Windows7: Hohe CPU-Auslastung- svchost.exe

nrg112 · 19.12.2013, 16:03

Hallo liebe Trojaner-Boardler,

und zwar wurde mein Pc auffallend langsam und es öffneten sich vermehrt fragwürdige Popups.
Sophos Antivirus und SUPERAntiSpyware konnten nichts finden....
Also habe ich AntiMalwarebytes benutzt was auch einiges gefunden hat, aber das Problem nicht lösen konnte. Auch SophosVirusRemoval und KaserperskyVirusRemvoal Tool konnten nichts finden.
Eset Online Scanner hat dann endlich einiges gefunden und auch die Probleme gelöst....
Allerdings ist mir heute aufgefallen, dass die CPU-Auslaustung permanent über 45% liegt, was anscheinend an svchost.exe liegt.

Defogger:

Code:

ATTFilter

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 15:18 on 19/12/2013 (Sven)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

FRST:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-12-2013 05
Ran by Sven (administrator) on SVEN-LAPTOP on 19-12-2013 15:19:20
Running from C:\Users\Sven\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Connectify) C:\Program Files (x86)\Connectify\ConnectifyService.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Connectify) C:\Program Files (x86)\Connectify\Connectifyd.exe
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
(Juniper Networks, Inc.) C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
(TeamViewer GmbH) D:\Programme\Teamviewer\Version8\TeamViewer_Service.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Packard Bell MyBackup\BackupManagerTray.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Users\Sven\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Juniper Networks, Inc.) C:\Program Files (x86)\Common Files\Juniper Networks\JamUI\Pulse.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Josip Medved) D:\Programme\VHD Attach\VHD Attach\VhdAttachService.exe
(Juniper Networks, Inc.) C:\Users\Sven\AppData\Roaming\Juniper Networks\Setup Client\JuniperSetupClient.exe
(Connectify) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(VideoLAN) D:\Programme\VLC\vlc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [IntelTBRunOnce] - C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs [4526 2010-10-08] ()
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2588968 2010-11-12] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11785832 2011-03-10] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
HKLM\...\Run: [Power Management] - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [1831528 2011-05-10] (Acer Incorporated)
HKLM\...\Run: [SpywareTerminatorShield] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKCU\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20203904 2013-12-06] (Google)
HKCU\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844144 2013-02-13] (Samsung)
HKCU\...\Run: [Akamai NetSession Interface] - "C:\Users\Sven\AppData\Local\Akamai\netsession_win.exe"
HKCU\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6562584 2013-12-17] (SUPERAntiSpyware)
MountPoints2: {2bdd528a-51a2-11e2-afd2-b870f4a79856} - G:\LaunchU3.exe -a
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-14] (Intel Corporation)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NTI\Packard Bell MyBackup\BackupManagerTray.exe [295744 2011-03-09] (NTI Corporation)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Sophos AutoUpdate Monitor] - C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe [900160 2012-12-05] (Sophos Limited)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] - "D:\Programme\avast\AvastUI.exe" /nogui
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [33648 2007-08-24] (Microsoft Corporation)
HKLM-x32\...\Run: [20131121] - D:\Programme\avast\setup\emupdate\3893ed93-022f-4200-b602-0bfc7dc3e7fd.exe /check
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe [154144 2010-07-29] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe [154144 2010-07-29] ()
AppInit_DLLs: C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured_x64.dll [218256 2012-12-05] (Sophos Limited)
AppInit_DLLs-x32: C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL [221840 2012-12-05] (Sophos Limited)
Startup: C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Sven\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://packardbell.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://packardbell.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} https://juniper.net/dana-cached/setup/JuniperSetupSP1.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Winsock: Catalog9 01 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Winsock: Catalog9 02 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Winsock: Catalog9 03 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Winsock: Catalog9 04 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Winsock: Catalog9 05 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Winsock: Catalog9 06 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Winsock: Catalog9 07 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Winsock: Catalog9 08 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Winsock: Catalog9 19 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Winsock: Catalog9-x64 01 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [127040] (Sophos Limited)
Winsock: Catalog9-x64 02 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [127040] (Sophos Limited)
Winsock: Catalog9-x64 03 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [127040] (Sophos Limited)
Winsock: Catalog9-x64 04 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [127040] (Sophos Limited)
Winsock: Catalog9-x64 05 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [127040] (Sophos Limited)
Winsock: Catalog9-x64 06 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [127040] (Sophos Limited)
Winsock: Catalog9-x64 07 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [127040] (Sophos Limited)
Winsock: Catalog9-x64 08 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [127040] (Sophos Limited)
Winsock: Catalog9-x64 19 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [127040] (Sophos Limited)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.129.28.9 192.129.27.9
Tcpip\..\Interfaces\{1DA15487-6B00-4BCF-BC25-8F503F330EAE}: [NameServer]192.129.28.9 10.11.0.9
Tcpip\..\Interfaces\{D5056649-9BF4-4246-BBAA-70EFEA6D0FF4}: [NameServer]192.129.28.9 10.11.0.9

FireFox:
========
FF ProfilePath: C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\j1t2b60a.default
FF NewTab: hxxp://www.google.com/firefox
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com/firefox
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 - D:\Programme\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - D:\Programme\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Sven\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Extension: Flash and Video Download - C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\j1t2b60a.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
FF Extension: Embedded Objects - C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\j1t2b60a.default\Extensions\firefox@red-cog.com.xpi
FF StartMenuInternet: FIREFOX.EXE - D:\Programme\firefox\firefox.exe

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.facebook.com/", "hxxp://www.hs-coburg.de/"
CHR DefaultSearchKeyword: google.de
CHR DefaultSearchProvider: Google
CHR DefaultSearchURL: {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultNewTabURL: {google:baseURL}_/chrome/newtab?{google:RLZ}{google:instantExtendedEnabledParameter}{google:ntpIsThemedParameter}ie={inputEncoding}
CHR Extension: (Google Drive) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Pushbullet) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd\11_0
CHR Extension: (Weebly - Website Builder) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnocophcbjfiimmnhlhleaooedeheifb\1.0.5_0
CHR Extension: (Google Search) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (UNITY Mobile Websites) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\djmhcnaclgamnihgioaciekfkbkeeelm\3.5.0_0
CHR Extension: (MightyText - Send/Receive SMS Text Messages) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkfhfaphfkopdgpbfkebjfcblcafcmpi\10.1_0
CHR Extension: (FoxyProxy Standard) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcknhkkoolaabfmlnjonogaaifnjlfnp\2.9_0
CHR Extension: (AdBlock) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0
CHR Extension: (BrowserTexting) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\idijdgooojpepbnadlbkiagcmilndffa\1.49_0
CHR Extension: (Session Manager) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\mghenlmbmjcpehccoangkdpagbcbkdpc\3.4.6_0
CHR Extension: (Fiabee HTML5 Viewer) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngmmpodmhlhciagihcjpdggoihakcahf\1.0.0.71_0
CHR Extension: (Google Wallet) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (SiteBlock) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfglnpdpgmecffbejlfgpnebopinlclj\0.2.3_0
CHR Extension: (Gmail) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-10] (SUPERAntiSpyware.com)
R2 Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [487936 2013-09-24] (Connectify)
R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [872552 2011-05-10] (Acer Incorporated)
R2 GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [29696 2011-05-26] (Acer Incorporated)
R2 Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [244624 2011-04-22] (Acer Incorporated)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe [257344 2011-03-09] (NTI Corporation)
R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [216640 2013-01-06] (Sophos Limited)
R2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [139840 2012-12-05] (Sophos Limited)
R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [232512 2012-12-05] (Sophos Limited)
R2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [357400 2012-12-05] (Sophos Limited)
R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [2869824 2013-01-06] (Sophos Limited)
S2 swi_update_64; C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe [1998400 2013-01-06] (Sophos Limited)
S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe [234096 2013-10-08] (soft Xpansion)
R2 TeamViewer8; D:\Programme\Teamviewer\Version8\TeamViewer_Service.exe [5087584 2013-10-01] (TeamViewer GmbH)
R2 VhdAttach; D:\Programme\VHD Attach\VHD Attach\VhdAttachService.exe [276376 2013-05-12] (Josip Medved)

==================== Drivers (Whitelisted) ====================

R1 cnnctfy3; C:\Windows\System32\DRIVERS\cnnctfy3.sys [35352 2013-10-01] (Connectify)
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-06-09] (Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-12-08] (DT Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [16776 2011-07-29] ()
S3 epmntdrv; C:\Windows\SysWow64\epmntdrv.sys [14216 2011-07-29] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9096 2011-07-29] ()
S3 EuGdiDrv; C:\Windows\SysWow64\EuGdiDrv.sys [8456 2011-07-29] ()
R3 jnprna; C:\Windows\System32\DRIVERS\jnprna6.sys [518992 2011-10-14] (Juniper Networks, Inc.)
S3 jnprva; C:\Windows\System32\DRIVERS\jnprva.sys [26480 2011-10-14] (Juniper Networks, Inc.)
R3 JnprVaMgr; C:\Windows\System32\DRIVERS\jnprvamgr.sys [45352 2011-10-14] (Juniper Networks, Inc.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [144672 2012-12-05] (Sophos Limited)
S3 sdcfilter; C:\Windows\System32\DRIVERS\sdcfilter.sys [36640 2012-12-05] (Sophos Limited)
S4 SophosBootDriver; C:\Windows\System32\DRIVERS\SophosBootDriver.sys [25608 2012-12-05] (Sophos Plc)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [203104 2013-01-31] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 WinRing0_1_2_0; D:\Programme\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
U5 UnlockerDriver5; D:\Programme\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-19 15:20 - 2013-12-19 15:20 - 00377856 _____ C:\Users\Sven\Desktop\gmer_2.1.19163.exe
2013-12-19 15:19 - 2013-12-19 15:19 - 00024196 _____ C:\Users\Sven\Desktop\FRST.txt
2013-12-19 15:19 - 2013-12-19 15:19 - 00000000 ____D C:\FRST
2013-12-19 15:18 - 2013-12-19 15:19 - 02192805 _____ (Farbar) C:\Users\Sven\Desktop\FRST64.exe
2013-12-19 15:18 - 2013-12-19 15:18 - 00000470 _____ C:\Users\Sven\Desktop\defogger_disable.log
2013-12-19 15:18 - 2013-12-19 15:18 - 00000000 _____ C:\Users\Sven\defogger_reenable
2013-12-19 15:16 - 2013-12-19 15:16 - 00050477 _____ C:\Users\Sven\Desktop\Defogger.exe
2013-12-19 14:51 - 2013-12-19 14:51 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-12-19 14:45 - 2013-12-19 14:45 - 00350080 _____ (AVAST Software) C:\Users\Sven\Desktop\avastclear_9.0.2007.exe
2013-12-19 14:09 - 2013-12-19 14:35 - 442725258 _____ C:\Users\Sven\Desktop\Stargate_13.12.19_02-15_pro7_40_TVOON_DE.mpg.avi.otrkey
2013-12-19 14:09 - 2013-12-19 14:29 - 420275960 _____ C:\Users\Sven\Desktop\Stargate_13.12.19_01-25_pro7_50_TVOON_DE.mpg.avi.otrkey
2013-12-19 14:04 - 2013-12-19 14:04 - 00000350 _____ C:\Users\Sven\Desktop\bayern1_2.m3u
2013-12-18 23:26 - 2013-12-18 23:26 - 00400076 _____ C:\Users\Sven\Desktop\stwk1 (1).zip
2013-12-18 23:26 - 2013-12-18 23:26 - 00218346 _____ C:\Users\Sven\Desktop\st2-90m.zip
2013-12-18 23:25 - 2013-12-18 23:26 - 00400076 _____ C:\Users\Sven\Desktop\stwk1.zip
2013-12-18 23:24 - 2013-12-18 23:24 - 00000962 _____ C:\Users\Sven\Desktop\links.txt
2013-12-18 23:21 - 2013-12-18 23:22 - 367268614 _____ C:\Users\Sven\Desktop\Stargate_13.12.18_18-45_pro7maxx_45_TVOON_DE.mpg.avi
2013-12-18 23:00 - 2013-12-18 23:01 - 440475348 _____ C:\Users\Sven\Desktop\Stargate_13.12.18_19-30_pro7maxx_45_TVOON_DE.mpg.avi
2013-12-18 21:15 - 2013-12-18 21:15 - 00000855 _____ C:\Users\Sven\Desktop\JRT.txt
2013-12-18 21:12 - 2013-12-18 21:12 - 00675988 _____ C:\Users\Sven\Desktop\Minecraft (1).exe
2013-12-18 21:04 - 2013-12-18 21:04 - 02347384 _____ (ESET) C:\Users\Sven\Desktop\esetsmartinstaller_deu.exe
2013-12-18 21:03 - 2013-12-18 21:03 - 01937144 _____ (Bleeping Computer, LLC) C:\Users\Sven\Desktop\rkill.com
2013-12-18 21:03 - 2013-12-18 21:03 - 00000000 ____D C:\Windows\ERUNT
2013-12-18 20:56 - 2013-12-19 14:52 - 00000168 _____ C:\Windows\setupact.log
2013-12-18 20:56 - 2013-12-18 20:56 - 00000324 _____ C:\Windows\PFRO.log
2013-12-18 20:56 - 2013-12-18 20:56 - 00000000 _____ C:\Windows\setuperr.log
2013-12-18 20:32 - 2013-12-18 20:32 - 00421267 _____ C:\Users\Sven\Desktop\OptiFine 1.6.4.jar
2013-12-18 18:06 - 2013-12-18 19:05 - 00015251 _____ C:\Users\Sven\Desktop\tabelle Kerbschlag.xlsx
2013-12-18 17:28 - 2013-12-18 17:28 - 00000043 _____ C:\Users\Sven\Desktop\minecraft.bat
2013-12-18 17:10 - 2013-12-18 17:10 - 00000000 ____D C:\ProgramData\Oracle
2013-12-18 17:07 - 2013-12-18 17:07 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-12-18 17:07 - 2013-12-18 17:07 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-12-18 17:07 - 2013-12-18 17:07 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-12-18 17:07 - 2013-12-18 17:06 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-12-18 17:06 - 2013-12-18 17:06 - 00000000 ____D C:\Program Files\Java
2013-12-18 16:42 - 2013-12-18 16:42 - 00374842 _____ C:\Users\Sven\Desktop\OptiFine_1.6.2.zip
2013-12-18 15:59 - 2013-12-18 15:59 - 01034531 _____ (Thisisu) C:\Users\Sven\Desktop\JRT_6.0.8.exe
2013-12-18 15:57 - 2013-12-18 15:57 - 00000000 ____D C:\Program Files (x86)\ESET
2013-12-18 13:32 - 2013-12-18 13:32 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-12-18 13:23 - 2013-12-19 13:56 - 00000000 ____D C:\Program Files (x86)\Spyware Terminator
2013-12-18 13:23 - 2013-12-18 13:23 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2013-12-18 13:20 - 2013-12-18 13:28 - 130229176 _____ C:\Users\Sven\Desktop\setup_11.0.1.1245.x01_2013_12_16_15_35.exe
2013-12-17 21:52 - 2013-12-17 21:53 - 00000000 ____D C:\Users\Sven\Desktop\CamScanner
2013-12-17 21:03 - 2013-12-17 21:03 - 00001780 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2013-12-17 21:03 - 2013-12-17 21:03 - 00000000 ____D C:\Users\Sven\AppData\Roaming\SUPERAntiSpyware.com
2013-12-17 21:03 - 2013-12-17 21:03 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2013-12-17 21:03 - 2013-12-17 21:03 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-12-17 21:02 - 2013-12-17 21:02 - 00001121 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-17 21:02 - 2013-12-17 21:02 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Malwarebytes
2013-12-17 21:02 - 2013-12-17 21:02 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-17 21:02 - 2013-12-17 21:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-17 21:02 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-17 20:59 - 2013-12-17 20:59 - 00614784 _____ C:\Users\Sven\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2013-12-17 20:57 - 2013-12-17 20:57 - 00614784 _____ C:\Users\Sven\Downloads\SuperAntiSpyware - CHIP-Downloader.exe
2013-12-17 19:49 - 2013-12-17 19:55 - 139245339 _____ C:\Users\Sven\Desktop\cm-9.1.0-tf201.zip
2013-12-16 19:01 - 2013-12-16 19:01 - 00037376 _____ C:\Users\Sven\Desktop\ChangeMAC-2010.exe
2013-12-16 19:00 - 2013-12-16 19:00 - 00004091 _____ C:\Users\Sven\Documents\ipconfigall.txt
2013-12-11 19:44 - 2013-12-11 19:44 - 00100454 _____ C:\Users\Sven\Documents\Apple iPhone 5S Vodafone 16 GB gold mit Vertrag Vodafone RED M Young 39,99 jetzt bei uns kaufen.htm
2013-12-11 19:44 - 2013-12-11 19:44 - 00000000 ____D C:\Users\Sven\Documents\Apple iPhone 5S Vodafone 16 GB gold mit Vertrag Vodafone RED M Young 39,99 jetzt bei uns kaufen_files
2013-12-11 19:34 - 2013-12-11 19:34 - 00000332 _____ C:\Users\Sven\Desktop\bayern3_2.m3u
2013-12-11 19:25 - 2013-12-11 19:24 - 00259373 _____ C:\Users\Sven\Desktop\CaxUe2-PiSv1100.zip
2013-12-11 13:57 - 2013-12-12 21:34 - 00000000 ____D C:\Users\Sven\Documents\Handyvertrag handydealer red m
2013-12-10 20:26 - 2013-12-10 20:26 - 00000000 ____D C:\Users\Sven\Documents\RevouninstallerPortable
2013-12-05 17:04 - 2013-12-05 17:04 - 00112086 _____ C:\Users\Sven\Documents\cc_20131205_170409.reg
2013-12-05 16:16 - 2013-12-05 16:16 - 00001280 _____ C:\Users\Sven\Desktop\Command Prompt.lnk
2013-12-04 12:05 - 2013-12-04 12:07 - 365029360 _____ C:\Users\Sven\Downloads\Rare_Exports_Eine_Weihnachtsgeschichte_13.12.03_22-00_tele5_105_TVOON_DE.mpg.HQ.avi.otrkey
2013-12-02 19:05 - 2013-12-02 19:05 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Scilab
2013-12-02 19:04 - 2013-12-02 19:04 - 00000887 _____ C:\Users\Public\Desktop\scilab-5.4.1 (64-bit).lnk
2013-11-25 21:42 - 2013-11-25 21:42 - 00000804 _____ C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\VHD Attach.lnk
2013-11-25 21:36 - 2013-11-25 21:37 - 00000000 ____D C:\scripts
2013-11-21 22:44 - 2013-11-25 20:57 - 00000000 ____D C:\Users\Sven\AppData\Local\BEETmobile

