00000000 ____D C:\Users\Admin\AppData\Local\Downloaded Installations
2014-01-20 16:44 - 2014-01-20 16:44 - 00000562 _____ C:\Windows\wmsetup.log
2014-01-20 16:44 - 2014-01-20 16:44 - 00000000 ____D C:\Program Files (x86)\Sony
2014-01-20 16:44 - 2012-06-07 10:57 - 00000000 ____D C:\ProgramData\Sony Corporation
2014-01-19 11:02 - 2014-01-19 11:01 - 18864072 _____ C:\Users\Angi\Downloads\CommunicatorPlugin_410 (1).exe
2014-01-19 10:58 - 2014-01-19 10:58 - 00000000 ____D C:\Program Files\Garmin GPS Plugin
2014-01-19 10:58 - 2014-01-19 10:58 - 00000000 ____D C:\Program Files (x86)\Garmin GPS Plugin
2014-01-19 10:56 - 2014-01-19 10:55 - 18864072 _____ C:\Users\Angi\Downloads\CommunicatorPlugin_410.exe
2014-01-18 18:34 - 2012-06-02 13:28 - 00000000 ___RD C:\Users\Angi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-16 19:39 - 2009-07-14 05:45 - 00481440 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-16 06:29 - 2013-08-15 14:17 - 00000000 ____D C:\Windows\system32\MRT
2014-01-16 06:25 - 2013-08-15 14:17 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 13:27 - 2013-09-12 06:01 - 00000000 ____D C:\Program Files\Microsoft Office 15
2014-01-10 20:14 - 2014-01-05 09:36 - 00000000 ____D C:\Users\Angi\Desktop\FRST-OlderVersion
2014-01-10 20:14 - 2014-01-03 21:00 - 01932166 _____ (Farbar) C:\Users\Angi\Desktop\FRST64.exe
2014-01-10 06:27 - 2013-12-01 20:43 - 00001012 _____ C:\Users\Angi\Desktop\Dropbox.lnk
2014-01-10 06:27 - 2013-12-01 20:39 - 00000526 _____ C:\Windows\wininit.ini
2014-01-10 06:27 - 2013-12-01 20:39 - 00000000 ____D C:\Users\Angi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-10 06:24 - 2014-01-05 21:32 - 00000000 ____D C:\Users\Andi\AppData\Local\Udbmedia
2014-01-07 08:01 - 2013-08-27 06:26 - 00000000 ____D C:\Users\Andi\AppData\Roaming\vlc
2014-01-07 07:41 - 2013-01-31 23:48 - 00000000 ____D C:\Users\Andi\Documents\Weine
2014-01-05 23:01 - 2014-01-05 23:01 - 00262144 _____ C:\Windows\Minidump\010514-30716-01.dmp
2014-01-05 11:11 - 2013-11-10 14:24 - 00000000 ____D C:\Users\Andi\AppData\Roaming\BitTorrent
2014-01-05 09:32 - 2014-01-01 19:33 - 00053799 _____ C:\Users\Andi\Downloads\FRST.txt
2014-01-05 09:28 - 2014-01-03 20:54 - 00000000 ____D C:\Users\Andi\Downloads\FRST-OlderVersion
2014-01-01 19:36 - 2014-01-01 19:35 - 00074060 _____ C:\Users\Angi\Downloads\FRST.txt
2014-01-01 19:32 - 2014-01-01 19:34 - 01931396 _____ (Farbar) C:\Users\Angi\Downloads\FRST64(1).exe
Some content of TEMP:
====================
C:\Users\Angi\AppData\Local\temp\dttxyztz.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-30 18:53
==================== End Of Log ============================
--- --- --- |
|
31.01.2014, 17:47
| #68 |
| | Windows 7: Befall von mehreren Trojanern/Viren -Win64/Conedex.B + C + I, Win64/Sirefef.AZ+BJCode:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-01-2014 01
Ran by Admin at 2014-01-31 17:40:46
Running from C:\Users\Andi\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: ESET Smart Security 6.0 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET Smart Security 6.0 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal firewall (Enabled) {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
==================== Installed Programs ======================
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0 - Igor Pavlov)
Acer Backup Manager (x32 Version: 3.0.0.99 - NTI Corporation)
Acer Crystal Eye Webcam (x32 Version: 1.0.1904 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.0.1904 - CyberLink Corp.) Hidden
Acer ePower Management (x32 Version: 6.00.3008 - Acer Incorporated)
Acer eRecovery Management (x32 Version: 5.00.3504 - Acer Incorporated)
Acer Games (x32 Version: 1.0.2.5 - WildTangent)
Acer Registration (x32 Version: 1.04.3504 - Acer Incorporated)
Acer ScreenSaver (x32 Version: 1.1.0913.2011 - Acer Incorporated)
Acer Updater (x32 Version: 1.02.3500 - Acer Incorporated)
Adobe AIR (x32 Version: 2.7.1.19610 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.7.1.19610 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.43 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) MUI (x32 Version: 10.1.9 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Apple Application Support (x32 Version: 2.3 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Backup Manager V3 (x32 Version: 3.0.0.99 - NTI Corporation) Hidden
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Bar (x32 Version: 7.0.765.0 - Microsoft Corporation)
BitTorrent (HKCU Version: 7.8.2.30265 - BitTorrent Inc.)
Broadcom Card Reader Driver Installer (Version: 14.8.2.2 - Broadcom Corporation)
Broadcom NetLink Controller (Version: 14.8.4.1 - Broadcom Corporation)
Canon MP550 series MP Drivers (Version: - )
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
clear.fi (x32 Version: 1.0.1517_36458 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 1.0.2024.00 - CyberLink Corp.)
clear.fi (x32 Version: 1.0.2024.00 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 9.0.8026 - CyberLink Corp.) Hidden
clear.fi Client (x32 Version: 1.00.3500 - Acer Incorporated)
Crazy Chicken Kart 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Advanced Audio v2 (x32 Version: 7.2.7000.7 - Dolby Laboratories Inc)
eBay Worldwide (x32 Version: 2.2.0409 - OEM)
ESET Smart Security (Version: 6.0.316.0 - ESET, spol s r. o.)
ETDWare PS/2-X64 8.0.6.3_WHQL (Version: 8.0.6.3 - ELAN Microelectronic Corp.)
Evernote v. 4.5.1 (x32 Version: 4.5.1.5451 - Evernote Corp.)
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fooz Kids (x32 Version: 3.0.8 - FUHU, Inc.)
Fooz Kids (x32 Version: 3.0.8 - FUHU, Inc.) Hidden
Fooz Kids Platform (x32 Version: 2.1 - FUHU, Inc.)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Garmin Communicator Plugin (x32 Version: 4.1.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (Version: 4.1.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKCU Version: 29.0.1547.66 - Google Inc.)
