| |
| |||||||
Log-Analyse und Auswertung: Echtheit der Windowskopie wurde noch nicht bestätig. Bei jedem Neustart: AVIRA Desktop ist nicht aktiviert?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
06.04.2014, 13:42
| #1 |
 |  Echtheit der Windowskopie wurde noch nicht bestätig. Bei jedem Neustart: AVIRA Desktop ist nicht aktiviert? Ihr habt mir sehr dabei geholfen, diese Webs Searches Suchmaschine in meinem Browser zu entfernen  kam bei jedem Neustart in jedem Browser von mir - ich war echt verzweifelt  Nun mein neues Anliegen: Ich hoffe sehr man kann mir dabei ebenso helfen? Bei jedem Neustart, erscheint im Wartungscenter - 1 wichtige Medlung. AVIRA Desktop ist nicht aktiviert. Bitte hier klicken um AVIRA Desktop zu aktivieren. Klicken Sie bitte hier, um Anti Spyware und Viren Programme die auf diesem Computer installiert sind zu öffnen, oder so ähnlich...! Wie bekomme ich dies weg, sprich, so das AVIRA Desktop immer aktiviert ist und ich es nicht bei jedem Neustart aktivieren muss? Die Echtheit dieser Windows 7 Version Build 7601 wurde noch nicht bestätigt? Diese Anzeige kommt öfters, rechts unten auf meinem Dektop. Allerdings gehe ich dann auf Computer rechtsklick "Eigenschaften" und nach ein paar wenigen Sekunden ist mein Windows aktiviert. Wenn ich dies allerdings nicht mache, dann kommt nach ein paar Stunden: Möglicherweise sind Sie Opfer einer Softwarefälschung geworden! Habe meinen Laptop mit OTL by Oldtimer gescannt. Was ich hier bei euch im Forum bei selben Thema gesehen habe: Hier die Datei:OTL Logfile: Code:
ATTFilter OTL logfile created on: 4/5/2014 9:00:41 AM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Administrator\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.16521) Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3.61 Gb Total Physical Memory | 2.13 Gb Available Physical Memory | 59.13% Memory free 7.21 Gb Paging File | 5.40 Gb Available in Paging File | 74.88% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 273.09 Gb Total Space | 233.18 Gb Free Space | 85.39% Space Free | Partition Type: NTFS Computer Name: xxxxx | User Name: Administrator | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Administrator\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe (RealNetworks, Inc.) PRC - C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe (Google Inc.) PRC - C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe () PRC - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe () PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS) PRC - C:\ProgramData\DatacardService\DCSHelper.exe (Huawei Technologies Co., Ltd.) PRC - C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe (ASUS) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS) PRC - C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe (Virage Logic Corporation / Sonic Focus) PRC - C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe (Nero AG) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (ASUS) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUS) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll () MOD - C:\Users\ADMINI~1\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll () MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsForm0b574481#\1ab52f8951c2ab97592ec25830dd5165\WindowsFormsIntegration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\24bf0c88c0465485f4b842df043b3f45\System.ServiceModel.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\1e5e19d119e04b93da3d45153abd60fd\System.IdentityModel.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\47e7fc401facd4a5d3f2237f16948f36\PresentationFramework-SystemXml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio84a7b877#\af02d03484578dbc357d1df8d1b6fd01\PresentationFramework-SystemData.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\f4354d6580fbb745c0c8acba382a7b84\System.ServiceProcess.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\3fe705796c6a41d4889d9001d1c56af8\System.Xaml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\7e73e63cf4b8efdf41900b9576489e61\System.Data.Linq.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\a4b45c44490c75bc2fb22780e7ef087d\PresentationFramework.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\6bbed231aec6fd82547e09474da0b2f9\System.Data.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f4f6ee0df2aa4189bf36e6335cb92761\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a74542efbeb46445949a39026c501132\PresentationCore.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\5cd2aee5e7c07227c694d89219688ab3\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\78652b7fa68ee058bff6a118c657f565\SMDiagnostics.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\34b53ecafa1d7ccc7ca961d722b5d983\System.ServiceModel.Internals.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\acf97bfe2a931d4a47253b26b7218991\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\75f8bc4cf08030c4a53b6d5e0ae20046\PresentationFramework.Aero.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\bada32953bb6b16a53d653eae23d78dc\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\dce99d8de14d8a015313db98c72552ee\System.Core.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\bbc48ec4245e502ae19b0601d3799c9e\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ff26cc03e6d57d8abd13b990332e67c6\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\4c8a153aa66fcd62db6fff269a2ef2b4\System.Numerics.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll () ========== Services (SafeList) ========== SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation) SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV:64bit: - (AFBAgent) -- C:\Windows\SysNative\FBAgent.exe (ASUSTeK Computer Inc.) SRV - (RealPlayer Cloud Service) -- C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe (RealNetworks, Inc.) SRV - (Avira.OE.ServiceHost) -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe (Avira Operations GmbH & Co. KG) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (RealPlayerUpdateSvc) -- C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe () SRV - (RealNetworks Downloader Resolver Service) -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe () SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) SRV - (ZAtheros Bt&Wlan Coex Agent) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros) SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Atheros Commnucations) SRV - (HWDeviceService64.exe) -- C:\ProgramData\DatacardService\HWDeviceService64.exe () SRV - (NeroMediaHomeService.4) -- C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe (Nero AG) SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS) SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices) DRV:64bit: - (gfibto) -- C:\Windows\SysNative\drivers\gfibto.sys (GFI Software) DRV:64bit: - (ANDNetModem) -- C:\Windows\SysNative\drivers\lgandnetmodem64.sys (LG Electronics Inc.) DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation) DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\drivers\usb8023x.sys (Microsoft Corporation) DRV:64bit: - (ew_hwusbdev) -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (huawei_enumerator) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (ewusbmbb) -- C:\Windows\SysNative\drivers\ewusbwwan.