==================== One Month Modified Files and Folders =======

2013-12-19 15:20 - 2013-12-19 15:20 - 00377856 _____ C:\Users\Sven\Desktop\gmer_2.1.19163.exe
2013-12-19 15:19 - 2013-12-19 15:19 - 00024196 _____ C:\Users\Sven\Desktop\FRST.txt
2013-12-19 15:19 - 2013-12-19 15:19 - 00000000 ____D C:\FRST
2013-12-19 15:19 - 2013-12-19 15:18 - 02192805 _____ (Farbar) C:\Users\Sven\Desktop\FRST64.exe
2013-12-19 15:18 - 2013-12-19 15:18 - 00000470 _____ C:\Users\Sven\Desktop\defogger_disable.log
2013-12-19 15:18 - 2013-12-19 15:18 - 00000000 _____ C:\Users\Sven\defogger_reenable
2013-12-19 15:18 - 2012-12-05 01:02 - 00000000 ____D C:\Users\Sven
2013-12-19 15:16 - 2013-12-19 15:16 - 00050477 _____ C:\Users\Sven\Desktop\Defogger.exe
2013-12-19 15:15 - 2012-12-05 20:37 - 00007617 _____ C:\Users\Sven\AppData\Local\Resmon.ResmonCfg
2013-12-19 15:03 - 2013-02-20 15:07 - 00000000 ____D C:\Users\Sven\AppData\Roaming\vlc
2013-12-19 15:03 - 2013-01-27 00:50 - 00000000 ____D C:\Users\Sven\AppData\Roaming\.minecraft
2013-12-19 15:02 - 2012-12-05 15:59 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Dropbox
2013-12-19 15:01 - 2009-07-14 05:45 - 00016752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-19 15:01 - 2009-07-14 05:45 - 00016752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-19 14:57 - 2012-12-05 00:06 - 01554792 _____ C:\Windows\WindowsUpdate.log
2013-12-19 14:56 - 2012-12-05 15:59 - 00000000 ___RD C:\Users\Sven\Google Drive
2013-12-19 14:55 - 2013-10-30 19:27 - 00000439 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2013-12-19 14:55 - 2012-12-05 16:01 - 00000000 ___RD C:\Users\Sven\Dropbox
2013-12-19 14:53 - 2012-12-05 14:58 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-19 14:53 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-19 14:52 - 2013-12-18 20:56 - 00000168 _____ C:\Windows\setupact.log
2013-12-19 14:52 - 2013-10-27 15:30 - 00000000 ____D C:\ProgramData\AVAST Software
2013-12-19 14:51 - 2013-12-19 14:51 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-12-19 14:45 - 2013-12-19 14:45 - 00350080 _____ (AVAST Software) C:\Users\Sven\Desktop\avastclear_9.0.2007.exe
2013-12-19 14:42 - 2013-10-17 19:37 - 00000924 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3196643619-180691504-1137637367-1001UA.job
2013-12-19 14:35 - 2013-12-19 14:09 - 442725258 _____ C:\Users\Sven\Desktop\Stargate_13.12.19_02-15_pro7_40_TVOON_DE.mpg.avi.otrkey
2013-12-19 14:29 - 2013-12-19 14:09 - 420275960 _____ C:\Users\Sven\Desktop\Stargate_13.12.19_01-25_pro7_50_TVOON_DE.mpg.avi.otrkey
2013-12-19 14:22 - 2012-12-05 14:58 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-19 14:04 - 2013-12-19 14:04 - 00000350 _____ C:\Users\Sven\Desktop\bayern1_2.m3u
2013-12-19 14:03 - 2013-11-13 16:18 - 00004144 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-12-19 13:56 - 2013-12-18 13:23 - 00000000 ____D C:\Program Files (x86)\Spyware Terminator
2013-12-18 23:26 - 2013-12-18 23:26 - 00400076 _____ C:\Users\Sven\Desktop\stwk1 (1).zip
2013-12-18 23:26 - 2013-12-18 23:26 - 00218346 _____ C:\Users\Sven\Desktop\st2-90m.zip
2013-12-18 23:26 - 2013-12-18 23:25 - 00400076 _____ C:\Users\Sven\Desktop\stwk1.zip
2013-12-18 23:24 - 2013-12-18 23:24 - 00000962 _____ C:\Users\Sven\Desktop\links.txt
2013-12-18 23:22 - 2013-12-18 23:21 - 367268614 _____ C:\Users\Sven\Desktop\Stargate_13.12.18_18-45_pro7maxx_45_TVOON_DE.mpg.avi
2013-12-18 23:01 - 2013-12-18 23:00 - 440475348 _____ C:\Users\Sven\Desktop\Stargate_13.12.18_19-30_pro7maxx_45_TVOON_DE.mpg.avi
2013-12-18 22:35 - 2012-12-04 14:46 - 00000000 ____D C:\Users\Sven\Documents\mofa
2013-12-18 22:11 - 2012-12-05 08:59 - 00700800 _____ C:\Windows\system32\perfh007.dat
2013-12-18 22:11 - 2012-12-05 08:59 - 00149668 _____ C:\Windows\system32\perfc007.dat
2013-12-18 22:11 - 2009-07-14 06:13 - 01618320 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-18 21:15 - 2013-12-18 21:15 - 00000855 _____ C:\Users\Sven\Desktop\JRT.txt
2013-12-18 21:13 - 2013-07-30 02:11 - 00000000 _____ C:\Windows\system32\vireng.log
2013-12-18 21:12 - 2013-12-18 21:12 - 00675988 _____ C:\Users\Sven\Desktop\Minecraft (1).exe
2013-12-18 21:04 - 2013-12-18 21:04 - 02347384 _____ (ESET) C:\Users\Sven\Desktop\esetsmartinstaller_deu.exe
2013-12-18 21:03 - 2013-12-18 21:03 - 01937144 _____ (Bleeping Computer, LLC) C:\Users\Sven\Desktop\rkill.com
2013-12-18 21:03 - 2013-12-18 21:03 - 00000000 ____D C:\Windows\ERUNT
2013-12-18 20:56 - 2013-12-18 20:56 - 00000324 _____ C:\Windows\PFRO.log
2013-12-18 20:56 - 2013-12-18 20:56 - 00000000 _____ C:\Windows\setuperr.log
2013-12-18 20:42 - 2013-10-17 19:37 - 00000902 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3196643619-180691504-1137637367-1001Core.job
2013-12-18 20:32 - 2013-12-18 20:32 - 00421267 _____ C:\Users\Sven\Desktop\OptiFine 1.6.4.jar
2013-12-18 19:05 - 2013-12-18 18:06 - 00015251 _____ C:\Users\Sven\Desktop\tabelle Kerbschlag.xlsx
2013-12-18 17:36 - 2013-01-06 02:08 - 00000000 ____D C:\Users\Sven\AppData\Local\CrashDumps
2013-12-18 17:28 - 2013-12-18 17:28 - 00000043 _____ C:\Users\Sven\Desktop\minecraft.bat
2013-12-18 17:10 - 2013-12-18 17:10 - 00000000 ____D C:\ProgramData\Oracle
2013-12-18 17:07 - 2013-12-18 17:07 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-12-18 17:07 - 2013-12-18 17:07 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-12-18 17:07 - 2013-12-18 17:07 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-12-18 17:06 - 2013-12-18 17:07 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-12-18 17:06 - 2013-12-18 17:06 - 00000000 ____D C:\Program Files\Java
2013-12-18 16:42 - 2013-12-18 16:42 - 00374842 _____ C:\Users\Sven\Desktop\OptiFine_1.6.2.zip
2013-12-18 16:05 - 2012-12-05 01:04 - 00000000 ___RD C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-18 16:01 - 2013-11-05 16:34 - 00000000 ____D C:\AdwCleaner
2013-12-18 15:59 - 2013-12-18 15:59 - 01034531 _____ (Thisisu) C:\Users\Sven\Desktop\JRT_6.0.8.exe
2013-12-18 15:57 - 2013-12-18 15:57 - 00000000 ____D C:\Program Files (x86)\ESET
2013-12-18 15:14 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2013-12-18 13:32 - 2013-12-18 13:32 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-12-18 13:28 - 2013-12-18 13:20 - 130229176 _____ C:\Users\Sven\Desktop\setup_11.0.1.1245.x01_2013_12_16_15_35.exe
2013-12-18 13:23 - 2013-12-18 13:23 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2013-12-17 21:53 - 2013-12-17 21:52 - 00000000 ____D C:\Users\Sven\Desktop\CamScanner
2013-12-17 21:03 - 2013-12-17 21:03 - 00001780 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2013-12-17 21:03 - 2013-12-17 21:03 - 00000000 ____D C:\Users\Sven\AppData\Roaming\SUPERAntiSpyware.com
2013-12-17 21:03 - 2013-12-17 21:03 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2013-12-17 21:03 - 2013-12-17 21:03 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-12-17 21:02 - 2013-12-17 21:02 - 00001121 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-17 21:02 - 2013-12-17 21:02 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Malwarebytes
2013-12-17 21:02 - 2013-12-17 21:02 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-17 21:02 - 2013-12-17 21:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-17 20:59 - 2013-12-17 20:59 - 00614784 _____ C:\Users\Sven\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2013-12-17 20:57 - 2013-12-17 20:57 - 00614784 _____ C:\Users\Sven\Downloads\SuperAntiSpyware - CHIP-Downloader.exe
2013-12-17 19:55 - 2013-12-17 19:49 - 139245339 _____ C:\Users\Sven\Desktop\cm-9.1.0-tf201.zip
2013-12-16 22:13 - 2011-05-31 10:44 - 00000000 ____D C:\ProgramData\WildTangent
2013-12-16 19:01 - 2013-12-16 19:01 - 00037376 _____ C:\Users\Sven\Desktop\ChangeMAC-2010.exe
2013-12-16 19:00 - 2013-12-16 19:00 - 00004091 _____ C:\Users\Sven\Documents\ipconfigall.txt
2013-12-13 00:17 - 2012-12-05 14:58 - 00004102 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-13 00:17 - 2012-12-05 14:58 - 00003850 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-12 22:39 - 2012-12-05 21:02 - 00000000 ____D C:\ProgramData\IObit
2013-12-12 21:34 - 2013-12-11 13:57 - 00000000 ____D C:\Users\Sven\Documents\Handyvertrag handydealer red m
2013-12-11 19:44 - 2013-12-11 19:44 - 00100454 _____ C:\Users\Sven\Documents\Apple iPhone 5S Vodafone 16 GB gold mit Vertrag Vodafone RED M Young 39,99 jetzt bei uns kaufen.htm
2013-12-11 19:44 - 2013-12-11 19:44 - 00000000 ____D C:\Users\Sven\Documents\Apple iPhone 5S Vodafone 16 GB gold mit Vertrag Vodafone RED M Young 39,99 jetzt bei uns kaufen_files
2013-12-11 19:34 - 2013-12-11 19:34 - 00000332 _____ C:\Users\Sven\Desktop\bayern3_2.m3u
2013-12-11 19:24 - 2013-12-11 19:25 - 00259373 _____ C:\Users\Sven\Desktop\CaxUe2-PiSv1100.zip
2013-12-10 20:26 - 2013-12-10 20:26 - 00000000 ____D C:\Users\Sven\Documents\RevouninstallerPortable
2013-12-10 20:11 - 2013-02-27 15:04 - 00000000 ____D C:\Program Files (x86)\MediaMonkey
2013-12-10 18:42 - 2013-02-27 15:04 - 00000000 ____D C:\Users\Sven\AppData\Roaming\MediaMonkey
2013-12-05 17:04 - 2013-12-05 17:04 - 00112086 _____ C:\Users\Sven\Documents\cc_20131205_170409.reg
2013-12-05 16:16 - 2013-12-05 16:16 - 00001280 _____ C:\Users\Sven\Desktop\Command Prompt.lnk
2013-12-05 11:41 - 2009-07-14 06:08 - 00026318 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-04 12:07 - 2013-12-04 12:05 - 365029360 _____ C:\Users\Sven\Downloads\Rare_Exports_Eine_Weihnachtsgeschichte_13.12.03_22-00_tele5_105_TVOON_DE.mpg.HQ.avi.otrkey
2013-12-02 19:05 - 2013-12-02 19:05 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Scilab
2013-12-02 19:04 - 2013-12-02 19:04 - 00000887 _____ C:\Users\Public\Desktop\scilab-5.4.1 (64-bit).lnk
2013-11-28 13:44 - 2012-12-05 01:05 - 00000000 ____D C:\Users\Sven\AppData\Local\Adobe
2013-11-26 20:56 - 2013-10-23 17:24 - 00000000 ____D C:\Program Files (x86)\MSECache
2013-11-26 20:55 - 2013-10-27 15:39 - 00000000 ____D C:\Users\Sven\AppData\Local\Microsoft Help
2013-11-25 21:42 - 2013-11-25 21:42 - 00000804 _____ C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\VHD Attach.lnk
2013-11-25 21:37 - 2013-11-25 21:36 - 00000000 ____D C:\scripts
2013-11-25 20:57 - 2013-11-21 22:44 - 00000000 ____D C:\Users\Sven\AppData\Local\BEETmobile
2013-11-20 21:11 - 2013-02-01 18:08 - 00000000 ____D C:\Windows\pss

Some content of TEMP:
====================
C:\Users\Sven\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-03 12:03

==================== End Of Log ============================

Addition:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-12-2013 05
Ran by Sven at 2013-12-19 15:20:35
Running from C:\Users\Sven\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Sophos Anti-Virus (Enabled - Up to date) {65FBD860-96D8-75EF-C7ED-7BE27E6C498A}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Sophos Anti-Virus (Enabled - Up to date) {DE9A3984-B0E2-7A61-FD5D-409005EB0337}

==================== Installed Programs ======================

2007 Microsoft Office Suite Service Pack 1 (SP1) (x32)
7-Zip 9.20 (x32)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Acrobat.com (x32 Version: 1.6.65)
Adobe AIR (x32 Version: 1.5.3.9130)
Adobe Community Help (x32 Version: 3.2.1)
Adobe Community Help (x32 Version: 3.2.1.650)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Photoshop Elements 9 (x32 Version: 9.0)
Adobe Premiere Elements 9 (x32 Version: 9.0)
Adobe Reader 9.5.5 MUI (x32 Version: 9.5.5)
Agatha Christie - 4:50 from Paddington (x32 Version: 2.2.0.95)
Backup Manager V3 (x32 Version: 3.0.0.90)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95)
Broadcom Card Reader Driver Installer (Version: 14.8.2.2)
Broadcom Gigabit NetLink Controller (Version: 14.6.1.2)
Cartes du Ciel V3.8 (x32)
CCleaner (Version: 3.25)
CDBurnerXP (x32 Version: 4.4.2.3442)
Chuzzle Deluxe (x32 Version: 2.2.0.95)
Compatibility Pack für 2007 Office System (x32 Version: 12.0.6021.5000)
Connectify (Version: 7.0.0.28979)
Crazy Chicken Kart 2 (x32 Version: 2.2.0.95)
CyberLink MediaEspresso (x32 Version: 6.5.1615_36053b)
D3DX10 (x32 Version: 15.4.2368.0902)
DAEMON Tools Lite (x32 Version: 4.46.1.0327)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95)
Dropbox (HKCU Version: 2.0.22)
EASEUS Partition Master 9.1.1 Home Edition (x32)
Elements 9 Organizer (x32 Version: 9.0)
Elements STI Installer (x32 Version: 1.0)
ESET Online Scanner v3 (x32)
ETDWare PS/2-X64 8.0.6.0_WHQL (Version: 8.0.6.0)
Facebook Video Calling 1.2.0.287 (x32 Version: 1.2.287)
FATE (x32 Version: 2.2.0.95)
ffdshow v1.1.3800 [2011-03-28] (x32 Version: 1.1.3800.0)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922)
Free YouTube to MP3 Converter version 3.12.8.717 (x32 Version: 3.12.8.717)
FreeMat (x32 Version: 4.2)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922)
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922)
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922)
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922)
Galerie foto Windows Live (x32 Version: 15.4.3502.0922)
Game Booster 3 (x32 Version: 3.4)
GNU Octave 2.1.50 (x32)
Google Chrome (x32 Version: 31.0.1650.63)
Google Drive (x32 Version: 1.13.5782.599)
Google Update Helper (x32 Version: 1.3.22.3)
Guild Wars 2 (x32)
Identity Card (x32 Version: 1.00.3006)
Intel(R) Control Center (x32 Version: 1.2.1.1007)
Intel(R) Management Engine Components (x32 Version: 7.0.0.1144)
Intel(R) Processor Graphics (x32 Version: 8.15.10.2372)
Intel(R) Rapid Storage Technology (x32 Version: 10.0.0.1046)
Java 7 Update 21 (x32 Version: 7.0.210)
Java 7 Update 45 (64-bit) (Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.5)
Jewel Quest Solitaire (x32 Version: 2.2.0.95)
John Deere Drive Green (x32 Version: 2.2.0.95)
Juniper Installer Service (x32 Version: 7.1.0.19757)
Juniper Networks, Inc. Setup Client (HKCU Version: 7.1.5.14305)
Juniper Networks, Inc. Setup Client Activex Control (x32 Version: 2.1.1.1)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
Junos Pulse (Version: 2.1.14305)
Junos Pulse 2.1 (x32 Version: 2.1.14305)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Mesh Runtime (x32 Version: 15.4.5722.2)
Metro 2033 (x32)
Microsoft – Speichern als PDF – Add-In für 2007 Microsoft Office-Programme (x32 Version: 12.0.4518.1014)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft .NET Framework 4.5 DEU Language Pack (Version: 4.5.50709)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6215.1000)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6215.1000)
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6215.1000)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6215.1000)
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6215.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6215.1000)
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6215.1000)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6215.1000)
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6215.1000)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6213.1000)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6213.1000)
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6213.1000)
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6213.1000)
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6215.1000)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6215.1000)
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6215.1000)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6215.1000)
Microsoft Office Word Viewer 2003 (x32 Version: 11.0.8173.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (x32 Version: 9.0.30411)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Mozilla Firefox 18.0.1 (x86 de) (x32 Version: 18.0.1)
Mozilla Firefox 25.0.1 (x86 de) (HKCU Version: 25.0.1)
Mozilla Thunderbird 17.0 (x86 de) (x32 Version: 17.0)
Mozilla Thunderbird 24.1.0 (x86 de) (HKCU Version: 24.1.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (x32 Version: 4.20.9818.0)
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95)
Nero Control Center 10 (x32 Version: 10.2.11100.1.1)
Nero ControlCenter 10 Help (CHM) (x32 Version: 10.5.10000)
Nero Core Components 10 (x32 Version: 2.0.18100.8.8)
Nero DiscSpeed 10 (x32 Version: 6.2.10500.2.100)
Nero DiscSpeed 10 Help (CHM) (x32 Version: 10.5.10000)
Nero Express 10 (x32 Version: 10.2.12000.21.100)
Nero Express 10 Help (CHM) (x32 Version: 10.5.10200)
Nero Multimedia Suite 10 Essentials (x32 Version: 10.5.10300)
Nero StartSmart 10 (x32 Version: 10.2.11600.14.100)
Nero StartSmart 10 Help (CHM) (x32 Version: 10.5.10000)
Nero Update (x32 Version: 1.0.0018)
Notepad++ (x32 Version: 6.5)
NVIDIA Grafiktreiber 268.00 (Version: 268.00)
NVIDIA Install Application (Version: 2.265.39.0)
NVIDIA Optimus 1.0.21 (Version: 1.0.21)
NVIDIA PhysX (x32 Version: 9.10.0514)
NVIDIA Systemsteuerung 268.00 (Version: 268.00)
NVIDIA Update Components (Version: 1.0.21)
OpenOffice.org 3.4 (x32 Version: 3.4.9590)
Packard Bell Games (x32 Version: 1.0.2.4)
Packard Bell MyBackup (x32 Version: 3.0.0.90)
Packard Bell Power Management (x32 Version: 6.00.3007)
Packard Bell Recovery Management (x32 Version: 5.00.3004)
Packard Bell Registration (x32 Version: 1.04.3501)
Packard Bell ScreenSaver (x32 Version: 1.1.0811.2010)
Packard Bell Social Networks (x32 Version: 2.0.2913)
Packard Bell Updater (x32 Version: 1.02.3500)
Penguins! (x32 Version: 2.2.0.95)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922)
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922)
Polar Bowler (x32 Version: 2.2.0.95)
Pošta Windows Live (x32 Version: 15.4.3502.0922)
PS3 Xploder Ultimate Edition (x32)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6329)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.26.0)
Samsung Kies (x32 Version: 2.5.2.13021_10)
Samsung ML-1640 Series (x32)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.18.0)
scilab-5.4.1 (64-bit)
Shutdown Timer (x32 Version: 3.1)
Siemens NX 8.5 (Version: 8.5.0.23)
Slingo Deluxe (x32 Version: 2.2.0.95)
Sophos Anti-Virus (x32 Version: 10.0.11)
Sophos Virus Removal Tool (x32 Version: 2.4)
Steam (x32 Version: 1.0.0.0)
Stellarium 0.12.2 (x32 Version: 0.12.2)
SUPERAntiSpyware (Version: 5.7.1012)
TeamViewer 8 (x32 Version: 8.0.22298)
Texmaker (x32)
Torchlight (x32 Version: 2.2.0.95)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (Version: 2.0.82.0)
Unlocker 1.9.2 (Version: 1.9.2)
Update Installer for WildTangent Games App (x32)
VC8 CRT (Version: 8.0.50727.762)
VHD Attach 3.80 (Version: 3.80)
Video Web Camera (x32 Version: 1.0.1523)
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95)
VLC media player 2.0.5 (Version: 2.0.5)
Web Version 7.0 - February 2007 (No expiration) (x32)
Wedding Dash (x32 Version: 2.2.0.95)
Welcome Center (x32 Version: 1.02.3501)
WildTangent Games App (Packard Bell Games) (x32 Version: 4.0.3.57)
Windows Live Argazki Galeria (x32 Version: 15.4.3502.0922)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3508.1109)
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922)
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922)
Windows Live Fotótár (x32 Version: 15.4.3502.0922)
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922)
Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Messenger (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Windows Live 影像中心 (x32 Version: 15.4.3502.0922)
Windows Live 程式集 (x32 Version: 15.4.3502.0922)
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922)
Windows Liven sähköposti (x32 Version: 15.4.3502.0922)
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922)
Windows Utils (x32)
Zuma Deluxe (x32 Version: 2.2.0.95)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922)
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922)
Почта Windows Live (x32 Version: 15.4.3502.0922)
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922)
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922)
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922)
بريد Windows Live (x32 Version: 15.4.3502.0922)
معرض صور Windows Live (x32 Version: 15.4.3502.0922)

==================== Restore Points  =========================

14-11-2013 15:16:20 Geplanter Prüfpunkt
21-11-2013 21:43:43 Installed BEETmobile
25-11-2013 20:11:34 Gerätetreiber-Paketinstallation: Khalil Azzouzi Netzwerkdienst
25-11-2013 20:39:59 Removed Virtual Router v1.0
25-11-2013 23:28:36 Removed BEETmobile
26-11-2013 19:56:59 Microsoft – Speichern als PDF – Add-In für 2007 Microsoft Office-Programme wird installiert
09-12-2013 16:00:24 Removed Sophos Anti-Virus
09-12-2013 16:09:35 Removed Sophos Anti-Virus
18-12-2013 16:03:08 Removed Java 7 Update 11 (64-bit)
18-12-2013 16:06:13 Installed Java 7 Update 45 (64-bit)

==================== Hosts content: ==========================

2009-07-14 03:34 - 2013-12-19 15:03 - 00000937 ____A C:\Windows\system32\Drivers\etc\hosts
05.12.2013	18:59:56	00000EC4:   Started, Log = 1
05.12.2013	18:59:56	00000EC4:   Build 9.0.2006
05.12.2013	18:59:56	00000EC4:   OS Windows 7 Workstation (Service Pack 1)
05.12.2013	18:59:57	00000EC4:   AutoRedirect 1
05.12.2013	18:59:57	00000EC4:   POP RedirectPort: 110
05.12.2013	18:59:57	00000EC4:   SMTP RedirectPort: 25,587
05.12.2013	18:59:57	00000EC4:   IMAP RedirectPort: 143
05.12.2013	18:59:57	00000EC4:   NNTP RedirectPort: 119
05.12.2013	18:59:57	00000EC4:   POPs RedirectPort: 995
05.12.2013	18:59:57	00000EC4:   SMTPs RedirectPort: 465
05.12.2013	18:59:57	00000EC4:   IMAPs RedirectPort: 993
05.12.2013	18:59:57	00000EC4:   NNTPs RedirectPort: 563
05.12.2013	18:59:57	00000EC4:   IgnoreLocalhost 1
05.12.2013	18:59:57	00000EC4:   ScanSSL 1
05.12.2013	18:59:57	00000EC4:   POP Start: 1
05.12.2013	18:59:57	00000EC4:   POP RedirectPort: 110
05.12.2013	18:59:57	00000EC4:   SMTP Start: 1
05.12.2013	18:59:57	0