Google Earth Plug-in (x32 Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
HappyFoto-Designer 5.1 (x32 Version: - )
Identity Card (x32 Version: 1.00.3501 - Acer Incorporated)
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
Intel(R) Control Center (x32 Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (x32 Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (x32 Version: 8.15.10.2418 - Intel Corporation)
Intel(R) Rapid Storage Technology (x32 Version: 10.5.0.1026 - Intel Corporation)
Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (x32 Version: 5.1.7 - Acer Inc.)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
McAfee Security Scan Plus (Version: 3.8.130.10 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 365 Home Premium - de-de (Version: 15.0.4551.1512 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Klick-und-Los 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (x32 Version: 14.0.5128.5002 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
MyWinLocker (Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker Suite (x32 Version: 4.0.14.19 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.19 - Egis Technology Inc.) Hidden
Need For Speed™ World (x32 Version: 1.0.0.1055 - Electronic Arts)
newsXpresso (x32 Version: 1.0.0.40 - esobi Inc.)
newsXpresso (x32 Version: 1.0.0.40 - esobi Inc.) Hidden
Norton Online Backup (x32 Version: 2.1.17869 - Symantec Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9002 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9002 - NTI Corporation) Hidden
NVIDIA Grafiktreiber 306.97 (Version: 306.97 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.85.551 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.10.8 (Version: 1.10.8 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Systemsteuerung 306.97 (Version: 306.97 - NVIDIA Corporation) Hidden
NVIDIA Update 1.10.8 (Version: 1.10.8 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
NWZ-E380 WALKMAN Guide (x32 Version: 2.2.0.05230 - Sony Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
OpenOffice 4.0.0 (x32 Version: 4.00.9702 - Apache Software Foundation)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PerformanceTest v7.0 (64-bit) (Version: 7.0 - Passmark Software)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
QuickTime (x32 Version: 7.74.80.86 - Apple Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6438 - Realtek Semiconductor Corp.)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype™ 5.10 (x32 Version: 5.10.116 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
StreamTorrent 1.0 (x32 Version: - )
Tinypic 3.18 (x32 Version: Tinypic 3.18 - E. Fiedler)
T-Mobile Internet Manager (x32 Version: 11.301.05.34.55 - Huawei Technologies Co.,Ltd)
Torchlight (x32 Version: 2.2.0.97 - WildTangent) Hidden
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (Version: 2.1.23.0 - Intel)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden
VLC Codec Pack 2.0.5 (x32 Version: 2.0.5 - VLC Codec Pack)
VLC media player 2.0.7 (x32 Version: 2.0.7 - VideoLAN)
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (x32 Version: 1.02.3504 - Acer Incorporated)
WildTangent Games App (Acer Games) (x32 Version: 4.0.5.14 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Корпорация Майкрософт) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 影像中心 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Wondershare MobileGo for Android ( Version 4.1.0 ) (x32 Version: 4.1.0 - Wondershare)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Restore Points =========================
07-01-2014 12:50:33 Windows Update
14-01-2014 05:41:13 Windows Update
16-01-2014 05:23:43 Windows Update
16-01-2014 17:02:51 Windows Update
21-01-2014 19:21:24 Windows Update
29-01-2014 05:34:57 Windows Update
==================== Hosts content: ==========================
2009-07-14 03:34 - 2013-11-24 20:32 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {07616372-F801-458D-9C14-C9930D6095B1} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-01-15] (Microsoft Corporation)
Task: {0ED3B60A-C1E2-4C3C-9327-B8E68F24064C} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-08-24] (CyberLink Corp.)
Task: {26E05DF4-BA16-4773-9D52-1856B958F2D4} - System32\Tasks\GoogleUpdateTaskMachineUA1cef47153d6009b => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-08] (Google Inc.)
Task: {3866C1B3-BD31-4AAE-BE41-6B76C99E152C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2098008458-3402727504-3613341839-1001UA1cee8e678ff332c => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-02] (Google Inc.)
Task: {43FBDE16-54EC-4AED-8476-C356CE1FD9E8} - \Desk 365 RunAsStdUser No Task File
Task: {56EDC0BA-DB57-4CAA-B1BF-984035D1F313} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-08] (Google Inc.)
Task: {85B0BB76-1E4F-485F-9FD5-7446EE98A8BE} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-08-24] (CyberLink)
Task: {8A765899-89D1-4338-84CC-7988A4094513} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2098008458-3402727504-3613341839-1002Core => C:\Users\Angi\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-02] (Google Inc.)
Task: {8B0876B7-E6EE-4708-B12D-CEED3FE1DF23} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-27] (Adobe Systems Incorporated)
Task: {9B25315B-EB80-49AB-BF95-7A3210569938} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-10-31] (Microsoft Corporation)
Task: {A308C948-BEB7-4EFF-BFD8-EF0E66F65DA0} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {CF2BDE07-28C1-4EAB-9E4C-55B293FD4A44} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-08-24] (Acer Incorporated)
Task: {EF3DBADD-B74B-4C0D-8182-F928CFE3CACA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {F41D5C2B-0A28-490D-A526-6CAB87484240} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2098008458-3402727504-3613341839-1001Core1ceb0c727a22316 => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-02] (Google Inc.)
