Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: OTL Logfile

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 28.03.2014, 18:14   #1
EltePauker_1
 
OTL Logfile - Standard

OTL Logfile



OTL logfile created on: 28.03.2014 15:16:21 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Tools\O T L
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16521)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

15,95 Gb Total Physical Memory | 11,59 Gb Available Physical Memory | 72,63% Memory free
18,33 Gb Paging File | 13,63 Gb Available in Paging File | 74,36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 223,23 Gb Total Space | 164,29 Gb Free Space | 73,60% Space Free | Partition Type: NTFS
Drive D: | 1045,70 Gb Total Space | 1015,94 Gb Free Space | 97,15% Space Free | Partition Type: NTFS
Drive J: | 351,56 Gb Total Space | 344,84 Gb Free Space | 98,09% Space Free | Partition Type: NTFS
Drive K: | 931,51 Gb Total Space | 862,02 Gb Free Space | 92,54% Space Free | Partition Type: NTFS
Drive N: | 931,51 Gb Total Space | 856,46 Gb Free Space | 91,94% Space Free | Partition Type: NTFS
Drive O: | 3,77 Gb Total Space | 3,62 Gb Free Space | 95,87% Space Free | Partition Type: FAT32

Computer Name: USERPC | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - D:\Tools\System Explorer\SystemExplorer.exe (Mister Group)
PRC - d:\RealPlayer\RPDS\Bin\rpdsvc.exe (RealNetworks, Inc.)
PRC - D:\Programme\Klebezettel NG\klebez.exe (Hollie-Soft)
PRC - D:\Programme\MyConnection Server\msserver.exe ()
PRC - C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe ()
PRC - D:\Tools\System Mechanic Professional\System Shield\ioloSSTray.exe (iolo technologies, LLC)
PRC - C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe (iolo technologies, LLC)
PRC - C:\Programme\BullGuard Ltd\BullGuard\Files32\Spamfilter\LittleHook.exe (BullGuard Ltd.)
PRC - C:\Program Files (x86)\Heimdal\HeimdalSecureDNS\DnsService.exe (Microsoft)
PRC - C:\Program Files (x86)\Heimdal\Client\HeimdalAgent.exe (CSIS Security Group)
PRC - C:\Program Files (x86)\Heimdal\Service\HeimdalAgentService.exe (CSIS Security Group)
PRC - C:\Windows\SysWOW64\java.exe (Oracle Corporation)
PRC - D:\Tools\O T L\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Secunia\PSI\PSIA.exe (Secunia)
PRC - C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
PRC - D:\Programme\Microsoft Office\Office14\WINWORD.EXE (Microsoft Corporation)
PRC - C:\Windows\SysWOW64\NLSSRV32.EXE (Nalpeiron Ltd.)
PRC - D:\Programme\Free Download Manager\fdm.exe (FreeDownloadManager.ORG)
PRC - D:\Tools\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
PRC - D:\Tools\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
PRC - D:\Tools\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe (SurfRight B.V.)
PRC - D:\Tools\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Secure Banking\SecureBanking.exe (Secure Banking)
PRC - D:\Programme\ABBYY FineReader 11\NetworkLicenseServer.exe (ABBYY InfoPoisk LLC)
PRC - C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe (Microsoft Corp.)
PRC - C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - D:\Programme\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
PRC - D:\Programme\Logitech\LWS\Webcam Software\CameraHelperShell.exe ()
PRC - C:\Program Files (x86)\Secure Banking\sbservice.exe ()
PRC - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
PRC - D:\Tools\Taskbar Eliminator 2.9\Taskbar Eliminator.exe ()
PRC - D:\Programme\ISDN-Monitor\ISDNMon.exe ( Michael Hampicke)
PRC - C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\Monitor.exe (Ulead Systems, Inc.)