==================== Scheduled Tasks (whitelisted) =============

Task: {093F0EC7-3A23-4875-A605-1EA312B7A0F7} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3196643619-180691504-1137637367-1001UA => C:\Users\Sven\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-10-17] (Facebook Inc.)
Task: {21F83C8D-CF13-41CD-89AD-CDC1C29F523E} - \Plus-HD-3.8-firefoxinstaller No Task File
Task: {22E8E550-14C6-4C37-8B70-49607B786B7C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-05] (Google Inc.)
Task: {2D44C8D5-1493-4FD0-ABB2-53F895D5E3CF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-11-23] (Piriform Ltd)
Task: {7389EB03-0EB1-4F14-A528-837D5D81548A} - \Plus-HD-3.8-updater No Task File
Task: {92AAFBFC-6298-4F73-924F-01CAEEBC4AB9} - System32\Tasks\avast! Emergency Update => D:\Programme\avast\AvastEmUpdate.exe
Task: {9D3E7254-941A-4865-A71B-29421223E458} - \Plus-HD-3.8-enabler No Task File
Task: {9E07D57F-FC4E-4700-956B-AC19341E56E5} - \Plus-HD-3.8-codedownloader No Task File
Task: {AC70C8FD-9522-4517-B0CD-A0AB66811136} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3196643619-180691504-1137637367-1001Core => C:\Users\Sven\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-10-17] (Facebook Inc.)
Task: {C5E64FA7-8F3A-433B-B759-A3612F569B69} - \Plus-HD-3.8-chromeinstaller No Task File
Task: {D9132E74-8C03-44B7-9E07-CE96B05E00FC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-05] (Google Inc.)
Task: {EBDE08C5-ED62-40E5-8E54-59FE7423A989} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2011-04-15] (CyberLink)
Task: {F28DC74E-71CC-482A-B2B9-260CFD806E8A} - System32\Tasks\Game_Booster_AutoUpdate => D:\Programme\Game Booster 3\Autoupdate.exe [2013-10-24] ()
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3196643619-180691504-1137637367-1001Core.job => C:\Users\Sven\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3196643619-180691504-1137637367-1001UA.job => C:\Users\Sven\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-07-15 05:44 - 2010-07-15 05:44 - 00020032 _____ () D:\Programme\Unlocker\UnlockerCOM.dll
2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () D:\Programme\Notepad\Notepad++\NppShell_05.dll
2011-05-31 11:11 - 2011-04-15 18:16 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-12-16 11:27 - 2012-12-16 11:27 - 00150528 _____ () D:\Programme\VLC\libvlc.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 02344960 _____ () D:\Programme\VLC\libvlccore.dll
2012-12-05 00:11 - 2011-03-30 23:05 - 00004096 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00306176 _____ () D:\Programme\VLC\plugins\access\libdshow_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00088064 _____ () D:\Programme\VLC\plugins\audio_output\libaout_directx_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00089088 _____ () D:\Programme\VLC\plugins\audio_output\libwaveout_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00115712 _____ () D:\Programme\VLC\plugins\video_output\libdirectx_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00076288 _____ () D:\Programme\VLC\plugins\mmxext\libmemcpymmxext_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00231936 _____ () D:\Programme\VLC\plugins\access\liblibbluray_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00139264 _____ () D:\Programme\VLC\plugins\access\libaccess_bd_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00299008 _____ () D:\Programme\VLC\plugins\access\libdvdnav_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00083456 _____ () D:\Programme\VLC\plugins\access\libaccess_vdr_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00084480 _____ () D:\Programme\VLC\plugins\access\libfilesystem_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00528896 _____ () D:\Programme\VLC\plugins\stream_filter\libstream_filter_httplive_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00876544 _____ () D:\Programme\VLC\plugins\stream_filter\libstream_filter_dash_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00077824 _____ () D:\Programme\VLC\plugins\access\libstream_filter_rar_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00128512 _____ () D:\Programme\VLC\plugins\access\libzip_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00074752 _____ () D:\Programme\VLC\plugins\stream_filter\libstream_filter_record_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00144384 _____ () D:\Programme\VLC\plugins\demux\libplaylist_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 01996800 _____ () D:\Programme\VLC\plugins\meta_engine\libtaglib_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00344064 _____ () D:\Programme\VLC\plugins\lua\liblua_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 01498624 _____ () D:\Programme\VLC\plugins\misc\libxml_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00089600 _____ () D:\Programme\VLC\plugins\control\libhotkeys_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00077312 _____ () D:\Programme\VLC\plugins\control\libglobalhotkeys_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 11936768 _____ () D:\Programme\VLC\plugins\gui\libqt4_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00219648 _____ () D:\Programme\VLC\plugins\demux\libmp4_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00119808 _____ () D:\Programme\VLC\plugins\demux\libavi_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00109568 _____ () D:\Programme\VLC\plugins\demux\libasf_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00083456 _____ () D:\Programme\VLC\plugins\demux\libflacsys_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00084480 _____ () D:\Programme\VLC\plugins\demux\libes_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00139264 _____ () D:\Programme\VLC\plugins\demux\libmpc_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00081408 _____ () D:\Programme\VLC\plugins\demux\libnuv_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00075776 _____ () D:\Programme\VLC\plugins\demux\libtta_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00079872 _____ () D:\Programme\VLC\plugins\demux\libwav_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 01149440 _____ () D:\Programme\VLC\plugins\demux\libsid_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00128000 _____ () D:\Programme\VLC\plugins\services_discovery\libsap_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 01565184 _____ () D:\Programme\VLC\plugins\demux\libmkv_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00762880 _____ () D:\Programme\VLC\plugins\demux\liblive555_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00142336 _____ () D:\Programme\VLC\plugins\demux\libogg_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00074752 _____ () D:\Programme\VLC\plugins\demux\libdirac_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00079872 _____ () D:\Programme\VLC\plugins\demux\libsmf_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00078848 _____ () D:\Programme\VLC\plugins\demux\librawvid_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00074752 _____ () D:\Programme\VLC\plugins\meta_engine\libfolder_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00131072 _____ () D:\Programme\VLC\plugins\access\libaccess_http_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00377856 _____ () D:\Programme\VLC\plugins\codec\libtheora_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00076288 _____ () D:\Programme\VLC\plugins\codec\librawvideo_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00218112 _____ () D:\Programme\VLC\plugins\codec\libspeex_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 01816576 _____ () D:\Programme\VLC\plugins\codec\libvorbis_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00076288 _____ () D:\Programme\VLC\plugins\codec\libaes3_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00080384 _____ () D:\Programme\VLC\plugins\codec\liblpcm_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00080896 _____ () D:\Programme\VLC\plugins\packetizer\libpacketizer_flac_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00087040 _____ () D:\Programme\VLC\plugins\packetizer\libpacketizer_dirac_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00081408 _____ () D:\Programme\VLC\plugins\packetizer\libpacketizer_mlp_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00087552 _____ () D:\Programme\VLC\plugins\packetizer\libpacketizer_mpeg4audio_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00097792 _____ () D:\Programme\VLC\plugins\packetizer\libpacketizer_vc1_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00077312 _____ () D:\Programme\VLC\plugins\codec\libsvcdsub_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00079872 _____ () D:\Programme\VLC\plugins\codec\libspudec_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00086016 _____ () D:\Programme\VLC\plugins\packetizer\libpacketizer_mpeg4video_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00084480 _____ () D:\Programme\VLC\plugins\packetizer\libpacketizer_mpegvideo_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00078848 _____ () D:\Programme\VLC\plugins\codec\libcvdsub_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00128512 _____ () D:\Programme\VLC\plugins\packetizer\libpacketizer_h264_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00078848 _____ () D:\Programme\VLC\plugins\codec\libmpeg_audio_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00251904 _____ () D:\Programme\VLC\plugins\codec\libpng_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00079360 _____ () D:\Programme\VLC\plugins\codec\libcdg_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 01548288 _____ () D:\Programme\VLC\plugins\codec\libschroedinger_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00089600 _____ () D:\Programme\VLC\plugins\codec\libaraw_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00078848 _____ () D:\Programme\VLC\plugins\codec\libdts_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00460288 _____ () D:\Programme\VLC\plugins\codec\libfaad_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00302592 _____ () D:\Programme\VLC\plugins\codec\libflac_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 01103360 _____ () D:\Programme\VLC\plugins\codec\liblibass_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00421376 _____ () D:\Programme\VLC\plugins\codec\libopus_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00233984 _____ () D:\Programme\VLC\plugins\audio_filter\libdtstofloat32_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00124928 _____ () D:\Programme\VLC\plugins\audio_filter\liba52tofloat32_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00166400 _____ () D:\Programme\VLC\plugins\audio_filter\libmpgatofixed32_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 01562624 _____ () D:\Programme\VLC\plugins\audio_filter\libsamplerate_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00075776 _____ () D:\Programme\VLC\plugins\audio_filter\libconverter_fixed_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00074240 _____ () D:\Programme\VLC\plugins\audio_filter\liba52tospdif_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00078848 _____ () D:\Programme\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00075264 _____ () D:\Programme\VLC\plugins\audio_filter\libdtstospdif_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00074752 _____ () D:\Programme\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00074240 _____ () D:\Programme\VLC\plugins\audio_filter\libugly_resampler_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00087552 _____ () D:\Programme\VLC\plugins\audio_filter\libaudio_format_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00073728 _____ () D:\Programme\VLC\plugins\audio_mixer\libfloat32_mixer_plugin.dll
2012-12-16 11:28 - 2012-12-16 11:28 - 00079360 _____ () D:\Programme\VLC\plugins\audio_filter\libscaletempo_plugin.dll
2013-10-01 13:06 - 2013-09-24 15:37 - 00352544 _____ () C:\Program Files (x86)\Connectify\NativeLibrary.dll
2013-10-01 13:05 - 2013-09-24 15:37 - 03147040 _____ () C:\Program Files (x86)\Connectify\ConnectifyNAT.dll
2013-10-01 13:06 - 2013-09-24 15:37 - 00714016 _____ () C:\Program Files (x86)\Connectify\log4cplus.dll
2013-10-01 13:06 - 2013-09-24 15:37 - 00353568 _____ () C:\Program Files (x86)\Connectify\LibDispatch.dll
2011-03-09 18:13 - 2011-03-09 18:13 - 00465640 _____ () C:\Program Files (x86)\NTI\Packard Bell MyBackup\sqlite3.dll
2011-03-09 18:12 - 2011-03-09 18:12 - 01081664 _____ () C:\Program Files (x86)\NTI\Packard Bell MyBackup\ACE.dll
2011-03-09 18:12 - 2011-03-09 18:12 - 00125760 _____ () C:\Program Files (x86)\NTI\Packard Bell MyBackup\MailConverter32.dll
2013-12-19 14:53 - 2013-12-19 14:53 - 00098816 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\win32api.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 00110080 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\pywintypes27.dll
2013-12-19 14:53 - 2013-12-19 14:53 - 00364544 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\pythoncom27.dll
2013-12-19 14:53 - 2013-12-19 14:53 - 00044032 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\_socket.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 01153024 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\_ssl.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 00320512 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\win32com.shell.shell.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 00711680 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\_hashlib.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 01175040 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\wx._core_.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 00805888 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\wx._gdi_.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 00811008 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\wx._windows_.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 01062400 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\wx._controls_.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 00735232 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\wx._misc_.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 00128512 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\_elementtree.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 00127488 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\pyexpat.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 00557056 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\pysqlite2._sqlite.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 00087040 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\_ctypes.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 00119808 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\win32file.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 00108544 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\win32security.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 00018432 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\win32event.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 00038912 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\win32inet.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 00122368 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\wx._wizard.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 00026624 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\_multiprocessing.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 00070656 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\wx._html2.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 00010240 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\select.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 00686080 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\unicodedata.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 00025600 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\win32pdh.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 00521680 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\windows._lib_cacheinvalidation.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 00011264 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\win32crypt.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 00024064 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\win32pipe.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 00035840 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\win32process.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 00017408 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\win32profile.pyd
2013-12-19 14:53 - 2013-12-19 14:53 - 00022528 _____ () C:\Users\Sven\AppData\Local\Temp\_MEI34802\win32ts.pyd
2013-03-13 21:48 - 2013-03-13 21:48 - 24978944 _____ () C:\Users\Sven\AppData\Roaming\Dropbox\bin\libcef.dll
2012-12-08 21:10 - 2012-12-08 21:10 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\eb64cfab84daa71ec3a30eec336bf00e\IsdiInterop.ni.dll
2011-05-31 10:33 - 2010-09-14 02:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-12-05 17:18 - 2013-12-04 03:47 - 00702416 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
2013-12-05 17:18 - 2013-12-04 03:47 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libegl.dll
2013-12-05 17:18 - 2013-12-04 03:48 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll
2013-12-05 17:18 - 2013-12-04 03:48 - 00399312 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
2013-12-05 17:18 - 2013-12-04 03:47 - 01619408 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
2013-12-05 17:18 - 2013-12-04 03:48 - 13586896 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:1CE11B51
AlternateDataStreams: C:\Users\Sven\Documents\zeugnis.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Sven\Documents\zeugnis.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAVService => ""="service"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/19/2013 02:52:24 PM) (Source: Sophos Anti-Virus) (User: )
Description: E_FAILURE.
CManager::TriggerShutdown in der ComponentManager-Komponente hat einen schwerwiegenden Fehler entdeckt, nach dem keine Wiederherstellung möglich ist.

Error: (12/19/2013 02:52:24 PM) (Source: Sophos Anti-Virus) (User: )
Description: E_FAILURE.
CManager::Unregister in der ComponentManager-Komponente hat einen schwerwiegenden Fehler entdeckt, nach dem keine Wiederherstellung möglich ist.

Error: (12/19/2013 02:48:28 PM) (Source: Sophos Anti-Virus) (User: )
Description: Die angeforderte Komponente 'ICManager' ist fehlerhaft. Die Komponente wird nicht ausgegeben.

Error: (12/19/2013 02:48:28 PM) (Source: Sophos Anti-Virus) (User: )
Description: Die angeforderte Komponente 'ICManager' ist fehlerhaft. Die Komponente wird nicht ausgegeben.

Error: (12/19/2013 02:48:27 PM) (Source: Sophos Anti-Virus) (User: )
Description: Fehler beim Anfordern der Komponente VEAdapterFactory vom ComponentManager.

Error: (12/19/2013 02:48:27 PM) (Source: Sophos Anti-Virus) (User: )
Description: Die angeforderte Komponente 'VEAdapterFactory' ist fehlerhaft. Die Komponente wird nicht ausgegeben.

Error: (12/19/2013 02:48:27 PM) (Source: Sophos Anti-Virus) (User: )
Description: Fehler beim Anfordern der Komponente SWIManager vom ComponentManager.

Error: (12/19/2013 02:48:27 PM) (Source: Sophos Anti-Virus) (User: )
Description: Fehler bei der Konfiguration von SWIManager.

Error: (12/19/2013 02:48:27 PM) (Source: Sophos Anti-Virus) (User: )
Description: Die angeforderte Komponente 'BHOManager' ist fehlerhaft. Die Komponente wird nicht ausgegeben.

Error: (12/19/2013 02:48:27 PM) (Source: Sophos Anti-Virus) (User: )
Description: Fehler beim Anfordern der Komponente SIPSManager vom ComponentManager.


System errors:
=============
Error: (12/19/2013 03:09:45 PM) (Source: ipnathlp) (User: )
Description: 0

Error: (12/19/2013 02:58:01 PM) (Source: ipnathlp) (User: )
Description: 0

Error: (12/19/2013 02:57:27 PM) (Source: ipnathlp) (User: )
Description: 

Error: (12/19/2013 02:56:42 PM) (Source: ipnathlp) (User: )
Description: 0

Error: (12/19/2013 02:55:07 PM) (Source: ipnathlp) (User: )
Description: 192.168.143.1192.168.137.0255.255.255.0

Error: (12/19/2013 02:55:04 PM) (Source: ipnathlp) (User: )
Description: 192.168.143.1192.168.137.0255.255.255.0

Error: (12/19/2013 02:53:58 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "VHD Attach" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (12/19/2013 02:53:58 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst VHD Attach erreicht.

Error: (12/19/2013 02:53:15 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%20

Error: (12/19/2013 02:48:31 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
AFD
aswRdr
aswRvrt
aswSnx
aswSP
aswTdi
aswVmm
cnnctfy3
DfsC
discache
NetBIOS
NetBT
nsiproxy
Psched
rdbss
SASDIFSV
SASKUTIL
SAVOnAccess
spldr
tdx
vpcnfltr
vpcvmm
vwififlt
Wanarpv6
WfpLwf


Microsoft Office Sessions:
=========================
Error: (12/04/2013 05:16:16 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6214.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 2 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (12/04/2013 05:16:07 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6214.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 1261 seconds with 840 seconds of active time.  This session ended with a crash.

Error: (12/03/2013 08:10:25 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6214.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 1 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (12/03/2013 08:09:26 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6214.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 2 seconds with 0 seconds of active time.  This session ended with a crash.


==================== Memory info =========================== 

Percentage of memory in use: 61%
Total physical RAM: 3947.86 MB
Available physical RAM: 1519.04 MB
Total Pagefile: 7893.91 MB
Available Pagefile: 4662.91 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB

==================== Drives ================================

Drive c: (Packard Bell) (Fixed) (Total:351.46 GB) (Free:129.19 GB) NTFS
Drive d: (Volume) (Fixed) (Total:224.61 GB) (Free:125.42 GB) NTFS
Drive k: (nx_konfig) (Fixed) (Total:15 GB) (Free:5.78 GB) NTFS
Drive m: (Volume) (Fixed) (Total:25 GB) (Free:24.87 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: 9C4D1402)
Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=351 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=225 GB) - (Type=OF Extended)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 25 GB) (Disk ID: 2BCAB810)
Partition 1: (Not Active) - (Size=25 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 15 GB) (Disk ID: 00431948)
Partition 1: (Not Active) - (Size=15 GB) - (Type=07 NTFS)

==================== End Of Log ============================

GMER:

Code:

ATTFilter

GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-12-19 15:59:38
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD64 rev.01.0 596,17GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\Sven\AppData\Local\Temp\kwdiypog.sys


---- User code sections - GMER 2.1 ----

.text   C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe[1148] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                       00000000766d1465 2 bytes [6D, 76]
.text   C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe[1148] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                      00000000766d14bb 2 bytes [6D, 76]
.text   ...                                                                                                                                                                * 2
.text   C:\Windows\Explorer.EXE[1692] C:\Windows\system32\kernel32.dll!CopyFileExW                                                                                         00000000774723d0 5 bytes JMP 000000016fff00d8
.text   C:\Windows\Explorer.EXE[1692] C:\Windows\system32\kernel32.dll!MoveFileWithProgressW                                                                               00000000774ef6b0 8 bytes JMP 000000016fff0110
.text   C:\Windows\Explorer.EXE[1692] C:\Windows\system32\ole32.dll!CoCreateInstance                                                                                       000007feff577490 11 bytes JMP 000007ffff5400d8
.text   C:\Program Files (x86)\Connectify\ConnectifyD.exe[2300] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                    00000000766d1465 2 bytes [6D, 76]
.text   C:\Program Files (x86)\Connectify\ConnectifyD.exe[2300] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                   00000000766d14bb 2 bytes [6D, 76]
.text   ...                                                                                                                                                                * 2
.text   C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe[2368] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                         00000000766d1465 2 bytes [6D, 76]
.text   C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe[2368] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                        00000000766d14bb 2 bytes [6D, 76]
.text   ...                                                                                                                                                                * 2
.text   C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe[2424] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                        00000000766d1465 2 bytes [6D, 76]
.text   C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe[2424] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                       00000000766d14bb 2 bytes [6D, 76]
.text   ...                                                                                                                                                                * 2
.text   C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe[2488] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                00000000766d1465 2 bytes [6D, 76]
.text   C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe[2488] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                               00000000766d14bb 2 bytes [6D, 76]
.text   ...                                                                                                                                                                * 2
.text   C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe[2608] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                    00000000766d1465 2 bytes [6D, 76]
.text   C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe[2608] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                   00000000766d14bb 2 bytes [6D, 76]
.text   ...                                                                                                                                                                * 2
.text   C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe[2764] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                          00000000766d1465 2 bytes [6D, 76]
.text   C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe[2764] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                         00000000766d14bb 2 bytes [6D, 76]
.text   ...                                                                                                                                                                * 2
.text   C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe[2468] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                     00000000766d1465 2 bytes [6D, 76]
.text   C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe[2468] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                    00000000766d14bb 2 bytes [6D, 76]
.text   ...                                                                                                                                                                * 2
.text   D:\Programme\Teamviewer\Version8\TeamViewer_Service.exe[2684] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                              00000000766d1465 2 bytes [6D, 76]
.text   D:\Programme\Teamviewer\Version8\TeamViewer_Service.exe[2684] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                             00000000766d14bb 2 bytes [6D, 76]
.text   ...                                                                                                                                                                * 2
?       C:\Windows\system32\iertutil.dll [2684] entry point in ".rdata" section                                                                                            0000000076c947f9
.text   C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[3572] C:\Windows\SysWOW64\ntdll.dll!DbgBreakPoint                                         000000007777000c 1 byte [C3]
.text   C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[3572] C:\Windows\SysWOW64\ntdll.dll!DbgUiRemoteBreakin                                    00000000777ff85a 5 bytes JMP 00000001777ad571
.text   C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[3804] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                        00000000766d1465 2 bytes [6D, 76]
.text   C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[3804] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                       00000000766d14bb 2 bytes [6D, 76]
.text   ...                                                                                                                                                                * 2
.text   C:\Program Files (x86)\NTI\Packard Bell MyBackup\BackupManagerTray.exe[3820] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                               00000000766d1465 2 bytes [6D, 76]
.text   C:\Program Files (x86)\NTI\Packard Bell MyBackup\BackupManagerTray.exe[3820] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                              00000000766d14bb 2 bytes [6D, 76]
.text   ...                                                                                                                                                                * 2
.text   C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe[3828] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69   00000000766d1465 2 bytes [6D, 76]
.text   C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe[3828] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155  00000000766d14bb 2 bytes [6D, 76]
.text   ...                                                                                                                                                                * 2
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[1632] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                     00000000766d1465 2 bytes [6D, 76]
.text   C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[1632] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                    00000000766d14bb 2 bytes [6D, 76]
.text   ...                                                                                                                                                                * 2
.text   C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[128] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                   00000000766d1465 2 bytes [6D, 76]
.text   C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[128] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                  00000000766d14bb 2 bytes [6D, 76]
.text   ...                                                                                                                                                                * 2
.text   C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[6936] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                       00000000766d1465 2 bytes [6D, 76]
.text   C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[6936] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                      00000000766d14bb 2 bytes [6D, 76]
.text   ...                                                                                                                                                                * 2
.text   C:\Program Files (x86)\Nero\Update\NASvc.exe[3592] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                         00000000766d1465 2 bytes [6D, 76]
.text   C:\Program Files (x86)\Nero\Update\NASvc.exe[3592] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                        00000000766d14bb 2 bytes [6D, 76]
.text   ...                                                                                                                                                                * 2
.text   C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[5356] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                 00000000766d1465 2 bytes [6D, 76]
.text   C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[5356] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                00000000766d14bb 2 bytes [6D, 76]
.text   ...                                                                                                                                                                * 2
.text   C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[2968] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                       00000000766d1465 2 bytes [6D, 76]
.text   C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[2968] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                      00000000766d14bb 2 bytes [6D, 76]
.text   ...                                                                                                                                                                * 2
.text   C:\Users\Sven\Desktop\gmer_2.1.19163.exe[6696] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                             00000000766d1465 2 bytes [6D, 76]
.text   C:\Users\Sven\Desktop\gmer_2.1.19163.exe[6696] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                            00000000766d14bb 2 bytes [6D, 76]
.text   ...                                                                                                                                                                * 2

---- Threads - GMER 2.1 ----

Thread  C:\Windows\system32\svchost.exe [1072:6820]                                                                                                                        000007fefc831ebc
Thread  C:\Program Files\Windows Media Player\wmpnetwk.exe [5936:5512]                                                                                                     000007fefb822a7c
Thread  C:\Program Files\Windows Media Player\wmpnetwk.exe [5936:5292]                                                                                                     000007feee2ad618
Thread  C:\Program Files\Windows Media Player\wmpnetwk.exe [5936:4464]                                                                                                     000007fef76a5124
Thread  C:\Windows\System32\svchost.exe [7132:5436]                                                                                                                        000007feea129688

---- EOF - GMER 2.1 ----

Hoffe ich habe alles richtig gemacht und nichts vergessen.