Task: {F87FA238-C6DB-4B39-A405-E68BFAF7722C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2098008458-3402727504-3613341839-1002UA1cec77f502d0aa => C:\Users\Angi\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-02] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cef47153d6009b.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2098008458-3402727504-3613341839-1001Core1ceb0c727a22316.job => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2098008458-3402727504-3613341839-1001UA1cee8e678ff332c.job => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2098008458-3402727504-3613341839-1002Core.job => C:\Users\Angi\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2098008458-3402727504-3613341839-1002UA1cec77f502d0aa.job => C:\Users\Angi\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-11-23 17:15 - 2013-11-23 17:15 - 02492416 _____ () C:\ProgramData\Microsoft\BingDesktop\BingCore\BingDesktopOverlays.dll
2013-11-23 17:15 - 2013-11-23 17:15 - 02179072 _____ () C:\ProgramData\Microsoft\BingDesktop\BingCore\BingDesktopCore.dll
2009-01-21 16:45 - 2009-01-21 16:45 - 01401856 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2011-10-14 04:57 - 2011-06-10 18:36 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-04-24 02:29 - 2011-04-24 02:29 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2011-04-24 02:29 - 2011-04-24 02:29 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2011-04-24 02:29 - 2011-04-24 02:29 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2013-08-20 08:23 - 2013-08-20 08:23 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\f60b3ee2de3f41a024920486d46d49f2\IsdiInterop.ni.dll
2011-10-14 04:15 - 2011-04-30 08:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2011-08-24 18:03 - 2011-08-24 18:03 - 00206216 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
2012-06-02 13:17 - 2013-12-20 17:48 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-01-27 15:25 - 2014-01-27 15:25 - 16287624 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/31/2014 05:32:23 PM) (Source: Application Hang) (User: )
Description: Programm IEXPLORE.EXE, Version 11.0.9600.16428 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1cc8
Startzeit: 01cf1ea16b9fa1d5
Endzeit: 16
Anwendungspfad: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Berichts-ID:
Error: (01/31/2014 04:31:57 PM) (Source: Office 2013 Licensing Service) (User: )
Description: Subscription licensing service failed: -1073415161
Error: (01/31/2014 04:22:25 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/31/2014 00:31:42 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/31/2014 07:22:39 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/31/2014 07:13:21 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005
Error: (01/31/2014 06:31:53 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/30/2014 03:34:45 PM) (Source: Office 2013 Licensing Service) (User: )
Description: Subscription licensing service failed: -1073415161
Error: (01/30/2014 01:56:34 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/30/2014 06:30:37 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (01/31/2014 04:24:17 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (01/31/2014 04:24:17 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (01/31/2014 00:33:40 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (01/31/2014 00:33:40 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (01/31/2014 00:31:50 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2147024809
Error: (01/31/2014 00:31:50 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem Fehler beendet:
%%-2147024809
Error: (01/31/2014 07:24:36 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (01/31/2014 07:24:36 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (01/31/2014 06:33:48 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (01/31/2014 06:33:48 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Microsoft Office Sessions:
=========================
Error: (01/31/2014 05:32:23 PM) (Source: Application Hang)(User: )
Description: IEXPLORE.EXE11.0.9600.164281cc801cf1ea16b9fa1d516C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Error: (01/31/2014 04:31:57 PM) (Source: Office 2013 Licensing Service)(User: )
Description: Subscription licensing service failed: -1073415161
Error: (01/31/2014 04:22:25 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/31/2014 00:31:42 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/31/2014 07:22:39 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/31/2014 07:13:21 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005
Error: (01/31/2014 06:31:53 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/30/2014 03:34:45 PM) (Source: Office 2013 Licensing Service)(User: )
Description: Subscription licensing service failed: -1073415161
Error: (01/30/2014 01:56:34 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/30/2014 06:30:37 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2013-11-24 20:28:57.489
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-24 20:28:57.427
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-24 20:28:57.380
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-24 20:28:57.317
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-24 16:53:36.298
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-24 16:53:36.251
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 26%
Total physical RAM: 8043.86 MB
Available physical RAM: 5909.51 MB
Total Pagefile: 16085.9 MB
Available Pagefile: 13790.57 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:913.41 GB) (Free:593.17 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 6226A998)
Partition 1: (Not Active) - (Size=18 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=913 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
01.02.2014, 11:31
| #69 |
| /// the machine /// TB-Ausbilder | Windows 7: Befall von mehreren Trojanern/Viren -Win64/Conedex.B + C + I, Win64/Sirefef.AZ+BJ Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter HKU\Angi\...\Run: [Udbmedia] - regsvr32.exe C:\Users\Angi\AppData\Local\Udbmedia\EP0NGR00.DLL <===== ATTENTION
C:\Users\Angi\AppData\Local\temp\dttxyztz.exe
Task: {43FBDE16-54EC-4AED-8476-C356CE1FD9E8} - \Desk 365 RunAsStdUser No Task File
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
01.02.2014, 17:49
| #70 |
| | Windows 7: Befall von mehreren Trojanern/Viren -Win64/Conedex.B + C + I, Win64/Sirefef.AZ+BJCode:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-02-2014 04
Ran by Admin at 2014-02-01 17:44:36 Run:12
Running from C:\Users\Andi\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
HKU\Angi\...\Run: [Udbmedia] - regsvr32.exe C:\Users\Angi\AppData\Local\Udbmedia\EP0NGR00.DLL <===== ATTENTION
C:\Users\Angi\AppData\Local\temp\dttxyztz.exe
Task: {43FBDE16-54EC-4AED-8476-C356CE1FD9E8} - \Desk 365 RunAsStdUser No Task File
*****************
HKU\Angi\Software\Microsoft\Windows\CurrentVersion\Run\\Udbmedia => Value not found.
"C:\Users\Angi\AppData\Local\temp\dttxyztz.exe" => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{43FBDE16-54EC-4AED-8476-C356CE1FD9E8} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{43FBDE16-54EC-4AED-8476-C356CE1FD9E8} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Desk 365 RunAsStdUser => Key deleted successfully.
==== End of Fixlog ====
|
|
02.02.2014, 07:10
| #71 |
| /// the machine /// TB-Ausbilder | Windows 7: Befall von mehreren Trojanern/Viren -Win64/Conedex.B + C + I, Win64/Sirefef.AZ+BJ Dann jetzt bitte nochmal ausgiebig den REchner testen und mir mitteilen ob es noch Probleme gibt.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
03.02.2014, 22:39
| #72 |
| | Windows 7: Befall von mehreren Trojanern/Viren -Win64/Conedex.B + C + I, Win64/Sirefef.AZ+BJ Die beiden Probleme sind leider unverändert: Den Pfad C:\FRST\Quarantine\_OTM\MovedFiles\12162013_202043\C_FRST\Quarantine\Install kann ich noch immer nicht löschen Und die Fehlermeldung Fehler beim Laden des Moduls "C:\Users\Andi\AppData\Local\Udbmedia\jcstums.dat" kommt auch nach wie vor... |
|
04.02.2014, 17:12
| #73 |
| /// the machine /// TB-Ausbilder | Windows 7: Befall von mehreren Trojanern/Viren -Win64/Conedex.B + C + I, Win64/Sirefef.AZ+BJ FRST bitte nochmal scannen lassen, mit Haken bei Additional.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
04.02.2014, 20:20
| #74 |
| | Windows 7: Befall von mehreren Trojanern/Viren -Win64/Conedex.B + C + I, Win64/Sirefef.AZ+BJ FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2014 04
Ran by Admin (administrator) on PC on 04-02-2014 20:15:35
Running from C:\Users\Andi\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Wondershare) C:\Program Files (x86)\Wondershare\MobileGo for Android\MobileGoService.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
(Huawei Technologies Co., Ltd.) C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IntelTBRunOnce] - C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs [4526 2010-11-29] ()
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [6330568 2013-03-21] (ESET)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] - C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)
HKLM-x32\...\Run: [ArcadeMovieService] - C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-10-27] (CyberLink Corp.)