========== Modules (No Company Name) ==========

MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\2155ee74acbc0781a44c2077ab3b95af\System.IdentityModel.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\fd55ac3f3e215b2ad0cfe87d56ae21b8\System.ServiceModel.Web.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\c2f2c5073965c1d04b9023f65d3fe349\SMDiagnostics.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\805be8b7f84002fd634adf0a6cc01047\System.ServiceModel.Internals.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Ente96d83b35#\6ca943d545356e12f2d12e38146f203d\System.EnterpriseServices.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Ente96d83b35#\6ca943d545356e12f2d12e38146f203d\System.EnterpriseServices.Wrapper.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Numerics\c26d68a7ce301c0ac1bf323e43d8f4c2\System.Numerics.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\fd6afdb3a9309e9af89222b778f5901c\System.Xml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\d16bc7f3c78f5da5e6cda39fe71f943c\System.Xaml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\ec3e85d83522363e943a978c0572e360\System.Windows.Forms.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Transactions\a196e5d6825a018267c6fe64c806cfe9\System.Transactions.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\31db5628e84268154f3bbeba0f7780df\System.ServiceModel.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\b110ef93e43ad2abdfa7b12c99443144\System.Runtime.Serialization.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\3da259dc19800b323b95eaf2fdc38aa6\System.Runtime.Remoting.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Management\5d657eb91c57cf9b4f121a1a98874136\System.Management.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\15ead42b8d352194f0f3fbba4f7ae02b\System.Drawing.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\1e68681f0a29fe2ce86b966f3eaeaa8a\System.Data.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\9ab0202718d44c5bfe5120745304808a\System.Configuration.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\a113135edf215a9ce15622d22d54de60\PresentationFramework.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\cbea5e962e34618c2e6c0ec22cef4a9f\PresentationCore.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\7f72c378b7371dc6ed32916e4283a96f\WindowsBase.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.V9921e851#\5914b12c3dfc6f804a1fbfacbb083a3e\Microsoft.VisualBasic.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\ab8978239d891c4afffd6a6df3996a6e\System.Core.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\8455c031f8ffe82a0109c563873260e8\System.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\7ba8bc3c49fb30c9603bf070a0e0d51e\CustomMarshalers.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Accessibility\74558d5e0ce0aa099e7daf372e86bc26\Accessibility.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\ebdd49343f711b2029293f8e621b28a2\mscorlib.ni.dll ()
MOD - D:\Programme\PDF-Tools\Nitro PDF\Pro 9\wxmsw28u_xrc_vc_pro9.dll ()
MOD - D:\Programme\PDF-Tools\Nitro PDF\Pro 9\wxmsw28u_core_vc_pro9.dll ()
MOD - D:\Programme\PDF-Tools\Nitro PDF\Pro 9\wxmsw28u_adv_vc_pro9.dll ()
MOD - D:\Programme\PDF-Tools\Nitro PDF\Pro 9\wxmsw28u_html_vc_pro9.dll ()
MOD - D:\Programme\PDF-Tools\Nitro PDF\Pro 9\wxbase28u_vc_pro9.dll ()
MOD - D:\Programme\PDF-Tools\Nitro PDF\Pro 9\wxbase28u_xml_vc_pro9.dll ()
MOD - D:\Programme\Free Download Manager\fdmbtsupp.dll ()
MOD - C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf ()
MOD - C:\Program Files (x86)\Secure Banking\SecureBanking.dll ()
MOD - C:\Program Files (x86)\Secure Banking\funcs.dll ()
MOD - D:\Tools\Spybot - Search & Destroy 2\snlThirdParty150.bpl ()
MOD - D:\Tools\Spybot - Search & Destroy 2\DEC150.bpl ()
MOD - C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll ()
MOD - D:\Programme\Logitech\LWS\Webcam Software\QTGui4.dll ()
MOD - D:\Programme\Logitech\LWS\Webcam Software\QTXml4.dll ()
MOD - D:\Programme\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll ()
MOD - D:\Programme\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll ()
MOD - D:\Programme\Logitech\LWS\Webcam Software\QTCore4.dll ()
MOD - D:\Programme\Logitech\LWS\Webcam Software\CameraHelperShell.exe ()
MOD - C:\Program Files (x86)\Secure Banking\sbservice.exe ()
MOD - D:\Programme\PDF-Tools\PDF Experte 7 Ultimate\eXPertPDFAddIn.dll ()
MOD - D:\Programme\PDF-Tools\PDF Experte 7 Ultimate\visage140.bpl ()
MOD - D:\Programme\PDF-Tools\PDF Experte 7 Ultimate\bblite140.bpl ()
MOD - D:\Programme\PDF-Tools\PDF Experte 7 Ultimate\vsmisc140.bpl ()
MOD - D:\Programme\PDF-Tools\PDF Experte 7 Ultimate\TMSlite140.bpl ()
MOD - D:\Programme\PDF-Tools\PDF Experte 7 Ultimate\js32.dll ()
MOD - D:\Programme\PDF-Tools\PDF Experte 7 Ultimate\PKIECtrl140.bpl ()
MOD - D:\Tools\Taskbar Eliminator 2.9\Taskbar Eliminator.exe ()
MOD - C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\DetMethod.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
SRV:64bit: - (IEEtwCollectorService) -- C:\WINDOWS\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (MsKeyboardFilter) -- C:\Windows\SysNative\KeyboardFilterSvc.dll (Microsoft Corporation)
SRV:64bit: - (vmms) -- C:\Windows\SysNative\vmms.exe (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (WTService) -- C:\Windows\SysNative\atwtusb.exe ()
SRV - (HitmanProScheduler) -- C:\Programme\HitmanPro\hmpsched.exe (SurfRight B.V.)
SRV - (TuneUp.UtilitiesSvc) -- D:\Tools\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)
SRV - (RealPlayer Cloud Service) -- d:\RealPlayer\RPDS\Bin\rpdsvc.exe (RealNetworks, Inc.)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (BsFileScan) -- c:\Programme\BullGuard Ltd\BullGuard\BsFileScan.dll (BullGuard Ltd.)
SRV - (BsMailProxy) -- c:\Programme\BullGuard Ltd\BullGuard\BsMailProxy\BsMailProxy.dll (BullGuard Ltd.)
SRV - (BsCache) -- C:\Programme\BullGuard Ltd\BullGuard\BsCache.dll (BullGuard Ltd.)
SRV - (BsScanner) -- C:\Programme\BullGuard Ltd\BullGuard\BullGuardScanner.exe (BullGuard Ltd.)
SRV - (BsBackup) -- C:\Programme\BullGuard Ltd\BullGuard\BsBackup.dll (BullGuard Ltd.)
SRV - (BsFire) -- c:\Programme\BullGuard Ltd\BullGuard\BsFire.dll (BullGuard Ltd.)
SRV - (BsMain) -- C:\Programme\BullGuard Ltd\BullGuard\BsMain.dll (BullGuard Ltd.)
SRV - (BsBhvScan) -- C:\Programme\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe (BullGuard Ltd.)
SRV - (BsUpdate) -- C:\Programme\BullGuard Ltd\BullGuard\BullGuardUpdate.exe (BullGuard Ltd.)
SRV - (MyConnectionServer-43957d47) -- D:\Programme\MyConnection Server\msserver.exe ()
SRV - (RealPlayerUpdateSvc) -- C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe ()
SRV - (RealNetworks Downloader Resolver Service) -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe ()
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (ioloSystemService) -- C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe (iolo technologies, LLC)
SRV - (LavasoftAdAwareService11) -- D:\Tools\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe ()
SRV - (HeimdalSecureDNS) -- C:\Program Files (x86)\Heimdal\HeimdalSecureDNS\DnsService.exe (Microsoft)
SRV - (HeimdalService) -- C:\Program Files (x86)\Heimdal\Service\HeimdalAgentService.exe (CSIS Security Group)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (Secunia PSI Agent) -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe (Secunia)
SRV - (Secunia Update Agent) -- C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
SRV - (nlsX86cc) -- C:\Windows\SysWOW64\NLSSRV32.EXE (Nalpeiron Ltd.)
SRV - (NitroDriverReadSpool9) -- C:\Programme\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe (Nitro PDF Software)
SRV - (DirMngr) -- D:\Mail-Tools\GNU\GnuPG\dirmngr.exe ()
SRV - (lfsvc) -- C:\Windows\SysWOW64\GeofenceMonitorService.dll (Microsoft Corporation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (PrintNotify) -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
SRV - (hmpalertsvc) -- C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe (SurfRight B.V.)
SRV - (ABBYY.Licensing.FineReader.Professional.11.0) -- D:\Programme\ABBYY FineReader 11\NetworkLicenseServer.exe (ABBYY InfoPoisk LLC)
SRV - (BingDesktopUpdate) -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe (Microsoft Corp.)
SRV - (MBAMService) -- D:\Tools\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- D:\Tools\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (IaStorDataMgrSvc) -- C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (ISCTAgent) -- C:\Programme\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe ()
SRV - (rpcapd) -- C:\Program Files (x86)\WinPcap\rpcapd.exe (Riverbed Technology, Inc.)
SRV - (SystemExplorerHelpService) -- D:\Tools\System Explorer\service\SystemExplorerService64.exe (Mister Group)
SRV - (vseqrts) -- C:\Programme\Common Files\Authentium\AntiVirus5\vseqrts.exe (Commtouch, Inc.)
SRV - (vsedsps) -- C:\Programme\Common Files\Authentium\AntiVirus5\vsedsps.exe (Commtouch, Inc.)
SRV - (vseamps) -- C:\Programme\Common Files\Authentium\AntiVirus5\vseamps.exe (Commtouch, Inc.)
SRV - (Fabs) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (osppsvc) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (NovaShieldFilterDriver) -- C:\Windows\SysNative\drivers\NSKernel.sys (BullGuard Ltd.)
DRV:64bit: - (PSI) -- C:\Windows\SysNative\drivers\psi_mf_amd64.sys (Secunia)
DRV:64bit: - (SWDUMon) -- C:\Windows\SysNative\drivers\SWDUMon.sys ()
DRV:64bit: - (xhcdrv) -- C:\Windows\SysNative\drivers\xhcdrv.sys (VIA Technologies, Inc.)
DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (SmbDrvI) -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys (Synaptics Incorporated)