Und schonma Vielen Dank für eure Hilfe

schrauber · 19.12.2013, 16:49

hi,

Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1

WICHTIG - Speichere Combofix auf deinem Desktop

Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

starte den Rechner einfach neu. Dies sollte das Problem beheben.

nrg112 · 19.12.2013, 17:09

Combofix:

Code:

ATTFilter

ComboFix 13-12-18.01 - Sven 19.12.2013  16:55:35.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3948.1672 [GMT 1:00]
ausgeführt von:: c:\users\Sven\Desktop\ComboFix.exe
AV: Sophos Anti-Virus *Disabled/Updated* {65FBD860-96D8-75EF-C7ED-7BE27E6C498A}
SP: Sophos Anti-Virus *Disabled/Updated* {DE9A3984-B0E2-7A61-FD5D-409005EB0337}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\wininit.ini
.
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	130736	----a-w-	c:\users\Sven\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	130736	----a-w-	c:\users\Sven\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	130736	----a-w-	c:\users\Sven\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2013-12-06 20203904]
"<NO NAME>"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2013-02-13 844144]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2013-12-16 6562584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-09-14 283160]
"BackupManagerTray"="c:\program files (x86)\NTI\Packard Bell MyBackup\BackupManagerTray.exe" [2011-03-09 295744]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"Sophos AutoUpdate Monitor"="c:\program files (x86)\Sophos\AutoUpdate\almon.exe" [2012-12-05 900160]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2013-05-08 41056]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
.
c:\users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Sven\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoActiveDesktop"= 1 (0x1)
"ForceActiveDesktopOn"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\progra~2\Sophos\SOPHOS~1\sophos_detoured.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService]
@="service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SophosAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 DgiVecp;DgiVecp;c:\windows\system32\Drivers\DgiVecp.sys;c:\windows\SYSNATIVE\Drivers\DgiVecp.sys [x]
R2 gupdate;Google Update-Dienst (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
R2 MMCSS;Multimediaklassenplaner;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R2 sppsvc;Software Protection;c:\windows\system32\sppsvc.exe;c:\windows\SYSNATIVE\sppsvc.exe [x]
R2 swi_update_64;Sophos Web Intelligence Update;c:\programdata\Sophos\Web Intelligence\swi_update_64.exe;c:\programdata\Sophos\Web Intelligence\swi_update_64.exe [x]
R3 1394ohci;1394 OHCI Compliant Host Controller;c:\windows\system32\drivers\1394ohci.sys;c:\windows\SYSNATIVE\drivers\1394ohci.sys [x]
R3 AcpiPmi;ACPI Power Meter Driver;c:\windows\system32\drivers\acpipmi.sys;c:\windows\SYSNATIVE\drivers\acpipmi.sys [x]
R3 adp94xx;adp94xx;c:\windows\system32\drivers\adp94xx.sys;c:\windows\SYSNATIVE\drivers\adp94xx.sys [x]
R3 adpahci;adpahci;c:\windows\system32\drivers\adpahci.sys;c:\windows\SYSNATIVE\drivers\adpahci.sys [x]
R3 amdsata;amdsata;c:\windows\system32\drivers\amdsata.sys;c:\windows\SYSNATIVE\drivers\amdsata.sys [x]
R3 amdsbs;amdsbs;c:\windows\system32\drivers\amdsbs.sys;c:\windows\SYSNATIVE\drivers\amdsbs.sys [x]
R3 AppID;Anwendungs-ID-Treiber;c:\windows\system32\drivers\appid.sys;c:\windows\SYSNATIVE\drivers\appid.sys [x]
R3 AppIDSvc;Anwendungsidentität;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 arcsas;arcsas;c:\windows\system32\drivers\arcsas.sys;c:\windows\SYSNATIVE\drivers\arcsas.sys [x]
R3 b06bdrv;Broadcom NetXtreme II VBD;c:\windows\system32\drivers\bxvbda.sys;c:\windows\SYSNATIVE\drivers\bxvbda.sys [x]
R3 b57nd60a;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\b57nd60a.sys [x]
R3 BDESVC;BitLocker-Laufwerkverschlüsselungsdienst;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver;c:\windows\system32\drivers\BrFiltLo.sys;c:\windows\SYSNATIVE\drivers\BrFiltLo.sys [x]
R3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver;c:\windows\system32\drivers\BrFiltUp.sys;c:\windows\SYSNATIVE\drivers\BrFiltUp.sys [x]
R3 Brserid;Brother MFC Serial Port Interface Driver (WDM);c:\windows\System32\Drivers\Brserid.sys;c:\windows\SYSNATIVE\Drivers\Brserid.sys [x]
R3 BrSerWdm;Brother WDM Serial driver;c:\windows\System32\Drivers\BrSerWdm.sys;c:\windows\SYSNATIVE\Drivers\BrSerWdm.sys [x]
R3 BrUsbMdm;Brother MFC USB Fax Only Modem;c:\windows\System32\Drivers\BrUsbMdm.sys;c:\windows\SYSNATIVE\Drivers\BrUsbMdm.sys [x]
R3 BrUsbSer;Brother MFC USB Serial WDM Driver;c:\windows\System32\Drivers\BrUsbSer.sys;c:\windows\SYSNATIVE\Drivers\BrUsbSer.sys [x]
R3 bthserv;Bluetooth-Unterstützungsdienst;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 CertPropSvc;Zertifikatverteilung;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 circlass;Consumer IR Devices;c:\windows\system32\drivers\circlass.sys;c:\windows\SYSNATIVE\drivers\circlass.sys [x]
R3 defragsvc;Defragmentierung;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 ebdrv;Broadcom NetXtreme II 10 GigE VBD;c:\windows\system32\drivers\evbda.sys;c:\windows\SYSNATIVE\drivers\evbda.sys [x]
R3 ehRecvr;Windows Media Center-Empfängerdienst;c:\windows\ehome\ehRecvr.exe;c:\windows\ehome\ehRecvr.exe [x]
R3 ehSched;Windows Media Center-Planerdienst;c:\windows\ehome\ehsched.exe;c:\windows\ehome\ehsched.exe [x]
R3 elxstor;elxstor;c:\windows\system32\drivers\elxstor.sys;c:\windows\SYSNATIVE\drivers\elxstor.sys [x]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys;c:\windows\SYSNATIVE\epmntdrv.sys [x]
R3 ErrDev;Microsoft Hardware Error Device Driver;c:\windows\system32\drivers\errdev.sys;c:\windows\SYSNATIVE\drivers\errdev.sys [x]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys;c:\windows\SYSNATIVE\EuGdiDrv.sys [x]
R3 Fax;Fax;c:\windows\system32\fxssvc.exe;c:\windows\SYSNATIVE\fxssvc.exe [x]
R3 fdPHost;Funktionssuchanbieter-Host;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 Filetrace;Filetrace;c:\windows\system32\drivers\filetrace.sys;c:\windows\SYSNATIVE\drivers\filetrace.sys [x]
R3 FsDepends;File System Dependency Minifilter;c:\windows\system32\drivers\FsDepends.sys;c:\windows\SYSNATIVE\drivers\FsDepends.sys [x]
R3 gagp30kx;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms;c:\windows\system32\drivers\gagp30kx.sys;c:\windows\SYSNATIVE\drivers\gagp30kx.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
R3 hcw85cir;Hauppauge Consumer Infrared Receiver;c:\windows\system32\drivers\hcw85cir.sys;c:\windows\SYSNATIVE\drivers\hcw85cir.sys [x]
R3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service;c:\windows\system32\drivers\HdAudio.sys;c:\windows\SYSNATIVE\drivers\HdAudio.sys [x]
R3 HidBth;Microsoft Bluetooth HID Miniport;c:\windows\system32\drivers\hidbth.sys;c:\windows\SYSNATIVE\drivers\hidbth.sys [x]
R3 HidIr;Microsoft Infrared HID Driver;c:\windows\system32\drivers\hidir.sys;c:\windows\SYSNATIVE\drivers\hidir.sys [x]
R3 HomeGroupListener;Heimnetzgruppen-Listener;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 HomeGroupProvider;Heimnetzgruppen-Anbieter;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 HpSAMD;HpSAMD;c:\windows\system32\drivers\HpSAMD.sys;c:\windows\SYSNATIVE\drivers\HpSAMD.sys [x]
R3 iaStorV;iaStorV;c:\windows\system32\drivers\iaStorV.sys;c:\windows\SYSNATIVE\drivers\iaStorV.sys [x]
R3 IPBusEnum;PnP-X-IP-Busenumerator;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 IPMIDRV;IPMIDRV;c:\windows\system32\drivers\IPMIDrv.sys;c:\windows\SYSNATIVE\drivers\IPMIDrv.sys [x]
R3 iScsiPrt;iScsiPort Driver;c:\windows\system32\drivers\msiscsi.sys;c:\windows\SYSNATIVE\drivers\msiscsi.sys [x]
R3 jnprva;Juniper Networks Virtual Adapter Service;c:\windows\system32\DRIVERS\jnprva.sys;c:\windows\SYSNATIVE\DRIVERS\jnprva.sys [x]
R3 KtmRm;KtmRm für Distributed Transaction Coordinator;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 lltdsvc;Verbindungsschicht-Topologieerkennungs-Zuordnungsprogramm;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 LSI_FC;LSI_FC;c:\windows\system32\drivers\lsi_fc.sys;c:\windows\SYSNATIVE\drivers\lsi_fc.sys [x]
R3 LSI_SAS;LSI_SAS;c:\windows\system32\drivers\lsi_sas.sys;c:\windows\SYSNATIVE\drivers\lsi_sas.sys [x]
R3 LSI_SAS2;LSI_SAS2;c:\windows\system32\drivers\lsi_sas2.sys;c:\windows\SYSNATIVE\drivers\lsi_sas2.sys [x]
R3 LSI_SCSI;LSI_SCSI;c:\windows\system32\drivers\lsi_scsi.sys;c:\windows\SYSNATIVE\drivers\lsi_scsi.sys [x]
R3 megasas;megasas;c:\windows\system32\drivers\megasas.sys;c:\windows\SYSNATIVE\drivers\megasas.sys [x]
R3 MegaSR;MegaSR;c:\windows\system32\drivers\MegaSR.sys;c:\windows\SYSNATIVE\drivers\MegaSR.sys [x]
R3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service;c:\program files (x86)\Microsoft Office\Office12\GrooveAuditService.exe;c:\program files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [x]
R3 mpio;mpio;c:\windows\system32\drivers\mpio.sys;c:\windows\SYSNATIVE\drivers\mpio.sys [x]
R3 msahci;msahci;c:\windows\system32\drivers\msahci.sys;c:\windows\SYSNATIVE\drivers\msahci.sys [x]
R3 msdsm;msdsm;c:\windows\system32\drivers\msdsm.sys;c:\windows\SYSNATIVE\drivers\msdsm.sys [x]
R3 mshidkmdf;Pass-through HID to KMDF Filter Driver;c:\windows\System32\drivers\mshidkmdf.sys;c:\windows\SYSNATIVE\drivers\mshidkmdf.sys [x]
R3 MSiSCSI;Microsoft iSCSI-Initiator-Dienst;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 MsRPC;MsRPC; [x]
R3 MTConfig;Microsoft Input Configuration Driver;c:\windows\system32\drivers\MTConfig.sys;c:\windows\SYSNATIVE\drivers\MTConfig.sys [x]
R3 NdisCap;NDIS Capture LightWeight Filter;c:\windows\system32\DRIVERS\ndiscap.sys;c:\windows\SYSNATIVE\DRIVERS\ndiscap.sys [x]
R3 nfrd960;nfrd960;c:\windows\system32\drivers\nfrd960.sys;c:\windows\SYSNATIVE\drivers\nfrd960.sys [x]
R3 nvstor;nvstor;c:\windows\system32\drivers\nvstor.sys;c:\windows\SYSNATIVE\drivers\nvstor.sys [x]
R3 odserv;Microsoft Office Diagnostics Service;c:\program files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE;c:\program files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [x]
R3 p2pimsvc;Peernetzwerkidentitäts-Manager;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 p2psvc;Peernetzwerk-Gruppenzuordnung;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 PerfHost;Leistungsindikator-DLL-Host;c:\windows\SysWow64\perfhost.exe;c:\windows\SysWow64\perfhost.exe [x]
R3 pla;Leistungsprotokolle und -warnungen;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 PNRPAutoReg;PNRP-Computernamenveröffentlichungs-Dienst;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 PNRPsvc;Peer Name Resolution-Protokoll;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 ql2300;ql2300;c:\windows\system32\drivers\ql2300.sys;c:\windows\SYSNATIVE\drivers\ql2300.sys [x]
R3 ql40xx;ql40xx;c:\windows\system32\drivers\ql40xx.sys;c:\windows\SYSNATIVE\drivers\ql40xx.sys [x]
R3 QWAVE;Verbessertes Windows-Audio/Video-Streaming;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 QWAVEdrv;QWAVE-Treiber;c:\windows\system32\drivers\qwavedrv.sys;c:\windows\SYSNATIVE\drivers\qwavedrv.sys [x]
R3 rdpbus;Remote Desktop Device Redirector Bus Driver;c:\windows\system32\drivers\rdpbus.sys;c:\windows\SYSNATIVE\drivers\rdpbus.sys [x]
R3 sbp2port;sbp2port;c:\windows\system32\drivers\sbp2port.sys;c:\windows\SYSNATIVE\drivers\sbp2port.sys [x]
R3 scfilter;Filtertreiber für Smartcards der Plug & Play-Klasse;c:\windows\system32\DRIVERS\scfilter.sys;c:\windows\SYSNATIVE\DRIVERS\scfilter.sys [x]
R3 SCPolicySvc;Richtlinie zum Entfernen der Scmartcard;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 sdbus;sdbus;c:\windows\system32\DRIVERS\sdbus.sys;c:\windows\SYSNATIVE\DRIVERS\sdbus.sys [x]
R3 sdcfilter;sdcfilter;c:\windows\system32\DRIVERS\sdcfilter.sys;c:\windows\SYSNATIVE\DRIVERS\sdcfilter.sys [x]
R3 SDRSVC;Windows-Sicherung;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 SensrSvc;Adaptive Helligkeit;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 sermouse;Serial Mouse Driver;c:\windows\system32\drivers\sermouse.sys;c:\windows\SYSNATIVE\drivers\sermouse.sys [x]
R3 SessionEnv;Konfiguration für Remotedesktops;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 sffdisk;SFF Storage Class Driver;c:\windows\system32\drivers\sffdisk.sys;c:\windows\SYSNATIVE\drivers\sffdisk.sys [x]
R3 sffp_mmc;SFF Storage Protocol Driver for MMC;c:\windows\system32\drivers\sffp_mmc.sys;c:\windows\SYSNATIVE\drivers\sffp_mmc.sys [x]
R3 sffp_sd;SFF Storage Protocol Driver for SDBus;c:\windows\system32\drivers\sffp_sd.sys;c:\windows\SYSNATIVE\drivers\sffp_sd.sys [x]
R3 SiSRaid2;SiSRaid2;c:\windows\system32\drivers\SiSRaid2.sys;c:\windows\SYSNATIVE\drivers\SiSRaid2.sys [x]
R3 SiSRaid4;SiSRaid4;c:\windows\system32\drivers\sisraid4.sys;c:\windows\SYSNATIVE\drivers\sisraid4.sys [x]
R3 Smb;Nachrichtenorientiertes TCP/IP- und TCP/IPv6-Protokoll (SMB-Sitzung);c:\windows\system32\DRIVERS\smb.sys;c:\windows\SYSNATIVE\DRIVERS\smb.sys [x]
R3 SNMPTRAP;SNMP-Trap;c:\windows\System32\snmptrap.exe;c:\windows\SYSNATIVE\snmptrap.exe [x]
R3 sppuinotify;SPP-Benachrichtigungsdienst;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssudserd.sys [x]
R3 Steam Client Service;Steam Client Service;c:\program files (x86)\Common Files\Steam\SteamService.exe;c:\program files (x86)\Common Files\Steam\SteamService.exe [x]
R3 stexstor;stexstor;c:\windows\system32\drivers\stexstor.sys;c:\windows\SYSNATIVE\drivers\stexstor.sys [x]
R3 SXDS10;soft Xpansion Dispatch Service;c:\program files (x86)\Common Files\soft Xpansion\sxds10.exe \Service;c:\program files (x86)\Common Files\soft Xpansion\sxds10.exe \Service [x]
R3 TabletInputService;Tablet PC-Eingabedienst;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 TBS;TPM-Basisdienste;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 TCPIP6;Microsoft IPv6 Protocol Driver;c:\windows\system32\DRIVERS\tcpip.sys;c:\windows\SYSNATIVE\DRIVERS\tcpip.sys [x]
R3 THREADORDER;Server für Threadsortierung;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 TrustedInstaller;Windows Modules Installer;c:\windows\servicing\TrustedInstaller.exe;c:\windows\servicing\TrustedInstaller.exe [x]
R3 tssecsrv;Remote Desktop Services Security Filter Driver;c:\windows\system32\DRIVERS\tssecsrv.sys;c:\windows\SYSNATIVE\DRIVERS\tssecsrv.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R3 uagp35;Microsoft AGPv3.5 Filter;c:\windows\system32\drivers\uagp35.sys;c:\windows\SYSNATIVE\drivers\uagp35.sys [x]
R3 UI0Detect;Erkennung interaktiver Dienste;c:\windows\system32\UI0Detect.exe;c:\windows\SYSNATIVE\UI0Detect.exe [x]
R3 uliagpkx;Uli AGP Bus Filter;c:\windows\system32\drivers\uliagpkx.sys;c:\windows\SYSNATIVE\drivers\uliagpkx.sys [x]
R3 UmPass;Microsoft UMPass Driver;c:\windows\system32\drivers\umpass.sys;c:\windows\SYSNATIVE\drivers\umpass.sys [x]
R3 usbcir;eHome Infrared Receiver (USBCIR);c:\windows\system32\drivers\usbcir.sys;c:\windows\SYSNATIVE\drivers\usbcir.sys [x]
R3 VaultSvc;Anmeldeinformationsverwaltung;c:\windows\system32\lsass.exe;c:\windows\SYSNATIVE\lsass.exe [x]
R3 vhdmp;vhdmp;c:\windows\system32\DRIVERS\vhdmp.sys;c:\windows\SYSNATIVE\DRIVERS\vhdmp.sys [x]
R3 vsmraid;vsmraid;c:\windows\system32\drivers\vsmraid.sys;c:\windows\SYSNATIVE\drivers\vsmraid.sys [x]
R3 WacomPen;Wacom Serial Pen HID Driver;c:\windows\system32\drivers\wacompen.sys;c:\windows\SYSNATIVE\drivers\wacompen.sys [x]
R3 wbengine;Blockebenen-Sicherungsmodul;c:\windows\system32\wbengine.exe;c:\windows\SYSNATIVE\wbengine.exe [x]
R3 WbioSrvc;Windows-Biometriedienst;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 wcncsvc;Windows-Sofortverbindung - Konfigurationsregistrierungsstelle;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 WcsPlugInService;Windows-Farbsystem;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 Wd;Wd;c:\windows\system32\drivers\wd.sys;c:\windows\SYSNATIVE\drivers\wd.sys [x]
R3 WdiSystemHost;Diagnosesystemhost;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 Wecsvc;Windows-Ereignissammlung;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 wercplsupport;Unterstützung in der Systemsteuerung unter Lösungen für Probleme;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 WerSvc;Windows-Fehlerberichterstattungsdienst;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 WIMMount;WIMMount;c:\windows\system32\drivers\wimmount.sys;c:\windows\SYSNATIVE\drivers\wimmount.sys [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;d:\programme\Game Booster 3\Driver\WinRing0x64.sys;d:\programme\Game Booster 3\Driver\WinRing0x64.sys [x]
R3 WinRM;Windows-Remoteverwaltung (WS-Verwaltung);c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 WinUsb;SAMSUNG Android USB Driver;c:\windows\system32\DRIVERS\WinUsb.sys;c:\windows\SYSNATIVE\DRIVERS\WinUsb.sys [x]
R3 WPCSvc;Parental Controls;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 WPDBusEnum;Enumeratordienst für tragbare Geräte;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 WwanSvc;WWAN - automatische Konfiguration;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [x]
R4 Mcx2Svc;Media Center Extender-Dienst;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R4 NetMsmqActivator;Net.Msmq-Listeneradapter;c:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [x]
R4 NetPipeActivator;Net.Pipe-Listeneradapter;c:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [x]
R4 NetTcpActivator;Net.Tcp-Listeneradapter;c:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [x]
R4 SophosBootDriver;SophosBootDriver;c:\windows\system32\DRIVERS\SophosBootDriver.sys;c:\windows\SYSNATIVE\DRIVERS\SophosBootDriver.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 amdxata;amdxata;c:\windows\system32\drivers\amdxata.sys;c:\windows\SYSNATIVE\drivers\amdxata.sys [x]
S0 CLFS;Gemeinsames Protokoll (CLFS);c:\windows\System32\CLFS.sys;c:\windows\SYSNATIVE\CLFS.sys [x]
S0 CNG;CNG;c:\windows\System32\Drivers\cng.sys;c:\windows\SYSNATIVE\Drivers\cng.sys [x]
S0 FileInfo;File Information FS MiniFilter;c:\windows\system32\drivers\fileinfo.sys;c:\windows\SYSNATIVE\drivers\fileinfo.sys [x]
S0 fvevol;Filtertreiber der Bitlocker-Laufwerkverschlüsselung;c:\windows\System32\DRIVERS\fvevol.sys;c:\windows\SYSNATIVE\DRIVERS\fvevol.sys [x]
S0 hwpolicy;Hardware Policy Driver;c:\windows\System32\drivers\hwpolicy.sys;c:\windows\SYSNATIVE\drivers\hwpolicy.sys [x]
S0 KSecPkg;KSecPkg;c:\windows\System32\Drivers\ksecpkg.sys;c:\windows\SYSNATIVE\Drivers\ksecpkg.sys [x]
S0 msisadrv;msisadrv;c:\windows\system32\drivers\msisadrv.sys;c:\windows\SYSNATIVE\drivers\msisadrv.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 pcw;Performance Counters for Windows Driver;c:\windows\System32\drivers\pcw.sys;c:\windows\SYSNATIVE\drivers\pcw.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S0 rdyboost;ReadyBoost;c:\windows\System32\drivers\rdyboost.sys;c:\windows\SYSNATIVE\drivers\rdyboost.sys [x]
S0 spldr;Security Processor Loader Driver; [x]
S0 vdrvroot;Microsoft Virtual Drive Enumerator Driver;c:\windows\system32\drivers\vdrvroot.sys;c:\windows\SYSNATIVE\drivers\vdrvroot.sys [x]
S0 volmgr;Volume Manager Driver;c:\windows\system32\drivers\volmgr.sys;c:\windows\SYSNATIVE\drivers\volmgr.sys [x]
S0 volmgrx;Dynamischer Volume-Manager;c:\windows\System32\drivers\volmgrx.sys;c:\windows\SYSNATIVE\drivers\volmgrx.sys [x]
S0 Wdf01000;Kernel Mode Driver Frameworks service;c:\windows\system32\drivers\Wdf01000.sys;c:\windows\SYSNATIVE\drivers\Wdf01000.sys [x]
S1 blbdrive;blbdrive;c:\windows\system32\drivers\blbdrive.sys;c:\windows\SYSNATIVE\drivers\blbdrive.sys [x]
S1 cnnctfy3;Connectify LightWeight Filter;c:\windows\system32\DRIVERS\cnnctfy3.sys;c:\windows\SYSNATIVE\DRIVERS\cnnctfy3.sys [x]
S1 DfsC;DFS Namespace Client Driver;c:\windows\system32\Drivers\dfsc.sys;c:\windows\SYSNATIVE\Drivers\dfsc.sys [x]
S1 discache;System Attribute Cache;c:\windows\system32\drivers\discache.sys;c:\windows\SYSNATIVE\drivers\discache.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 nsiproxy;NSI proxy service driver.;c:\windows\system32\drivers\nsiproxy.sys;c:\windows\SYSNATIVE\drivers\nsiproxy.sys [x]
S1 RDPENCDD;RDP Encoder Mirror Driver;c:\windows\system32\drivers\rdpencdd.sys;c:\windows\SYSNATIVE\drivers\rdpencdd.sys [x]
S1 RDPREFMP;Reflector Display Driver used to gain access to graphics data;c:\windows\system32\drivers\rdprefmp.sys;c:\windows\SYSNATIVE\drivers\rdprefmp.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S1 SAVOnAccess;SAVOnAccess;c:\windows\system32\DRIVERS\savonaccess.sys;c:\windows\SYSNATIVE\DRIVERS\savonaccess.sys [x]
S1 tdx;NetIO-Legacy-TDI-Supporttreiber;c:\windows\system32\DRIVERS\tdx.sys;c:\windows\SYSNATIVE\DRIVERS\tdx.sys [x]
S1 vpcnfltr;Virtual PC Network Filter Driver;c:\windows\system32\DRIVERS\vpcnfltr.sys;c:\windows\SYSNATIVE\DRIVERS\vpcnfltr.sys [x]
S1 vpcvmm;Virtual PC-Monitor für virtuelle Computer;c:\windows\system32\drivers\vpcvmm.sys;c:\windows\SYSNATIVE\drivers\vpcvmm.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys;c:\windows\SYSNATIVE\DRIVERS\vwififlt.sys [x]
S1 Wanarpv6;Remotezugriff-IPv6-ARP-Treiber;c:\windows\system32\DRIVERS\wanarp.sys;c:\windows\SYSNATIVE\DRIVERS\wanarp.sys [x]
S1 WfpLwf;WFP Lightweight Filter;c:\windows\system32\DRIVERS\wfplwf.sys;c:\windows\SYSNATIVE\DRIVERS\wfplwf.sys [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [x]
S2 AudioEndpointBuilder;Windows-Audio-Endpunkterstellung;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 BFE;Basisfiltermodul;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 Connectify;Connectify;c:\program files (x86)\Connectify\ConnectifyService.exe;c:\program files (x86)\Connectify\ConnectifyService.exe [x]
S2 DPS;Diagnoserichtliniendienst;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 EFS;Verschlüsselndes Dateisystem (EFS);c:\windows\System32\lsass.exe;c:\windows\SYSNATIVE\lsass.exe [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [x]
S2 FDResPub;Funktionssuche-Ressourcenveröffentlichung;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 FontCache;Windows-Dienst für Schriftartencache;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 gpsvc;Gruppenrichtlinienclient;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IKEEXT;IKE- und AuthIP IPsec-Schlüsselerstellungsmodule;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 iphlpsvc;IP-Hilfsdienst;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 JuniperAccessService;Juniper Unified Network Service;c:\program files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe;c:\program files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe [x]
S2 Live Updater Service;Live Updater Service;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe [x]
S2 lltdio;Link-Layer Topology Discovery Mapper I/O Driver;c:\windows\system32\DRIVERS\lltdio.sys;c:\windows\SYSNATIVE\DRIVERS\lltdio.sys [x]
S2 LMS;Intel(R) Management and Security Application Local Management Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [x]
S2 luafv;UAC-Dateivirtualisierung;c:\windows\system32\drivers\luafv.sys;c:\windows\SYSNATIVE\drivers\luafv.sys [x]
S2 MpsSvc;Windows-Firewall;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 NlaSvc;NLA (Network Location Awareness);c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 nsi;Netzwerkspeicher-Schnittstellendienst;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe;c:\program files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe [x]
S2 NVSvc;NVIDIA Driver Helper Service;c:\windows\system32\nvvsvc.exe;c:\windows\SYSNATIVE\nvvsvc.exe [x]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [x]
S2 PcaSvc;Programmkompatibilitäts-Assistent-Dienst;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 PEAUTH;PEAUTH;c:\windows\system32\drivers\peauth.sys;c:\windows\SYSNATIVE\drivers\peauth.sys [x]
S2 Power;Stromversorgung;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ProfSvc;Benutzerprofildienst;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 RpcEptMapper;RPC-Endpunktzuordnung;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 rspndr;Link-Layer Topology Discovery Responder;c:\windows\system32\DRIVERS\rspndr.sys;c:\windows\SYSNATIVE\DRIVERS\rspndr.sys [x]
S2 SAVAdminService;Sophos Anti-Virus Statusreporter;c:\program files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe;c:\program files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [x]
S2 SAVService;Sophos Anti-Virus;c:\program files (x86)\Sophos\Sophos Anti-Virus\SavService.exe;c:\program files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [x]
S2 Sophos Web Control Service;Sophos Web Control Service;c:\program files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe;c:\program files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [x]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys;c:\windows\SYSNATIVE\Drivers\SSPORT.sys [x]
S2 swi_service;Sophos Web Intelligence Service;c:\program files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe;c:\program files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [x]
S2 SysMain;Superfetch;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 tcpipreg;TCP/IP Registry Compatibility;c:\windows\system32\drivers\tcpipreg.sys;c:\windows\SYSNATIVE\drivers\tcpipreg.sys [x]
S2 TeamViewer8;TeamViewer 8;d:\programme\Teamviewer\Version8\TeamViewer_Service.exe;d:\programme\Teamviewer\Version8\TeamViewer_Service.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 UxSms;Sitzungs-Manager für Desktopfenster-Manager;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 VhdAttach;VHD Attach;d:\programme\VHD Attach\VHD Attach\VhdAttachService.exe;d:\programme\VHD Attach\VHD Attach\VhdAttachService.exe [x]
S2 WinDefend;Windows Defender;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 Wlansvc;Automatische WLAN-Konfiguration;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 wlidsvc;Windows Live ID Sign-in Assistant;c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE;c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [x]
S2 WSearch;Windows Search;c:\windows\system32\SearchIndexer.exe;c:\windows\SYSNATIVE\SearchIndexer.exe [x]
S3 Appinfo;Anwendungsinformationen;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S3 athr;Atheros Extensible Wireless LAN device driver;c:\windows\system32\DRIVERS\athrx.sys;c:\windows\SYSNATIVE\DRIVERS\athrx.sys [x]
S3 b57xdbd;Broadcom xD Picture Bus Driver Service;c:\windows\system32\DRIVERS\b57xdbd.sys;c:\windows\SYSNATIVE\DRIVERS\b57xdbd.sys [x]
S3 b57xdmp;Broadcom xD Picture vstorp client drv;c:\windows\system32\DRIVERS\b57xdmp.sys;c:\windows\SYSNATIVE\DRIVERS\b57xdmp.sys [x]
S3 bowser;Browsersupporttreiber;c:\windows\system32\DRIVERS\bowser.sys;c:\windows\SYSNATIVE\DRIVERS\bowser.sys [x]
S3 bScsiMSa;bScsiMSa;c:\windows\system32\DRIVERS\bScsiMSa.sys;c:\windows\SYSNATIVE\DRIVERS\bScsiMSa.sys [x]
S3 bScsiSDa;bScsiSDa;c:\windows\system32\DRIVERS\bScsiSDa.sys;c:\windows\SYSNATIVE\DRIVERS\bScsiSDa.sys [x]
S3 CompositeBus;Composite Bus Enumerator Driver;c:\windows\system32\drivers\CompositeBus.sys;c:\windows\SYSNATIVE\drivers\CompositeBus.sys [x]
S3 DXGKrnl;LDDM Graphics Subsystem;c:\windows\System32\drivers\dxgkrnl.sys;c:\windows\SYSNATIVE\drivers\dxgkrnl.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 igfx;igfx;c:\windows\system32\DRIVERS\igdkmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdkmd64.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 jnprna;Juniper Network Agent Miniport;c:\windows\system32\DRIVERS\jnprna6.sys;c:\windows\SYSNATIVE\DRIVERS\jnprna6.sys [x]
S3 JnprVaMgr;Juniper Networks Virtual Adapter Manager Service;c:\windows\system32\DRIVERS\jnprvamgr.sys;c:\windows\SYSNATIVE\DRIVERS\jnprvamgr.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 KeyIso;CNG-Schlüsselisolation;c:\windows\system32\lsass.exe;c:\windows\SYSNATIVE\lsass.exe [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 monitor;Microsoft Monitor-Klassenfunktionstreiber-Dienst;c:\windows\system32\DRIVERS\monitor.sys;c:\windows\SYSNATIVE\DRIVERS\monitor.sys [x]
S3 mpsdrv;Windows-Firewallautorisierungstreiber;c:\windows\system32\drivers\mpsdrv.sys;c:\windows\SYSNATIVE\drivers\mpsdrv.sys [x]
S3 mrxsmb10;SMB 1.x-Miniredirector;c:\windows\system32\DRIVERS\mrxsmb10.sys;c:\windows\SYSNATIVE\DRIVERS\mrxsmb10.sys [x]
S3 mrxsmb20;SMB 2.0-Miniredirector;c:\windows\system32\DRIVERS\mrxsmb20.sys;c:\windows\SYSNATIVE\DRIVERS\mrxsmb20.sys [x]
S3 NativeWifiP;NativeWiFi Filter;c:\windows\system32\DRIVERS\nwifi.sys;c:\windows\SYSNATIVE\DRIVERS\nwifi.sys [x]
S3 netprofm;Netzwerklistendienst;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S3 NTIDrvr;NTIDrvr;c:\windows\system32\drivers\NTIDrvr.sys;c:\windows\SYSNATIVE\drivers\NTIDrvr.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 nvlddmkm;nvlddmkm;c:\windows\system32\DRIVERS\nvlddmkm.sys;c:\windows\SYSNATIVE\DRIVERS\nvlddmkm.sys [x]
S3 RasAgileVpn;WAN Miniport (IKEv2);c:\windows\system32\DRIVERS\AgileVpn.sys;c:\windows\SYSNATIVE\DRIVERS\AgileVpn.sys [x]
S3 srv2;Server-SMB-Treiber 2.xxx;c:\windows\system32\DRIVERS\srv2.sys;c:\windows\SYSNATIVE\DRIVERS\srv2.sys [x]
S3 srvnet;srvnet;c:\windows\system32\DRIVERS\srvnet.sys;c:\windows\SYSNATIVE\DRIVERS\srvnet.sys [x]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys;c:\windows\SYSNATIVE\DRIVERS\teamviewervpn.sys [x]
S3 tunnel;Microsoft-Tunnelminiport-Adaptertreiber;c:\windows\system32\DRIVERS\tunnel.sys;c:\windows\SYSNATIVE\DRIVERS\tunnel.sys [x]
S3 UBHelper;UBHelper;c:\windows\system32\drivers\UBHelper.sys;c:\windows\SYSNATIVE\drivers\UBHelper.sys [x]
S3 umbus;UMBusenumerator-Treiber;c:\windows\system32\DRIVERS\umbus.sys;c:\windows\SYSNATIVE\DRIVERS\umbus.sys [x]
S3 usbvideo;USB-Videogerät (WDM);c:\windows\system32\Drivers\usbvideo.sys;c:\windows\SYSNATIVE\Drivers\usbvideo.sys [x]
S3 vpcbus;Virtual PC-Hostbusdienst;c:\windows\system32\DRIVERS\vpchbus.sys;c:\windows\SYSNATIVE\DRIVERS\vpchbus.sys [x]
S3 vpcusb;USB-Virtualisierungsconnectordienst;c:\windows\system32\DRIVERS\vpcusb.sys;c:\windows\SYSNATIVE\DRIVERS\vpcusb.sys [x]
S3 vwifibus;Virtueller WiFi-Bustreiber;c:\windows\system32\DRIVERS\vwifibus.sys;c:\windows\SYSNATIVE\DRIVERS\vwifibus.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys;c:\windows\SYSNATIVE\DRIVERS\vwifimp.sys [x]
S3 WdiServiceHost;Diagnosediensthost;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S3 WmiAcpi;Microsoft Windows Management Interface for ACPI;c:\windows\system32\drivers\wmiacpi.sys;c:\windows\SYSNATIVE\drivers\wmiacpi.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*Deregistered* - kwdiypog
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-05 16:16	1210320	----a-w-	c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-12-18 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3196643619-180691504-1137637367-1001Core.job
- c:\users\Sven\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-10-17 18:37]
.
2013-12-19 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3196643619-180691504-1137637367-1001UA.job
- c:\users\Sven\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-10-17 18:37]
.
2013-12-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-05 13:58]
.
2013-12-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-05 13:58]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	164016	----a-w-	c:\users\Sven\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	164016	----a-w-	c:\users\Sven\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	164016	----a-w-	c:\users\Sven\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	164016	----a-w-	c:\users\Sven\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-12-06 14:47	778704	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-12-06 14:47	778704	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-12-06 14:47	778704	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-12-06 14:47	778704	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-12-06 14:47	778704	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-12-06 14:47	778704	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-05-09 168216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-05-09 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-05-09 416024]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-03-10 11785832]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-07-29 497648]
"Power Management"="c:\program files\Packard Bell\Packard Bell Power Management\ePowerTray.exe" [2011-05-10 1831528]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll c:\progra~2\Sophos\SOPHOS~1\sophos_detoured_x64.dll
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.bing.com
uDefault_Page_URL = hxxp://packardbell.msn.com
uLocal Page = c:\windows\system32\blank.htm
uSearch Bar = hxxp://www.bing.com
mDefault_Page_URL = hxxp://packardbell.msn.com
mStart Page = hxxp://packardbell.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: Free YouTube Download - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000
LSP: c:\programdata\Sophos\Web Intelligence\swi_ifslsp.dll
TCP: Interfaces\{1DA15487-6B00-4BCF-BC25-8F503F330EAE}: NameServer = 192.129.28.9 10.11.0.9
TCP: Interfaces\{D5056649-9BF4-4246-BBAA-70EFEA6D0FF4}: NameServer = 192.129.28.9 10.11.0.9
FF - ProfilePath - c:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\j1t2b60a.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/firefox
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF - ExtSQL: 2013-10-27 15:33; wrc@avast.com; d:\programme\avast\WebRep\FF
FF - ExtSQL: 2013-11-27 16:54; {bee6eb20-01e0-ebd1-da83-080329fb9a3a}; c:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\j1t2b60a.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-Akamai NetSession Interface - c:\users\Sven\AppData\Local\Akamai\netsession_win.exe
Wow6432Node-HKLM-Run-AvastUI.exe - d:\programme\avast\AvastUI.exe
Wow6432Node-HKLM-Run-20131121 - d:\programme\avast\setup\emupdate\3893ed93-022f-4200-b602-0bfc7dc3e7fd.exe
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
HKLM-Run-SpywareTerminatorShield - c:\program files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM-Run-SpywareTerminatorUpdater - c:\program files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
AddRemove-Windows Utils - c:\users\Sven\AppData\Roaming\Windows Net Data\uninstaller.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-12-19  17:06:17
ComboFix-quarantined-files.txt  2013-12-19 16:06
.
Vor Suchlauf: 13 Verzeichnis(se), 138.532.413.440 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 138.586.980.352 Bytes frei
.
- - End Of File - - 7E3760D45D0DA589B0C3566ACC12D32A