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (amd_sata) -- C:\Windows\SysNative\drivers\amd_sata.sys (Advanced Micro Devices) DRV:64bit: - (amd_xata) -- C:\Windows\SysNative\drivers\amd_xata.sys (Advanced Micro Devices) DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices) DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.) DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\drivers\btath_bus.sys (Atheros) DRV:64bit: - (cpuz135) -- C:\Windows\SysNative\drivers\cpuz135_x64.sys (CPUID) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.) DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (RMCAST) -- C:\Windows\SysNative\drivers\rmcast.sys (Microsoft Corporation) DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices) DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( ) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (SiSGbeLH) -- C:\Windows\SysNative\drivers\SiSG664.sys (Silicon Integrated Systems Corp.) DRV:64bit: - (netr28ux) -- C:\Windows\SysNative\drivers\netr28ux.sys (Ralink Technology Corp.) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation) DRV - (ATKWMIACPIIO_) -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys (ASUS) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = hxxp://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = hxxp://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = hxxp://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = hxxp://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = hxxp://www.google.com IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://search.certified-toolbar.com?si=46364&st=bs&tid=3869&ver=3.7&ts=1374634172867&tguid=46364-3869-1374634172867-AF5EE1D3DAC05E13876E7DD261871157&q={searchTerms} IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-4265152870-3533527588-3141693544-1021\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com IE - HKU\S-1-5-21-4265152870-3533527588-3141693544-1021\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKU\S-1-5-21-4265152870-3533527588-3141693544-1021\..\URLSearchHook: {26842a09-ffa8-4e2c-ae12-0c80f01c3295} - No CLSID value found IE - HKU\S-1-5-21-4265152870-3533527588-3141693544-1021\..\URLSearchHook: {93a3111f-4f74-4ed8-895e-d9708497629e} - No CLSID value found IE - HKU\S-1-5-21-4265152870-3533527588-3141693544-1021\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-4265152870-3533527588-3141693544-1021\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ASUT_deDE472 IE - HKU\S-1-5-21-4265152870-3533527588-3141693544-1021\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4265152870-3533527588-3141693544-500\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com IE - HKU\S-1-5-21-4265152870-3533527588-3141693544-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com IE - HKU\S-1-5-21-4265152870-3533527588-3141693544-500\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-4265152870-3533527588-3141693544-500\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ASUT_deDE472 IE - HKU\S-1-5-21-4265152870-3533527588-3141693544-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4265152870-3533527588-3141693544-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "https://www.google.de/" FF - prefs.js..extensions.enabledAddons: translator%40zoli.bod:2.1.0.3m FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3522.0110: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=17.0.6.13: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=17.0.6: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=17.0.6: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=17.0.6: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=17.0.6.13: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer Cloud) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{8E8D8D12-A43B-4289-994D-DF2C7C0EF736}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2014/04/03 17:55:07 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014/04/03 17:55:07 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/04/03 17:54:38 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 1.0b1\extensions\\Components: C:\Program Files (x86)\Mozilla Sunbird\components [2014/04/03 19:11:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\Extensions [2014/04/04 16:52:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\maupgsf2.default-1396603073950\extensions [2014/04/04 16:52:25 | 000,060,307 | ---- | M] () (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\firefox\profiles\maupgsf2.default-1396603073950\extensions\translator@zoli.bod.xpi [2014/04/04 11:19:01 | 000,957,290 | ---- | M] () (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\firefox\profiles\maupgsf2.default-1396603073950\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014/04/03 19:11:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions [2014/04/03 19:11:24 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2014/04/03 17:54:17 | 000,148,040 | ---- | M] (RealPlayer Cloud) -- C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{googleriginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{go ogle:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{googlemniboxStartMarginParameter}ie={inputEnco ding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google :cursorPosition}{google:currentPageUrl}{googleageClassification}sugkey={google:suggestAPIKeyParameter}, CHR - homepage: https://www.google.de/ CHR - plugin: Widevine Content Decryption Module (Disabled) = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.2.464\_platform_specific\win_x86\widevinecdmadapter.