Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Windows 7 TBUpdater.dll wurde nicht gefunden + Roulette Bot Plus Pop-up (https://www.trojaner-board.de/140360-windows-7-tbupdater-dll-wurde-gefunden-roulette-bot-plus-pop-up.html)

ddPlr 24.08.2013 02:53
Windows 7 TBUpdater.dll wurde nicht gefunden + Roulette Bot Plus Pop-up
 
Hallo,
habe seit neuestem die Meldung das TBUpdater.dll nicht gefunden werden konnte,
die Nachricht taucht nach dem Systemstart auf. Vielleicht ist dies im Zusammenhang mit einer Software die sich Roulette Bot Plus nennt, habe sie aus Testzwecken installiert, aber gleich wieder vom Rechner entfernt. Doch es bleiben Rückstände, so taucht hin und wieder ein Pop-Up Fenster rechts unten in der Windows Taskleiste auf, die ich versucht habe mit AdRemover etc. zu entfernen, das Pop-Up kommt aber immer wieder.

Ich habe nach eurer Anleitung verschiedene Tests durchlaufen lassen:

Defogger:
Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 23:58 on 23/08/2013 (Daniel)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
FRST:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-08-2013 01
Ran by Daniel (administrator) on 24-08-2013 00:00:58
Running from F:\Trojaner Board Software
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(cFos Software GmbH) C:\Program Files\cFosSpeed\spd.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(PixArt Imaging Incorporation) C:\Windows\Pixart\Pac7302\Monitor.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Windows\SysWOW64\HsMgr.exe
() C:\Windows\system\HsMgr64.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe
(cFos Software GmbH) C:\Program Files\cFosBC\wbc.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(CMedia) C:\Program Files\ASUS Xonar DX Audio\Customapp\ASUSAUDIOCENTER.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
(Realtime Soft Ltd) C:\Program Files\UltraMon\UltraMon.exe
(Creative Technology Ltd.) C:\Windows\V0330Mon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(FNet Co., Ltd.) C:\Program Files (x86)\XFastUSB\XFastUsb.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe
(Realtime Soft Ltd) C:\Program Files\UltraMon\UltraMonTaskbar.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Realtime Soft Ltd) C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\prevhost.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [PAC7302_Monitor] - C:\Windows\Pixart\PAC7302\Monitor.exe [323584 2007-12-10] (PixArt Imaging Incorporation)
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [Cmaudio8788GX] - C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cmaudio8788GX64] - C:\Windows\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated)
HKLM\...\Run: [Start WingMan Profiler] - C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [7406392 2012-11-29] (Logitech Inc.)
HKLM\...\Run: [THXCfg64] - C:\Windows\system32\THXCfg64.dll [26624 2011-05-13] (Creative Technology Ltd.)
HKLM\...\Run: [VIRTU MVP] - C:\Program Files\Lucidlogix Technologies\VIRTU MVP\MVPControlPanel.Exe [3110728 2012-06-17] ()
HKLM\...\Run: [Cmaudio8788] - C:\Windows\Syswow64\cmicnfgp.dll [8151040 2009-10-30] (C-Media Corporation)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-27] (NVIDIA Corporation)
HKLM\...\Run: [Bdagent] - C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe [1568512 2013-07-24] (Bitdefender)
HKLM\...\Run: [cFosBC Daemon] - C:\Program Files\cFosBC\wbc.exe [685784 2009-04-09] (cFos Software GmbH)
HKLM\...\Run: [cFosSpeed] - C:\Program Files\cFosSpeed\cFosSpeed.exe [1587040 2013-04-19] (cFos Software GmbH)
HKCU\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKCU\...\Run: [AdobeBridge] -  [x]
HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-04-05] (Apple Inc.)
HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-04-05] (Apple Inc.)
HKCU\...\Run: [com.apple.dav.bookmarks.daemon] - C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe [59720 2013-04-05] (Apple Inc.)
HKCU\...\Run: [Google Update] - C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-08-20] (Google Inc.)
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKCU\...\Policies\system: [LogonHoursAction] 2
HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKLM-x32\...\Run: [V0330Mon.exe] - C:\Windows\V0330Mon.exe [32768 2007-04-30] (Creative Technology Ltd.)