schrauber · 20.12.2013, 10:02

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

nrg112 · 23.12.2013, 12:48

Malwarebytes

Code:

ATTFilter

kMalwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.12.17.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Sven :: SVEN-LAPTOP [Administrator]

22.12.2013 21:53:30
mbam-log-2013-12-22 (21-53-30).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 535266
Laufzeit: 1 Stunde(n), 34 Minute(n), 49 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

[CODE]
ADWcleanerAdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v3.015 - Bericht erstellt am 22/12/2013 um 16:50:04
# Updated 10/12/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Sven - SVEN-LAPTOP
# Gestartet von : C:\Users\Sven\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\OCS

***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16455


-\\ Mozilla Firefox v18.0.1 (de)

[ Datei : C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\j1t2b60a.default\prefs.js ]


-\\ Google Chrome v31.0.1650.63

[ Datei : C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [59966 octets] - [05/11/2013 16:34:48]
AdwCleaner[R1].txt - [1681 octets] - [18/12/2013 15:58:41]
AdwCleaner[R2].txt - [1470 octets] - [22/12/2013 16:42:42]
AdwCleaner[S0].txt - [59703 octets] - [05/11/2013 20:36:02]
AdwCleaner[S1].txt - [1648 octets] - [18/12/2013 16:00:58]
AdwCleaner[S2].txt - [1295 octets] - [22/12/2013 16:50:04]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1355 octets] ##########

--- --- ---

JRT

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by Sven on 22.12.2013 at 17:02:08,03
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Sven\appdata\local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22.12.2013 at 17:10:36,00
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-12-2013 01
Ran by Sven (administrator) on SVEN-LAPTOP on 23-12-2013 12:42:21
Running from C:\Users\Sven\Desktop\Antivir
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Connectify) C:\Program Files (x86)\Connectify\ConnectifyService.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
(Connectify) C:\Program Files (x86)\Connectify\Connectifyd.exe
(Juniper Networks, Inc.) C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
(Josip Medved) D:\Programme\VHD Attach\VHD Attach\VhdAttachService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Packard Bell MyBackup\BackupManagerTray.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Juniper Networks, Inc.) C:\Program Files (x86)\Common Files\Juniper Networks\JamUI\Pulse.exe
(Dropbox, Inc.) C:\Users\Sven\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) D:\Programme\thunderbird\thunderbird.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [IntelTBRunOnce] - C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs [4526 2010-10-08] ()
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2588968 2010-11-12] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11785832 2011-03-10] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
HKLM\...\Run: [Power Management] - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [1831528 2011-05-10] (Acer Incorporated)
HKLM\...\Run: [SpywareTerminatorShield] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384 2013-11-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKCU\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20203904 2013-12-06] (Google)
HKCU\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844144 2013-02-13] (Samsung)
HKCU\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE [6563096 2013-12-22] (SUPERAntiSpyware)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-14] (Intel Corporation)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NTI\Packard Bell MyBackup\BackupManagerTray.exe [295744 2011-03-09] (NTI Corporation)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Sophos AutoUpdate Monitor] - C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe [900160 2012-12-05] (Sophos Limited)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [33648 2007-08-24] (Microsoft Corporation)
HKLM-x32\...\Run: [JunosPulse] - C:\Program Files (x86)\Common Files\Juniper Networks\JamUI\Pulse.exe [2063736 2011-10-16] (Juniper Networks, Inc.)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe [154144 2010-07-29] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe [154144 2010-07-29] ()
AppInit_DLLs: C:\Windows\System32\nvinitx.dll [168616 2013-11-14] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\PROGRA~2\Sophos\SOPHOS~1\sophos_detoured.dll, C:\Windows\SysWOW64\nvinit.dll [141336 2013-11-14] (NVIDIA Corporation)
Startup: C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Sven\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://packardbell.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://packardbell.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} https://juniper.net/dana-cached/setup/JuniperSetupSP1.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Winsock: Catalog9 01 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Winsock: Catalog9 02 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Winsock: Catalog9 03 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Winsock: Catalog9 04 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Winsock: Catalog9 05 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Winsock: Catalog9 06 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Winsock: Catalog9 07 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Winsock: Catalog9 08 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Winsock: Catalog9 19 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Winsock: Catalog9-x64 01 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [127040] (Sophos Limited)
Winsock: Catalog9-x64 02 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [127040] (Sophos Limited)
Winsock: Catalog9-x64 03 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [127040] (Sophos Limited)
Winsock: Catalog9-x64 04 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [127040] (Sophos Limited)
Winsock: Catalog9-x64 05 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [127040] (Sophos Limited)
Winsock: Catalog9-x64 06 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [127040] (Sophos Limited)
Winsock: Catalog9-x64 07 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [127040] (Sophos Limited)
Winsock: Catalog9-x64 08 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [127040] (Sophos Limited)
Winsock: Catalog9-x64 19 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [127040] (Sophos Limited)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{B17EC478-CCE4-490B-AE68-529218D8D28D}: [NameServer]192.129.28.9 10.11.0.9

FireFox:
========
FF ProfilePath: C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\j1t2b60a.default
FF NewTab: hxxp://www.google.com/firefox
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com/firefox
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 - D:\Programme\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - D:\Programme\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Sven\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Extension: Flash and Video Download - C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\j1t2b60a.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
FF Extension: Embedded Objects - C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\j1t2b60a.default\Extensions\firefox@red-cog.com.xpi
FF StartMenuInternet: FIREFOX.EXE - D:\Programme\firefox\firefox.exe

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.facebook.com/", "hxxp://www.hs-coburg.de/"
CHR DefaultSearchKeyword: google.de
CHR DefaultSearchProvider: Google
CHR DefaultSearchURL: {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultNewTabURL: {google:baseURL}_/chrome/newtab?{google:RLZ}{google:instantExtendedEnabledParameter}{google:ntpIsThemedParameter}ie={inputEncoding}
CHR Extension: (Google Drive) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Pushbullet) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd\11_0
CHR Extension: (Weebly - Website Builder) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnocophcbjfiimmnhlhleaooedeheifb\1.0.5_0
CHR Extension: (Google Search) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (UNITY Mobile Websites) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\djmhcnaclgamnihgioaciekfkbkeeelm\3.5.0_0
CHR Extension: (MightyText - Send/Receive SMS Text Messages) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkfhfaphfkopdgpbfkebjfcblcafcmpi\10.1_0
CHR Extension: (FoxyProxy Standard) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcknhkkoolaabfmlnjonogaaifnjlfnp\2.9_0
CHR Extension: (AdBlock) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0
CHR Extension: (BrowserTexting) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\idijdgooojpepbnadlbkiagcmilndffa\1.49_0
CHR Extension: (Session Manager) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\mghenlmbmjcpehccoangkdpagbcbkdpc\3.4.6_0
CHR Extension: (Fiabee HTML5 Viewer) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngmmpodmhlhciagihcjpdggoihakcahf\1.0.0.71_0
CHR Extension: (Google Wallet) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (SiteBlock) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfglnpdpgmecffbejlfgpnebopinlclj\0.2.3_0
CHR Extension: (Gmail) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-10] (SUPERAntiSpyware.com)
R2 Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [487936 2013-09-24] (Connectify)
R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [872552 2011-05-10] (Acer Incorporated)
R2 GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [29696 2011-05-26] (Acer Incorporated)
S4 Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [244624 2011-04-22] (Acer Incorporated)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe [257344 2011-03-09] (NTI Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15125280 2013-11-14] (NVIDIA Corporation)
R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [216640 2013-01-06] (Sophos Limited)
R2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [139840 2012-12-05] (Sophos Limited)
R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [232512 2012-12-05] (Sophos Limited)
R2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [357400 2012-12-05] (Sophos Limited)
R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [2869824 2013-01-06] (Sophos Limited)
S2 swi_update_64; C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe [1998400 2013-01-06] (Sophos Limited)
S4 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe [234096 2013-10-08] (soft Xpansion)
S4 TeamViewer8; D:\Programme\Teamviewer\Version8\TeamViewer_Service.exe [5087584 2013-10-01] (TeamViewer GmbH)
R2 VhdAttach; D:\Programme\VHD Attach\VHD Attach\VhdAttachService.exe [276376 2013-05-12] (Josip Medved)