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll CHR - plugin: DivX VOD Helper Plug-in (Disabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll CHR - plugin: DivX Plus Web Player (Disabled) = C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll CHR - plugin: Java Deployment Toolkit 7.0.510.13 (Disabled) = C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll CHR - plugin: Java(TM) Platform SE 7 U51 (Disabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Gaaiho Doc (Disabled) = C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: RealPlayer Video Downloader (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll CHR - plugin: RealPlayer Video Downloader for HTML5 (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll CHR - plugin: RealPlayer Video Downloader for PepperFlash (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll CHR - Extension: Angry Birds = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_1\ CHR - Extension: Google Docs = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\ CHR - Extension: Google Drive = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Adblock Plus = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.4_0\ CHR - Extension: Google-Suche = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: Google+ = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm\1.2.0.418_0\ CHR - Extension: Jewel Quest Deluxe Spiel = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehehgijaidopomcfpkigakimeoglkjpa\1.0.28.0_0\ CHR - Extension: Black & white Thema = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmohofkmppcgglcmlccpbokkkefigipi\3_0\ CHR - Extension: AdBlock = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.25_0\ CHR - Extension: Google Wallet = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\ CHR - Extension: Downhill Jam = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\opjegjjfdamcmjikplaghiloojkpmdfm\2.3.1_0\ CHR - Extension: Deutsch Englisch Übersetzer = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcknciadhimdlbjjfndidcgnhokfbgnd\1.0.1_0\ CHR - Extension: Google Mail = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll (RealDownloader) O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (no name) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - No CLSID value found. O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) O2 - BHO: (no name) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - No CLSID value found. O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-4265152870-3533527588-3141693544-1021\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKU\S-1-5-21-4265152870-3533527588-3141693544-1021\..\Toolbar\WebBrowser: (no name) - {7E111A5C-3D11-4F56-9463-5310C3C69025} - No CLSID value found. O3 - HKU\S-1-5-21-4265152870-3533527588-3141693544-1021\..\Toolbar\WebBrowser: (no name) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No CLSID value found. O3 - HKU\S-1-5-21-4265152870-3533527588-3141693544-1021\..\Toolbar\WebBrowser: (no name) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - No CLSID value found. O3 - HKU\S-1-5-21-4265152870-3533527588-3141693544-500\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKU\S-1-5-21-4265152870-3533527588-3141693544-500\..\Toolbar\WebBrowser: (no name) - {7E111A5C-3D11-4F56-9463-5310C3C69025} - No CLSID value found. O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe (Virage Logic Corporation / Sonic Focus) O4 - HKU\S-1-5-19..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun File not found O4 - HKU\S-1-5-20..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun File not found O4 - HKU\S-1-5-21-4265152870-3533527588-3141693544-1021..\Run: [Akamai NetSession Interface] C:\Users\Administrator\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) O4 - HKU\S-1-5-21-4265152870-3533527588-3141693544-1021..\Run: [HydraVisionDesktopManager] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD) O4 - HKU\S-1-5-21-4265152870-3533527588-3141693544-1021..\Run: [PC Speed Maximizer] C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe File not found O4 - HKU\S-1-5-21-4265152870-3533527588-3141693544-1021..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun File not found O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-21-4265152870-3533527588-3141693544-1021..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\S-1-5-21-4265152870-3533527588-3141693544-1021\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-4265152870-3533527588-3141693544-1021\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0 O7 - HKU\S-1-5-21-4265152870-3533527588-3141693544-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-4265152870-3533527588-3141693544-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0 O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe File not found O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 192.168.0.2 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4F0FA63D-38E4-4D4F-959E-735181C4BA4C}: DhcpNameServer = 192.168.0.1 192.168.0.2 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6F950002-5629-4F67-BFCF-3033207A1805}: DhcpNameServer = 192.168.42.129 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{74C377C0-22BB-4DEA-87C6-49AE3E51E156}: DhcpNameServer = 192.168.0.1 192.168.0.2 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{791BE36F-A75C-45D9-9D2F-58CA6C7D5519}: NameServer = 193.189.244.206 193.189.244.225 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7DF2222B-99A3-4087-8BC7-900F1C92FA0B}: NameServer = 193.189.244.225 193.189.244.206 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D6B89C19-699B-4A2D-88B7-EEBB0AAF1E08}: NameServer = 193.189.244.206 193.189.244.225 O18:64bit: - Protocol\Handler\ipp - No CLSID value found O18:64bit: - Protocol\Handler\ipp\0x00000001 - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:64bit: - Protocol\Handler\tmbp - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\tmbp - No CLSID value found O20 - AppInit_DLLs: (c:\progra~3\browse~2\261339~1.144\{c16c1~1\browse~1.dll) - File not found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{5f1f7a8f-2f13-11e1-b04b-d0df9a89891a}\Shell - "" = AutoRun O33 - MountPoints2\{5f1f7a8f-2f13-11e1-b04b-d0df9a89891a}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{7f07c70f-1f57-11e2-968f-d0df9a89891a}\Shell - "" = AutoRun O33 - MountPoints2\{7f07c70f-1f57-11e2-968f-d0df9a89891a}\Shell\AutoRun\command - "" = F:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *SBBD.exe /d \Device\HarddiskVolume2\Program Files (x86)\Ad-Aware