HKLM-x32\...\Run: [UpdatePSTShortCut] - C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe [222504 2011-03-01] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePDRShortCut] - C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-12-11] (Intel Corporation)
HKLM-x32\...\Run: [XFastUSB] - C:\Program Files (x86)\XFastUSB\XFastUsb.exe [5019360 2012-08-07] (FNet Co., Ltd.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [THX TruStudio NB Settings] - C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe [909824 2011-05-19] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] - C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [] -  [x]
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ArcSoft Connection Service] - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2236816 2013-07-12] (Adobe Systems Incorporated)
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll C:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll [593696 2013-07-27] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll [593696 2013-07-27] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UltraMon.lnk
ShortcutTarget: UltraMon.lnk -> C:\Windows\Installer\{ED7FE81C-378C-411D-B5B4-509B978BA204}\IcoUltraMon.ico ()
Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Daniel.lnk
ShortcutTarget: Daniel.lnk -> C:\Users\Daniel\AppData\Roaming\Realtime Soft\UltraMon\3.2.1\Profiles\Daniel.umprofile ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
URLSearchHook: (No Name) - {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} -  No File
SearchScopes: HKCU - DefaultScope {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_0&hsimp=yhs-lavasoft&ent=ch&q={searchTerms}
SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_0&hsimp=yhs-lavasoft&ent=ch&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: WebSpeechBHO Class - {83A30C59-3A50-49E6-9DAF-4923C4EA3C23} - C:\Program Files (x86)\Common Files\WebSpeech.4.0\LgxIEBar.dll (G DATA Software AG)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll No File
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll No File
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
Toolbar: HKCU - No Name - {64EAD72B-FFD4-4E01-AA3A-4C71665D73E4} -  No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
DPF: HKLM-x32 {FA8D54DA-4546-4727-B2C0-88390AA59E03} hxxp://game.mystical-land.com/pluginInstaller/installers/win32/MysticalLandInstaller.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\via57qgr.default
FF SelectedSearchEngine: SecureSearch
FF Homepage: chrome://speeddial/content/speeddial.xul
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.138.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @idsoftware.com/QuakeLive - C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\Daniel\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Daniel\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Daniel\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Extension: Ghostery - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\via57qgr.default\Extensions\firefox@ghostery.com
FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\via57qgr.default\Extensions\ich@maltegoetz.de
FF Extension: Pocket - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\via57qgr.default\Extensions\isreaditlater@ideashower.com
FF Extension: Mystical Land Installer - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\via57qgr.default\Extensions\MysticalLandInstaller@madottergames.com
FF Extension: HomeTab - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\via57qgr.default\Extensions\{24532715-4abc-47ee-bd4f-a6774d0723d2}
FF Extension: FEBE - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\via57qgr.default\Extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}
FF Extension: Yahoo! Toolbar - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\via57qgr.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF Extension: ColorZilla - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\via57qgr.default\Extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
FF Extension: Bitdefender QuickScan - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\via57qgr.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
FF Extension: jid1-qQSMEVsYTOjgYA - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\via57qgr.default\Extensions\jid1-qQSMEVsYTOjgYA@jetpack.xpi
FF Extension: No Name - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\via57qgr.default\Extensions\WTB_GLOBAL.sqlite
FF Extension: No Name - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\via57qgr.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi
FF Extension: No Name - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\via57qgr.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
FF Extension: No Name - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\via57qgr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\via57qgr.default\Extensions\{E10A6337-382E-4FE6-96DE-936ADC34DD04}.xpi
FF Extension: No Name - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\via57qgr.default\Extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn

Chrome:
=======
CHR HomePage: about:newtab?source=home
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\Daniel\AppData\Local\Google\Chrome\Application\21.0.1180.79\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\Daniel\AppData\Local\Google\Chrome\Application\29.0.1547.57\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Daniel\AppData\Local\Google\Chrome\Application\29.0.1547.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Daniel\AppData\Local\Google\Chrome\Application\29.0.1547.57\pdf.dll ()
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Adobe Acrobat) - F:\ADOBE\Acrobat 10.0\Acrobat\Browser\nppdf32.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL No File
CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll No File
CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U5) - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.50.255) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Google Update) - C:\Users\Daniel\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Extension: (ProxTube) - C:\USERS\DANIEL\APPDATA\LOCAL\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek\1.2.3_0
CHR Extension: (Awesome Screenshot: Capture & Annotate) - C:\USERS\DANIEL\APPDATA\LOCAL\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce\3.4.5_0
CHR Extension: (ColorZilla) - C:\USERS\DANIEL\APPDATA\LOCAL\Google\Chrome\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp\0.5.3_0
CHR Extension: (iCloud) - C:\USERS\DANIEL\APPDATA\LOCAL\Google\Chrome\User Data\Default\Extensions\bjhodfififgcgedifpkenofdhlaafokk\1.2.2_0
CHR Extension: (YouTube) - C:\USERS\DANIEL\APPDATA\LOCAL\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Facebook Secret Emoticons) - C:\USERS\DANIEL\APPDATA\LOCAL\Google\Chrome\User Data\Default\Extensions\bpgpffljkgjmijjdmjbdppndoojdgboe\1.8.2_0
CHR Extension: (Adobe Acrobat - Create PDF) - C:\USERS\DANIEL\APPDATA\LOCAL\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\11.0.3.37_0
CHR Extension: (Box - 5 GB Free Storage) - C:\USERS\DANIEL\APPDATA\LOCAL\Google\Chrome\User Data\Default\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl\1.1.6_0
CHR Extension: (Photo Zoom for Facebook) - C:\USERS\DANIEL\APPDATA\LOCAL\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi\1.1208.30.1_0
CHR Extension: (Foxtab Speed Dial) - C:\USERS\DANIEL\APPDATA\LOCAL\Google\Chrome\User Data\Default\Extensions\fcoecifcadmambfikillppkoafmgachp\9.2_0
CHR Extension: (Unfriend Finder) - C:\USERS\DANIEL\APPDATA\LOCAL\Google\Chrome\User Data\Default\Extensions\hkpodjahcdiajfnjijhleidnjmkgkbko\41.997_0
CHR Extension: (FB unseen) - C:\USERS\DANIEL\APPDATA\LOCAL\Google\Chrome\User Data\Default\Extensions\ihcedcpmfdpjijiamkaeaefgfagnnpei\0.1.7.10_0
CHR Extension: (Dropbox) - C:\USERS\DANIEL\APPDATA\LOCAL\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl\3.0.6_0
CHR Extension: (Leo Dictionary Widget) - C:\USERS\DANIEL\APPDATA\LOCAL\Google\Chrome\User Data\Default\Extensions\kepemmpmljphklmpfgfmhpjhpdlccpke\1.0.8_0
CHR Extension: (Auto HD For YouTube) - C:\USERS\DANIEL\APPDATA\LOCAL\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak\4.0.2_0
CHR Extension: (Google Maps) - C:\USERS\DANIEL\APPDATA\LOCAL\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0
CHR Extension: (Battlefield 3) - C:\USERS\DANIEL\APPDATA\LOCAL\Google\Chrome\User Data\Default\Extensions\mfnfmkcieabpcdabgfjpiffdnbcdfoci\2_0
CHR Extension: (Ghostery) - C:\USERS\DANIEL\APPDATA\LOCAL\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\4.1.2_0
CHR Extension: (DVDVideoSoft) - C:\USERS\DANIEL\APPDATA\LOCAL\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.2.3.3_0
CHR Extension: (Google Wallet Service) - C:\USERS\DANIEL\APPDATA\LOCAL\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0
CHR Extension: (Hover Zoom) - C:\USERS\DANIEL\APPDATA\LOCAL\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl\4.19_0
CHR Extension: (Battlefield Play4Free) - C:\USERS\DANIEL\APPDATA\LOCAL\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh\1.0.96.0_0
CHR Extension: (LEO W\u00F6rterbuchsuche) - C:\USERS\DANIEL\APPDATA\LOCAL\Google\Chrome\User Data\Default\Extensions\ojniiiidjmoaiehegaedmfdclmgmmpdp\1.4_0
CHR Extension: (Gmail) - C:\USERS\DANIEL\APPDATA\LOCAL\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx
CHR HKLM-x32\...\Chrome\Extension: [fgibjgmnimooanbagcfpnkmngejcojaf] - C:\Program Files (x86)\HomeTab\chrome\HomeTab.crx
CHR HKLM-x32\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - C:\Program Files (x86)\adawaretb\chrome-newtab-search.crx
CHR HKLM-x32\...\Chrome\Extension: [phegaokedjdajgnfphbnpkcfdgjbidko] - C:\ProgramData\adawaretb\toolbar\chrome\toolbar.crx

==================== Services (Whitelisted) =================

S4 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S4 AxiomAudioDevMon; C:\Program Files (x86)\M-Audio\Axiom\AudioDevMon.exe [1636872 2010-03-11] (M-Audio)
R2 cFosSpeedS; C:\Program Files\cFosSpeed\spd.exe [480096 2013-04-19] (cFos Software GmbH)
S4 CLHNServiceForPowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [90640 2012-09-19] (CyberLink Corp.)