==================== Drivers (Whitelisted) ====================

R1 cnnctfy3; C:\Windows\System32\DRIVERS\cnnctfy3.sys [35352 2013-10-01] (Connectify)
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-06-09] (Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-12-08] (DT Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [16776 2011-07-29] ()
S3 epmntdrv; C:\Windows\SysWow64\epmntdrv.sys [14216 2011-07-29] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9096 2011-07-29] ()
S3 EuGdiDrv; C:\Windows\SysWow64\EuGdiDrv.sys [8456 2011-07-29] ()
R3 jnprna; C:\Windows\System32\DRIVERS\jnprna6.sys [518992 2011-10-14] (Juniper Networks, Inc.)
S3 jnprva; C:\Windows\System32\DRIVERS\jnprva.sys [26480 2011-10-14] (Juniper Networks, Inc.)
R3 JnprVaMgr; C:\Windows\System32\DRIVERS\jnprvamgr.sys [45352 2011-10-14] (Juniper Networks, Inc.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-11-14] (NVIDIA Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [144672 2012-12-05] (Sophos Limited)
S3 sdcfilter; C:\Windows\System32\DRIVERS\sdcfilter.sys [36640 2012-12-05] (Sophos Limited)
S4 SophosBootDriver; C:\Windows\System32\DRIVERS\SophosBootDriver.sys [25608 2012-12-05] (Sophos Plc)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [203104 2013-01-31] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 WinRing0_1_2_0; D:\Programme\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
U5 UnlockerDriver5; D:\Programme\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-22 19:31 - 2011-10-14 14:42 - 00518992 _____ (Juniper Networks, Inc.) C:\Windows\system32\Drivers\jnprna6.sys
2013-12-22 19:30 - 2013-12-22 19:30 - 00000000 ____D C:\Users\Sven\Desktop\VPN-Juniper64
2013-12-22 19:10 - 2013-12-22 19:10 - 00000000 ____D C:\Windows\SysWOW64\NV
2013-12-22 19:10 - 2013-12-22 19:10 - 00000000 ____D C:\Windows\system32\NV
2013-12-22 19:03 - 2013-12-22 19:03 - 00717096 _____ (Josip Medved                                                ) C:\Users\Sven\Desktop\vhdattach380.exe
2013-12-22 19:03 - 2013-12-22 19:03 - 00000000 ____D C:\Users\Sven\AppData\Local\NVIDIA
2013-12-22 18:16 - 2013-11-14 12:58 - 01064224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2013-12-22 18:16 - 2013-11-14 12:58 - 00955168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2013-12-22 18:14 - 2013-12-22 19:10 - 00000000 ____D C:\ProgramData\NVIDIA
2013-12-22 18:14 - 2013-12-22 18:14 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-12-22 18:14 - 2013-12-22 18:14 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen
2013-12-22 18:14 - 2013-12-22 18:14 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü
2013-12-22 18:14 - 2013-12-22 18:14 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung
2013-12-22 18:14 - 2013-12-22 18:14 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen
2013-12-22 18:14 - 2013-12-22 18:14 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien
2013-12-22 18:14 - 2013-12-22 18:14 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung
2013-12-22 18:14 - 2013-12-22 18:14 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik
2013-12-22 18:14 - 2013-12-22 18:14 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder
2013-12-22 18:14 - 2013-12-22 18:14 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-22 18:14 - 2013-12-22 18:14 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf
2013-12-22 18:14 - 2013-12-22 18:14 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2013-12-22 18:14 - 2013-12-22 18:14 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten
2013-12-22 18:14 - 2013-01-16 23:05 - 00000000 ____D C:\Users\UpdatusUser\AppData\LocalGoogle
2013-12-22 18:14 - 2013-01-16 23:05 - 00000000 ____D C:\Users\UpdatusUser\AppData\Local\Google
2013-12-22 18:14 - 2012-12-05 00:26 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Macromedia
2013-12-22 18:14 - 2009-07-14 05:54 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-12-22 18:14 - 2009-07-14 05:49 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-12-22 18:13 - 2013-12-22 18:13 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-12-22 18:09 - 2013-11-11 16:02 - 06674208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-12-22 18:09 - 2013-11-11 16:02 - 03490080 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-12-22 18:09 - 2013-11-11 16:01 - 03467927 _____ C:\Windows\system32\nvcoproc.bin
2013-12-22 18:09 - 2013-11-11 16:01 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2013-12-22 18:09 - 2013-11-11 16:01 - 01065248 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2013-12-22 18:09 - 2013-11-11 16:01 - 00922912 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-12-22 18:09 - 2013-11-11 16:01 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-12-22 18:09 - 2013-11-11 16:01 - 00067072 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2013-12-22 18:09 - 2013-11-11 16:01 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-12-22 18:08 - 2013-11-14 12:58 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2013-12-22 18:08 - 2013-11-14 12:58 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2013-12-22 18:07 - 2013-12-22 19:01 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-12-22 17:55 - 2013-11-14 12:58 - 30361888 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 22951200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 18293608 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 18208624 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 15862272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 15218504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 12613408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-12-22 17:55 - 2013-11-14 12:58 - 11600432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 11514624 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 09691888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 09619872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433182.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433182.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 01436528 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 01242400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 00707360 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 00657184 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 00609568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 00562464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2013-12-22 17:55 - 2013-11-14 12:58 - 00032544 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2013-12-22 17:55 - 2013-11-14 12:58 - 00029984 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 00028960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 00023754 _____ C:\Windows\system32\nvinfo.pb
2013-12-22 17:54 - 2013-11-14 12:58 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-12-22 17:54 - 2013-11-14 12:58 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-12-22 17:54 - 2013-11-14 12:58 - 03069608 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-12-22 17:54 - 2013-11-14 12:58 - 02697248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-12-22 17:52 - 2013-12-22 17:52 - 00000000 ____D C:\NVIDIA
2013-12-22 17:32 - 2013-12-22 17:52 - 259887872 _____ (NVIDIA Corporation) C:\Users\Sven\Downloads\331.82-notebook-win8-win7-64bit-international-whql.exe
2013-12-22 17:10 - 2013-12-22 17:10 - 00000780 _____ C:\Users\Sven\Desktop\JRT.txt
2013-12-22 16:53 - 2013-12-22 16:53 - 00001435 _____ C:\Users\Sven\Desktop\AdwCleaner[S2].txt
2013-12-22 16:45 - 2013-12-22 16:45 - 01034531 _____ (Thisisu) C:\Users\Sven\Desktop\JRT.exe
2013-12-22 16:41 - 2013-12-22 16:42 - 01226802 _____ C:\Users\Sven\Desktop\adwcleaner.exe
2013-12-19 22:53 - 2013-12-19 22:53 - 00001304 _____ C:\Users\Sven\Desktop\Notepad.lnk
2013-12-19 22:51 - 2013-12-19 22:51 - 00001996 _____ C:\Users\Sven\Desktop\Sophos Endpoint Security and Control.lnk
2013-12-19 22:50 - 2013-12-19 22:50 - 00000543 _____ C:\Users\Sven\Desktop\nx_konfig.vhd.lnk
2013-12-19 22:50 - 2013-12-19 22:50 - 00000540 _____ C:\Users\Sven\Desktop\nx_daten.vhd.lnk
2013-12-19 22:46 - 2013-12-19 22:47 - 347613046 _____ C:\Users\Sven\Desktop\Stargate_13.12.19_18-45_pro7maxx_45_TVOON_DE.mpg.avi
2013-12-19 22:46 - 2013-12-19 22:46 - 405545198 _____ C:\Users\Sven\Desktop\Stargate_13.12.19_19-30_pro7maxx_45_TVOON_DE.mpg.avi
2013-12-19 17:06 - 2013-12-19 17:06 - 00052443 _____ C:\ComboFix.txt
2013-12-19 16:53 - 2013-12-19 17:06 - 00000000 ____D C:\Qoobox
2013-12-19 16:53 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2013-12-19 16:53 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2013-12-19 16:53 - 2009-04-20 05:56 - 00060416 _____ C:\Windows\NIRCMD.exe
2013-12-19 16:53 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-12-19 16:53 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-12-19 16:53 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2013-12-19 16:53 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2013-12-19 16:53 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2013-12-19 16:52 - 2013-12-23 12:42 - 00000000 ____D C:\Users\Sven\Desktop\Antivir
2013-12-19 16:52 - 2013-12-19 17:04 - 00000000 ____D C:\Windows\erdnt
2013-12-19 15:35 - 2013-12-19 15:35 - 463946146 _____ C:\Windows\MEMORY.DMP
2013-12-19 15:35 - 2013-12-19 15:35 - 00262144 _____ C:\Windows\Minidump\121913-34335-01.dmp
2013-12-19 15:19 - 2013-12-23 12:42 - 00000000 ____D C:\FRST
2013-12-19 15:18 - 2013-12-19 15:18 - 00000000 _____ C:\Users\Sven\defogger_reenable
2013-12-19 14:51 - 2013-12-19 14:51 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-12-19 14:04 - 2013-12-19 14:04 - 00000350 _____ C:\Users\Sven\Desktop\bayern1_2.m3u
2013-12-18 21:15 - 2013-12-18 21:15 - 00000855 _____ C:\Users\Sven\Documents\JRT.txt
2013-12-18 21:12 - 2013-12-18 21:12 - 00675988 _____ C:\Users\Sven\Desktop\Minecraft (1).exe
2013-12-18 21:03 - 2013-12-18 21:03 - 00000000 ____D C:\Windows\ERUNT
2013-12-18 20:56 - 2013-12-23 12:35 - 00002430 _____ C:\Windows\PFRO.log
2013-12-18 20:56 - 2013-12-23 12:35 - 00000999 _____ C:\Windows\setupact.log
2013-12-18 20:56 - 2013-12-18 20:56 - 00000000 _____ C:\Windows\setuperr.log
2013-12-18 20:32 - 2013-12-18 20:32 - 00421267 _____ C:\Users\Sven\Documents\OptiFine 1.6.4.jar
2013-12-18 17:28 - 2013-12-18 17:28 - 00000043 _____ C:\Users\Sven\Desktop\minecraft.bat
2013-12-18 17:10 - 2013-12-18 17:10 - 00000000 ____D C:\ProgramData\Oracle
2013-12-18 17:07 - 2013-12-18 17:07 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-12-18 17:07 - 2013-12-18 17:07 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-12-18 17:07 - 2013-12-18 17:07 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-12-18 17:07 - 2013-12-18 17:06 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-12-18 17:06 - 2013-12-18 17:06 - 00000000 ____D C:\Program Files\Java
2013-12-18 16:42 - 2013-12-18 16:42 - 00374842 _____ C:\Users\Sven\Documents\OptiFine_1.6.2.zip
2013-12-18 15:57 - 2013-12-18 15:57 - 00000000 ____D C:\Program Files (x86)\ESET
2013-12-18 13:32 - 2013-12-18 13:32 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-12-18 13:23 - 2013-12-19 13:56 - 00000000 ____D C:\Program Files (x86)\Spyware Terminator
2013-12-18 13:23 - 2013-12-18 13:23 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2013-12-17 21:52 - 2013-12-17 21:53 - 00000000 ____D C:\Users\Sven\Documents\CamScanner
2013-12-17 21:03 - 2013-12-22 16:36 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-12-17 21:03 - 2013-12-17 21:03 - 00000000 ____D C:\Users\Sven\AppData\Roaming\SUPERAntiSpyware.com
2013-12-17 21:03 - 2013-12-17 21:03 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2013-12-17 21:02 - 2013-12-17 21:02 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Malwarebytes
2013-12-17 21:02 - 2013-12-17 21:02 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-17 21:02 - 2013-12-17 21:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-17 21:02 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-17 20:59 - 2013-12-17 20:59 - 00614784 _____ C:\Users\Sven\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2013-12-17 20:57 - 2013-12-17 20:57 - 00614784 _____ C:\Users\Sven\Downloads\SuperAntiSpyware - CHIP-Downloader.exe
2013-12-17 19:49 - 2013-12-17 19:55 - 139245339 _____ C:\Users\Sven\Documents\cm-9.1.0-tf201.zip
2013-12-16 19:01 - 2013-12-16 19:01 - 00037376 _____ C:\Users\Sven\Desktop\ChangeMAC-2010.exe
2013-12-16 19:00 - 2013-12-16 19:00 - 00004091 _____ C:\Users\Sven\Documents\ipconfigall.txt
2013-12-11 19:44 - 2013-12-11 19:44 - 00100454 _____ C:\Users\Sven\Documents\Apple iPhone 5S Vodafone 16 GB gold mit Vertrag Vodafone RED M Young 39,99 jetzt bei uns kaufen.htm
2013-12-11 19:44 - 2013-12-11 19:44 - 00000000 ____D C:\Users\Sven\Documents\Apple iPhone 5S Vodafone 16 GB gold mit Vertrag Vodafone RED M Young 39,99 jetzt bei uns kaufen_files
2013-12-11 19:34 - 2013-12-11 19:34 - 00000332 _____ C:\Users\Sven\Desktop\bayern3_2.m3u
2013-12-11 13:57 - 2013-12-12 21:34 - 00000000 ____D C:\Users\Sven\Documents\Handyvertrag handydealer red m
2013-12-10 20:26 - 2013-12-10 20:26 - 00000000 ____D C:\Users\Sven\Documents\RevouninstallerPortable
2013-12-05 17:04 - 2013-12-05 17:04 - 00112086 _____ C:\Users\Sven\Documents\cc_20131205_170409.reg
2013-12-05 16:16 - 2013-12-05 16:16 - 00001280 _____ C:\Users\Sven\Desktop\Command Prompt.lnk
2013-12-04 12:05 - 2013-12-04 12:07 - 365029360 _____ C:\Users\Sven\Downloads\Rare_Exports_Eine_Weihnachtsgeschichte_13.12.03_22-00_tele5_105_TVOON_DE.mpg.HQ.avi.otrkey
2013-12-02 19:05 - 2013-12-02 19:05 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Scilab
2013-12-02 19:04 - 2013-12-02 19:04 - 00000887 _____ C:\Users\Public\Desktop\scilab-5.4.1 (64-bit).lnk
2013-11-25 21:42 - 2013-12-22 19:34 - 00000804 _____ C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\VHD Attach.lnk
2013-11-25 21:36 - 2013-11-25 21:37 - 00000000 ____D C:\scripts

==================== One Month Modified Files and Folders =======

2013-12-23 12:42 - 2013-12-19 16:52 - 00000000 ____D C:\Users\Sven\Desktop\Antivir
2013-12-23 12:42 - 2013-12-19 15:19 - 00000000 ____D C:\FRST
2013-12-23 12:38 - 2012-12-05 16:01 - 00000000 ___RD C:\Users\Sven\Dropbox
2013-12-23 12:38 - 2012-12-05 15:59 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Dropbox
2013-12-23 12:37 - 2013-10-30 19:27 - 00000439 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2013-12-23 12:37 - 2012-12-05 15:59 - 00000000 ___RD C:\Users\Sven\Google Drive
2013-12-23 12:35 - 2013-12-18 20:56 - 00002430 _____ C:\Windows\PFRO.log
2013-12-23 12:35 - 2013-12-18 20:56 - 00000999 _____ C:\Windows\setupact.log
2013-12-23 12:35 - 2012-12-05 14:58 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-23 12:35 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-23 01:47 - 2012-12-05 00:06 - 01797375 _____ C:\Windows\WindowsUpdate.log
2013-12-23 01:28 - 2013-02-20 15:07 - 00000000 ____D C:\Users\Sven\AppData\Roaming\vlc
2013-12-23 01:22 - 2012-12-05 14:58 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-22 23:42 - 2013-10-17 19:37 - 00000924 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3196643619-180691504-1137637367-1001UA.job
2013-12-22 20:42 - 2013-10-17 19:37 - 00000902 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3196643619-180691504-1137637367-1001Core.job
2013-12-22 19:36 - 2012-12-15 11:37 - 00000000 ____D C:\Users\Sven\AppData\Roaming\NVIDIA
2013-12-22 19:34 - 2013-11-25 21:42 - 00000804 _____ C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\VHD Attach.lnk
2013-12-22 19:30 - 2013-12-22 19:30 - 00000000 ____D C:\Users\Sven\Desktop\VPN-Juniper64
2013-12-22 19:30 - 2013-10-10 17:35 - 00000078 _____ C:\Windows\init.ini
2013-12-22 19:20 - 2009-07-14 05:45 - 00016752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-22 19:20 - 2009-07-14 05:45 - 00016752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-22 19:10 - 2013-12-22 19:10 - 00000000 ____D C:\Windows\SysWOW64\NV
2013-12-22 19:10 - 2013-12-22 19:10 - 00000000 ____D C:\Windows\system32\NV
2013-12-22 19:10 - 2013-12-22 18:14 - 00000000 ____D C:\ProgramData\NVIDIA
2013-12-22 19:03 - 2013-12-22 19:03 - 00717096 _____ (Josip Medved                                                ) C:\Users\Sven\Desktop\vhdattach380.exe
2013-12-22 19:03 - 2013-12-22 19:03 - 00000000 ____D C:\Users\Sven\AppData\Local\NVIDIA
2013-12-22 19:01 - 2013-12-22 18:07 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-12-22 18:16 - 2012-12-05 00:11 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-12-22 18:16 - 2012-12-05 00:11 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-12-22 18:14 - 2013-12-22 18:14 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-12-22 18:14 - 2013-12-22 18:14 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen
2013-12-22 18:14 - 2013-12-22 18:14 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü
2013-12-22 18:14 - 2013-12-22 18:14 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung
2013-12-22 18:14 - 2013-12-22 18:14 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen
2013-12-22 18:14 - 2013-12-22 18:14 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien
2013-12-22 18:14 - 2013-12-22 18:14 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung
2013-12-22 18:14 - 2013-12-22 18:14 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik
2013-12-22 18:14 - 2013-12-22 18:14 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder
2013-12-22 18:14 - 2013-12-22 18:14 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-22 18:14 - 2013-12-22 18:14 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf
2013-12-22 18:14 - 2013-12-22 18:14 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2013-12-22 18:14 - 2013-12-22 18:14 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten
2013-12-22 18:13 - 2013-12-22 18:13 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-12-22 17:52 - 2013-12-22 17:52 - 00000000 ____D C:\NVIDIA
2013-12-22 17:52 - 2013-12-22 17:32 - 259887872 _____ (NVIDIA Corporation) C:\Users\Sven\Downloads\331.82-notebook-win8-win7-64bit-international-whql.exe
2013-12-22 17:51 - 2012-12-05 20:37 - 00007617 _____ C:\Users\Sven\AppData\Local\Resmon.ResmonCfg
2013-12-22 17:41 - 2013-01-27 00:50 - 00000000 ____D C:\Users\Sven\AppData\Roaming\.minecraft
2013-12-22 17:10 - 2013-12-22 17:10 - 00000780 _____ C:\Users\Sven\Desktop\JRT.txt
2013-12-22 16:53 - 2013-12-22 16:53 - 00001435 _____ C:\Users\Sven\Desktop\AdwCleaner[S2].txt
2013-12-22 16:50 - 2013-11-05 16:34 - 00000000 ____D C:\AdwCleaner
2013-12-22 16:45 - 2013-12-22 16:45 - 01034531 _____ (Thisisu) C:\Users\Sven\Desktop\JRT.exe
2013-12-22 16:42 - 2013-12-22 16:41 - 01226802 _____ C:\Users\Sven\Desktop\adwcleaner.exe
2013-12-22 16:36 - 2013-12-17 21:03 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-12-22 16:23 - 2013-07-30 02:11 - 00000000 _____ C:\Windows\system32\vireng.log
2013-12-19 22:53 - 2013-12-19 22:53 - 00001304 _____ C:\Users\Sven\Desktop\Notepad.lnk
2013-12-19 22:51 - 2013-12-19 22:51 - 00001996 _____ C:\Users\Sven\Desktop\Sophos Endpoint Security and Control.lnk
2013-12-19 22:50 - 2013-12-19 22:50 - 00000543 _____ C:\Users\Sven\Desktop\nx_konfig.vhd.lnk
2013-12-19 22:50 - 2013-12-19 22:50 - 00000540 _____ C:\Users\Sven\Desktop\nx_daten.vhd.lnk
2013-12-19 22:47 - 2013-12-19 22:46 - 347613046 _____ C:\Users\Sven\Desktop\Stargate_13.12.19_18-45_pro7maxx_45_TVOON_DE.mpg.avi
2013-12-19 22:46 - 2013-12-19 22:46 - 405545198 _____ C:\Users\Sven\Desktop\Stargate_13.12.19_19-30_pro7maxx_45_TVOON_DE.mpg.avi
2013-12-19 17:06 - 2013-12-19 17:06 - 00052443 _____ C:\ComboFix.txt
2013-12-19 17:06 - 2013-12-19 16:53 - 00000000 ____D C:\Qoobox
2013-12-19 17:06 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Default
2013-12-19 17:04 - 2013-12-19 16:52 - 00000000 ____D C:\Windows\erdnt
2013-12-19 17:04 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2013-12-19 15:38 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2013-12-19 15:35 - 2013-12-19 15:35 - 463946146 _____ C:\Windows\MEMORY.DMP
2013-12-19 15:35 - 2013-12-19 15:35 - 00262144 _____ C:\Windows\Minidump\121913-34335-01.dmp
2013-12-19 15:35 - 2013-02-18 16:20 - 00000000 ____D C:\Windows\Minidump
2013-12-19 15:18 - 2013-12-19 15:18 - 00000000 _____ C:\Users\Sven\defogger_reenable
2013-12-19 15:18 - 2012-12-05 01:02 - 00000000 ____D C:\Users\Sven
2013-12-19 14:52 - 2013-10-27 15:30 - 00000000 ____D C:\ProgramData\AVAST Software
2013-12-19 14:51 - 2013-12-19 14:51 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-12-19 14:04 - 2013-12-19 14:04 - 00000350 _____ C:\Users\Sven\Desktop\bayern1_2.m3u
2013-12-19 14:03 - 2013-11-13 16:18 - 00004144 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-12-19 13:56 - 2013-12-18 13:23 - 00000000 ____D C:\Program Files (x86)\Spyware Terminator
2013-12-18 22:35 - 2012-12-04 14:46 - 00000000 ____D C:\Users\Sven\Documents\mofa
2013-12-18 22:11 - 2012-12-05 08:59 - 00700800 _____ C:\Windows\system32\perfh007.dat
2013-12-18 22:11 - 2012-12-05 08:59 - 00149668 _____ C:\Windows\system32\perfc007.dat
2013-12-18 22:11 - 2009-07-14 06:13 - 01618320 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-18 21:15 - 2013-12-18 21:15 - 00000855 _____ C:\Users\Sven\Documents\JRT.txt
2013-12-18 21:12 - 2013-12-18 21:12 - 00675988 _____ C:\Users\Sven\Desktop\Minecraft (1).exe
2013-12-18 21:03 - 2013-12-18 21:03 - 00000000 ____D C:\Windows\ERUNT
2013-12-18 20:56 - 2013-12-18 20:56 - 00000000 _____ C:\Windows\setuperr.log
2013-12-18 20:32 - 2013-12-18 20:32 - 00421267 _____ C:\Users\Sven\Documents\OptiFine 1.6.4.jar
2013-12-18 17:36 - 2013-01-06 02:08 - 00000000 ____D C:\Users\Sven\AppData\Local\CrashDumps
2013-12-18 17:28 - 2013-12-18 17:28 - 00000043 _____ C:\Users\Sven\Desktop\minecraft.bat
2013-12-18 17:10 - 2013-12-18 17:10 - 00000000 ____D C:\ProgramData\Oracle
2013-12-18 17:07 - 2013-12-18 17:07 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-12-18 17:07 - 2013-12-18 17:07 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-12-18 17:07 - 2013-12-18 17:07 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-12-18 17:06 - 2013-12-18 17:07 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-12-18 17:06 - 2013-12-18 17:06 - 00000000 ____D C:\Program Files\Java
2013-12-18 16:42 - 2013-12-18 16:42 - 00374842 _____ C:\Users\Sven\Documents\OptiFine_1.6.2.zip
2013-12-18 16:05 - 2012-12-05 01:04 - 00000000 ___RD C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-18 15:57 - 2013-12-18 15:57 - 00000000 ____D C:\Program Files (x86)\ESET
2013-12-18 13:32 - 2013-12-18 13:32 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-12-18 13:23 - 2013-12-18 13:23 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2013-12-17 21:53 - 2013-12-17 21:52 - 00000000 ____D C:\Users\Sven\Documents\CamScanner
2013-12-17 21:03 - 2013-12-17 21:03 - 00000000 ____D C:\Users\Sven\AppData\Roaming\SUPERAntiSpyware.com
2013-12-17 21:03 - 2013-12-17 21:03 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2013-12-17 21:02 - 2013-12-17 21:02 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Malwarebytes
2013-12-17 21:02 - 2013-12-17 21:02 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-17 21:02 - 2013-12-17 21:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-17 20:59 - 2013-12-17 20:59 - 00614784 _____ C:\Users\Sven\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2013-12-17 20:57 - 2013-12-17 20:57 - 00614784 _____ C:\Users\Sven\Downloads\SuperAntiSpyware - CHIP-Downloader.exe
2013-12-17 19:55 - 2013-12-17 19:49 - 139245339 _____ C:\Users\Sven\Documents\cm-9.1.0-tf201.zip
2013-12-16 22:13 - 2011-05-31 10:44 - 00000000 ____D C:\ProgramData\WildTangent
2013-12-16 19:01 - 2013-12-16 19:01 - 00037376 _____ C:\Users\Sven\Desktop\ChangeMAC-2010.exe
2013-12-16 19:00 - 2013-12-16 19:00 - 00004091 _____ C:\Users\Sven\Documents\ipconfigall.txt
2013-12-13 00:17 - 2012-12-05 14:58 - 00004102 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-13 00:17 - 2012-12-05 14:58 - 00003850 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-12 22:39 - 2012-12-05 21:02 - 00000000 ____D C:\ProgramData\IObit
2013-12-12 21:34 - 2013-12-11 13:57 - 00000000 ____D C:\Users\Sven\Documents\Handyvertrag handydealer red m
2013-12-11 19:44 - 2013-12-11 19:44 - 00100454 _____ C:\Users\Sven\Documents\Apple iPhone 5S Vodafone 16 GB gold mit Vertrag Vodafone RED M Young 39,99 jetzt bei uns kaufen.htm
2013-12-11 19:44 - 2013-12-11 19:44 - 00000000 ____D C:\Users\Sven\Documents\Apple iPhone 5S Vodafone 16 GB gold mit Vertrag Vodafone RED M Young 39,99 jetzt bei uns kaufen_files
2013-12-11 19:34 - 2013-12-11 19:34 - 00000332 _____ C:\Users\Sven\Desktop\bayern3_2.m3u
2013-12-10 20:26 - 2013-12-10 20:26 - 00000000 ____D C:\Users\Sven\Documents\RevouninstallerPortable
2013-12-10 20:11 - 2013-02-27 15:04 - 00000000 ____D C:\Program Files (x86)\MediaMonkey
2013-12-10 18:42 - 2013-02-27 15:04 - 00000000 ____D C:\Users\Sven\AppData\Roaming\MediaMonkey
2013-12-05 17:04 - 2013-12-05 17:04 - 00112086 _____ C:\Users\Sven\Documents\cc_20131205_170409.reg
2013-12-05 16:16 - 2013-12-05 16:16 - 00001280 _____ C:\Users\Sven\Desktop\Command Prompt.lnk
2013-12-05 11:41 - 2009-07-14 06:08 - 00028082 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-04 12:07 - 2013-12-04 12:05 - 365029360 _____ C:\Users\Sven\Downloads\Rare_Exports_Eine_Weihnachtsgeschichte_13.12.03_22-00_tele5_105_TVOON_DE.mpg.HQ.avi.otrkey
2013-12-02 19:05 - 2013-12-02 19:05 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Scilab
2013-12-02 19:04 - 2013-12-02 19:04 - 00000887 _____ C:\Users\Public\Desktop\scilab-5.4.1 (64-bit).lnk
2013-11-28 13:44 - 2012-12-05 01:05 - 00000000 ____D C:\Users\Sven\AppData\Local\Adobe
2013-11-26 20:56 - 2013-10-23 17:24 - 00000000 ____D C:\Program Files (x86)\MSECache
2013-11-26 20:55 - 2013-10-27 15:39 - 00000000 ____D C:\Users\Sven\AppData\Local\Microsoft Help
2013-11-25 21:37 - 2013-11-25 21:36 - 00000000 ____D C:\scripts
2013-11-25 20:57 - 2013-11-21 22:44 - 00000000 ____D C:\Users\Sven\AppData\Local\BEETmobile