Antivirus\Definitions) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2014/04/05 08:16:06 | 000,000,000 | ---D | C] -- C:\AdwCleaner [2014/04/03 21:29:15 | 000,312,744 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe [2014/04/03 21:28:55 | 000,189,352 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe [2014/04/03 21:28:55 | 000,189,352 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe [2014/04/03 21:28:55 | 000,108,968 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll [2014/04/03 21:28:20 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2014/04/03 20:07:12 | 000,000,000 | R--D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2014/04/03 19:11:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2014/04/03 17:55:48 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\RealNetworks [2014/04/03 17:55:06 | 000,000,000 | ---D | C] -- C:\ProgramData\RealNetworks [2014/04/03 17:55:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RealNetworks [2014/04/03 17:54:37 | 000,201,800 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll [2014/04/03 17:54:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks [2014/04/03 17:54:07 | 000,278,600 | ---- | C] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll [2014/04/03 17:53:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real [2014/04/03 17:53:15 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Real [2014/04/03 17:52:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Real [2014/04/03 17:37:51 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\DDMSettings [2014/04/03 17:34:41 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\DivX [2014/04/03 17:34:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX [2014/04/03 17:34:14 | 000,000,000 | ---D | C] -- C:\Program Files\DivX [2014/04/03 17:34:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared [2014/04/03 17:33:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX [2014/04/03 17:32:35 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX [2014/04/03 17:31:54 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2014/04/03 17:31:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java [2014/04/03 17:31:37 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2014/04/03 17:31:37 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2014/04/03 17:31:37 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2014/04/02 19:18:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle [2014/04/02 19:18:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2014/04/02 19:18:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2014/04/02 19:17:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2014/04/02 18:41:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Lite Codec Pack [2014/03/31 13:19:45 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\ViberDownloads [2014/03/31 05:17:58 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Google Drive [2014/03/31 05:11:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive [2014/03/30 14:13:27 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\ViberPC [2014/03/30 14:12:30 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Viber [2014/03/26 06:21:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2014/03/26 06:20:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2014/03/25 21:19:32 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\LG Electronics [2014/03/25 20:56:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG PC Suite [2014/03/25 20:56:46 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\LG Electronics [2014/03/25 20:52:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LG Electronics [2014/03/25 06:50:27 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\Fotos [2014/03/25 06:23:52 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\Musik [2014/03/23 21:20:09 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2014/03/23 11:54:50 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Raptr [2014/03/23 11:54:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Raptr [2014/03/23 10:20:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASM104xUSB3 [2014/03/22 13:01:35 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Windows Live Writer [2014/03/22 13:01:35 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Windows Live Writer [2014/03/22 11:35:05 | 000,056,448 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\usbfilter.sys [2014/03/22 11:34:44 | 000,082,560 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amd_sata.sys [2014/03/22 11:34:44 | 000,042,624 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amd_xata.sys [2014/03/22 11:28:38 | 000,016,896 | ---- | C] (ASUS) -- C:\Windows\AsTaskSched.dll [2014/03/22 10:52:21 | 002,103,040 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib64.dll [2014/03/22 10:52:17 | 002,809,048 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll [2014/03/22 10:52:17 | 001,662,024 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl [2014/03/22 10:52:15 | 002,586,328 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll [2014/03/22 10:52:15 | 001,005,784 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll [2014/03/22 10:52:14 | 000,617,176 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtDataProc64.dll [2014/03/22 10:52:13 | 001,284,680 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll [2014/03/22 10:52:12 | 032,861,696 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoRes64.dat [2014/03/22 10:52:12 | 000,148,184 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll [2014/03/22 10:52:09 | 000,662,784 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll [2014/03/22 10:52:05 | 014,048,512 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek64.dll [2014/03/22 10:52:04 | 002,032,896 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ64.dll [2014/03/22 10:52:04 | 001,916,672 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek264.dll [2014/03/22 10:52:03 | 000,922,880 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll [2014/03/22 10:52:03 | 000,663,296 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll [2014/03/22 10:51:58 | 002,743,328 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll [2014/03/22 10:51:55 | 000,208,072 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll [2014/03/22 10:51:55 | 000,113,576 | ---- | C] (Real Sound Lab SIA) -- C:\Windows\SysNative\CONEQMSAPOGUILibrary.dll [2014/03/22 10:51:48 | 002,080,472 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll [2014/03/22 10:30:17 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Akamai [2014/03/20 20:20:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2014/03/20 19:37:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virage Logic, Corp [2014/03/20 08:14:40 | 000,000,000 | ---D | C] -- C:\668f41361c020bd72dbd7654c5c8b3 [2014/03/20 08:07:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Qualcomm Atheros WiFi Driver Installation [2014/03/20 08:03:20 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Atheros [2014/03/20 08:03:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Qualcomm Atheros [2014/03/20 08:02:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Atheros [2014/03/20 08:01:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bluetooth Suite [2014/03/20 07:51:37 | 009,888,360 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysWow64\RtsUStoricon.dll [2014/03/20 07:51:37 | 000,250,984 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\drivers\RtsUStor.sys [2014/03/20 07:30:36 | 000,099,432 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInst64.dll [2014/03/19 21:35:41 | 000,000,000 | ---D | C] -- C:\wd [2014/03/18 09:57:21 | 000,000,000 | ---D | C] -- C:\ProgramData\P4G [2014/03/18 09:57:21 | 000,000,000 | ---D | C] -- C:\Program Files\P4G [2014/03/17 22:19:34 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2014/03/17 22:19:33 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM [2014/03/17 22:18:49 | 002,605,400 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll [2014/03/17 22:18:48 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll [2014/03/17 22:18:48 | 000,221,024 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll [2014/03/17 22:18:48 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll [2014/03/17 22:18:48 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll [2014/03/17 22:18:48 | 000,180,048 | ---- | C] (Sonic Focus, Inc.) -- C:\Windows\SysNative\SFProc64.dll [2014/03/17 22:18:48 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll [2014/03/17 22:18:48 | 000,086,352 | ---- | C] (Sonic Focus, Inc.) -- C:\Windows\SysNative\SFComm64.dll [2014/03/17 22:18:48 | 000,083,792 | ---- | C] (Sonic Focus, Inc.) -- C:\Windows\SysNative\SFSAPO64.dll [2014/03/17 22:18:48 | 000,082,768 | ---- | C] (Sonic Focus, Inc.) -- C:\Windows\SysNative\SFHAPO64.dll [2014/03/17 22:18:48 | 000,082,768 | ---- | C] (Sonic Focus, Inc.) -- C:\Windows\SysNative\SFDAPO64.dll [2014/03/17 22:18:48 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll [2014/03/17 22:18:48 | 000,078,688 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll [2014/03/17 22:18:48 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll [2014/03/17 22:18:47 | 000,331,880 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll [2014/03/17 22:18:47 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll [2014/03/17 22:18:47 | 000,014,952 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCoLDR64.dll [2014/03/17 22:18:46 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll [2014/03/17 22:18:46 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll [2014/03/17 22:18:46 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll [2014/03/17 22:18:46 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll [2014/03/17 22:18:46 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll [2014/03/17 22:18:46 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll [2014/03/17 22:18:44 | 008,363,864 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek.dll [2014/03/17 22:18:44 | 002,131,288 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll [2014/03/17 22:18:44 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll [2014/03/17 22:18:41 | 001,756,264 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll [2014/03/17 22:18:41 | 000,693,352 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll [2014/03/17 22:18:40 | 001,568,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll [2014/03/17 22:18:40 | 001,486,952 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll [2014/03/17 22:18:40 | 000,728,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll [2014/03/17 22:18:40 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll [2014/03/17 22:18:40 | 000,432,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll [2014/03/17 22:18:40 | 000,428,648 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll [2014/03/17 22:18:40 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll [2014/03/17 22:18:40 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll [2014/03/17 22:18:40 | 000,108,640 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll [2014/03/17 22:18:39 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information [2014/03/15 19:31:57 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2014/03/15 19:29:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT [2014/03/15 19:28:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center [2014/03/15 19:26:57 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies [2014/03/15 19:24:32 | 000,000,000 | ---D | C] -- C:\Program Files\AMD [2014/03/15 19:06:10 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\library_dir [2014/03/14 21:46:53 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Nero [2014/03/14 21:46:40 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Nero [2014/03/14 21:43:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero [2014/03/14 21:42:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nero [2014/03/14 21:42:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero [2014/03/14 21:42:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero [2014/03/14 08:34:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\n-tv plus [2014/03/14 08:34:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\n-tv [2014/03/13 23:28:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\maxdome - Online Videothek [2014/03/13 07:33:56 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wer.dll [2014/03/13 07:33:56 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wer.dll [2014/03/13 07:33:50 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2014/03/13 07:33:50 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll [2014/03/13 07:33:48 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll [2014/03/13 07:33:44 | 001,964,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2014/03/13 07:33:44 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll [2014/03/13 