S4 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [78352 2012-09-19] (CyberLink)
S4 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [295440 2012-09-19] (CyberLink)
S4 FileZillaServer; F:\PROGRAMMIEREN\xampp\FileZillaFTP\FileZillaServer.exe [632320 2012-05-11] (FileZilla Project)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [100864 2012-06-06] (Freemake)
S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
S4 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129824 2012-08-23] (Intel Corporation)
S4 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [145960 2012-06-29] ()
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-01-23] (Intel Corporation)
S2 KMService; C:\Windows\SysWow64\srvany.exe [8192 2012-06-10] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14984480 2013-07-27] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2012-06-25] ()
S4 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-07] ()
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe [67320 2013-07-24] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe [1646280 2013-07-24] (Bitdefender)
S4 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [613688 2013-02-08] (Wacom Technology, Corp.)

==================== Drivers (Whitelisted) ====================

S1 acedrv06; C:\Windows\system32\drivers\acedrv06.sys [147456 2012-07-10] ()
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49560 2012-09-17] (Asmedia Technology)
R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [31016 2012-01-13] (ASRock Inc.)
R3 AsrVDrive; C:\Windows\System32\DRIVERS\AsrVDrive.sys [23048 2011-01-26] (ASRock Inc.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2013-04-17] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [597776 2013-07-24] (BitDefender)
S3 AXIOM; C:\Windows\System32\DRIVERS\MAudioAxiom.sys [137736 2010-03-11] (M-Audio)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82384 2012-11-12] (BitDefender SRL)
S3 BTMNET; C:\Windows\System32\DRIVERS\btmnet.sys [30208 2010-07-16] (Motorola, Inc.)
R3 cFosBC; C:\Windows\System32\DRIVERS\cfosbc6.sys [452312 2009-04-09] (cFos Software GmbH)
R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [1257472 2009-10-19] (C-Media Inc)
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-11-29] (DT Soft Ltd)
R3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [32320 2013-05-27] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [15936 2012-08-07] (FNet Co., Ltd.)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-05-28] (GFI Software)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [147232 2012-10-04] (BitDefender LLC)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28216 2012-12-11] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [20968 2012-06-29] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [19944 2012-06-29] ()
S3 irsir; C:\Windows\System32\DRIVERS\irsir.sys [27648 2008-01-19] (Microsoft Corporation)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46016 2012-06-29] ()
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [66360 2012-10-03] (Logitech Inc.)
R3 LGSUsbFilt; C:\Windows\System32\DRIVERS\LGSUsbFilt.Sys [43832 2012-10-03] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R2 ntk_PowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [83704 2012-06-20] (Cyberlink Corp.)
R2 ntk_PowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [83704 2012-06-20] (Cyberlink Corp.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39712 2013-05-14] (NVIDIA Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-06-01] (BitDefender S.R.L.)
R2 UltraMonUtility; C:\Program Files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys [20512 2008-11-14] (Realtime Soft Ltd)
R3 V0330VID; C:\Windows\System32\DRIVERS\V0330Vid.sys [193408 2009-07-03] (Creative Technology Ltd.)
S3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2013-07-02] ()
R2 {73526619-C24F-470B-9BED-53D455FBB5C6}; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [147704 2012-09-19] (CyberLink Corp.)
R2 {73526619-C24F-470B-9BED-53D455FBB5C6}; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [147704 2012-09-19] (CyberLink Corp.)