HKLM-x32\...\Run: [DataCardMonitor] - C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe [253952 2012-06-02] (Huawei Technologies Co., Ltd.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact] - "C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
HKLM\...\RunOnce: [*WerKernelReporting] - %SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq [415232 2009-07-14] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-2098008458-3402727504-3613341839-1001\...\Run: [HW_OPENEYE_OUC_T-Mobile Internet Manager] - C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\UpdateDog\ouc.exe [110592 2009-12-31] (Huawei Technologies Co., Ltd.)
HKU\S-1-5-21-2098008458-3402727504-3613341839-1001\...\Run: [Wondershare Helper Compact] - "C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
HKU\S-1-5-21-2098008458-3402727504-3613341839-1003\...\Run: [Orbitum] - C:\Users\Andi\AppData\Local\Orbitum\Application\chrome.exe
HKU\S-1-5-21-2098008458-3402727504-3613341839-1003\...\Run: [HW_OPENEYE_OUC_] - C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\UpdateDog\ouc.exe [110592 2009-12-31] (Huawei Technologies Co., Ltd.)
HKU\S-1-5-21-2098008458-3402727504-3613341839-1003\...\Run: [Udbmedia] - regsvr32.exe C:\Users\Andi\AppData\Local\Udbmedia\jcstums.dll <===== ATTENTION
HKU\S-1-5-21-2098008458-3402727504-3613341839-1003\...\MountPoints2: E - E:\AutoRun.exe
HKU\S-1-5-21-2098008458-3402727504-3613341839-1003\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-2098008458-3402727504-3613341839-1003\...\MountPoints2: {10e3d94e-ad86-11e1-b219-001e101f1f81} - E:\AutoRun.exe
HKU\S-1-5-21-2098008458-3402727504-3613341839-1003\...\MountPoints2: {8cf2d829-4bc2-11e2-b468-001e101f7fb6} - E:\AutoRun.exe
HKU\S-1-5-21-2098008458-3402727504-3613341839-1003\...\MountPoints2: {9a409562-acd6-11e1-9bc0-642737311941} - F:\AutoRun.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [247144 2012-10-08] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [202600 2012-10-08] (NVIDIA Corporation)
Startup: C:\Users\Angi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{4227D410-6AA1-42B3-9995-001DD2C8E53B}: [NameServer]213.162.69.169 213.162.69.1
Tcpip\..\Interfaces\{ACF8C42B-3FAB-4EA1-9E15-28CDA0A662A4}: [NameServer]213.162.69.170 213.162.69.2
Tcpip\..\Interfaces\{EFE5D906-626A-491A-B1CC-69F3BF926A2A}: [NameServer]213.162.69.2 213.162.69.170
FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\kpmgns1t.default
FF Homepage: hxxp://www.google.at/
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @garmin.com/GpsControl - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @garmin.com/GpsControl - C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Admin\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Admin\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013-08-03]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013-08-03]
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR DefaultSearchProvider: qvo6
CHR DefaultSearchURL: hxxp://www.google.com
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Admin\AppData\Local\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Admin\AppData\Local\Google\Chrome\Application\23.0.1271.97\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Admin\AppData\Local\Google\Chrome\Application\23.0.1271.97\gcswf32.dll No File
CHR Plugin: (McAfee SiteAdvisor) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.40.135.2_0\McChPlg.dll No File
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (WildTangent Games App Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll No File
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\Admin\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll No File
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-06-02]
CHR Extension: (Google-Suche) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-06-02]
CHR Extension: (Google Mail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-06-02]
==================== Services (Whitelisted) =================
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1341664 2013-03-21] (ESET)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-10-31] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
S3 androidusb; C:\Windows\System32\Drivers\wsadb.sys [40736 2013-10-03] (Google Inc)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [213416 2013-02-20] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [150616 2013-01-10] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [190232 2013-01-10] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [59440 2013-01-10] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [58416 2013-02-20] (ESET)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [243200 2009-10-21] (Huawei Technologies Co., Ltd.)
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114304 2009-10-12] (Huawei Technologies Co., Ltd.)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [204568 2013-08-20] (DEVGURU Co., LTD.(www.devguru.co.kr))
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-04 06:19 - 2014-02-04 06:35 - 110100480 _____ () C:\Users\Andi\Downloads\Medi.part10.rar
2014-02-03 22:58 - 2014-02-03 22:58 - 03335096 _____ (Peter A. Gebhard ) C:\Users\Andi\Downloads\drh2014d.exe
2014-02-03 22:52 - 2014-02-03 23:30 - 110100480 _____ () C:\Users\Andi\Downloads\Medi.part09.rar
2014-02-03 22:30 - 2014-02-03 22:30 - 00000317 _____ () C:\Users\Andi\Desktop\Post.txt
2014-02-02 15:06 - 2014-02-02 15:06 - 00029184 _____ () C:\Users\Angi\Downloads\Helfer 1. Cup (1).xls
2014-02-02 10:05 - 2014-02-02 10:05 - 00029184 _____ () C:\Users\Angi\Downloads\Helfer 1. Cup.xls
2014-02-01 21:44 - 2014-02-01 22:08 - 110100480 _____ () C:\Users\Andi\Downloads\Medi.part08.rar
2014-02-01 20:31 - 2014-02-01 20:56 - 110100480 _____ () C:\Users\Andi\Downloads\Medi.part07.rar
2014-02-01 19:35 - 2014-02-01 20:21 - 110100483 _____ () C:\Users\Andi\Downloads\Medi.part06.rar
2014-02-01 19:34 - 2014-02-01 20:11 - 110100487 _____ () C:\Users\Andi\Downloads\Medi.part05.rar
2014-02-01 19:32 - 2014-02-01 20:08 - 110100481 _____ () C:\Users\Andi\Downloads\Medi.part04.rar
2014-01-28 00:11 - 2014-01-28 00:46 - 110100481 _____ () C:\Users\Andi\Downloads\Medi.part03.rar