Some content of TEMP:
====================
C:\Users\Sven\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-03 12:03

==================== End Of Log ============================

--- --- ---

--- --- ---

Vielen Dank für deine Mühe und ein frohes Fest wünsche ich

schrauber · 24.12.2013, 10:24

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

nrg112 · 26.12.2013, 20:38

ESET:

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=d3b1ebbd185f49449d2ec9b1d1096948
# engine=16319
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-12-19 01:30:15
# local_time=2013-12-19 02:30:15 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 1351700 139046465 0 0
# compatibility_mode=7937 16777214 0 25 23288 23288 0 0
# compatibility_mode=8450 16777213 100 99 23217 32703758 0 0
# scanned=313368
# found=5
# cleaned=5
# scan_time=19474
sh=7F2F6F28940F19F7CDA1FA8F3962F07FD1502164 ft=0 fh=0000000000000000 vn="Variante von Android/Adware.AirPush.G Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Sven\Documents\Note Backup\backup_apps\Bus Parking 3D_1.2.9.apk"
sh=A0AC2EF060C27275F2C0768DAF18A02FC0A6E168 ft=0 fh=0000000000000000 vn="Archbomb.RAR Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\Sven\Documents\Note Backup\Camera\IMG_1559.rar"
sh=DF370DF47B535FE9D6BBA3B792DF3F8AA9FF6DA3 ft=0 fh=0000000000000000 vn="möglicherweise Variante von Android/Adware.Youmi.B Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Sven\Google Drive\apps\Talking Tom_1.6.apk"
sh=7F2F6F28940F19F7CDA1FA8F3962F07FD1502164 ft=0 fh=0000000000000000 vn="Variante von Android/Adware.AirPush.G Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Sven\MyPhoneExplorer portable\Data\samsung GT-N7000 [351823050540277]\Cache\sdcard\backup_apps\Bus Parking 3D_1.2.9.apk"
sh=A0AC2EF060C27275F2C0768DAF18A02FC0A6E168 ft=0 fh=0000000000000000 vn="Archbomb.RAR Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\Sven\MyPhoneExplorer portable\Data\samsung GT-N7000 [351823050540277]\Cache\sdcard\DCIM\Camera\IMG_1559.rar"
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=d3b1ebbd185f49449d2ec9b1d1096948
# engine=16409
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-12-26 03:54:13
# local_time=2013-12-26 04:54:13 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 2008338 139703103 0 0
# compatibility_mode=7937 16777214 0 25 619072 619072 0 0
# compatibility_mode=8450 16777213 100 99 14642 33360396 0 0
# scanned=313854
# found=0
# cleaned=0
# scan_time=10689

CheckUp:

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.77  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Sophos Anti-Virus   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware Version 1.75.0.1300  
 Java 7 Update 21  
 Java version out of Date! 
 Adobe Flash Player 11.9.900.117  
 Adobe Reader 9 Adobe Reader out of Date! 
 Mozilla Firefox 18.0.1 Firefox out of Date!  
 Mozilla Thunderbird (17.0.) 
 Google Chrome 31.0.1650.57  
 Google Chrome 31.0.1650.63  
````````Process Check: objlist.exe by Laurent````````  
 Sophos Sophos Anti-Virus SavService.exe  
 Sophos Sophos Anti-Virus SAVAdminService.exe  
 Sophos Sophos Anti-Virus Web Control swc_service.exe 
 Sophos Sophos Anti-Virus Web Intelligence swi_service.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

FRST

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-12-2013
Ran by Sven (administrator) on SVEN-LAPTOP on 26-12-2013 20:36:12
Running from C:\Users\Sven\Desktop\Antivir
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
(Juniper Networks, Inc.) C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
(Josip Medved) D:\Programme\VHD Attach\VHD Attach\VhdAttachService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Dropbox, Inc.) C:\Users\Sven\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Packard Bell MyBackup\BackupManagerTray.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Juniper Networks, Inc.) C:\Program Files (x86)\Common Files\Juniper Networks\JamUI\Pulse.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [IntelTBRunOnce] - C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs [4526 2010-10-08] ()
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2588968 2010-11-12] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11785832 2011-03-10] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
HKLM\...\Run: [Power Management] - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [1831528 2011-05-10] (Acer Incorporated)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384 2013-11-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [SpywareTerminatorShield] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-14] (Intel Corporation)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NTI\Packard Bell MyBackup\BackupManagerTray.exe [295744 2011-03-09] (NTI Corporation)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Sophos AutoUpdate Monitor] - C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe [900160 2012-12-05] (Sophos Limited)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [33648 2007-08-24] (Microsoft Corporation)
HKLM-x32\...\Run: [JunosPulse] - C:\Program Files (x86)\Common Files\Juniper Networks\JamUI\Pulse.exe [2063736 2011-10-16] (Juniper Networks, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKCU\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20203904 2013-12-06] (Google)
HKCU\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844144 2013-02-13] (Samsung)
HKCU\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE [6563096 2013-12-22] (SUPERAntiSpyware)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe [154144 2010-07-29] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe [154144 2010-07-29] ()
AppInit_DLLs: C:\Windows\System32\nvinitx.dll [168616 2013-11-14] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\PROGRA~2\Sophos\SOPHOS~1\sophos_detoured.dll, C:\Windows\SysWOW64\nvinit.dll [141336 2013-11-14] (NVIDIA Corporation)
Startup: C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Sven\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://packardbell.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://packardbell.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} https://juniper.net/dana-cached/setup/JuniperSetupSP1.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Winsock: Catalog9 01 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Winsock: Catalog9 02 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Winsock: Catalog9 03 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Winsock: Catalog9 04 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Winsock: Catalog9 05 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Winsock: Catalog9 06 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Winsock: Catalog9 07 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Winsock: Catalog9 08 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Winsock: Catalog9 19 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [87616] (Sophos Limited)
Winsock: Catalog9-x64 01 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [127040] (Sophos Limited)
Winsock: Catalog9-x64 02 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [127040] (Sophos Limited)
Winsock: Catalog9-x64 03 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [127040] (Sophos Limited)
Winsock: Catalog9-x64 04 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [127040] (Sophos Limited)
Winsock: Catalog9-x64 05 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [127040] (Sophos Limited)
Winsock: Catalog9-x64 06 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [127040] (Sophos Limited)
Winsock: Catalog9-x64 07 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [127040] (Sophos Limited)
Winsock: Catalog9-x64 08 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [127040] (Sophos Limited)
Winsock: Catalog9-x64 19 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [127040] (Sophos Limited)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{B17EC478-CCE4-490B-AE68-529218D8D28D}: [NameServer]192.129.28.9 10.11.0.9

FireFox:
========
FF ProfilePath: C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\j1t2b60a.default
FF NewTab: hxxp://www.google.com/firefox
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com/firefox
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 - D:\Programme\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - D:\Programme\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Sven\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Extension: Flash and Video Download - C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\j1t2b60a.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
FF Extension: Embedded Objects - C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\j1t2b60a.default\Extensions\firefox@red-cog.com.xpi
FF StartMenuInternet: FIREFOX.EXE - D:\Programme\firefox\firefox.exe

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.facebook.com/", "hxxp://www.hs-coburg.de/"
CHR Extension: (Google Drive) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Pushbullet) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd\11_0
CHR Extension: (Weebly - Website Builder) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnocophcbjfiimmnhlhleaooedeheifb\1.0.5_0
CHR Extension: (Google Search) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (UNITY Mobile Websites) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\djmhcnaclgamnihgioaciekfkbkeeelm\3.5.0_0
CHR Extension: (MightyText - Send/Receive SMS Text Messages) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkfhfaphfkopdgpbfkebjfcblcafcmpi\10.1_0
CHR Extension: (FoxyProxy Standard) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcknhkkoolaabfmlnjonogaaifnjlfnp\2.9_0
CHR Extension: (AdBlock) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0
CHR Extension: (BrowserTexting) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\idijdgooojpepbnadlbkiagcmilndffa\1.49_0
CHR Extension: (Session Manager) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\mghenlmbmjcpehccoangkdpagbcbkdpc\3.4.6_0
CHR Extension: (Fiabee HTML5 Viewer) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngmmpodmhlhciagihcjpdggoihakcahf\1.0.0.71_0
CHR Extension: (Google Wallet) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (SiteBlock) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfglnpdpgmecffbejlfgpnebopinlclj\0.2.3_0
CHR Extension: (Gmail) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-10] (SUPERAntiSpyware.com)
R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [872552 2011-05-10] (Acer Incorporated)
R2 GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [29696 2011-05-26] (Acer Incorporated)
S4 Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [244624 2011-04-22] (Acer Incorporated)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe [257344 2011-03-09] (NTI Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15125280 2013-11-14] (NVIDIA Corporation)
R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [216640 2013-01-06] (Sophos Limited)
R2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [139840 2012-12-05] (Sophos Limited)
R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [232512 2012-12-05] (Sophos Limited)
R2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [357400 2012-12-05] (Sophos Limited)
R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [2869824 2013-01-06] (Sophos Limited)
S2 swi_update_64; C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe [1998400 2013-01-06] (Sophos Limited)
S4 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe [234096 2013-10-08] (soft Xpansion)
S4 TeamViewer8; D:\Programme\Teamviewer\Version8\TeamViewer_Service.exe [5087584 2013-10-01] (TeamViewer GmbH)
R2 VhdAttach; D:\Programme\VHD Attach\VHD Attach\VhdAttachService.exe [276376 2013-05-12] (Josip Medved)

==================== Drivers (Whitelisted) ====================

S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-06-09] (Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-12-08] (DT Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [16776 2011-07-29] ()
S3 epmntdrv; C:\Windows\SysWow64\epmntdrv.sys [14216 2011-07-29] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9096 2011-07-29] ()
S3 EuGdiDrv; C:\Windows\SysWow64\EuGdiDrv.sys [8456 2011-07-29] ()
R3 jnprna; C:\Windows\System32\DRIVERS\jnprna6.sys [518992 2011-10-14] (Juniper Networks, Inc.)
S3 jnprva; C:\Windows\System32\DRIVERS\jnprva.sys [26480 2011-10-14] (Juniper Networks, Inc.)
R3 JnprVaMgr; C:\Windows\System32\DRIVERS\jnprvamgr.sys [45352 2011-10-14] (Juniper Networks, Inc.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-11-14] (NVIDIA Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [144672 2012-12-05] (Sophos Limited)
S3 sdcfilter; C:\Windows\System32\DRIVERS\sdcfilter.sys [36640 2012-12-05] (Sophos Limited)
S4 SophosBootDriver; C:\Windows\System32\DRIVERS\SophosBootDriver.sys [25608 2012-12-05] (Sophos Plc)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [203104 2013-01-31] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 WinRing0_1_2_0; D:\Programme\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
U5 UnlockerDriver5; D:\Programme\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-26 20:32 - 2013-12-26 20:32 - 00891200 _____ C:\Users\Sven\Desktop\SecurityCheck.exe
2013-12-26 13:43 - 2013-12-26 13:44 - 00000168 _____ C:\Windows\setupact.log
2013-12-26 13:43 - 2013-12-26 13:43 - 00000000 _____ C:\Windows\setuperr.log
2013-12-24 16:13 - 2013-12-24 16:13 - 00160650 _____ C:\Users\Sven\Desktop\cc_20131224_161327.reg
2013-12-24 16:09 - 2013-12-24 16:41 - 00000000 ____D C:\Users\Sven\AppData\Roaming\.minecraft
2013-12-23 12:44 - 2013-12-23 12:44 - 00052404 _____ C:\Users\Sven\Desktop\FRST.txt
2013-12-22 19:31 - 2011-10-14 14:42 - 00518992 _____ (Juniper Networks, Inc.) C:\Windows\system32\Drivers\jnprna6.sys
2013-12-22 19:30 - 2013-12-22 19:30 - 00000000 ____D C:\Users\Sven\Desktop\VPN-Juniper64
2013-12-22 19:10 - 2013-12-22 19:10 - 00000000 ____D C:\Windows\SysWOW64\NV
2013-12-22 19:10 - 2013-12-22 19:10 - 00000000 ____D C:\Windows\system32\NV
2013-12-22 19:03 - 2013-12-22 19:03 - 00717096 _____ (Josip Medved                                                ) C:\Users\Sven\Desktop\vhdattach380.exe
2013-12-22 19:03 - 2013-12-22 19:03 - 00000000 ____D C:\Users\Sven\AppData\Local\NVIDIA
2013-12-22 18:16 - 2013-11-14 12:58 - 01064224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2013-12-22 18:16 - 2013-11-14 12:58 - 00955168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2013-12-22 18:14 - 2013-12-22 19:10 - 00000000 ____D C:\ProgramData\NVIDIA
2013-12-22 18:14 - 2013-12-22 18:14 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-12-22 18:14 - 2013-12-22 18:14 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen
2013-12-22 18:14 - 2013-12-22 18:14 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü
2013-12-22 18:14 - 2013-12-22 18:14 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung
2013-12-22 18:14 - 2013-12-22 18:14 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen
2013-12-22 18:14 - 2013-12-22 18:14 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien
2013-12-22 18:14 - 2013-12-22 18:14 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung
2013-12-22 18:14 - 2013-12-22 18:14 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik
2013-12-22 18:14 - 2013-12-22 18:14 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder
2013-12-22 18:14 - 2013-12-22 18:14 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-22 18:14 - 2013-12-22 18:14 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf
2013-12-22 18:14 - 2013-12-22 18:14 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2013-12-22 18:14 - 2013-12-22 18:14 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten
2013-12-22 18:14 - 2013-01-16 23:05 - 00000000 ____D C:\Users\UpdatusUser\AppData\LocalGoogle
2013-12-22 18:14 - 2013-01-16 23:05 - 00000000 ____D C:\Users\UpdatusUser\AppData\Local\Google
2013-12-22 18:14 - 2012-12-05 00:26 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Macromedia
2013-12-22 18:14 - 2009-07-14 05:54 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-12-22 18:14 - 2009-07-14 05:49 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-12-22 18:13 - 2013-12-22 18:13 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-12-22 18:09 - 2013-11-11 16:02 - 06674208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-12-22 18:09 - 2013-11-11 16:02 - 03490080 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-12-22 18:09 - 2013-11-11 16:01 - 03467927 _____ C:\Windows\system32\nvcoproc.bin
2013-12-22 18:09 - 2013-11-11 16:01 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2013-12-22 18:09 - 2013-11-11 16:01 - 01065248 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2013-12-22 18:09 - 2013-11-11 16:01 - 00922912 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-12-22 18:09 - 2013-11-11 16:01 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-12-22 18:09 - 2013-11-11 16:01 - 00067072 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2013-12-22 18:09 - 2013-11-11 16:01 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-12-22 18:08 - 2013-11-14 12:58 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2013-12-22 18:08 - 2013-11-14 12:58 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2013-12-22 18:07 - 2013-12-22 19:01 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-12-22 17:55 - 2013-11-14 12:58 - 30361888 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 22951200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 18293608 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 18208624 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 15862272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 15218504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 12613408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-12-22 17:55 - 2013-11-14 12:58 - 11600432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 11514624 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 09691888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 09619872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433182.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433182.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 01436528 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 01242400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 00707360 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 00657184 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 00609568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 00562464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2013-12-22 17:55 - 2013-11-14 12:58 - 00032544 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2013-12-22 17:55 - 2013-11-14 12:58 - 00029984 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 00028960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2013-12-22 17:55 - 2013-11-14 12:58 - 00023754 _____ C:\Windows\system32\nvinfo.pb
2013-12-22 17:54 - 2013-11-14 12:58 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-12-22 17:54 - 2013-11-14 12:58 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-12-22 17:54 - 2013-11-14 12:58 - 03069608 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-12-22 17:54 - 2013-11-14 12:58 - 02697248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-12-22 17:52 - 2013-12-22 17:52 - 00000000 ____D C:\NVIDIA
2013-12-22 17:32 - 2013-12-22 17:52 - 259887872 _____ (NVIDIA Corporation) C:\Users\Sven\Downloads\331.82-notebook-win8-win7-64bit-international-whql.exe
2013-12-19 22:53 - 2013-12-19 22:53 - 00001304 _____ C:\Users\Sven\Desktop\Notepad.lnk
2013-12-19 22:51 - 2013-12-19 22:51 - 00001996 _____ C:\Users\Sven\Desktop\Sophos Endpoint Security and Control.lnk
2013-12-19 22:50 - 2013-12-19 22:50 - 00000543 _____ C:\Users\Sven\Desktop\nx_konfig.vhd.lnk
2013-12-19 22:50 - 2013-12-19 22:50 - 00000540 _____ C:\Users\Sven\Desktop\nx_daten.vhd.lnk
2013-12-19 22:46 - 2013-12-19 22:47 - 347613046 _____ C:\Users\Sven\Desktop\Stargate_13.12.19_18-45_pro7maxx_45_TVOON_DE.mpg.avi
2013-12-19 22:46 - 2013-12-19 22:46 - 405545198 _____ C:\Users\Sven\Desktop\Stargate_13.12.19_19-30_pro7maxx_45_TVOON_DE.mpg.avi
2013-12-19 17:06 - 2013-12-19 17:06 - 00052443 _____ C:\ComboFix.txt
2013-12-19 16:53 - 2013-12-19 17:06 - 00000000 ____D C:\Qoobox
2013-12-19 16:53 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2013-12-19 16:53 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2013-12-19 16:53 - 2009-04-20 05:56 - 00060416 _____ C:\Windows\NIRCMD.exe
2013-12-19 16:53 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-12-19 16:53 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-12-19 16:53 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2013-12-19 16:53 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2013-12-19 16:53 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2013-12-19 16:52 - 2013-12-26 20:36 - 00000000 ____D C:\Users\Sven\Desktop\Antivir
2013-12-19 16:52 - 2013-12-19 17:04 - 00000000 ____D C:\Windows\erdnt
2013-12-19 15:19 - 2013-12-26 20:36 - 00000000 ____D C:\FRST
2013-12-19 15:18 - 2013-12-19 15:18 - 00000000 _____ C:\Users\Sven\defogger_reenable
2013-12-19 14:51 - 2013-12-19 14:51 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-12-19 14:04 - 2013-12-19 14:04 - 00000350 _____ C:\Users\Sven\Desktop\bayern1_2.m3u
2013-12-18 21:15 - 2013-12-18 21:15 - 00000855 _____ C:\Users\Sven\Documents\JRT.txt
2013-12-18 21:12 - 2013-12-18 21:12 - 00675988 _____ C:\Users\Sven\Desktop\Minecraft (1).exe
2013-12-18 21:03 - 2013-12-18 21:03 - 00000000 ____D C:\Windows\ERUNT
2013-12-18 20:32 - 2013-12-18 20:32 - 00421267 _____ C:\Users\Sven\Documents\OptiFine 1.6.4.jar
2013-12-18 17:28 - 2013-12-24 16:18 - 00000088 _____ C:\Users\Sven\Desktop\minecraft.bat
2013-12-18 17:10 - 2013-12-18 17:10 - 00000000 ____D C:\ProgramData\Oracle
2013-12-18 17:07 - 2013-12-18 17:07 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-12-18 17:07 - 2013-12-18 17:07 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-12-18 17:07 - 2013-12-18 17:07 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-12-18 17:07 - 2013-12-18 17:06 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-12-18 17:06 - 2013-12-18 17:06 - 00000000 ____D C:\Program Files\Java
2013-12-18 16:42 - 2013-12-18 16:42 - 00374842 _____ C:\Users\Sven\Documents\OptiFine_1.6.2.zip
2013-12-18 15:57 - 2013-12-18 15:57 - 00000000 ____D C:\Program Files (x86)\ESET
2013-12-18 13:32 - 2013-12-18 13:32 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-12-18 13:23 - 2013-12-19 13:56 - 00000000 ____D C:\Program Files (x86)\Spyware Terminator
2013-12-18 13:23 - 2013-12-18 13:23 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2013-12-17 21:52 - 2013-12-17 21:53 - 00000000 ____D C:\Users\Sven\Documents\CamScanner
2013-12-17 21:03 - 2013-12-22 16:36 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-12-17 21:03 - 2013-12-17 21:03 - 00000000 ____D C:\Users\Sven\AppData\Roaming\SUPERAntiSpyware.com
2013-12-17 21:03 - 2013-12-17 21:03 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2013-12-17 21:02 - 2013-12-17 21:02 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Malwarebytes
2013-12-17 21:02 - 2013-12-17 21:02 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-17 21:02 - 2013-12-17 21:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-17 21:02 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-17 20:59 - 2013-12-17 20:59 - 00614784 _____ C:\Users\Sven\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2013-12-17 20:57 - 2013-12-17 20:57 - 00614784 _____ C:\Users\Sven\Downloads\SuperAntiSpyware - CHIP-Downloader.exe
2013-12-17 19:49 - 2013-12-17 19:55 - 139245339 _____ C:\Users\Sven\Documents\cm-9.1.0-tf201.zip
2013-12-16 19:01 - 2013-12-16 19:01 - 00037376 _____ C:\Users\Sven\Desktop\ChangeMAC-2010.exe
2013-12-16 19:00 - 2013-12-16 19:00 - 00004091 _____ C:\Users\Sven\Documents\ipconfigall.txt
2013-12-11 19:44 - 2013-12-11 19:44 - 00100454 _____ C:\Users\Sven\Documents\Apple iPhone 5S Vodafone 16 GB gold mit Vertrag Vodafone RED M Young 39,99 jetzt bei uns kaufen.htm
2013-12-11 19:44 - 2013-12-11 19:44 - 00000000 ____D C:\Users\Sven\Documents\Apple iPhone 5S Vodafone 16 GB gold mit Vertrag Vodafone RED M Young 39,99 jetzt bei uns kaufen_files
2013-12-11 19:34 - 2013-12-11 19:34 - 00000332 _____ C:\Users\Sven\Desktop\bayern3_2.m3u
2013-12-11 13:57 - 2013-12-12 21:34 - 00000000 ____D C:\Users\Sven\Documents\Handyvertrag handydealer red m
2013-12-10 20:26 - 2013-12-10 20:26 - 00000000 ____D C:\Users\Sven\Documents\RevouninstallerPortable
2013-12-05 17:04 - 2013-12-05 17:04 - 00112086 _____ C:\Users\Sven\Documents\cc_20131205_170409.reg
2013-12-05 16:16 - 2013-12-05 16:16 - 00001280 _____ C:\Users\Sven\Desktop\Command Prompt.lnk
2013-12-04 12:05 - 2013-12-04 12:07 - 365029360 _____ C:\Users\Sven\Downloads\Rare_Exports_Eine_Weihnachtsgeschichte_13.12.03_22-00_tele5_105_TVOON_DE.mpg.HQ.avi.otrkey
2013-12-02 19:05 - 2013-12-02 19:05 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Scilab
2013-12-02 19:04 - 2013-12-02 19:04 - 00000887 _____ C:\Users\Public\Desktop\scilab-5.4.1 (64-bit).lnk

==================== One Month Modified Files and Folders =======

2013-12-26 20:36 - 2013-12-19 16:52 - 00000000 ____D C:\Users\Sven\Desktop\Antivir
2013-12-26 20:36 - 2013-12-19 15:19 - 00000000 ____D C:\FRST
2013-12-26 20:32 - 2013-12-26 20:32 - 00891200 _____ C:\Users\Sven\Desktop\SecurityCheck.exe
2013-12-26 20:22 - 2012-12-05 14:58 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-26 17:42 - 2013-10-17 19:37 - 00000924 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3196643619-180691504-1137637367-1001UA.job
2013-12-26 14:57 - 2012-12-05 15:59 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Dropbox
2013-12-26 13:51 - 2009-07-14 05:45 - 00016752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-26 13:51 - 2009-07-14 05:45 - 00016752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-26 13:47 - 2012-12-05 00:06 - 01805057 _____ C:\Windows\WindowsUpdate.log
2013-12-26 13:45 - 2012-12-05 16:01 - 00000000 ___RD C:\Users\Sven\Dropbox
2013-12-26 13:45 - 2012-12-05 15:59 - 00000000 ___RD C:\Users\Sven\Google Drive
2013-12-26 13:44 - 2013-12-26 13:43 - 00000168 _____ C:\Windows\setupact.log
2013-12-26 13:44 - 2013-10-30 19:27 - 00000439 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2013-12-26 13:44 - 2012-12-05 14:58 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-26 13:44 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-26 13:43 - 2013-12-26 13:43 - 00000000 _____ C:\Windows\setuperr.log
2013-12-24 17:03 - 2013-02-20 15:07 - 00000000 ____D C:\Users\Sven\AppData\Roaming\vlc
2013-12-24 16:41 - 2013-12-24 16:09 - 00000000 ____D C:\Users\Sven\AppData\Roaming\.minecraft
2013-12-24 16:29 - 2012-12-05 20:37 - 00007617 _____ C:\Users\Sven\AppData\Local\Resmon.ResmonCfg
2013-12-24 16:18 - 2013-12-18 17:28 - 00000088 _____ C:\Users\Sven\Desktop\minecraft.bat
2013-12-24 16:13 - 2013-12-24 16:13 - 00160650 _____ C:\Users\Sven\Desktop\cc_20131224_161327.reg
2013-12-24 16:10 - 2013-02-18 16:20 - 00000000 ____D C:\Windows\Minidump
2013-12-23 12:44 - 2013-12-23 12:44 - 00052404 _____ C:\Users\Sven\Desktop\FRST.txt
2013-12-22 20:42 - 2013-10-17 19:37 - 00000902 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3196643619-180691504-1137637367-1001Core.job
2013-12-22 19:36 - 2012-12-15 11:37 - 00000000 ____D C:\Users\Sven\AppData\Roaming\NVIDIA
2013-12-22 19:34 - 2013-11-25 21:42 - 00000804 _____ C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\VHD Attach.lnk
2013-12-22 19:30 - 2013-12-22 19:30 - 00000000 ____D C:\Users\Sven\Desktop\VPN-Juniper64
2013-12-22 19:30 - 2013-10-10 17:35 - 00000078 _____ C:\Windows\init.ini
2013-12-22 19:10 - 2013-12-22 19:10 - 00000000 ____D C:\Windows\SysWOW64\NV
2013-12-22 19:10 - 2013-12-22 19:10 - 00000000 ____D C:\Windows\system32\NV
2013-12-22 19:10 - 2013-12-22 18:14 - 00000000 ____D C:\ProgramData\NVIDIA
2013-12-22 19:03 - 2013-12-22 19:03 - 00717096 _____ (Josip Medved                                                ) C:\Users\Sven\Desktop\vhdattach380.exe
2013-12-22 19:03 - 2013-12-22 19:03 - 00000000 ____D C:\Users\Sven\AppData\Local\NVIDIA
2013-12-22 19:01 - 2013-12-22 18:07 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-12-22 18:16 - 2012-12-05 00:11 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-12-22 18:16 - 2012-12-05 00:11 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-12-22 18:14 - 2013-12-22 18:14 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-12-22 18:14 - 2013-12-22 18:14 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen
2013-12-22 18:14 - 2013-12-22 18:14 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü
2013-12-22 18:14 - 2013-12-22 18:14 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung
2013-12-22 18:14 - 2013-12-22 18:14 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen
2013-12-22 18:14 - 2013-12-22 18:14 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien
2013-12-22 18:14 - 2013-12-22 18:14 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung
2013-12-22 18:14 - 2013-12-22 18:14 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik
2013-12-22 18:14 - 2013-12-22 18:14 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder
2013-12-22 18:14 - 2013-12-22 18:14 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-22 18:14 - 2013-12-22 18:14 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf
2013-12-22 18:14 - 2013-12-22 18:14 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2013-12-22 18:14 - 2013-12-22 18:14 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten
2013-12-22 18:13 - 2013-12-22 18:13 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-12-22 17:52 - 2013-12-22 17:52 - 00000000 ____D C:\NVIDIA
2013-12-22 17:52 - 2013-12-22 17:32 - 259887872 _____ (NVIDIA Corporation) C:\Users\Sven\Downloads\331.82-notebook-win8-win7-64bit-international-whql.exe
2013-12-22 16:50 - 2013-11-05 16:34 - 00000000 ____D C:\AdwCleaner
2013-12-22 16:36 - 2013-12-17 21:03 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-12-22 16:23 - 2013-07-30 02:11 - 00000000 _____ C:\Windows\system32\vireng.log
2013-12-19 22:53 - 2013-12-19 22:53 - 00001304 _____ C:\Users\Sven\Desktop\Notepad.lnk
2013-12-19 22:51 - 2013-12-19 22:51 - 00001996 _____ C:\Users\Sven\Desktop\Sophos Endpoint Security and Control.lnk
2013-12-19 22:50 - 2013-12-19 22:50 - 00000543 _____ C:\Users\Sven\Desktop\nx_konfig.vhd.lnk
2013-12-19 22:50 - 2013-12-19 22:50 - 00000540 _____ C:\Users\Sven\Desktop\nx_daten.vhd.lnk
2013-12-19 22:47 - 2013-12-19 22:46 - 347613046 _____ C:\Users\Sven\Desktop\Stargate_13.12.19_18-45_pro7maxx_45_TVOON_DE.mpg.avi
2013-12-19 22:46 - 2013-12-19 22:46 - 405545198 _____ C:\Users\Sven\Desktop\Stargate_13.12.19_19-30_pro7maxx_45_TVOON_DE.mpg.avi
2013-12-19 17:06 - 2013-12-19 17:06 - 00052443 _____ C:\ComboFix.txt
2013-12-19 17:06 - 2013-12-19 16:53 - 00000000 ____D C:\Qoobox
2013-12-19 17:06 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Default
2013-12-19 17:04 - 2013-12-19 16:52 - 00000000 ____D C:\Windows\erdnt
2013-12-19 17:04 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2013-12-19 15:38 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2013-12-19 15:18 - 2013-12-19 15:18 - 00000000 _____ C:\Users\Sven\defogger_reenable
2013-12-19 15:18 - 2012-12-05 01:02 - 00000000 ____D C:\Users\Sven
2013-12-19 14:52 - 2013-10-27 15:30 - 00000000 ____D C:\ProgramData\AVAST Software
2013-12-19 14:51 - 2013-12-19 14:51 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-12-19 14:04 - 2013-12-19 14:04 - 00000350 _____ C:\Users\Sven\Desktop\bayern1_2.m3u
2013-12-19 14:03 - 2013-11-13 16:18 - 00004144 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-12-19 13:56 - 2013-12-18 13:23 - 00000000 ____D C:\Program Files (x86)\Spyware Terminator
2013-12-18 22:35 - 2012-12-04 14:46 - 00000000 ____D C:\Users\Sven\Documents\mofa
2013-12-18 22:11 - 2012-12-05 08:59 - 00700800 _____ C:\Windows\system32\perfh007.dat
2013-12-18 22:11 - 2012-12-05 08:59 - 00149668 _____ C:\Windows\system32\perfc007.dat
2013-12-18 22:11 - 2009-07-14 06:13 - 01618320 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-18 21:15 - 2013-12-18 21:15 - 00000855 _____ C:\Users\Sven\Documents\JRT.txt
2013-12-18 21:12 - 2013-12-18 21:12 - 00675988 _____ C:\Users\Sven\Desktop\Minecraft (1).exe
2013-12-18 21:03 - 2013-12-18 21:03 - 00000000 ____D C:\Windows\ERUNT
2013-12-18 20:32 - 2013-12-18 20:32 - 00421267 _____ C:\Users\Sven\Documents\OptiFine 1.6.4.jar
2013-12-18 17:36 - 2013-01-06 02:08 - 00000000 ____D C:\Users\Sven\AppData\Local\CrashDumps
2013-12-18 17:10 - 2013-12-18 17:10 - 00000000 ____D C:\ProgramData\Oracle
2013-12-18 17:07 - 2013-12-18 17:07 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-12-18 17:07 - 2013-12-18 17:07 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-12-18 17:07 - 2013-12-18 17:07 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-12-18 17:06 - 2013-12-18 17:07 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-12-18 17:06 - 2013-12-18 17:06 - 00000000 ____D C:\Program Files\Java
2013-12-18 16:42 - 2013-12-18 16:42 - 00374842 _____ C:\Users\Sven\Documents\OptiFine_1.6.2.zip
2013-12-18 16:05 - 2012-12-05 01:04 - 00000000 ___RD C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-18 15:57 - 2013-12-18 15:57 - 00000000 ____D C:\Program Files (x86)\ESET
2013-12-18 13:32 - 2013-12-18 13:32 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-12-18 13:23 - 2013-12-18 13:23 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2013-12-17 21:53 - 2013-12-17 21:52 - 00000000 ____D C:\Users\Sven\Documents\CamScanner
2013-12-17 21:03 - 2013-12-17 21:03 - 00000000 ____D C:\Users\Sven\AppData\Roaming\SUPERAntiSpyware.com
2013-12-17 21:03 - 2013-12-17 21:03 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2013-12-17 21:02 - 2013-12-17 21:02 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Malwarebytes
2013-12-17 21:02 - 2013-12-17 21:02 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-17 21:02 - 2013-12-17 21:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-17 20:59 - 2013-12-17 20:59 - 00614784 _____ C:\Users\Sven\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2013-12-17 20:57 - 2013-12-17 20:57 - 00614784 _____ C:\Users\Sven\Downloads\SuperAntiSpyware - CHIP-Downloader.exe
2013-12-17 19:55 - 2013-12-17 19:49 - 139245339 _____ C:\Users\Sven\Documents\cm-9.1.0-tf201.zip
2013-12-16 22:13 - 2011-05-31 10:44 - 00000000 ____D C:\ProgramData\WildTangent
2013-12-16 19:01 - 2013-12-16 19:01 - 00037376 _____ C:\Users\Sven\Desktop\ChangeMAC-2010.exe
2013-12-16 19:00 - 2013-12-16 19:00 - 00004091 _____ C:\Users\Sven\Documents\ipconfigall.txt
2013-12-13 00:17 - 2012-12-05 14:58 - 00004102 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-13 00:17 - 2012-12-05 14:58 - 00003850 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-12 22:39 - 2012-12-05 21:02 - 00000000 ____D C:\ProgramData\IObit
2013-12-12 21:34 - 2013-12-11 13:57 - 00000000 ____D C:\Users\Sven\Documents\Handyvertrag handydealer red m
2013-12-11 19:44 - 2013-12-11 19:44 - 00100454 _____ C:\Users\Sven\Documents\Apple iPhone 5S Vodafone 16 GB gold mit Vertrag Vodafone RED M Young 39,99 jetzt bei uns kaufen.htm
2013-12-11 19:44 - 2013-12-11 19:44 - 00000000 ____D C:\Users\Sven\Documents\Apple iPhone 5S Vodafone 16 GB gold mit Vertrag Vodafone RED M Young 39,99 jetzt bei uns kaufen_files
2013-12-11 19:34 - 2013-12-11 19:34 - 00000332 _____ C:\Users\Sven\Desktop\bayern3_2.m3u
2013-12-10 20:26 - 2013-12-10 20:26 - 00000000 ____D C:\Users\Sven\Documents\RevouninstallerPortable
2013-12-10 20:11 - 2013-02-27 15:04 - 00000000 ____D C:\Program Files (x86)\MediaMonkey
2013-12-10 18:42 - 2013-02-27 15:04 - 00000000 ____D C:\Users\Sven\AppData\Roaming\MediaMonkey
2013-12-05 17:04 - 2013-12-05 17:04 - 00112086 _____ C:\Users\Sven\Documents\cc_20131205_170409.reg
2013-12-05 16:16 - 2013-12-05 16:16 - 00001280 _____ C:\Users\Sven\Desktop\Command Prompt.lnk
2013-12-05 11:41 - 2009-07-14 06:08 - 00028586 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-04 12:07 - 2013-12-04 12:05 - 365029360 _____ C:\Users\Sven\Downloads\Rare_Exports_Eine_Weihnachtsgeschichte_13.12.03_22-00_tele5_105_TVOON_DE.mpg.HQ.avi.otrkey
2013-12-02 19:05 - 2013-12-02 19:05 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Scilab
2013-12-02 19:04 - 2013-12-02 19:04 - 00000887 _____ C:\Users\Public\Desktop\scilab-5.4.1 (64-bit).lnk
2013-11-28 13:44 - 2012-12-05 01:05 - 00000000 ____D C:\Users\Sven\AppData\Local\Adobe
2013-11-26 20:56 - 2013-10-23 17:24 - 00000000 ____D C:\Program Files (x86)\MSECache
2013-11-26 20:55 - 2013-10-27 15:39 - 00000000 ____D C:\Users\Sven\AppData\Local\Microsoft Help

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-26 17:25

==================== End Of Log ============================

--- --- ---

jup Auslastung ist immernoch recht hoch.

schrauber · 27.12.2013, 16:48

Java, Adobe und Firefox updaten.

ProcessExplorer als Ersatz für den Windows Taskmanager installieren

Lade Dir den Process Explorer als Ersatz für den Taskmanager herunter und installiere ihn, hier findest Du eine Anleitung. Das ist ein wesentlich leistungsfähigerer Ersatz für den Windows-Taskmanager. Im Menü unter "Options" kannst Du den ProcessExplorer dauerhaft als Ersatz für den Taskmanager einrichten (Replace Taskmanager). Das ist sehr empfehlenswert, weil der ProcessExplorer erheblich mehr Funktionen als der Taskmanager hat. Wenn Du diese Einstellung gemacht hast, öffnet sich mit der Tastenkombination STRG + ALT + Entf. nicht mehr der Taskmanager, sondern der ProcessExplorer. Das kann jederzeit durch Abhaken dieser Einstellung wieder rückgängig gemacht werden.

Was wir jetzt konkret brauchen: In jeder Zeile steht ein Prozess, ein paar der Zeilen sind keine richtigen Prozesse, sondern nur Pseudoprozesse für die Tätigkeit des Windos-Kernels. Im Menü View => Select Columns wird ein Dialog geöffnet, in dem Du auswählen kannst, welche Spalten mit Informationen zu den Prozessen angezeigt werden sollen. In dem gehe in das Register "Process Performance" und stelle sicher, dass dort "CPU Usage" angehakt ist, "CPU History" wäre ebenfalls sinnvoll. Unter "CPU Usage" wird der aktuelle Wert der Prozessorauslastung für jeden Prozess angezeigt (im Tabellentitel steht nur kurz "CPU"), "CPU History" blendet für jeden Prozess ein Diagramm ein, das eine Kurve mit der Prozessorauslastung für die letzte Zeit anzeigt.

Damit sollte es Dir möglich sein, zu identifizieren, welcher Prozess Deine CPU in Trab hält. Mache einen Doppelklick auf den Prozess. Du kannst von dem ganzen auch einen Screenshot machen und ihn als Anhang mit Deiner Antwort hochladen (auf "Erweitert" unter dem Textfeld klicken und über "Anhänge verwalten" auf Deinem Rechner suchen lassen und über "Hochladen" anhängen).

Windows7: Hohe CPU-Auslastung- svchost.exe

Log-Analyse und Auswertung: Windows7: Hohe CPU-Auslastung- svchost.exe