S3 AsrCDDrv; No ImagePath
S3 btmaudio; system32\drivers\btmaud.sys [x]
S3 dgderdrv; System32\drivers\dgderdrv.sys [x]
S3 dpclat_driver; \??\C:\Windows\system32\drivers\dpclat_driver.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-22 21:09 - 2013-08-23 21:43 - 00000336 _____ C:\Windows\setupact.log
2013-08-22 21:09 - 2013-08-22 21:09 - 00000000 _____ C:\Windows\setuperr.log
2013-08-21 05:11 - 2013-08-21 10:52 - 00000000 ____D C:\Users\Daniel\Documents\dragoon
2013-08-21 05:08 - 2013-08-21 05:08 - 00000838 _____ C:\Users\Public\Desktop\Dragon's Prophet.lnk
2013-08-17 16:57 - 2013-08-17 16:57 - 00030072 _____ C:\Users\Public\Documents\cc_20130817_165726.reg
2013-08-17 16:44 - 2013-08-17 16:56 - 00000000 ____D C:\Program Files (x86)\Advanced Fix 2013
2013-08-17 00:40 - 2013-08-17 00:40 - 00000799 _____ C:\Users\Daniel\Desktop\Stormblade WoW.lnk
2013-08-15 20:39 - 2013-08-05 16:00 - 75778376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MRT.exe
2013-08-15 20:37 - 2013-08-16 19:58 - 00000000 ____D C:\Stormblade
2013-08-15 20:37 - 2013-08-15 20:37 - 00000244 _____ C:\Windows\ODBCINST.INI
2013-08-15 20:37 - 2013-08-15 20:37 - 00000000 ____D C:\Program Files (x86)\MySQL
2013-08-15 20:37 - 2010-12-11 11:47 - 00231936 _____ (Tools & Components) C:\Windows\SysWOW64\sevXPCtl.ocx
2013-08-15 20:37 - 2010-12-05 14:15 - 00370176 _____ (Tools & Components) C:\Windows\SysWOW64\sevDataGrid2.ocx
2013-08-15 20:37 - 2010-10-08 07:49 - 00294400 _____ (Tools & Components) C:\Windows\SysWOW64\sevEin20.ocx
2013-08-15 20:37 - 2010-04-11 11:33 - 00117248 _____ (Tools & Components) C:\Windows\SysWOW64\sevClb20.ocx
2013-08-15 20:37 - 2010-02-21 13:34 - 00141824 _____ (Tools & Components) C:\Windows\SysWOW64\sevCmd3.ocx
2013-08-15 20:37 - 2009-12-03 12:21 - 00125712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB6DE.DLL
2013-08-15 20:37 - 2006-10-07 13:04 - 00062976 _____ (Tools & Components) C:\Windows\SysWOW64\sevList32.ocx
2013-08-14 17:20 - 2013-08-14 17:20 - 00000000 ____D C:\FRST
2013-08-14 17:18 - 2013-08-14 17:18 - 00001373 _____ C:\Users\Daniel\Desktop\cFosSpeed Features.lnk
2013-08-14 17:18 - 2013-08-14 17:18 - 00000000 ____D C:\Program Files\cFosSpeed
2013-08-14 17:08 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-14 17:08 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-14 17:08 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-14 17:08 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-14 17:08 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-14 17:08 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-14 17:08 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-14 17:08 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-14 17:08 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-14 17:08 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-14 17:08 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-14 17:08 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-14 17:08 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-14 17:08 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-14 17:08 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-14 17:08 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-14 17:08 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-14 17:08 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-14 17:08 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-14 17:08 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-14 17:08 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-14 17:08 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-14 17:08 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-14 17:08 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-14 17:08 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-14 17:08 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-14 17:08 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-14 17:08 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-14 17:08 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-14 17:08 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-14 17:08 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-14 