2014-01-28 00:09 - 2014-01-28 00:52 - 110100483 _____ () C:\Users\Andi\Downloads\Medi.part02.rar
2014-01-28 00:09 - 2014-01-28 00:46 - 110100487 _____ () C:\Users\Andi\Downloads\Medi.part01.rar
2014-01-26 17:06 - 2014-01-26 17:06 - 00000000 ____D () C:\Users\Andi\AppData\Roaming\Garmin
2014-01-25 09:06 - 2014-01-25 09:06 - 00262144 _____ () C:\Windows\Minidump\012514-23290-01.dmp
2014-01-22 13:52 - 2014-01-22 13:53 - 00000000 ____D () C:\Users\Angi\AppData\Local\Udbmedia
2014-01-21 20:26 - 2014-01-31 17:41 - 00033323 _____ () C:\Users\Andi\Desktop\Addition.txt
2014-01-20 22:03 - 2014-02-01 17:43 - 02080256 _____ (Farbar) C:\Users\Andi\Desktop\FRST64.exe
2014-01-20 16:46 - 2014-01-20 16:46 - 00002130 _____ () C:\Users\Public\Desktop\NWZ-E380 WALKMAN Guide.lnk
2014-01-20 16:45 - 2014-01-20 16:45 - 00000000 ____D () C:\Users\Admin\AppData\Local\Downloaded Installations
2014-01-20 16:44 - 2014-01-20 16:44 - 00000562 _____ () C:\Windows\wmsetup.log
2014-01-20 16:44 - 2014-01-20 16:44 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-01-19 11:01 - 2014-01-19 11:02 - 18864072 _____ () C:\Users\Angi\Downloads\CommunicatorPlugin_410 (1).exe
2014-01-19 10:58 - 2014-01-19 10:58 - 00000000 ____D () C:\Program Files\Garmin GPS Plugin
2014-01-19 10:58 - 2014-01-19 10:58 - 00000000 ____D () C:\Program Files (x86)\Garmin GPS Plugin
2014-01-19 10:55 - 2014-01-19 10:56 - 18864072 _____ () C:\Users\Angi\Downloads\CommunicatorPlugin_410.exe
2014-01-16 06:28 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-16 06:28 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-16 06:28 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-16 06:28 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-16 06:28 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-16 06:28 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-16 06:28 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-16 06:28 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-16 06:28 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-10 20:09 - 2014-02-01 17:43 - 00000000 ____D () C:\Users\Andi\Desktop\FRST-OlderVersion
2014-01-05 23:01 - 2014-01-05 23:01 - 00262144 _____ () C:\Windows\Minidump\010514-30716-01.dmp
2014-01-05 21:32 - 2014-01-10 06:24 - 00000000 ____D () C:\Users\Andi\AppData\Local\Udbmedia
2014-01-05 09:36 - 2014-01-10 20:14 - 00000000 ____D () C:\Users\Angi\Desktop\FRST-OlderVersion
==================== One Month Modified Files and Folders =======
2014-02-04 20:16 - 2014-01-01 19:34 - 00018395 _____ () C:\Users\Andi\Desktop\FRST.txt
2014-02-04 20:15 - 2013-12-23 01:49 - 00000000 ____D () C:\FRST
2014-02-04 20:15 - 2012-01-15 19:22 - 01839182 _____ () C:\Windows\WindowsUpdate.log
2014-02-04 20:13 - 2013-07-08 16:40 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-04 20:13 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-04 20:13 - 2009-07-14 05:51 - 00201435 _____ () C:\Windows\setupact.log
2014-02-04 14:31 - 2013-11-24 08:26 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2098008458-3402727504-3613341839-1001UA1cee8e678ff332c.job
2014-02-04 14:23 - 2013-10-12 20:12 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2098008458-3402727504-3613341839-1002UA1cec77f502d0aa.job
2014-02-04 14:03 - 2013-12-09 00:58 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cef47153d6009b.job
2014-02-04 13:37 - 2012-10-10 22:33 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-04 12:58 - 2009-07-14 05:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-04 12:58 - 2009-07-14 05:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-04 12:57 - 2013-12-01 20:39 - 00000000 ____D () C:\Users\Angi\AppData\Roaming\Dropbox
2014-02-04 12:55 - 2013-12-01 20:43 - 00000000 ___RD () C:\Users\Angi\Dropbox
2014-02-04 12:48 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-04 08:31 - 2013-09-13 22:21 - 00001068 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2098008458-3402727504-3613341839-1001Core1ceb0c727a22316.job
2014-02-04 06:35 - 2014-02-04 06:19 - 110100480 _____ () C:\Users\Andi\Downloads\Medi.part10.rar
2014-02-03 23:30 - 2014-02-03 22:52 - 110100480 _____ () C:\Users\Andi\Downloads\Medi.part09.rar
2014-02-03 22:58 - 2014-02-03 22:58 - 03335096 _____ (Peter A. Gebhard ) C:\Users\Andi\Downloads\drh2014d.exe
2014-02-03 22:54 - 2012-01-15 19:50 - 00012914 _____ () C:\ProgramData\ArcadeDeluxe5.log
2014-02-03 22:53 - 2012-01-15 19:51 - 00003424 _____ () C:\Windows\System32\Tasks\clear.fi
2014-02-03 22:53 - 2012-01-15 19:51 - 00003372 _____ () C:\Windows\System32\Tasks\DMREngine
2014-02-03 22:53 - 2012-01-15 19:51 - 00003354 _____ () C:\Windows\System32\Tasks\clear.fiAgent
2014-02-03 22:53 - 2011-10-14 04:15 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-03 22:52 - 2012-06-02 13:24 - 00000000 ____D () C:\Users\Admin\AppData\Local\Cyberlink
2014-02-03 22:51 - 2012-01-15 19:50 - 00000000 ____D () C:\ProgramData\CyberLink
2014-02-03 22:30 - 2014-02-03 22:30 - 00000317 _____ () C:\Users\Andi\Desktop\Post.txt
2014-02-03 17:23 - 2012-06-02 13:35 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2098008458-3402727504-3613341839-1002Core.job
2014-02-02 15:06 - 2014-02-02 15:06 - 00029184 _____ () C:\Users\Angi\Downloads\Helfer 1. Cup (1).xls
2014-02-02 10:05 - 2014-02-02 10:05 - 00029184 _____ () C:\Users\Angi\Downloads\Helfer 1. Cup.xls
2014-02-01 22:08 - 2014-02-01 21:44 - 110100480 _____ () C:\Users\Andi\Downloads\Medi.part08.rar
2014-02-01 20:56 - 2014-02-01 20:31 - 110100480 _____ () C:\Users\Andi\Downloads\Medi.part07.rar
2014-02-01 20:21 - 2014-02-01 19:35 - 110100483 _____ () C:\Users\Andi\Downloads\Medi.part06.rar
2014-02-01 20:11 - 2014-02-01 19:34 - 110100487 _____ () C:\Users\Andi\Downloads\Medi.part05.rar
2014-02-01 20:08 - 2014-02-01 19:32 - 110100481 _____ () C:\Users\Andi\Downloads\Medi.part04.rar
2014-02-01 17:43 - 2014-01-20 22:03 - 02080256 _____ (Farbar) C:\Users\Andi\Desktop\FRST64.exe
2014-02-01 17:43 - 2014-01-10 20:09 - 00000000 ____D () C:\Users\Andi\Desktop\FRST-OlderVersion
2014-01-31 17:41 - 2014-01-21 20:26 - 00033323 _____ () C:\Users\Andi\Desktop\Addition.txt
2014-01-29 06:36 - 2012-01-16 04:15 - 00669464 _____ () C:\Windows\system32\perfh007.dat