DRV:64bit: - (BdSpy) -- C:\Windows\SysNative\drivers\BdSpy.sys (BullGuard Ltd.)
DRV:64bit: - (RTWlanE) -- C:\Windows\SysNative\drivers\rtwlane.sys (Realtek Semiconductor Corporation )
DRV:64bit: - (hvservice) -- C:\Windows\SysNative\drivers\hvservice.sys (Microsoft Corporation)
DRV:64bit: - (passthruparser) -- C:\Windows\SysNative\drivers\passthruparser.sys (Microsoft Corporation)
DRV:64bit: - (pvhdparser) -- C:\Windows\SysNative\drivers\pvhdparser.sys (Microsoft Corporation)
DRV:64bit: - (lunparser) -- C:\Windows\SysNative\drivers\lunparser.sys (Microsoft Corporation)
DRV:64bit: - (vhdparser) -- C:\Windows\SysNative\drivers\vhdparser.sys (Microsoft Corporation)
DRV:64bit: - (afwcore) -- C:\Windows\SysNative\drivers\afwcore.sys (Agnitum Ltd.)
DRV:64bit: - (AFW) -- C:\Windows\SysNative\drivers\afw.sys (Agnitum Ltd.)
DRV:64bit: - (Trufos) -- C:\Windows\SysNative\drivers\Trufos.sys (BitDefender S.R.L.)
DRV:64bit: - (BdAgent) -- C:\Windows\SysNative\drivers\BdAgent.sys (BullGuard Ltd.)
DRV:64bit: - (BdNet) -- C:\Windows\SysNative\drivers\BdNet.sys (BullGuard Ltd.)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (VMSVSP) -- C:\Windows\SysNative\drivers\vmswitch.sys (Microsoft Corporation)
DRV:64bit: - (VMSVSF) -- C:\Windows\SysNative\drivers\vmswitch.sys (Microsoft Corporation)
DRV:64bit: - (VMSP) -- C:\Windows\SysNative\drivers\vmswitch.sys (Microsoft Corporation)
DRV:64bit: - (VMSMP) -- C:\Windows\SysNative\drivers\vmswitch.sys (Microsoft Corporation)
DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (pimou) -- C:\Windows\SysNative\drivers\pimou.sys (Christian Gulden)
DRV:64bit: - (pikbd) -- C:\Windows\SysNative\drivers\pikbd.sys (Christian Gulden)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (kbldfltr) -- C:\Windows\SysNative\drivers\kbldfltr.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (Vid) -- C:\Windows\SysNative\drivers\Vid.sys (Microsoft Corporation)
DRV:64bit: - (vmbusr) -- C:\Windows\SysNative\drivers\vmbusr.sys (Microsoft Corporation)
DRV:64bit: - (storvsp) -- C:\Windows\SysNative\drivers\storvsp.sys (Microsoft Corporation)
DRV:64bit: - (vpcivsp) -- C:\Windows\SysNative\drivers\vpcivsp.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (VUSB3HUB) -- C:\Windows\SysNative\drivers\ViaHub3.sys (VIA Technologies, Inc.)
DRV:64bit: - (RTLE8023x64) -- C:\Windows\SysNative\drivers\Rtenic64.sys (Realtek Semiconductor Corporation )
DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (LSI_SAS3) -- C:\Windows\SysNative\drivers\lsi_sas3.sys (LSI Corporation)
DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (ReFS) -- C:\WINDOWS\SysNative\drivers\refs.sys (Microsoft Corporation)
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc63.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (cxbu0x64) -- C:\Windows\SysNative\drivers\cxbu0x64.sys (HID Global Corporation)
DRV:64bit: - (hmpalert) -- C:\Windows\SysNative\drivers\hmpalert.sys ()
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (VClone) -- C:\Windows\SysNative\drivers\VClone.sys (Elaborate Bytes AG)
DRV:64bit: - (AmUStor) -- C:\Windows\SysNative\drivers\AmUStor.sys (Alcor Micro, Corp.)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (ISCT) -- C:\Windows\SysNative\drivers\ISCTD64.sys ()
DRV:64bit: - (imsevent) -- C:\Windows\SysNative\drivers\imsevent.sys ()
DRV:64bit: - (ikbevent) -- C:\Windows\SysNative\drivers\ikbevent.sys ()
DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV:64bit: - (NPF) -- C:\Windows\SysNative\drivers\npf.sys (Riverbed Technology, Inc.)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (PDFsFilter) -- C:\Windows\SysNative\drivers\PDFsFilter.sys (Raxco Software, Inc.)
DRV:64bit: - (ElRawDisk) -- C:\Windows\SysNative\drivers\ElRawDsk.sys (EldoS Corporation)
DRV:64bit: - (LVUVC64) -- C:\Windows\SysNative\drivers\lvuvc64.sys (Logitech Inc.)
DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\drivers\lvrs64.sys (Logitech Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (AMP) -- C:\Windows\SysNative\drivers\amp.sys (Commtouch, Inc.)
DRV:64bit: - (AMPSE) -- C:\Windows\SysNative\drivers\ampse.sys (Commtouch, Inc.)
DRV:64bit: - (TabletFilter) -- C:\Windows\SysNative\drivers\TabletFilter.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (pmkbdfltr) -- C:\Windows\SysNative\drivers\pmkbdfltr.sys (PenMount)
DRV:64bit: - (fpcibase) -- C:\Windows\SysNative\drivers\fpcibase.sys (AVM Berlin)
DRV:64bit: - (AVMCOWAN) -- C:\Windows\SysNative\drivers\avmcowan.sys (AVM GmbH)
DRV:64bit: - (MxEFUF) -- C:\Windows\SysNative\drivers\MxEFUF64.sys (Matrox Graphics Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (Ch64USB) -- C:\Windows\SysNative\drivers\Ch64USB.sys (Cherry GmbH)
DRV:64bit: - (Revoflt) -- C:\Windows\SysNative\drivers\revoflt.sys (VS Revo Group)
DRV:64bit: - (MBfilt) -- C:\Windows\SysNative\drivers\MBfilt64.sys (Creative Technology Ltd.)
DRV:64bit: - (vhidmini) -- C:\Windows\SysNative\drivers\walvhid.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (KMWDFILTER) -- C:\Windows\SysNative\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider)
DRV:64bit: - (moufiltr) -- C:\Windows\SysNative\drivers\moufiltr.sys (Windows (R) Codename Longhorn DDK provider)
DRV:64bit: - (CYUSB) -- C:\Windows\SysNative\drivers\CYUSB.sys (Cypress Semiconductor)
DRV:64bit: - (ElbyCDFL) -- C:\Windows\SysNative\drivers\ElbyCDFL.sys (SlySoft, Inc.)
DRV - (A2DDA) -- D:\Tools\EmsisoftEmergencyKit\Run\a2ddax64.sys (Emsisoft GmbH)
DRV - (cleanhlp) -- D:\Tools\EmsisoftEmergencyKit\Run\cleanhlp64.sys (Emsisoft GmbH)
DRV - (esgiguard) -- C:\Programme\Enigma Software Group\SpyHunter\esgiguard.sys ()
DRV - (TuneUpUtilitiesDrv) -- D:\Tools\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (DrvAgent64) -- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS (Phoenix Technologies)
DRV - (cpudrv64) -- C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys ()
DRV - (UnlockerDriver5) -- D:\Tools\Unlocker\UnlockerDriver5.sys ()
DRV - (ElbyCDFL) -- C:\Windows\SysWOW64\drivers\ElbyCDFL.sys (SlySoft, Inc.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://duckduckgo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE,de;q=0.8,ru;q=0.6,fr-FR;q=0.4,fr;q=0.2
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = FC A7 0A 4D 0B 8D CE 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKCU\..\SearchScopes\{08240C0C-C500-4ECB-BBF7-73DEA4B04F4F}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKCU\..\SearchScopes\{124E2F8E-71DD-46D5-8261-53F9CD1A601A}: "URL" = hxxp://de.wikipedia.org/w/index.php?title=Spezial:Suche&search={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: D:\Programme\VLC-Player x64\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: D:\Programme\VLC-Player x64\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: D:\Programme\VLC-Player x64\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: D:\Programme\VLC-Player x64\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: D:\Programme\VLC-Player x64\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: D:\Programme\VLC-Player x64\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.4: D:\Programme\VLC-Player x64\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: File not found
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: D:\Programme\Bild-Tools\Google\Picasa 3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\Programme\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\Programme\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: D:\Programme\PDF-Tools\Nitro PDF\Pro 9\npnitromozilla.dll (Nitro PDF)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=17.0.6.13: d:\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=17.0.6: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=17.0.6: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=17.0.6: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=17.0.6.13: d:\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Users\User\AppData\Local\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\User\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\User\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Waterfox 26.0\extensions\\Components: D:\BROWSER\WATERFOX\COMPONENTS [2013.01.22 20:42:28 | 000,000,000 | ---D | M]
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Waterfox 26.0\extensions\\Plugins: D:\BROWSER\WATERFOX\PLUGINS [2013.03.01 15:52:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014.03.16 11:22:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\antiphishing@bullguard: C:\Program Files\BullGuard Ltd\BullGuard\Files32\Antiphishing\FF\antiphishing@bullguard\ [2013.10.18 19:40:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{8E8D8D12-A43B-4289-994D-DF2C7C0EF736}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2014.03.16 11:22:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: D:\Browser\Mozilla Firefox\plugins [2014.03.16 11:21:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014.03.16 11:21:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 1.0b1\extensions\\Components: D:\Programme\Mozilla Sunbird\components [2014.03.16 11:21:08 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: D:\Browser\Mozilla Firefox\plugins [2014.03.16 11:21:08 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Thunderbird\Extensions\\{380AE6CB-09B9-4373-B360-D01C2462A6E7}: C:\Program Files\BullGuard Ltd\BullGuard\Files32\backup\thunderbirdbkplugin [2013.11.13 17:32:48 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Thunderbird\Extensions\\{0E810812-F4BB-4309-942A-755587587A5E}: C:\Program Files\BullGuard Ltd\BullGuard\Files32\Spamfilter\TbSpamfilter [2013.11.13 17:32:48 | 000,000,000 | ---D | M]