14:01 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-14 14:01 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-14 14:01 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-14 14:01 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-14 14:01 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-14 14:01 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-14 14:01 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-14 14:01 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-14 14:01 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-14 14:01 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-14 14:01 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-14 14:01 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-14 14:01 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-14 14:01 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-14 14:01 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-14 14:01 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-14 14:01 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-14 14:01 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-14 14:01 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-14 14:01 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-14 14:01 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-14 14:01 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-14 14:01 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-14 14:01 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-14 14:01 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-14 14:01 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-14 14:01 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-11 04:26 - 2013-08-11 04:31 - 00000000 ____D C:\USERS\DANIEL\APPDATA\LOCAL\MigsUpdater
2013-08-11 04:26 - 2013-08-11 04:26 - 00004172 _____ C:\Windows\System32\Tasks\MigrationUpdateTask
2013-08-11 04:26 - 2013-08-11 04:26 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\RBotPlus
2013-08-09 15:17 - 2012-09-01 18:17 - 00000000 ____D C:\Users\Daniel\Desktop\3blox
2013-08-06 17:36 - 2013-08-06 17:36 - 00000000 ____D C:\USERS\DANIEL\APPDATA\LOCAL\Citrix
2013-08-06 17:36 - 2013-08-06 17:36 - 00000000 ____D C:\Program Files (x86)\Citrix
2013-08-02 04:17 - 2013-08-04 16:30 - 00000000 ____D C:\Users\Daniel\Desktop\trading
2013-08-01 16:45 - 2013-08-01 16:45 - 00000000 ____D C:\ProgramData\MetaQuotes
2013-08-01 16:43 - 2013-08-01 16:44 - 00000000 ____D C:\Program Files (x86)\MetaTrader - FXOpen
2013-08-01 13:27 - 2013-08-01 13:27 - 00000000 ____D C:\Users\Daniel\Desktop\Winner Casino
2013-07-31 16:00 - 2013-07-31 16:06 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\CasinoOnNet
2013-07-31 16:00 - 2013-07-31 16:00 - 00002042 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\888casino.lnk
2013-07-31 16:00 - 2013-07-31 16:00 - 00002018 _____ C:\Users\UpdatusUser\Desktop\888casino.lnk
2013-07-31 16:00 - 2013-07-31 16:00 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\888casino
2013-07-31 15:59 - 2013-08-17 16:50 - 00000000 ____D C:\Program Files (x86)\CasinoOnNet
2013-07-31 13:08 - 2013-07-31 13:13 - 00000000 ____D C:\ProgramData\MGS
2013-07-31 13:08 - 2013-07-31 13:08 - 00000000 ____D C:\Microgaming
2013-07-30 21:47 - 2013-07-30 21:47 - 00000000 ____D C:\NvidiaLogging
2013-07-30 21:47 - 2013-05-14 21:28 - 00039712 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2013-07-30 21:47 - 2013-05-14 21:27 - 00029984 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2013-07-30 21:47 - 2013-05-14 21:27 - 00028448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2013-07-29 18:26 - 2013-07-31 12:35 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\AutoBinarySEA DE
2013-07-29 15:01 - 2013-07-29 15:01 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\OpenOffice
2013-07-29 15:00 - 2013-07-29 15:00 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2013-07-27 16:44 - 2013-07-27 16:45 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Yahoo!
2013-07-27 16:44 - 2013-07-27 16:44 - 00000000 ____D C:\ProgramData\Yahoo! Companion
2013-07-27 16:44 - 2013-07-27 16:44 - 00000000 ____D C:\ProgramData\Yahoo!