07:33:44 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2014/03/13 07:33:44 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2014/03/13 07:33:43 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2014/03/13 07:33:43 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll [2014/03/13 07:33:42 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2014/03/13 07:33:40 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2014/03/13 07:33:39 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2014/03/13 07:33:38 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2014/03/13 07:33:37 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2014/03/13 07:33:36 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2014/03/13 07:33:36 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2014/03/13 07:33:36 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe [2014/03/13 07:33:35 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2014/03/13 07:33:33 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2014/03/13 07:33:32 | 005,768,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2014/03/13 07:33:32 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll [2014/03/13 07:33:31 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2014/03/13 07:33:30 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2014/03/13 07:33:29 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2014/03/13 07:32:58 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll [2014/03/13 07:32:58 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll [2014/03/13 07:32:45 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll [2014/03/11 14:57:34 | 000,084,720 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys [2014/03/10 08:57:36 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Zeon [2014/03/09 14:26:18 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Avira [2014/03/09 14:23:52 | 000,131,576 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys [2014/03/09 14:23:52 | 000,108,440 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys [2014/03/09 14:23:52 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys [2014/03/09 14:20:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2014/03/09 14:20:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira [2014/03/09 14:20:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2014/03/09 14:20:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache [2014/03/09 08:59:37 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Macromedia [1 C:\Users\Administrator\AppData\Local\*.tmp files -> C:\Users\Administrator\AppData\Local\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2014/04/05 09:10:14 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2014/04/05 09:10:14 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2014/04/05 09:07:02 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2014/04/05 08:31:51 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2014/04/05 08:25:11 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2014/04/05 08:24:43 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl [2014/04/05 08:24:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2014/04/04 19:57:03 | 000,003,544 | ---- | M] () -- C:\bootsqm.dat [2014/04/04 17:33:23 | 001,657,864 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2014/04/04 17:33:23 | 000,713,370 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2014/04/04 17:33:23 | 000,668,168 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2014/04/04 17:33:23 | 000,154,416 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2014/04/04 17:33:23 | 000,126,978 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2014/04/04 16:11:00 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4265152870-3533527588-3141693544-1001UA.job [2014/04/04 14:01:52 | 000,444,400 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2014/04/03 22:11:00 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4265152870-3533527588-3141693544-1001Core.job [2014/04/03 21:28:29 | 000,108,968 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll [2014/04/03 21:28:27 | 000,312,744 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe [2014/04/03 21:28:27 | 000,189,352 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe [2014/04/03 21:28:27 | 000,189,352 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe [2014/04/03 20:14:08 | 000,001,731 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini [2014/04/03 20:12:49 | 000,002,245 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini [2014/04/03 17:54:37 | 000,201,800 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll [2014/04/03 17:54:07 | 000,278,600 | ---- | M] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll [2014/04/03 17:31:26 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2014/04/03 17:31:25 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2014/04/03 17:31:25 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2014/04/03 17:31:25 | 000,174,504 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2014/04/03 15:46:56 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe [2014/03/31 13:23:18 | 000,001,099 | ---- | M] () -- C:\Users\Public\Desktop\Avira.lnk [2014/03/31 05:17:59 | 000,001,725 | ---- | M] () -- C:\Users\Administrator\Desktop\Google Drive.lnk [2014/03/31 05:11:55 | 000,002,004 | ---- | M] () -- C:\Users\Public\Desktop\Google Slides.lnk [2014/03/31 05:11:55 | 000,002,002 | ---- | M] () -- C:\Users\Public\Desktop\Google Sheets.lnk [2014/03/31 05:11:55 | 000,001,992 | ---- | M] () -- C:\Users\Public\Desktop\Google Docs.lnk [2014/03/27 15:48:38 | 000,000,024 | ---- | M] () -- C:\Windows\ATKPF.ini [2014/03/25 21:17:45 | 000,001,168 | ---- | M] () -- C:\Users\Public\Desktop\LG PC Suite.lnk [2014/03/24 06:12:15 | 000,007,600 | ---- | M] () -- C:\Users\Administrator\AppData\Local\resmon.resmoncfg [2014/03/23 21:27:16 | 001,632,144 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2014/03/23 10:38:04 | 022,249,837 | ---- | M] () -- C:\Program Files (x86)\LifeFrame3_Win7_32_Win7_64_z300021.zip [2014/03/23 10:35:30 | 020,754,387 | ---- | M] () -- C:\Program Files (x86)\LifeFrame3_WIN7_32_WIN7_64_300020.zip [2014/03/23 10:17:42 | 005,295,280 | ---- | M] () -- C:\Program Files (x86)\Asmedia_USB3_Win7_VER11430.zip [2014/03/22 11:28:38 | 000,016,896 | ---- | M] (ASUS) -- C:\Windows\AsTaskSched.dll [2014/03/22 11:24:10 | 860,369,178 | ---- | M] () -- C:\Program Files (x86)\AMD_Chipset_Win7_VER808770.zip [2014/03/22 11:05:26 | 003,163,856 | ---- | M] () -- C:\Program Files (x86)\M5A97-EVO2-ASUS-M51BC-0405.zip [2014/03/22 11:04:19 | 003,163,735 | ---- | M] () -- C:\Program Files (x86)\M5A97-EVO2-ASUS-M51BC-0502.zip [2014/03/22 10:51:34 | 000,001,769 | ---- | M] () -- C:\Windows\Language_trs.ini [2014/03/22 10:50:06 | 239,497,815 | ---- | M] () -- C:\Program Files (x86)\Realtek_Audio_Win7_8-1_VER6017035.zip [2014/03/20 19:55:41 | 000,079,859 | ---- | M] () -- C:\Windows\AsCD_Item_19.jpg [2014/03/20 19:54:49 | 000,085,414 | ---- | M] () -- C:\Windows\AsCD_Item_2.jpg [2014/03/20 19:16:10 | 000,000,105 | ---- | M] () -- C:\Windows\SysNative\FastBoot.ini [2014/03/20 08:03:55 | 000,246,804 | ---- | M] () -- C:\Windows\SysNative\drivers\AtherosBt.bin [2014/03/20 08:03:55 | 000,001,242 | ---- | M] () -- C:\Windows\SysNative\drivers\ramps_0x01020200_40_0x01.dfu [2014/03/20 08:03:55 | 000,001,204 | ---- | M] () -- C:\Windows\SysNative\drivers\ramps_0x01020200_40_0x02.dfu [2014/03/20 08:03:55 | 000,001,204 | ---- | M] () -- C:\Windows\SysNative\drivers\ramps_0x01020200_40.dfu [2014/03/20 08:03:55 | 000,001,198 | ---- | M] () -- C:\Windows\SysNative\drivers\ramps_0x01020200_26.dfu [2014/03/19 21:57:34 | 000,103,893 | ---- | M] () -- C:\Windows\AsCD_Item_20.jpg [2014/03/19 21:53:23 | 000,087,831 | ---- | M] () -- C:\Windows\AsCD_Item_15.jpg [2014/03/18 23:31:51 | 000,001,116 | ---- | M] () -- C:\Users\Public\Desktop\SmartLogon-Manager.lnk [2014/03/18 10:16:40 | 000,109,261 | ---- | M] () -- C:\Windows\AsCD_Item_26.jpg [2014/03/18 10:14:09 | 000,000,716 | ---- | M] () -- C:\Users\Public\Desktop\eManual.Lnk [2014/03/18 10:08:17 | 000,001,070 | ---- | M] () -- C:\Users\Public\Desktop\Splendid Utility.Lnk [2014/03/16 21:29:16 | 000,000,871 | ---- | M] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk [2014/03/14 21:43:03 | 000,002,361 | ---- | M] () -- C:\Users\Public\Desktop\Nero MediaHome 4.lnk [2014/03/12 11:07:33 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2014/03/12 11:07:33 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2014/03/11 14:56:42 | 000,084,720 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys [2014/03/09 14:10:31 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2014/03/09 10:30:37 | 000,000,000 | ---- | M] () -- C:\vcredist.bmp [2014/03/06 23:14:24 | 000,000,080 | ---- | M] () -- C:\Windows\SysNative\Defrag.ini [1 C:\Users\Administrator\AppData\Local\*.tmp files -> C:\Users\Administrator\AppData\Local\*.tmp -> ] ========== Files Created - No Company Name ========== [2014/04/04 19:57:03 | 000,003,544 | ---- | C] () -- C:\bootsqm.dat [2014/04/04 14:01:26 | 000,444,400 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT [2014/04/03 19:11:27 | 000,001,023 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2014/03/31 13:23:18 | 000,001,099 | ---- | C] () -- C:\Users\Public\Desktop\Avira.lnk [2014/03/31 05:17:59 | 000,001,725 | ---- | C] () -- C:\Users\Administrator\Desktop\Google Drive.lnk [2014/03/31 05:11:55 | 000,002,004 | ---- | C] () -- C:\Users\Public\Desktop\Google Slides.lnk [2014/03/31 05:11:55 | 000,002,002 | ---- | C] () -- C:\Users\Public\Desktop\Google Sheets.lnk [2014/03/31 05:11:55 | 000,001,992 | ---- | C] () -- C:\Users\Public\Desktop\Google Docs.lnk [2014/03/25 21:17:45 | 000,001,168 | ---- | C] () -- C:\Users\Public\Desktop\LG PC Suite.lnk [2014/03/24 06:02:32 | 000,007,600 | ---- | C] () -- C:\Users\Administrator\AppData\Local\resmon.resmoncfg [2014/03/23 10:37:44 | 022,249,837 | ---- | C] () -- C:\Program Files (x86)\LifeFrame3_Win7_32_Win7_64_z300021.zip [2014/03/23 10:35:12 | 020,754,387 | ---- | C] () -- C:\Program Files (x86)\LifeFrame3_WIN7_32_WIN7_64_300020.zip [2014/03/23 10:17:36 | 005,295,280 | ---- | C] () -- C:\Program Files (x86)\Asmedia_USB3_Win7_VER11430.zip [2014/03/22 11:12:04 | 860,369,178 | ---- | C] () -- C:\Program Files (x86)\AMD_Chipset_Win7_VER808770.zip [2014/03/22 11:05:22 | 003,163,856 | ---- | C] () -- C:\Program Files (x86)\M5A97-EVO2-ASUS-M51BC-0405.zip [2014/03/22 11:04:15 | 003,163,735 | ---- | C] () -- C:\Program Files (x86)\M5A97-EVO2-ASUS-M51BC-0502.zip [2014/03/22 10:52:13 | 000,643,329 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT [2014/03/22 10:51:34 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2014/03/22 10:46:47 | 239,497,815 | ---- | C] () -- C:\Program Files (x86)\Realtek_Audio_Win7_8-1_VER6017035.zip [2014/03/20 20:19:05 | 000,001,124 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2014/03/20 20:19:03 | 000,001,120 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2014/03/20 19:54:49 | 000,085,414 | ---- | C] () -- C:\Windows\AsCD_Item_2.jpg [2014/03/18 23:31:51 | 000,001,116 | ---- | C] () -- C:\Users\Public\Desktop\SmartLogon-Manager.lnk [2014/03/18 22:58:44 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini [2014/03/18 10:16:40 | 000,109,261 | ---- | C] () -- C:\Windows\AsCD_Item_26.jpg [2014/03/18 10:14:09 | 000,000,716 | ---- | C] () -- C:\Users\Public\Desktop\eManual.Lnk [2014/03/18 10:13:27 | 000,103,893 | ---- | C] () -- C:\Windows\AsCD_Item_20.jpg [2014/03/18 10:12:27 | 000,079,859 | ---- | C] () -- C:\Windows\AsCD_Item_19.jpg [2014/03/18 10:08:17 | 000,001,070 | ---- | C] () -- C:\Users\Public\Desktop\Splendid Utility.Lnk [2014/03/18 10:07:49 | 000,087,831 | ---- | C] () -- C:\Windows\AsCD_Item_15.jpg [2014/03/16 21:29:16 | 000,000,871 | ---- | C] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk [2014/03/14 21:43:03 | 000,002,361 | ---- | C] () -- C:\Users\Public\Desktop\Nero MediaHome 4.lnk [2014/03/09 10:30:37 | 000,000,000 | ---- | C] () -- C:\vcredist.bmp [2013/12/06 17:44:26 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll [2013/07/19 19:40:39 | 000,217,176 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2013/06/14 19:56:26 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2013/03/29 04:13:14 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe [2013/03/29 04:13:12 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe [2013/02/08 16:50:26 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\acovcnt.exe [2013/02/08 16:50:24 | 000,000,408 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\sp_data.sys [2013/02/05 18:52:50 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll [2013/02/05 18:52:50 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll [2013/02/05 18:52:50 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll [2013/02/05 18:52:50 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll [2012/12/15 10:15:07 | 001,632,144 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012/09/28 03:29:54 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012/09/28 03:29:54 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2012/07/13 15:07:57 | 000,069,632 | R--- | C] () -- C:\Windows\SysWow64\xmltok.dll [2012/07/13 15:07:57 | 000,036,864 | R--- | C] () -- C:\Windows\SysWow64\xmlparse.dll [2012/07/12 06:42:51 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2012/06/29 10:52:10 | 000,000,403 | ---- | C] () -- C:\Windows\ODBC.INI [2012/05/30 20:02:33 | 000,338,432 | ---- | C] () -- C:\Windows\SysWow64\sqlite36_engine.dll [2012/01/02 16:36:15 | 000,000,081 | -HS- | C] () -- C:\ProgramData\.zreglib ========== ZeroAccess Check ========== [2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 04:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 03:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012/07/12 05:50:08 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\ASUS WebStorage [2014/03/25 21:19:32 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\LG Electronics [2014/03/15 19:06:10 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\library_dir [2013/08/24 14:39:48 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\OpenOffice [2013/08/07 09:42:59 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\OpenOffice.org [2014/03/23 12:19:40 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Raptr [2014/04/03 15:48:24 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\ViberPC [2014/03/22 13:01:35 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Windows Live Writer [2014/03/14 16:00:34 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Zeon ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 355 bytes -> C:\ProgramData\Temp:9A870F8B @Alternate Data Stream - 147 bytes -> C:\ProgramData\Temp:981884E7 @Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:07BF512B @Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:3AE22B1A @Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp20FFA63 @Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:81F83028 < End of report > Ich weiß nun nicht, ob euch dies reicht, um mir zu helfen? Aber diese Meldung ist echt nervig. Ich habe ein ASUS Notebook K53U Series. Da war Windows 7 Home Premium schon drauf. Es ist ca 2 Jahre alt. Ich kame auf euch, weil ihr mir echt mit einem anderen Thema (nur durch hier lesen, sehr geholfen habt LG Tatti Jana Alt Gestern, 10:06 #2 Darklord666 die Echtheit dieser Windows 7 Version Build 7601 wurde noch nicht bestätigt? Möglicherweise sind Sie Opfer einer Softwarefälschung! - Standard AW: die Echtheit dieser Windows 7 Version Build 7601 wurde noch nicht bestätigt? Möglicherweise sind Sie Opfer einer Softwarefälschung! Bzgl. des Hinweise auf eine Raubkopie sehe ich 2 Möglichkeiten: 1. Es ist eine Raubkopie. 2. Das Windows wurde noch nie richtig aktiviert und ein anderer hat dessen Raubkopie mit deinem Aktvierungsschlüssel aktiviert. Das ist das eine. Ich bin im Auslesen von Logs nicht so versiert wie z.B. die Helfer aus dem Kompetenzteam hier aber die Einträge unter Zero-Access-Check deuten auf einen üblen Virenbefall hin. Du solltest dein Anliegen evtl. nochmal in dem Thread "Log-Analyse und Auswertung" posten. __________________ Ungelesen Gestern, 16:19 #3 Alois S die Echtheit dieser Windows 7 Version Build 7601 wurde noch nicht bestätigt? Möglicherweise sind Sie Opfer einer Softwarefälschung! - Standard AW: die Echtheit dieser Windows 7 Version Build 7601 wurde noch nicht bestätigt? Möglicherweise sind Sie Opfer einer Softwarefälschung! Hallo, auch ich weise auf Möglichkeit Nummer 3 hin, dass so etwas nämlich grundsätzlich auch bei einem zerschossenen Betriebssystem vorkommt - Poste daher bitte dein Problem hier: http://www.trojaner-board.de/newthre...=newthread&f=8 (wie ich gesehen habe, hast du mittlerweile eine Zusatzfrage Frage gestellt, wodurch wir aber kaum vorankommen dürften.....) Liebe Grüße, Alois Hallo -> ich will euch nicht nerven oder so und hoffe sehr, ich habe es hier nun an richtiger Stelle gepostet?! Dazu möchte ich sagen, mein Windows ist ganz sicher keine Raubkopie. Mein ASUS K53U Series Laptop habe ich von meiner Mama vor 2 Jahren zu Weihnachten geschenkt bekommen. Sie hat den Laptop so fertig mit Windows7 Home Premium, im REAL Markt gekauft. Dann kam ja von Windows diese Meldung, dass ich evtl einer Softwarefälschung zum Opfer gefallen bin. Da ich es eben mal nicht wieder neu aktiviert habe (musste ich bis vor ein paar Wochen ja auch nicht). Ich sollte irgend einem Link von Microsoft folgen und etwas runter laden (hxxp://www.microsoft.com/genuine/validate/ValidationResult.aspx?displaylang=de&Error=52&OSV=6.1.7601.2.00010300.1.0.003.09.1031&GenuineInfo=00000000&ls=0&PageName=validate). Diesen Link habe ich nun in meiner Lesezeichensymbolleiste in firefox und Chrome abgespeichert. Wenn ich auf dieses Lesezeichen klicke, geschieht eine "Gültigkeitsprüfung für Windows wird durchgeführt" "Bitte verlassen Sie diese Seite nicht, der Vorgang kann einige Minuten dauern" Wenn diese Prüfung beendet ist, kommt von Windows, da ich die original Software auf meinem PC habe, bekomme ich ein Kostenloses Abo von Security Essential! Mir macht nun noch viel mehr Sorgen, diese Aussage: "Ich bin im Auslesen von Logs nicht so versiert wie z.B. die Helfer aus dem Kompetenzteam hier aber die Einträge unter Zero-Access-Check deuten auf einen üblen Virenbefall hin. Du solltest dein Anliegen evtl. nochmal in dem Thread "Log-Analyse und Auswertung" posten." Ich hoffe sehr, ich habe keinen üblen Virenbefall?! Das mit meinem Laptop was nicht stimmt, bemerke ich schon lange. Ich habe ihn so gut es geht sauber und leer gemacht. Aber nun kommt eben ständig das mit Windows und das mit AVIRA Desktop. Diese Meldungen habe gemeinsam begonnen, nach dem ich mal wieder irgend ein Reinigungsprogramm durchlaufen lassen habe. Vielen lieben Dank für eure rasche Antwort! Tatti Jana |
| Themen zu Echtheit der Windowskopie wurde noch nicht bestätig. Bei jedem Neustart: AVIRA Desktop ist nicht aktiviert? |
| ad-aware, akamai, antivir, antivirus, avira, avira etc., bho, browser, computer, desktop, entfernen, error, firefox, flash player, focus, google, home, log-analyse und auswertung, logfile, pc speed maximizer, problem, realtek, registry, security, sehr geholfen, sekunden, spyware, suchmaschine, viren, viren befall ???, windows, windows 7 64 bit |
Baum-Darstellung