[2013.12.21 14:43:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Extensions
[2013.12.21 14:43:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012.11.20 10:19:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Extensions\{718e30fb-e89b-41dd-9da7-e25a45638b28}
[2014.03.28 14:43:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\c19ssglt.default\extensions
[2012.11.20 12:47:59 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\c19ssglt.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2012.12.30 11:20:11 | 000,000,000 | ---D | M] ("ColorfulTabs") -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\c19ssglt.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
[2012.12.30 11:20:11 | 000,000,000 | ---D | M] (IE Tab 2 (FF 3.6+)) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\c19ssglt.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}
[2012.11.20 12:47:59 | 000,000,000 | ---D | M] (Live HTTP Headers) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\c19ssglt.default\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
[2012.11.20 12:28:15 | 000,000,000 | ---D | M] (Clippings) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\c19ssglt.default\extensions\{91aa5abe-9de4-4347-b7b5-322c38dd9271}
[2013.01.30 18:42:41 | 000,000,000 | ---D | M] (WOT) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\c19ssglt.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2013.03.01 16:06:26 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\c19ssglt.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.11.16 21:19:37 | 000,000,000 | ---D | M] (FoxLingo) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\c19ssglt.default\extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}
[2012.11.24 18:47:36 | 000,000,000 | ---D | M] (Youtubeâ„¢ Search) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\c19ssglt.default\extensions\a000b9@wips.com
[2014.03.28 14:43:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\c19ssglt.default\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com
[2013.06.26 19:44:45 | 000,000,000 | ---D | M] (Amazon-Icon) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\c19ssglt.default\extensions\amazon-icon@winload.de
[2013.03.01 16:06:30 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\c19ssglt.default\extensions\firefox@ghostery.com
[2014.03.28 14:43:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\c19ssglt.default\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\extensionData
[2014.03.28 14:43:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\c19ssglt.default\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\extensionData\plugins
[2014.03.28 14:43:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\c19ssglt.default\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\extensionData\userCode
[2013.06.26 19:44:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\r\extensions
[2013.06.26 19:44:45 | 000,000,000 | ---D | M] (Amazon-Icon) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\r\extensions\amazon-icon@winload.de
[2013.06.15 16:04:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\r\Mozilla Profile\Waterfox_1\extensions
[2013.06.15 16:04:59 | 000,000,000 | ---D | M] (Delta Toolbar) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\r\Mozilla Profile\Waterfox_1\extensions\ffxtlbr@delta.com
[2013.06.15 16:05:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\r\Mozilla Profile\Waterfox_2\extensions
[2013.06.15 16:05:00 | 000,000,000 | ---D | M] (Delta Toolbar) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\r\Mozilla Profile\Waterfox_2\extensions\ffxtlbr@delta.com
[2013.06.15 16:05:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\r\Waterfox\Profile\extensions
[2013.06.15 16:05:01 | 000,000,000 | ---D | M] (Delta Toolbar) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\r\Waterfox\Profile\extensions\ffxtlbr@delta.com
[2014.03.28 14:50:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\scf19795.Cyberfox_Bernd 2\extensions
[2014.03.04 14:06:16 | 000,000,000 | ---D | M] (Nightly Tester Tools) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\scf19795.Cyberfox_Bernd 2\extensions\{8620c15f-30dc-4dba-a131-7c5d20cf4a29}
[2014.03.04 12:22:41 | 000,000,000 | ---D | M] (WOT) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\scf19795.Cyberfox_Bernd 2\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2014.03.25 12:31:15 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\scf19795.Cyberfox_Bernd 2\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2014.03.04 11:33:32 | 000,000,000 | ---D | M] (Cookies Manager+) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\scf19795.Cyberfox_Bernd 2\extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d}
[2014.03.10 17:59:16 | 000,000,000 | ---D | M] (CSHelper) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\scf19795.Cyberfox_Bernd 2\extensions\{d91a2be6-3b56-4dfb-97f5-5e48fe3ed473}
[2014.03.04 12:20:23 | 000,000,000 | ---D | M] (FoxLingo) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\scf19795.Cyberfox_Bernd 2\extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}
[2014.03.04 15:37:00 | 000,000,000 | ---D | M] ("FRITZ!Box AddOn") -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\scf19795.Cyberfox_Bernd 2\extensions\fb_add_on@avm.de
[2012.11.20 10:19:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Sunbird\Profiles\fper4c5r.default\extensions
[2013.01.31 20:08:15 | 000,130,828 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\c19ssglt.default\extensions\adblockpopups@jessehakanen.net.xpi
[2012.11.24 18:47:36 | 000,025,781 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\c19ssglt.default\extensions\add-to-searchbox@maltekraus.de.xpi
[2012.12.05 10:36:12 | 000,087,753 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\c19ssglt.default\extensions\ciuvo-extension@billiger.de.xpi
[2012.11.20 12:47:59 | 000,174,405 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\c19ssglt.default\extensions\guiconfig@slosd.net.xpi
[2013.03.01 16:06:29 | 000,306,394 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\c19ssglt.default\extensions\langpack-de@firefox.mozilla.org.xpi
[2012.11.20 12:47:59 | 000,015,624 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\c19ssglt.default\extensions\notifier@coupons24.com.xpi
[2012.11.20 13:49:14 | 000,113,783 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\c19ssglt.default\extensions\organize-search-engines@maltekraus.de.xpi
[2013.01.16 20:00:05 | 000,255,318 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\c19ssglt.default\extensions\SQLiteManager@mrinalkant.blogspot.com.xpi
[2013.03.01 16:06:29 | 000,185,839 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\c19ssglt.default\extensions\stealthyextension@gmail.com.xpi
[2012.11.16 21:12:20 | 000,455,379 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\c19ssglt.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi
[2013.03.01 16:06:29 | 000,348,178 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\c19ssglt.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
[2012.11.20 12:33:41 | 000,032,919 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\c19ssglt.default\extensions\{1deb4a26-d4c3-47e9-a59a-c2c01671455a}.xpi
[2012.12.30 11:20:10 | 000,399,507 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\c19ssglt.default\extensions\{53A03D43-5363-4669-8190-99061B2DEBA5}.xpi
[2012.11.20 12:28:15 | 000,030,926 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\c19ssglt.default\extensions\{99B98C2C-7274-45a3-A640-D9DF1A1C8460}.xpi
[2012.11.16 21:25:45 | 000,167,607 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\c19ssglt.default\extensions\{a6ca9b3b-5e52-4f47-85d8-cca35bb57596}.xpi
[2012.11.20 12:33:41 | 000,016,921 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\c19ssglt.default\extensions\{c72c0c73-4eb0-4fb3-af0f-074e97326cfd}.xpi
[2012.11.20 12:33:41 | 000,017,696 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\c19ssglt.default\extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi
[2013.03.01 16:00:36 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\c19ssglt.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.11.20 12:28:15 | 000,138,614 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\c19ssglt.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
[2012.11.20 12:33:41 | 000,434,392 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\c19ssglt.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
[2013.03.01 16:06:26 | 000,754,446 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\c19ssglt.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
[2014.03.06 09:42:27 | 000,362,592 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\scf19795.Cyberfox_Bernd 2\extensions\admin@snapilicious.com.xpi
[2014.03.04 12:34:49 | 000,087,753 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\scf19795.Cyberfox_Bernd 2\extensions\ciuvo-extension@billiger.de.xpi
[2014.03.12 13:22:03 | 000,114,278 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\scf19795.Cyberfox_Bernd 2\extensions\compatibility@addons.mozilla.org.xpi
[2014.03.04 11:33:33 | 000,261,821 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\scf19795.Cyberfox_Bernd 2\extensions\cslite-mod@wantora.bitbucket.org.xpi
[2014.03.06 16:20:50 | 001,393,079 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\scf19795.Cyberfox_Bernd 2\extensions\firefox@ghostery.com.xpi
[2014.03.04 14:06:17 | 000,174,405 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\scf19795.Cyberfox_Bernd 2\extensions\guiconfig@slosd.net.xpi
[2014.03.22 14:27:11 | 000,857,038 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\scf19795.Cyberfox_Bernd 2\extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi
[2014.03.19 09:12:11 | 000,360,788 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\scf19795.Cyberfox_Bernd 2\extensions\langpack-de@8pecxstudios.com.xpi
[2014.03.04 12:07:40 | 000,015,624 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\scf19795.Cyberfox_Bernd 2\extensions\notifier@coupons24.com.xpi
[2014.03.04 12:35:40 | 000,113,783 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\scf19795.Cyberfox_Bernd 2\extensions\organize-search-engines@maltekraus.de.xpi
[2014.03.09 12:24:17 | 000,217,068 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\scf19795.Cyberfox_Bernd 2\extensions\spam@trashmail.net.xpi
[2014.03.04 11:30:21 | 000,475,779 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\scf19795.Cyberfox_Bernd 2\extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi
[2014.03.14 11:51:42 | 000,383,888 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\scf19795.Cyberfox_Bernd 2\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
[2014.03.06 16:46:59 | 000,850,224 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\scf19795.Cyberfox_Bernd 2\extensions\{53A03D43-5363-4669-8190-99061B2DEBA5}.xpi
[2014.03.25 12:31:16 | 000,537,316 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\scf19795.Cyberfox_Bernd 2\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2014.03.04 11:30:20 | 000,030,926 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\scf19795.Cyberfox_Bernd 2\extensions\{99B98C2C-7274-45a3-A640-D9DF1A1C8460}.xpi
[2014.03.08 20:23:43 | 000,325,530 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\scf19795.Cyberfox_Bernd 2\extensions\{a1109c2a-1187-4027-901d-13097b755625}.xpi
[2014.03.04 14:14:44 | 000,188,418 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\scf19795.Cyberfox_Bernd 2\extensions\{a6ca9b3b-5e52-4f47-85d8-cca35bb57596}.xpi
[2014.03.04 14:04:18 | 000,019,530 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\scf19795.Cyberfox_Bernd 2\extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi
[2014.03.04 11:35:20 | 000,016,921 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\scf19795.Cyberfox_Bernd 2\extensions\{c72c0c73-4eb0-4fb3-af0f-074e97326cfd}.xpi
[2014.03.04 11:30:20 | 000,138,614 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\scf19795.Cyberfox_Bernd 2\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
[2014.03.04 12:35:40 | 000,026,312 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\scf19795.Cyberfox_Bernd 2\extensions\{df4e4df5-5cb7-46b0-9aef-6c784c3249f8}.xpi
[2013.09.03 19:18:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.01.24 18:37:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2013.08.18 17:19:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2014.02.04 15:32:07 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014.03.16 11:20:54 | 000,148,040 | ---- | M] (RealPlayer Cloud) -- C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll

O1 HOSTS File: ([2013.03.09 16:32:46 | 000,000,857 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 192.168.178.1 fritz.box
O2:64bit: - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll (RealDownloader)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Mediaplayer) - {1536BA74-8625-4240-99B0-BE65883689C8} - D:\Programme\Mediapiraten\Mediapiraten\IEButtonMPInterface.dll ()
O2 - BHO: (CmjBrowserHelperObject Object) - {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - D:\Programme\MindManager 8\Mm8InternetExplorer.dll (Mindjet)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (FRITZ!Box Addon BHO) - {C0C86BBE-9509-4296-8459-FDBFDAF4B673} - C:\Program Files (x86)\FRITZ!Box\AddOn (IE)\FBoxIESplitButton.dll (AVM Berlin)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {61A832B6-C0D9-4349-AF14-0A1573659266} - No CLSID value found.
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [AdAwareTray] D:\Tools\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe ()
O4:64bit: - HKLM..\Run: [AtwtusbIcon] C:\WINDOWS\SysNative\AtwtusbIcon.exe ()
O4:64bit: - HKLM..\Run: [BullGuard] C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe (BullGuard Ltd.)
O4:64bit: - HKLM..\Run: [BullGuardUpdate2] c:\Programme\BullGuard Ltd\BullGuard\BullGuardUpdate2.exe (BullGuard Ltd.)
O4:64bit: - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [VIAxHCUtl] C:\VIA_XHCI\usb3Monitor.exe (TODO: <Company name>)
O4 - HKLM..\Run: [BingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe (Microsoft Corp.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [LexwareInfoService] C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG)
O4 - HKLM..\Run: [LWS] D:\Programme\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [SDTray] D:\Tools\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [SystemExplorerAutoStart] D:\Tools\System Explorer\SystemExplorer.exe (Mister Group)
O4 - HKLM..\Run: [Ulead AutoDetector v2] C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe (Ulead Systems, Inc.)
O4 - HKCU..\Run: [Alle meine Passworte] C:\Programme\AlleMeinePassworte\AmP.exe (Mirko Böer)
O4 - HKCU..\Run: [CCleaner Monitoring] D:\Tools\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKCU..\Run: [Ditto] D:\Programme\Ditto\Ditto.exe ()
O4 - HKCU..\Run: [Klebezettel NG] D:\Programme\Klebezettel NG\klebez.exe (Hollie-Soft)
O4 - HKCU..\Run: [SecureBanking] C:\Program Files (x86)\Secure Banking\SecureBanking.exe (Secure Banking)
O4 - HKCU..\Run: [Spybot-S&D Cleaning] D:\Tools\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [SystemExplorerAutoStart] D:\Tools\System Explorer\SystemExplorer.exe (Mister Group)
O4 - Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2013.10.18 14:33:21 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CW News.lnk = D:\Tools\PC-Pannenhelfer - Special Edition 2013\CW News.exe ()
O4 - Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Fritz!Box Tray Tool.lnk = N:\Treiber und Updates\Fritz! und CAPI\FritzBox_Tray_Tool_1.2\FritzBox_Tray_Tool.exe (RPworld.de)
O4 - Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ISDN-Monitor.lnk = D:\Programme\ISDN-Monitor\ISDNMon.exe ( Michael Hampicke)
O4 - Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SystemExplorerDisabled [2013.10.18 14:35:52 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Taskbar Eliminator.lnk = D:\Tools\Taskbar Eliminator 2.9\Taskbar Eliminator.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Alles mit FDM herunterladen - D:\Programme\Free Download Manager\dlall.htm ()
O8:64bit: - Extra context menu item: Auswahl mit FDM herunterladen - D:\Programme\Free Download Manager\dlselected.htm ()
O8:64bit: - Extra context menu item: Datei mit FDM herunterladen - D:\Programme\Free Download Manager\dllink.htm ()
O8:64bit: - Extra context menu item: Mit FRITZ!Box Anrufen - C:\Program Files (x86)\FRITZ!Box\AddOn (IE)\fb_addon_dial_ie.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - D:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Videos mit FDM herunterladen - D:\Programme\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Alles mit FDM herunterladen - D:\Programme\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Auswahl mit FDM herunterladen - D:\Programme\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Datei mit FDM herunterladen - D:\Programme\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Mit FRITZ!Box Anrufen - C:\Program Files (x86)\FRITZ!Box\AddOn (IE)\fb_addon_dial_ie.htm ()
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - D:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Videos mit FDM herunterladen - D:\Programme\Free Download Manager\dlfvideo.htm ()
O9:64bit: - Extra Button: Report to BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Programme\BullGuard Ltd\BullGuard\Antiphishing\IE\BgAntiphishingIE.dll (BullGuard Ltd.)
O9 - Extra 'Tools' menuitem : Sun Java-Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra Button: Report to BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Programme\BullGuard Ltd\BullGuard\Files32\Antiphishing\IE\BgAntiphishingIE.dll (BullGuard Ltd.)
O9 - Extra Button: An Mindjet MindManager senden - {2F72393D-2472-4F82-B600-ED77F354B7FF} - D:\Programme\MindManager 8\Mm8InternetExplorer.dll (Mindjet)
O9 - Extra Button: FRITZ!Box AddOn - {328ECD19-C167-40eb-A0C7-16FE7634105F} - C:\Program Files (x86)\FRITZ!Box\AddOn (IE)\FBoxIESplitButton.dll (AVM Berlin)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\WINDOWS\SysNative\iavlsp64.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\WINDOWS\SysNative\iavlsp64.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\WINDOWS\SysNative\iavlsp64.dll ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Lokales Intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Lokales Intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Java Plug-in 10.51.2)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Java Plug-in 1.6.0_04)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Java Plug-in 10.51.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7EE78588-375E-4043-B151-6FF228BA3431}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7EE78588-375E-4043-B151-6FF228BA3431}: NameServer = 127.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9F235A5C-2D65-4E83-9679-1952A46429F3}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\belarc - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014.03.28 12:50:27 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{a198bd91-577d-11e3-8220-8c89a55ab07d}\Shell - "" = AutoRun
O33 - MountPoints2\{a198bd91-577d-11e3-8220-8c89a55ab07d}\Shell\AutoRun\command - "" = "M:\LaunchU3.exe" -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014.03.28 13:35:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegHunter
[2014.03.28 12:47:50 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
[2014.03.28 12:47:49 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2014.03.28 12:47:49 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2014.03.27 15:16:03 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Babylon
[2014.03.27 15:15:59 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Babylon
[2014.03.27 15:15:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2014.03.27 14:58:07 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\ProcAlyzer Dumps
[2014.03.27 14:17:34 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\WINDOWS\SysNative\bootdelete.exe
[2014.03.27 13:26:41 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\AGAVA TBP
[2014.03.27 12:47:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Free Download Manager
[2014.03.27 12:15:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Bat! E-Mail
[2014.03.26 19:27:26 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\LavasoftStatistics
[2014.03.26 19:00:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
[2014.03.26 18:54:45 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Lavasoft
[2014.03.26 18:53:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Lavasoft
[2014.03.26 18:51:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2014.03.26 09:56:00 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\zebNet
[2014.03.25 20:11:43 | 000,029,496 | ---- | C] (TuneUp Software) -- C:\WINDOWS\SysNative\authuitu.dll
[2014.03.25 20:11:37 | 000,025,400 | ---- | C] (TuneUp Software) -- C:\WINDOWS\SysWow64\authuitu.dll
[2014.03.25 20:11:35 | 000,043,320 | ---- | C] (TuneUp Software) -- C:\WINDOWS\SysNative\uxtuneup.dll
[2014.03.25 20:11:31 | 000,036,152 | ---- | C] (TuneUp Software) -- C:\WINDOWS\SysWow64\uxtuneup.dll
[2014.03.25 20:10:53 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\TuneUp Software
[2014.03.25 19:51:04 | 000,077,312 | ---- | C] (Emsisoft GmbH) -- C:\WINDOWS\SysNative\eamclean.exe
[2014.03.25 19:44:10 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SARDU
[2014.03.25 19:44:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SARDU
[2014.03.25 18:00:43 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.03.24 18:28:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014.03.20 23:03:06 | 015,783,992 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvwgf2um.dll
[2014.03.20 23:03:02 | 000,832,936 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvumdshim.dll
[2014.03.20 23:03:00 | 011,589,272 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvopencl.dll
[2014.03.20 23:03:00 | 009,690,424 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvopencl.dll
[2014.03.20 23:02:58 | 031,474,976 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvoglv64.dll
[2014.03.20 23:02:56 | 023,716,640 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvoglv32.dll
[2014.03.20 23:02:56 | 000,305,600 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvoglshim32.dll
[2014.03.20 23:02:54 | 000,892,704 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFR64.dll
[2014.03.20 23:02:54 | 000,863,064 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFR.dll
[2014.03.20 23:02:54 | 000,377,688 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFROpenGL.dll
[2014.03.20 23:02:54 | 000,333,600 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFROpenGL.dll
[2014.03.20 23:02:54 | 000,174,296 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvinitx.dll
[2014.03.20 23:02:54 | 000,148,016 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvinit.dll
[2014.03.20 23:02:52 | 001,885,472 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispco6433523.dll
[2014.03.20 23:02:52 | 001,516,488 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispgenco6433523.dll
[2014.03.20 23:02:52 | 001,515,296 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvhdagenco6420103.dll
[2014.03.20 23:02:52 | 000,877,856 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvFBC64.dll
[2014.03.20 23:02:52 | 000,846,168 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvFBC.dll
[2014.03.20 23:02:52 | 000,484,296 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvEncodeAPI64.dll
[2014.03.20 23:02:52 | 000,409,544 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvEncodeAPI.dll
[2014.03.20 23:02:52 | 000,197,408 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\drivers\nvhda64v.sys
[2014.03.20 23:02:52 | 000,031,520 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvhdap64.dll
[2014.03.20 23:02:50 | 017,755,424 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvd3dumx.dll