2014-01-29 06:36 - 2012-01-16 04:15 - 00134990 _____ () C:\Windows\system32\perfc007.dat
2014-01-29 06:36 - 2009-07-14 06:13 - 01528428 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-01-28 08:11 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-01-28 00:52 - 2014-01-28 00:09 - 110100483 _____ () C:\Users\Andi\Downloads\Medi.part02.rar
2014-01-28 00:46 - 2014-01-28 00:11 - 110100481 _____ () C:\Users\Andi\Downloads\Medi.part03.rar
2014-01-28 00:46 - 2014-01-28 00:09 - 110100487 _____ () C:\Users\Andi\Downloads\Medi.part01.rar
2014-01-27 15:25 - 2013-12-09 23:49 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-27 15:25 - 2013-12-09 23:48 - 00000000 ____D () C:\Users\Admin\AppData\Local\Adobe
2014-01-27 15:25 - 2012-10-10 22:33 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-27 15:25 - 2011-10-14 04:49 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-27 11:54 - 2012-08-14 20:29 - 00000000 ____D () C:\Users\Andi\AppData\Roaming\SoftGrid Client
2014-01-27 01:54 - 2013-09-26 22:52 - 00000000 ____D () C:\Users\Andi\Documents\Urlaub
2014-01-26 17:06 - 2014-01-26 17:06 - 00000000 ____D () C:\Users\Andi\AppData\Roaming\Garmin
2014-01-25 09:06 - 2014-01-25 09:06 - 00262144 _____ () C:\Windows\Minidump\012514-23290-01.dmp
2014-01-25 09:06 - 2012-07-09 11:24 - 00000000 ____D () C:\Windows\Minidump
2014-01-25 09:06 - 2012-07-09 11:23 - 538541837 _____ () C:\Windows\MEMORY.DMP
2014-01-22 15:21 - 2012-06-04 21:30 - 00000000 ____D () C:\MP3
2014-01-22 13:53 - 2014-01-22 13:52 - 00000000 ____D () C:\Users\Angi\AppData\Local\Udbmedia
2014-01-22 13:37 - 2012-06-02 16:08 - 00000000 ____D () C:\Users\Angi\AppData\Roaming\Adobe
2014-01-20 19:53 - 2010-11-21 04:47 - 00393070 _____ () C:\Windows\PFRO.log
2014-01-20 16:46 - 2014-01-20 16:46 - 00002130 _____ () C:\Users\Public\Desktop\NWZ-E380 WALKMAN Guide.lnk
2014-01-20 16:45 - 2014-01-20 16:45 - 00000000 ____D () C:\Users\Admin\AppData\Local\Downloaded Installations
2014-01-20 16:44 - 2014-01-20 16:44 - 00000562 _____ () C:\Windows\wmsetup.log
2014-01-20 16:44 - 2014-01-20 16:44 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-01-20 16:44 - 2012-06-07 10:57 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-01-19 11:02 - 2014-01-19 11:01 - 18864072 _____ () C:\Users\Angi\Downloads\CommunicatorPlugin_410 (1).exe
2014-01-19 10:58 - 2014-01-19 10:58 - 00000000 ____D () C:\Program Files\Garmin GPS Plugin
2014-01-19 10:58 - 2014-01-19 10:58 - 00000000 ____D () C:\Program Files (x86)\Garmin GPS Plugin
2014-01-19 10:56 - 2014-01-19 10:55 - 18864072 _____ () C:\Users\Angi\Downloads\CommunicatorPlugin_410.exe
2014-01-18 18:34 - 2012-06-02 13:28 - 00000000 ___RD () C:\Users\Angi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-16 19:39 - 2009-07-14 05:45 - 00481440 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-16 06:29 - 2013-08-15 14:17 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-16 06:25 - 2013-08-15 14:17 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 13:27 - 2013-09-12 06:01 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-01-10 20:14 - 2014-01-05 09:36 - 00000000 ____D () C:\Users\Angi\Desktop\FRST-OlderVersion
2014-01-10 20:14 - 2014-01-03 21:00 - 01932166 _____ (Farbar) C:\Users\Angi\Desktop\FRST64.exe
2014-01-10 06:27 - 2013-12-01 20:43 - 00001012 _____ () C:\Users\Angi\Desktop\Dropbox.lnk
2014-01-10 06:27 - 2013-12-01 20:39 - 00000526 _____ () C:\Windows\wininit.ini
2014-01-10 06:27 - 2013-12-01 20:39 - 00000000 ____D () C:\Users\Angi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-10 06:24 - 2014-01-05 21:32 - 00000000 ____D () C:\Users\Andi\AppData\Local\Udbmedia
2014-01-07 08:01 - 2013-08-27 06:26 - 00000000 ____D () C:\Users\Andi\AppData\Roaming\vlc
2014-01-07 07:41 - 2013-01-31 23:48 - 00000000 ____D () C:\Users\Andi\Documents\Weine
2014-01-05 23:01 - 2014-01-05 23:01 - 00262144 _____ () C:\Windows\Minidump\010514-30716-01.dmp
2014-01-05 11:11 - 2013-11-10 14:24 - 00000000 ____D () C:\Users\Andi\AppData\Roaming\BitTorrent
2014-01-05 09:32 - 2014-01-01 19:33 - 00053799 _____ () C:\Users\Andi\Downloads\FRST.txt
2014-01-05 09:28 - 2014-01-03 20:54 - 00000000 ____D () C:\Users\Andi\Downloads\FRST-OlderVersion
Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\temp\D77.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-30 18:53
==================== End Of Log ============================
--- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-02-2014 04
Ran by Admin at 2014-02-04 20:17:36
Running from C:\Users\Andi\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: ESET Smart Security 6.0 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET Smart Security 6.0 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal firewall (Enabled) {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
==================== Installed Programs ======================
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0 - Igor Pavlov)
Acer Backup Manager (x32 Version: 3.0.0.99 - NTI Corporation)
Acer Crystal Eye Webcam (x32 Version: 1.0.1904 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.0.1904 - CyberLink Corp.) Hidden
Acer ePower Management (x32 Version: 6.00.3008 - Acer Incorporated)
Acer eRecovery Management (x32 Version: 5.00.3504 - Acer Incorporated)
Acer Games (x32 Version: 1.0.2.5 - WildTangent)
Acer Registration (x32 Version: 1.04.3504 - Acer Incorporated)
Acer ScreenSaver (x32 Version: 1.1.0913.2011 - Acer Incorporated)
Acer Updater (x32 Version: 1.02.3500 - Acer Incorporated)
Adobe AIR (x32 Version: 2.7.1.19610 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.7.1.19610 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.43 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) MUI (x32 Version: 10.1.9 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Apple Application Support (x32 Version: 2.3 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Backup Manager V3 (x32 Version: 3.0.0.99 - NTI Corporation) Hidden
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Bar (x32 Version: 7.0.765.0 - Microsoft Corporation)
BitTorrent (HKCU Version: 7.8.2.30265 - BitTorrent Inc.)