2013-07-27 16:44 - 2013-07-27 16:44 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2013-07-27 13:25 - 2013-07-27 13:38 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-07-27 13:24 - 2013-07-27 13:38 - 00000000 ____D C:\Users\Daniel\Desktop\Malwarebytes Rootkit
2013-07-27 13:23 - 2013-07-27 13:23 - 13399154 _____ C:\Users\Daniel\Downloads\mbar-1.06.0.1004.zip
2013-07-25 19:23 - 2013-08-06 15:19 - 00000000 ____D C:\Program Files (x86)\EuroKingCasino
2013-07-25 19:23 - 2013-07-25 19:23 - 00001782 _____ C:\Users\Public\Desktop\EuroKingCasino.lnk

==================== One Month Modified Files and Folders =======

2013-08-23 23:58 - 2013-08-23 23:58 - 00000000 _____ C:\Users\Daniel\defogger_reenable
2013-08-23 23:58 - 2012-05-10 19:14 - 00000000 ____D C:\Users\Daniel
2013-08-23 23:41 - 2012-08-07 01:45 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-23 23:20 - 2012-05-10 19:14 - 01208344 _____ C:\Windows\WindowsUpdate.log
2013-08-23 23:15 - 2012-08-20 13:34 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2099724549-3202807456-1940011630-1000UA.job
2013-08-23 21:50 - 2009-07-14 06:45 - 00028336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-23 21:50 - 2009-07-14 06:45 - 00028336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-23 21:49 - 2011-04-12 09:43 - 00715124 _____ C:\Windows\system32\perfh007.dat
2013-08-23 21:49 - 2011-04-12 09:43 - 00156452 _____ C:\Windows\system32\perfc007.dat
2013-08-23 21:49 - 2009-07-14 07:13 - 01664092 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-23 21:43 - 2013-08-22 21:09 - 00000336 _____ C:\Windows\setupact.log
2013-08-23 21:43 - 2012-07-29 22:21 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-23 21:43 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-23 04:41 - 2012-07-31 08:28 - 00000000 ____D C:\USERS\DANIEL\APPDATA\LOCAL\CrashDumps
2013-08-23 02:00 - 2012-09-03 20:40 - 00000000 ____D C:\USERS\DANIEL\APPDATA\LOCAL\Adobe
2013-08-23 00:15 - 2012-08-20 13:34 - 00001072 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2099724549-3202807456-1940011630-1000Core.job
2013-08-22 21:09 - 2013-08-22 21:09 - 00000000 _____ C:\Windows\setuperr.log
2013-08-22 00:17 - 2012-08-20 13:34 - 00002374 _____ C:\Users\Daniel\Desktop\Google Chrome.lnk
2013-08-21 10:52 - 2013-08-21 05:11 - 00000000 ____D C:\Users\Daniel\Documents\dragoon
2013-08-21 05:08 - 2013-08-21 05:08 - 00000838 _____ C:\Users\Public\Desktop\Dragon's Prophet.lnk
2013-08-20 17:46 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-20 02:25 - 2012-06-11 20:33 - 00290184 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-08-20 02:25 - 2012-06-11 20:07 - 00290184 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-08-20 02:24 - 2012-06-11 20:07 - 00283304 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-08-19 18:48 - 2013-01-16 16:38 - 00024786 _____ C:\Windows\SysWOW64\debug.log
2013-08-18 19:34 - 2013-01-10 20:53 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\TV-Browser
2013-08-17 16:57 - 2013-08-17 16:57 - 00030072 _____ C:\Users\Public\Documents\cc_20130817_165726.reg
2013-08-17 16:56 - 2013-08-17 16:44 - 00000000 ____D C:\Program Files (x86)\Advanced Fix 2013
2013-08-17 16:56 - 2013-02-27 03:00 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-08-17 16:56 - 2012-08-01 18:54 - 00000000 ____D C:\Program Files\CCleaner
2013-08-17 16:50 - 2013-07-31 15:59 - 00000000 ____D C:\Program Files (x86)\CasinoOnNet
2013-08-17 16:50 - 2013-03-02 17:05 - 00000000 ____D C:\Program Files (x86)\Astral Masters
2013-08-17 16:50 - 2013-02-18 13:54 - 00000000 ____D C:\Program Files (x86)\Advanced System Optimizer 3
2013-08-17 00:40 - 2013-08-17 00:40 - 00000799 _____ C:\Users\Daniel\Desktop\Stormblade WoW.lnk
2013-08-16 21:29 - 2012-05-21 20:59 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Skype
2013-08-16 21:18 - 2013-07-22 00:59 - 00000000 ____D C:\USERS\DANIEL\APPDATA\LOCAL\Freemake Music Box