[2014.03.20 23:02:50 | 014,709,720 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvd3dum.dll
[2014.03.20 23:02:50 | 003,143,456 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvid.dll
[2014.03.20 23:02:48 | 011,636,176 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuda.dll
[2014.03.20 23:02:48 | 009,728,064 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuda.dll
[2014.03.20 23:02:48 | 002,958,792 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvid.dll
[2014.03.20 23:02:48 | 002,783,008 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvenc.dll
[2014.03.20 23:02:48 | 002,411,976 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvenc.dll
[2014.03.20 23:02:32 | 017,561,544 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcompiler.dll
[2014.03.20 23:02:30 | 025,255,256 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcompiler.dll
[2014.03.20 23:02:28 | 002,715,264 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvapi.dll
[2014.03.19 21:03:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Laplink
[2014.03.19 21:02:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Laplink
[2014.03.19 21:02:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Laplink PCmover
[2014.03.19 21:00:22 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Downloaded Installations
[2014.03.18 13:53:17 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\poqexec.exe
[2014.03.18 13:53:16 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\poqexec.exe
[2014.03.16 18:04:25 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Help
[2014.03.16 11:23:08 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\RealNetworks
[2014.03.16 11:22:03 | 000,000,000 | ---D | C] -- C:\ProgramData\RealNetworks
[2014.03.16 11:22:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RealNetworks
[2014.03.16 11:21:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared
[2014.03.16 11:21:08 | 000,201,800 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\SysWow64\rmoc3260.dll
[2014.03.16 11:20:47 | 000,278,600 | ---- | C] (Progressive Networks) -- C:\WINDOWS\SysWow64\pncrt.dll
[2014.03.14 21:04:23 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\AGAVA TBP
[2014.03.14 21:02:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AGAVA AntispamServant für TheBat!
[2014.03.14 10:19:07 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\AntispamSniper
[2014.03.12 20:12:58 | 001,643,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2014.03.12 20:12:58 | 001,507,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2014.03.12 20:12:51 | 005,768,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2014.03.12 20:12:51 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2014.03.12 20:12:50 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2014.03.12 20:12:50 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2014.03.12 20:12:50 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2014.03.12 20:12:02 | 006,640,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2014.03.12 20:12:02 | 005,770,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2014.03.12 20:12:02 | 002,133,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2014.03.12 20:12:01 | 004,175,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbgeng.dll
[2014.03.12 20:12:01 | 002,143,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2014.03.12 20:12:01 | 001,928,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2014.03.12 20:12:01 | 001,486,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbghelp.dll
[2014.03.12 20:12:01 | 001,371,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2014.03.12 20:12:01 | 001,287,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel32.dll
[2014.03.12 20:12:01 | 001,057,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdvidcrl.dll
[2014.03.12 20:12:01 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdvidcrl.dll
[2014.03.12 20:12:01 | 000,764,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmpeg2srcsnk.dll
[2014.03.12 20:12:01 | 000,669,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
[2014.03.12 20:12:01 | 000,458,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFault.exe
[2014.03.12 20:12:01 | 000,407,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Faultrep.dll
[2014.03.12 20:12:01 | 000,369,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Faultrep.dll
[2014.03.12 20:12:01 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpencom.dll
[2014.03.12 20:12:01 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdpencom.dll
[2014.03.12 20:12:00 | 002,873,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbgeng.dll
[2014.03.12 20:12:00 | 001,238,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbghelp.dll
[2014.03.12 20:12:00 | 000,447,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppcomapi.dll
[2014.03.12 20:12:00 | 000,408,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFault.exe
[2014.03.12 20:12:00 | 000,233,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfps.dll
[2014.03.12 20:12:00 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DWWIN.EXE
[2014.03.12 20:12:00 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DWWIN.EXE
[2014.03.12 20:12:00 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tsgqec.dll
[2014.03.12 20:12:00 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tsgqec.dll
[2014.03.12 20:10:21 | 000,236,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdFilter.sys
[2014.03.12 20:10:21 | 000,124,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdNisDrv.sys
[2014.03.12 20:10:21 | 000,035,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdBoot.sys
[2014.03.12 20:09:46 | 000,586,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\qedit.dll
[2014.03.12 20:09:46 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\qedit.dll
[2014.03.12 16:17:54 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VampireX
[2014.03.12 16:17:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VampireX
[2014.03.12 11:03:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AntispamSniper for TheBat!
[2014.03.11 09:57:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SRWare Iron
[2014.03.11 09:57:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SRWare Iron
[2014.03.08 21:04:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Belarc
[2014.03.05 18:57:21 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMailTrackerPro
[2014.03.05 18:37:40 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyConnection Server
[2014.03.05 18:37:34 | 000,000,000 | ---D | C] -- C:\MCSRACache-E8A0897E9D
[2014.03.05 18:37:31 | 000,000,000 | ---D | C] -- C:\vw
[2014.03.04 19:55:15 | 001,504,608 | R--- | C] (Commtouch, Inc.) -- C:\WINDOWS\SysNative\drivers\ampse.sys
[2014.03.04 19:55:15 | 000,173,408 | R--- | C] (Commtouch, Inc.) -- C:\WINDOWS\SysNative\drivers\amp.sys
[2014.03.04 19:55:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Authentium
[2014.03.04 19:55:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Authentium
[2014.03.04 19:55:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Authentium
[2014.03.04 19:47:09 | 002,135,040 | ---- | C] (iolo technologies, LLC) -- C:\WINDOWS\SysNative\Incinerator64.dll
[2014.03.04 19:46:53 | 000,000,000 | ---D | C] -- C:\ProgramData\ioloGovernor
[2014.03.04 19:46:44 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\ioloGovernor
[2014.03.03 17:39:20 | 000,000,000 | ---D | C] -- C:\Program Files\Waterfox
[2013.08.30 16:51:14 | 028,779,232 | ---- | C] (8pecxstudios ) -- C:\Users\User\AppData\Roaming\LatestVersionIntel.exe
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014.03.28 15:10:07 | 000,001,130 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3421421347-3586464235-1710720214-1001UA.job
[2014.03.28 14:40:03 | 000,001,120 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014.03.28 14:38:07 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014.03.28 13:35:41 | 000,001,185 | ---- | M] () -- C:\Users\Public\Desktop\RegHunter.lnk
[2014.03.28 12:50:27 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2014.03.28 12:47:50 | 000,002,278 | ---- | M] () -- C:\Users\User\Desktop\SpyHunter.lnk
[2014.03.28 12:40:14 | 000,002,201 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014.03.28 12:40:13 | 000,001,116 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014.03.28 10:32:19 | 000,765,378 | ---- | M] () -- C:\WINDOWS\SysNative\perfh007.dat
[2014.03.28 10:32:19 | 000,723,316 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014.03.28 10:32:19 | 000,159,696 | ---- | M] () -- C:\WINDOWS\SysNative\perfc007.dat
[2014.03.28 10:32:19 | 000,135,930 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014.03.28 10:32:18 | 001,780,340 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014.03.28 10:27:31 | 000,000,480 | ---- | M] () -- C:\WINDOWS\SysNative\F39D4DE6-98B8-4E05-91BD-549E8A8248BD
[2014.03.28 10:27:27 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014.03.28 10:26:10 | 000,000,408 | ---- | M] () -- C:\WINDOWS\SysWow64\iolo.ini
[2014.03.28 10:26:10 | 000,000,408 | ---- | M] () -- C:\WINDOWS\SysNative\iolo.ini
[2014.03.28 10:25:50 | 000,001,092 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2014.03.28 10:25:07 | 016,777,216 | -HS- | M] () -- C:\swapfile.sys
[2014.03.28 10:25:07 | 000,000,000 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\lvuvc.hs
[2014.03.27 14:17:34 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\WINDOWS\SysNative\bootdelete.exe
[2014.03.25 19:52:47 | 000,077,312 | ---- | M] (Emsisoft GmbH) -- C:\WINDOWS\SysNative\eamclean.exe
[2014.03.25 19:52:47 | 000,001,120 | ---- | M] () -- C:\WINDOWS\SysNative\eamclean.dat
[2014.03.25 16:10:15 | 000,001,078 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3421421347-3586464235-1710720214-1001Core.job
[2014.03.25 12:42:03 | 000,089,304 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbamchameleon.sys
[2014.03.24 14:41:24 | 000,000,884 | ---- | M] () -- C:\WINDOWS\SysNative\.crusader
[2014.03.24 14:34:51 | 000,001,927 | ---- | M] () -- C:\Users\Public\Desktop\HitmanPro.lnk
[2014.03.24 10:26:28 | 000,002,922 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2014.03.21 10:17:25 | 000,000,903 | ---- | M] () -- C:\Users\Public\Desktop\Pale Moon.lnk
[2014.03.20 23:03:10 | 000,062,408 | ---- | M] (Khronos Group) -- C:\WINDOWS\SysNative\OpenCL.dll
[2014.03.20 23:03:10 | 000,054,216 | ---- | M] (Khronos Group) -- C:\WINDOWS\SysWow64\OpenCL.dll
[2014.03.20 23:03:06 | 018,302,384 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvwgf2umx.dll
[2014.03.20 23:03:06 | 015,783,992 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvwgf2um.dll
[2014.03.20 23:03:02 | 000,947,808 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvumdshimx.dll
[2014.03.20 23:03:02 | 000,832,936 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvumdshim.dll
[2014.03.20 23:03:00 | 011,589,272 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvopencl.dll
[2014.03.20 23:03:00 | 009,690,424 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvopencl.dll
[2014.03.20 23:02:58 | 031,474,976 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvoglv64.dll
[2014.03.20 23:02:56 | 023,716,640 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvoglv32.dll
[2014.03.20 23:02:56 | 000,353,504 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvoglshim64.dll