Broadcom Card Reader Driver Installer (Version: 14.8.2.2 - Broadcom Corporation)
Broadcom NetLink Controller (Version: 14.8.4.1 - Broadcom Corporation)
Canon MP550 series MP Drivers (Version: - )
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
clear.fi (x32 Version: 1.0.1517_36458 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 1.0.2228.00 - CyberLink Corp.)
clear.fi (x32 Version: 1.0.2228.00 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 9.0.8228 - CyberLink Corp.) Hidden
clear.fi Client (x32 Version: 1.00.3500 - Acer Incorporated)
Crazy Chicken Kart 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Advanced Audio v2 (x32 Version: 7.2.7000.7 - Dolby Laboratories Inc)
eBay Worldwide (x32 Version: 2.2.0409 - OEM)
ESET Smart Security (Version: 6.0.316.0 - ESET, spol s r. o.)
ETDWare PS/2-X64 8.0.6.3_WHQL (Version: 8.0.6.3 - ELAN Microelectronic Corp.)
Evernote v. 4.5.1 (x32 Version: 4.5.1.5451 - Evernote Corp.)
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fooz Kids (x32 Version: 3.0.8 - FUHU, Inc.)
Fooz Kids (x32 Version: 3.0.8 - FUHU, Inc.) Hidden
Fooz Kids Platform (x32 Version: 2.1 - FUHU, Inc.)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Garmin Communicator Plugin (x32 Version: 4.1.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (Version: 4.1.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKCU Version: 29.0.1547.66 - Google Inc.)
Google Earth Plug-in (x32 Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
HappyFoto-Designer 5.1 (x32 Version: - )
Identity Card (x32 Version: 1.00.3501 - Acer Incorporated)
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
Intel(R) Control Center (x32 Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (x32 Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (x32 Version: 8.15.10.2418 - Intel Corporation)
Intel(R) Rapid Storage Technology (x32 Version: 10.5.0.1026 - Intel Corporation)
Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (x32 Version: 5.1.7 - Acer Inc.)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
McAfee Security Scan Plus (Version: 3.8.130.10 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 365 Home Premium - de-de (Version: 15.0.4551.1512 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Klick-und-Los 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (x32 Version: 14.0.5128.5002 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
MyWinLocker (Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker Suite (x32 Version: 4.0.14.19 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.19 - Egis Technology Inc.) Hidden
Need For Speed™ World (x32 Version: 1.0.0.1055 - Electronic Arts)
newsXpresso (x32 Version: 1.0.0.40 - esobi Inc.)
newsXpresso (x32 Version: 1.0.0.40 - esobi Inc.) Hidden
Norton Online Backup (x32 Version: 2.1.17869 - Symantec Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9002 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9002 - NTI Corporation) Hidden
NVIDIA Grafiktreiber 306.97 (Version: 306.97 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.85.551 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.10.8 (Version: 1.10.8 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Systemsteuerung 306.97 (Version: 306.97 - NVIDIA Corporation) Hidden
NVIDIA Update 1.10.8 (Version: 1.10.8 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
NWZ-E380 WALKMAN Guide (x32 Version: 2.2.0.05230 - Sony Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
OpenOffice 4.0.0 (x32 Version: 4.00.9702 - Apache Software Foundation)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PerformanceTest v7.0 (64-bit) (Version: 7.0 - Passmark Software)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
QuickTime (x32 Version: 7.74.80.86 - Apple Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6438 - Realtek Semiconductor Corp.)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype™ 5.10 (x32 Version: 5.10.116 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
StreamTorrent 1.0 (x32 Version: - )
Tinypic 3.18 (x32 Version: Tinypic 3.18 - E. Fiedler)
T-Mobile Internet Manager (x32 Version: 11.301.05.34.55 - Huawei Technologies Co.,Ltd)
Torchlight (x32 Version: 2.2.0.97 - WildTangent) Hidden
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (Version: 2.1.23.0 - Intel)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden
VLC Codec Pack 2.0.5 (x32 Version: 2.0.5 - VLC Codec Pack)
VLC media player 2.0.7 (x32 Version: 2.0.7 - VideoLAN)
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (x32 Version: 1.02.3504 - Acer Incorporated)
WildTangent Games App (Acer Games) (x32 Version: 4.0.5.14 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Корпорация Майкрософт) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 影像中心 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Wondershare MobileGo for Android ( Version 4.1.0 ) (x32 Version: 4.1.0 - Wondershare)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Restore Points =========================
21-01-2014 19:21:24 Windows Update
29-01-2014 05:34:57 Windows Update
01-02-2014 08:18:01 Windows Update
03-02-2014 21:50:27 Installiert Suite
04-02-2014 19:16:17 Windows Update
==================== Hosts content: ==========================
2009-07-14 03:34 - 2013-11-24 20:32 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {07616372-F801-458D-9C14-C9930D6095B1} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-01-15] (Microsoft Corporation)
Task: {26E05DF4-BA16-4773-9D52-1856B958F2D4} - System32\Tasks\GoogleUpdateTaskMachineUA1cef47153d6009b => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-08] (Google Inc.)
Task: {2AC5E9FB-C833-417D-BCA0-DF724A13DAE7} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-08-24] (CyberLink)
Task: {31292C74-82D3-42F1-AF98-72C05ED4F97A} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-10-28] (Acer Incorporated)
Task: {3866C1B3-BD31-4AAE-BE41-6B76C99E152C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2098008458-3402727504-3613341839-1001UA1cee8e678ff332c => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-02] (Google Inc.)
Task: {56EDC0BA-DB57-4CAA-B1BF-984035D1F313} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-08] (Google Inc.)
Task: {8A765899-89D1-4338-84CC-7988A4094513} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2098008458-3402727504-3613341839-1002Core => C:\Users\Angi\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-02] (Google Inc.)