[2014.03.20 23:02:56 | 000,305,600 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvoglshim32.dll
[2014.03.20 23:02:54 | 000,892,704 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFR64.dll
[2014.03.20 23:02:54 | 000,863,064 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFR.dll
[2014.03.20 23:02:54 | 000,377,688 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFROpenGL.dll
[2014.03.20 23:02:54 | 000,333,600 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFROpenGL.dll
[2014.03.20 23:02:54 | 000,174,296 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvinitx.dll
[2014.03.20 23:02:54 | 000,148,016 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvinit.dll
[2014.03.20 23:02:54 | 000,024,544 | ---- | M] () -- C:\WINDOWS\SysNative\nvinfo.pb
[2014.03.20 23:02:52 | 001,885,472 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispco6433523.dll
[2014.03.20 23:02:52 | 001,516,488 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispgenco6433523.dll
[2014.03.20 23:02:52 | 001,515,296 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvhdagenco6420103.dll
[2014.03.20 23:02:52 | 000,877,856 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvFBC64.dll
[2014.03.20 23:02:52 | 000,846,168 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvFBC.dll
[2014.03.20 23:02:52 | 000,484,296 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvEncodeAPI64.dll
[2014.03.20 23:02:52 | 000,409,544 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvEncodeAPI.dll
[2014.03.20 23:02:52 | 000,197,408 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\drivers\nvhda64v.sys
[2014.03.20 23:02:52 | 000,031,520 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvhdap64.dll
[2014.03.20 23:02:50 | 017,755,424 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvd3dumx.dll
[2014.03.20 23:02:50 | 014,709,720 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvd3dum.dll
[2014.03.20 23:02:50 | 003,143,456 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvid.dll
[2014.03.20 23:02:48 | 011,636,176 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuda.dll
[2014.03.20 23:02:48 | 009,728,064 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuda.dll
[2014.03.20 23:02:48 | 002,958,792 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvid.dll
[2014.03.20 23:02:48 | 002,783,008 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvenc.dll
[2014.03.20 23:02:48 | 002,411,976 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvenc.dll
[2014.03.20 23:02:32 | 017,561,544 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcompiler.dll
[2014.03.20 23:02:30 | 025,255,256 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcompiler.dll
[2014.03.20 23:02:30 | 003,093,280 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvapi64.dll
[2014.03.20 23:02:28 | 002,715,264 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvapi.dll
[2014.03.20 14:44:20 | 000,043,320 | ---- | M] (TuneUp Software) -- C:\WINDOWS\SysNative\uxtuneup.dll
[2014.03.20 14:44:20 | 000,036,152 | ---- | M] (TuneUp Software) -- C:\WINDOWS\SysWow64\uxtuneup.dll
[2014.03.20 14:44:20 | 000,029,496 | ---- | M] (TuneUp Software) -- C:\WINDOWS\SysNative\authuitu.dll
[2014.03.20 14:44:20 | 000,025,400 | ---- | M] (TuneUp Software) -- C:\WINDOWS\SysWow64\authuitu.dll
[2014.03.19 21:02:42 | 000,001,727 | ---- | M] () -- C:\Users\Public\Desktop\PCmover Free.lnk
[2014.03.19 09:09:37 | 000,000,671 | ---- | M] () -- C:\Users\Public\Desktop\Cyberfox.lnk
[2014.03.16 11:22:24 | 000,000,679 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer Cloud.lnk
[2014.03.16 11:21:08 | 000,201,800 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\SysWow64\rmoc3260.dll
[2014.03.16 11:21:04 | 000,000,717 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
[2014.03.16 11:20:47 | 000,278,600 | ---- | M] (Progressive Networks) -- C:\WINDOWS\SysWow64\pncrt.dll
[2014.03.14 09:42:35 | 000,002,036 | ---- | M] () -- C:\Users\Public\Desktop\SteuerSparErklärung 2014.lnk
[2014.03.14 09:27:21 | 000,654,736 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014.03.11 09:57:20 | 000,000,950 | ---- | M] () -- C:\Users\Public\Desktop\SRWare Iron.lnk
[2014.03.04 23:53:05 | 000,105,464 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2014.03.04 23:53:04 | 000,693,240 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2014.03.04 19:41:17 | 000,000,677 | ---- | M] () -- C:\Users\Public\Desktop\Cyberfox Profilmanager.lnk
[2014.03.04 14:06:00 | 006,714,312 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcpl.dll
[2014.03.04 14:06:00 | 003,497,816 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvsvc64.dll
[2014.03.04 14:05:58 | 002,558,808 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvsvcr.dll
[2014.03.04 14:05:58 | 000,064,968 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvshext.dll
[2014.03.04 14:05:57 | 000,386,336 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvmctray.dll
[2014.03.04 14:05:53 | 003,649,185 | ---- | M] () -- C:\WINDOWS\SysNative\nvcoproc.bin
[2014.03.03 17:39:25 | 000,000,900 | ---- | M] () -- C:\Users\Public\Desktop\Waterfox.lnk
[2014.03.01 05:17:43 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2014.03.01 04:54:33 | 005,768,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2014.03.01 04:42:12 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2014.03.01 03:25:42 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2014.03.01 03:25:22 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014.03.28 13:35:41 | 000,001,185 | ---- | C] () -- C:\Users\Public\Desktop\RegHunter.lnk
[2014.03.28 12:50:27 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2014.03.28 12:47:50 | 000,002,278 | ---- | C] () -- C:\Users\User\Desktop\SpyHunter.lnk
[2014.03.28 10:27:31 | 000,000,480 | ---- | C] () -- C:\WINDOWS\SysNative\F39D4DE6-98B8-4E05-91BD-549E8A8248BD
[2014.03.26 19:00:30 | 000,001,092 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2014.03.25 19:51:04 | 000,001,120 | ---- | C] () -- C:\WINDOWS\SysNative\eamclean.dat
[2014.03.25 18:30:52 | 000,001,073 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\zebNet® Byte Calculator TNG.lnk
[2014.03.24 18:28:17 | 000,002,201 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014.03.21 10:17:25 | 000,000,903 | ---- | C] () -- C:\Users\Public\Desktop\Pale Moon.lnk
[2014.03.19 21:02:42 | 000,001,727 | ---- | C] () -- C:\Users\Public\Desktop\PCmover Free.lnk
[2014.03.19 09:09:37 | 000,000,671 | ---- | C] () -- C:\Users\Public\Desktop\Cyberfox.lnk
[2014.03.16 11:22:24 | 000,000,679 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer Cloud.lnk
[2014.03.16 11:21:04 | 000,000,717 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
[2014.03.12 20:12:00 | 000,386,722 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2014.03.12 19:54:22 | 000,000,722 | ---- | C] () -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Bat!.LNK
[2014.03.11 09:57:20 | 000,000,950 | ---- | C] () -- C:\Users\Public\Desktop\SRWare Iron.lnk
[2014.03.08 21:04:24 | 000,002,158 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belarc Advisor.lnk
[2014.03.03 17:39:25 | 000,000,900 | ---- | C] () -- C:\Users\Public\Desktop\Waterfox.lnk
[2014.02.12 19:57:15 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2013.12.10 11:16:48 | 000,000,098 | ---- | C] () -- C:\Users\User\advanced_ip_scanner_MAC.bin
[2013.12.08 11:40:08 | 000,000,876 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2013.11.19 21:15:50 | 000,000,144 | ---- | C] () -- C:\Users\User\AppData\Roaming\PronunciationEditor.ini
[2013.09.24 11:19:15 | 000,000,024 | -HS- | C] () -- C:\Users\User\AppData\Roaming\System5908ConfigCollection.dat
[2013.09.24 11:19:15 | 000,000,024 | -HS- | C] () -- C:\Users\User\AppData\Roaming\1D959CA221C7573.sys
[2013.09.17 13:00:11 | 000,000,111 | ---- | C] () -- C:\Users\User\AppData\Roaming\profiles.ini
[2013.08.22 16:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013.08.22 16:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013.08.22 15:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013.08.22 08:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013.08.22 04:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013.08.22 00:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013.08.22 00:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013.06.13 16:42:31 | 003,661,266 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2013.06.12 16:40:26 | 000,000,197 | ---- | C] () -- C:\WINDOWS\LSExifCleaner.ini
[2013.06.01 15:02:29 | 000,009,216 | ---- | C] () -- C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.05.29 10:12:54 | 000,002,922 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2013.05.07 09:40:25 | 000,074,240 | ---- | C] () -- C:\WINDOWS\AKDeInstall.exe
[2013.05.05 20:23:58 | 000,000,408 | ---- | C] () -- C:\WINDOWS\SysWow64\iolo.ini
[2013.05.05 20:17:36 | 000,074,703 | ---- | C] () -- C:\WINDOWS\SysWow64\mfc45.dat
[2013.04.25 20:07:51 | 000,000,105 | R--- | C] () -- C:\ProgramData\Ppster.ini
[2013.04.13 16:11:51 | 000,105,292 | ---- | C] () -- C:\WINDOWS\restart.exe
[2013.03.14 20:08:49 | 000,559,104 | ---- | C] () -- C:\WINDOWS\RmTablet.exe
[2013.03.13 22:12:47 | 000,451,072 | ---- | C] () -- C:\WINDOWS\SysWow64\ISSRemoveSP.exe
[2013.03.13 22:12:47 | 000,036,864 | ---- | C] () -- C:\WINDOWS\runSW.exe
[2013.03.07 19:53:45 | 000,000,034 | ---- | C] () -- C:\Users\User\eMailTrackerPro-Path
[2013.03.01 02:47:36 | 000,053,299 | ---- | C] () -- C:\WINDOWS\SysWow64\pthreadVC.dll
[2013.02.28 18:56:13 | 000,007,605 | ---- | C] () -- C:\Users\User\AppData\Local\Resmon.ResmonCfg
[2013.02.26 16:29:21 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2013.01.03 12:09:55 | 000,004,096 | -H-- | C] () -- C:\Users\User\AppData\Local\keyfile3.drm
[2013.01.01 15:44:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2012.12.02 20:20:25 | 000,000,021 | ---- | C] () -- C:\WINDOWS\progman.ini
[2012.11.25 12:39:18 | 000,000,034 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2012.11.20 12:28:17 | 000,000,457 | ---- | C] () -- C:\Users\User\clipdat2.rdf
[2012.11.18 11:53:00 | 000,000,265 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2012.11.17 12:17:31 | 000,000,022 | -HS- | C] () -- C:\Users\User\AppData\Roaming\Windows1569_SettingsRepository.bin
[2012.11.17 12:17:31 | 000,000,022 | -HS- | C] () -- C:\WINDOWS\90C7D912BE2316.sys
[2012.11.16 14:45:18 | 000,000,215 | ---- | C] () -- C:\WINDOWS\HBCIKRNL.ini
[2012.11.16 14:45:15 | 000,000,287 | ---- | C] () -- C:\ProgramData\{BABE1E59-F3A3-4B2B-80B1-41928543A042}_WiseFW.ini
[2012.11.02 17:48:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2012.10.26 16:42:24 | 000,336,232 | ---- | C] () -- C:\WINDOWS\SysWow64\DevManagerCore.dll
[2012.10.26 16:42:22 | 010,919,784 | ---- | C] () -- C:\WINDOWS\SysWow64\LogiDPP.dll
[2012.10.26 16:42:22 | 000,103,272 | ---- | C] () -- C:\WINDOWS\SysWow64\LogiDPPApp.exe
[2012.10.07 11:23:08 | 000,138,368 | ---- | C] () -- C:\WINDOWS\SysWow64\LxDNTvmc100.dll
[2012.10.07 11:23:08 | 000,074,368 | ---- | C] () -- C:\WINDOWS\SysWow64\LxDNTvm100.dll
[2012.10.07 11:23:06 | 000,318,592 | ---- | C] () -- C:\WINDOWS\SysWow64\LxDNT100.dll
[2012.08.13 04:29:51 | 000,007,800 | ---- | C] () -- C:\WINDOWS\cadx2.ini
[2012.07.17 14:22:04 | 000,179,200 | ---- | C] () -- C:\WINDOWS\SysWow64\unrar.dll