Task: {8B0876B7-E6EE-4708-B12D-CEED3FE1DF23} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-27] (Adobe Systems Incorporated)
Task: {8B190B07-25CD-4C60-B7DE-ED46853CA1DA} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-08-24] (CyberLink Corp.)
Task: {9B25315B-EB80-49AB-BF95-7A3210569938} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-10-31] (Microsoft Corporation)
Task: {A308C948-BEB7-4EFF-BFD8-EF0E66F65DA0} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {EF3DBADD-B74B-4C0D-8182-F928CFE3CACA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {F41D5C2B-0A28-490D-A526-6CAB87484240} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2098008458-3402727504-3613341839-1001Core1ceb0c727a22316 => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-02] (Google Inc.)
Task: {F87FA238-C6DB-4B39-A405-E68BFAF7722C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2098008458-3402727504-3613341839-1002UA1cec77f502d0aa => C:\Users\Angi\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-02] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cef47153d6009b.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2098008458-3402727504-3613341839-1001Core1ceb0c727a22316.job => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2098008458-3402727504-3613341839-1001UA1cee8e678ff332c.job => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2098008458-3402727504-3613341839-1002Core.job => C:\Users\Angi\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2098008458-3402727504-3613341839-1002UA1cec77f502d0aa.job => C:\Users\Angi\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-11-23 17:15 - 2013-11-23 17:15 - 02492416 _____ () C:\ProgramData\Microsoft\BingDesktop\BingCore\BingDesktopOverlays.dll
2013-11-23 17:15 - 2013-11-23 17:15 - 02179072 _____ () C:\ProgramData\Microsoft\BingDesktop\BingCore\BingDesktopCore.dll
2009-01-21 16:45 - 2009-01-21 16:45 - 01401856 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2011-10-14 04:57 - 2011-06-10 18:36 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-04-24 02:29 - 2011-04-24 02:29 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2011-04-24 02:29 - 2011-04-24 02:29 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2011-04-24 02:29 - 2011-04-24 02:29 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2011-08-24 18:03 - 2011-08-24 18:03 - 00206216 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
2012-06-02 13:17 - 2013-12-20 17:48 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-01-27 15:25 - 2014-01-27 15:25 - 16287624 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll
2013-08-20 08:23 - 2013-08-20 08:23 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\f60b3ee2de3f41a024920486d46d49f2\IsdiInterop.ni.dll
2011-10-14 04:15 - 2011-04-30 08:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/04/2014 08:13:52 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/04/2014 00:52:36 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/04/2014 00:49:21 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/04/2014 07:47:53 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/04/2014 00:34:23 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005
Error: (02/03/2014 10:37:34 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/03/2014 10:27:41 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc00000fd
Fehleroffset: 0x0000000000054eea
ID des fehlerhaften Prozesses: 0xfa0
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Error: (02/03/2014 10:08:26 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/03/2014 04:21:43 PM) (Source: Office 2013 Licensing Service) (User: )
Description: Subscription licensing service failed: -1073415161
Error: (02/03/2014 04:12:02 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (02/04/2014 08:15:48 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (02/04/2014 08:15:48 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (02/04/2014 00:53:16 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (02/04/2014 00:53:16 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (02/04/2014 00:50:20 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Update" wurde mit folgendem Fehler beendet:
%%-2147467243
Error: (02/04/2014 00:50:15 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Sicherheitscenter" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (02/04/2014 00:50:15 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "wscsvc" konnte sich nicht als "NT AUTHORITY\LocalService" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%50
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (02/04/2014 00:50:13 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (02/04/2014 00:50:13 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (02/04/2014 00:50:08 PM) (Source: Service Control Manager) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows-Verwaltungsinstrumentation" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Microsoft Office Sessions:
=========================
Error: (02/04/2014 08:13:52 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/04/2014 00:52:36 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/04/2014 00:49:21 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/04/2014 07:47:53 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/04/2014 00:34:23 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005
Error: (02/03/2014 10:37:34 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/03/2014 10:27:41 PM) (Source: Application Error)(User: )
Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.18247521eaf24c00000fd0000000000054eeafa001cf212412d5a694C:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dll0265be04-8d1a-11e3-b7b5-dc0ea12b1b2b
Error: (02/03/2014 10:08:26 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/03/2014 04:21:43 PM) (Source: Office 2013 Licensing Service)(User: )
Description: Subscription licensing service failed: -1073415161
Error: (02/03/2014 04:12:02 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2013-11-24 20:28:57.489
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-24 20:28:57.427
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-24 20:28:57.380
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-24 20:28:57.317
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-24 16:53:36.298
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-24 16:53:36.251
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 29%
Total physical RAM: 8043.86 MB
Available physical RAM: 5697.97 MB
Total Pagefile: 16085.9 MB
Available Pagefile: 13484.14 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:913.41 GB) (Free:595.5 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 6226A998)
Partition 1: (Not Active) - (Size=18 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=913 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
05.02.2014, 13:11
| #75 |
| /// the machine /// TB-Ausbilder | Windows 7: Befall von mehreren Trojanern/Viren -Win64/Conedex.B + C + I, Win64/Sirefef.AZ+BJ Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter HKU\.DEFAULT\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-2098008458-3402727504-3613341839-1003\...\Run: [Orbitum] - C:\Users\Andi\AppData\Local\Orbitum\Application\chrome.exe
HKU\S-1-5-21-2098008458-3402727504-3613341839-1003\...\Run: [Udbmedia] - regsvr32.exe C:\Users\Andi\AppData\Local\Udbmedia\jcstums.dll <===== ATTENTION
2014-01-22 13:52 - 2014-01-22 13:53 - 00000000 ____D () C:\Users\Angi\AppData\Local\Udbmedia
C:\Users\Admin\AppData\Local\temp\D77.exe
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Wenn die Meldung jetzt immer noch kommt dreh ich durch 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Windows 7: Befall von mehreren Trojanern/Viren -Win64/Conedex.B + C + I, Win64/Sirefef.AZ+BJ |
| bingbar, flash player, hijack.startpage, iexplore.exe, launch, ntdll.dll, office 365, plug-in, pup.optional.1clickdownload.a, pup.optional.337technologies.a, pup.optional.crossrider.a, pup.optional.freehdsport.a, pup.optional.qone8, pup.optional.qvo6.a, pup.optional.tvapp.a, pup.optional.webcake.a, pup.webcake, services.exe, svchost.exe, wildtangent games, win32/kryptik.bpoa, win32/sirefef.fv, win64/conedex.b, win64/conedex.c, win64/conedex.i, win64/sirefef.az, win64/sirefef.az+bj, win64/sirefef.bj, windows, winlogon.exe |
Linear-Darstellung