========== ZeroAccess Check ==========

[2014.02.16 12:43:02 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.12.09 09:05:24 | 021,199,256 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.12.09 05:51:04 | 018,643,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013.08.22 10:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013.08.22 03:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013.08.22 10:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014.01.02 18:27:09 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\0W1L1G1Q1F2W1Bzz0D1F2W1G1I1F1T1Q1B
[2012.12.03 17:50:26 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\AAV
[2012.11.27 11:41:51 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Abelssoft
[2013.11.12 18:52:57 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Acapela Group
[2013.11.20 18:04:18 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Advanced
[2014.03.14 21:04:23 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\AGAVA TBP
[2013.06.18 09:38:55 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Ahnenblatt
[2013.02.25 18:47:57 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\aignes
[2012.11.17 18:08:10 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Alle meine Passworte
[2014.03.14 10:19:07 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\AntispamSniper
[2013.11.03 14:46:57 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\AnvSoft
[2013.04.12 15:03:05 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ArcticLine
[2013.03.01 14:31:03 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ASCOMP Software
[2013.12.30 12:34:23 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Ashampoo
[2014.03.27 15:15:59 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Babylon
[2014.03.28 11:18:10 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\BullGuard
[2013.06.15 17:50:12 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Canon
[2013.08.23 18:09:31 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\com.dansl.QRreader
[2013.02.02 20:54:05 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\COMPUTERBILD-Abzockschutz Premium
[2012.11.16 22:02:42 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DataDesign
[2012.11.17 12:09:02 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Dirk Jansen
[2014.01.13 17:51:19 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Downloaded Installations
[2013.12.31 19:05:31 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DVDVideoSoft
[2012.12.12 17:39:52 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Epson
[2012.12.03 11:32:07 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ESBUnitConv
[2013.09.03 17:53:15 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\EssentialPIM Pro
[2014.02.10 15:26:21 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\FileZilla
[2013.04.07 16:38:51 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\FRITZ!
[2013.04.23 19:25:08 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Fritz!Box Tray Tool
[2013.04.20 13:23:00 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\FRITZ!fax für FRITZ!Box
[2013.06.25 18:06:59 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\GetFoldersize
[2013.03.18 15:12:08 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\GHISLER
[2014.03.05 17:01:18 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\gnupg
[2014.01.18 13:06:02 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\GrabPro
[2013.02.11 20:25:43 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\gramps
[2012.12.02 20:21:59 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\HaCon
[2013.05.11 09:06:55 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\hdbADS
[2013.11.10 11:30:35 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\IGC
[2013.08.01 20:42:27 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\iolo
[2014.03.04 19:46:44 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ioloGovernor
[2013.12.19 15:32:07 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\IrfanView
[2014.02.23 11:49:35 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\JFritz
[2013.01.18 20:40:13 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\KC Softwares
[2013.01.03 16:37:53 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Leadertech
[2012.11.16 22:02:07 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Lexware
[2014.02.02 11:52:03 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Mael
[2013.06.20 20:05:57 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\MAGIX
[2013.09.22 18:07:32 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Maxthon3
[2013.04.07 15:56:25 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Moonchild Productions
[2013.05.11 09:05:54 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\MrJobs
[2013.05.05 11:05:56 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\MxPacker
[2014.03.28 15:26:31 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\NetSpeedMonitor
[2014.01.13 18:15:31 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Nitro
[2014.03.24 17:35:42 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Nitro PDF
[2014.03.09 18:02:59 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Notepad++
[2014.03.24 17:30:12 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ObviousIdea
[2013.09.28 10:14:16 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Opera
[2014.01.09 14:53:59 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Opera Software
[2014.03.26 20:25:22 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Orbit
[2013.12.15 19:33:12 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\PC-Pannenhelfer - Special Edition 2013
[2014.02.08 18:45:28 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\pcwJavaUpdate
[2012.11.30 19:12:26 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\PDF Experte 7
[2013.06.26 20:02:13 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\PhotoScape
[2013.09.17 13:00:11 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Profiles
[2012.11.17 16:53:12 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ProgSense
[2013.10.18 19:39:42 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\QuickScan
[2014.01.02 16:05:42 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Shark007
[2014.02.10 10:50:29 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\StarOffice8
[2013.02.04 17:40:28 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\SymMover
[2014.03.28 10:32:05 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Thunderbird
[2013.09.08 12:58:13 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\TuneUp Software
[2013.03.14 20:34:35 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Ulead Systems
[2014.03.23 21:30:53 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\uTorrent
[2013.01.29 10:28:31 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Waterfox Limited
[2013.02.26 17:08:44 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Win8codecs
[2013.05.06 12:28:27 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Wise Registry Cleaner
[2013.01.29 20:01:24 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\WSCC2
[2014.01.21 18:17:06 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\wxMozBrowserLib
[2013.11.20 10:57:37 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\XnView
[2013.02.12 12:00:28 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ZapWallPaper
[2014.03.26 09:56:00 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\zebNet

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 220 bytes -> C:\Users\User\SkyDrive:ms-properties
@Alternate Data Stream - 192 bytes -> C:\Windows:nlsPreferences

< End of report >

Alt 28.03.2014, 19:12   #2
schrauber
/// the machine
/// TB-Ausbilder
 

OTL Logfile - Standard

OTL Logfile



schönes Logfile. Nicht in Codetags, falsches Programm. Aber schön

und so ganz ohne Fehlerbeschreibung......
__________________

__________________

Antwort

Themen zu OTL Logfile
ad-aware, adobe flash player, amazon-icon, antivirus, askbar, bho, calculator, coupons, defender, downloader, email, error, explorer, firefox, flash player, format, free download, heimdal, logfile, lws.exe, monitor.exe, moonchild, nvidia, programme, realtek, registry, scan, security, senden, server, shark, software, suche, vlc-player, windows




Ähnliche Themen: OTL Logfile


  1. Weißer Bildschirm - Taskmanager mit Polizeihinweis - bis zum Logfile alles durchgespielt - möchte nun logfile posten
    Log-Analyse und Auswertung - 04.09.2013 (17)
  2. Logfile ok?
    Log-Analyse und Auswertung - 10.07.2011 (31)
  3. Probleme trotz beseitigung von trojan.Zbot und Trojan.Downloader, OTL Logfile, MalwareByte Logfile!
    Plagegeister aller Art und deren Bekämpfung - 28.07.2010 (10)
  4. Logfile auswerten bzw. Logfile posten
    Mülltonne - 30.12.2008 (0)
  5. Hjt Logfile
    Log-Analyse und Auswertung - 10.06.2008 (21)
  6. logfile
    Mülltonne - 18.04.2008 (0)
  7. Logfile
    Log-Analyse und Auswertung - 20.09.2006 (1)
  8. Logfile
    Log-Analyse und Auswertung - 26.03.2006 (8)
  9. logfile
    Log-Analyse und Auswertung - 24.11.2005 (6)
  10. Logfile
    Log-Analyse und Auswertung - 04.09.2005 (1)
  11. Logfile
    Log-Analyse und Auswertung - 02.09.2005 (4)
  12. Logfile
    Log-Analyse und Auswertung - 06.08.2005 (1)
  13. Logfile
    Log-Analyse und Auswertung - 01.05.2005 (3)
  14. Logfile ok?
    Log-Analyse und Auswertung - 26.04.2005 (4)
  15. logfile ok?
    Log-Analyse und Auswertung - 29.12.2004 (6)
  16. Logfile Ok ?
    Log-Analyse und Auswertung - 16.11.2004 (2)
  17. Logfile
    Log-Analyse und Auswertung - 09.09.2004 (2)

Zum Thema OTL Logfile - OTL logfile created on: 28.03.2014 15:16:21 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = D:\Tools\O T L 64bit- An unknown product (Version = 6.2.9200) - Type = - OTL Logfile...
Archiv
Du betrachtest: OTL Logfile auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.