2013-08-16 19:58 - 2013-08-15 20:37 - 00000000 ____D C:\Stormblade
2013-08-16 01:38 - 2012-06-03 14:17 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\vlc
2013-08-15 20:37 - 2013-08-15 20:37 - 00000244 _____ C:\Windows\ODBCINST.INI
2013-08-15 20:37 - 2013-08-15 20:37 - 00000000 ____D C:\Program Files (x86)\MySQL
2013-08-15 20:37 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Help
2013-08-15 20:07 - 2012-11-03 01:23 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\FileZilla
2013-08-15 19:47 - 2012-05-10 20:09 - 00000000 ____D C:\Windows\Panther
2013-08-15 19:19 - 2012-12-14 13:52 - 00000849 _____ C:\Users\Public\Desktop\FileZilla Client.lnk
2013-08-14 18:22 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-08-14 17:44 - 2013-01-08 13:03 - 00000000 ____D C:\USERS\DANIEL\APPDATA\LOCAL\PokerStars.EU
2013-08-14 17:20 - 2013-08-14 17:20 - 00000000 ____D C:\FRST
2013-08-14 17:18 - 2013-08-14 17:18 - 00001373 _____ C:\Users\Daniel\Desktop\cFosSpeed Features.lnk
2013-08-14 17:18 - 2013-08-14 17:18 - 00000000 ____D C:\Program Files\cFosSpeed
2013-08-14 17:12 - 2013-07-02 09:39 - 00000000 ____D C:\Program Files\cFosBC
2013-08-14 17:07 - 2013-07-15 00:43 - 00000000 ____D C:\Windows\system32\MRT
2013-08-14 17:05 - 2012-05-10 20:20 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-14 14:00 - 2013-06-25 16:14 - 00004206 _____ C:\Windows\System32\Tasks\Software Updater
2013-08-14 14:00 - 2013-06-25 16:14 - 00004172 _____ C:\Windows\System32\Tasks\Software Updater Ui
2013-08-11 20:51 - 2013-02-04 14:39 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-08-11 20:51 - 2012-05-21 20:59 - 00000000 ____D C:\ProgramData\Skype
2013-08-11 04:31 - 2013-08-11 04:26 - 00000000 ____D C:\USERS\DANIEL\APPDATA\LOCAL\MigsUpdater
2013-08-11 04:26 - 2013-08-11 04:26 - 00004172 _____ C:\Windows\System32\Tasks\MigrationUpdateTask
2013-08-11 04:26 - 2013-08-11 04:26 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\RBotPlus
2013-08-07 09:46 - 2012-08-07 13:31 - 00000132 _____ C:\Users\Daniel\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2013-08-06 17:36 - 2013-08-06 17:36 - 00000000 ____D C:\USERS\DANIEL\APPDATA\LOCAL\Citrix
2013-08-06 17:36 - 2013-08-06 17:36 - 00000000 ____D C:\Program Files (x86)\Citrix
2013-08-06 15:19 - 2013-07-25 19:23 - 00000000 ____D C:\Program Files (x86)\EuroKingCasino
2013-08-05 16:00 - 2013-08-15 20:39 - 75778376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MRT.exe
2013-08-04 18:37 - 2012-08-07 15:29 - 00001456 _____ C:\USERS\DANIEL\APPDATA\LOCAL\Adobe Für Web speichern 13.0 Prefs
2013-08-04 16:30 - 2013-08-02 04:17 - 00000000 ____D C:\Users\Daniel\Desktop\trading
2013-08-03 19:24 - 2009-07-14 06:45 - 16115520 _____ C:\Windows\system32\FNTCACHE.DAT
2013-08-03 18:02 - 2012-05-10 19:23 - 00311592 _____ C:\USERS\DANIEL\APPDATA\LOCAL\GDIPFONTCACHEV1.DAT
2013-08-01 16:45 - 2013-08-01 16:45 - 00000000 ____D C:\ProgramData\MetaQuotes
2013-08-01 16:44 - 2013-08-01 16:43 - 00000000 ____D C:\Program Files (x86)\MetaTrader - FXOpen
2013-08-01 13:27 - 2013-08-01 13:27 - 00000000 ____D C:\Users\Daniel\Desktop\Winner Casino
2013-07-31 16:06 - 2013-07-31 16:00 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\CasinoOnNet
2013-07-31 16:00 - 2013-07-31 16:00 - 00002042 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\888casino.lnk
2013-07-31 16:00 - 2013-07-31 16:00 - 00002018 _____ C:\Users\UpdatusUser\Desktop\888casino.lnk
2013-07-31 16:00 - 2013-07-31 16:00 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\888casino
2013-07-31 13:13 - 2013-07-31 13:08 - 00000000 ____D C:\ProgramData\MGS
2013-07-31 13:08 - 2013-07-31 13:08 - 00000000 ____D C:\Microgaming
2013-07-31 12:35 - 2013-07-29 18:26 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\AutoBinarySEA DE
2013-07-30 23:37 - 2012-06-11 19:04 - 00000000 ____D C:\USERS\DANIEL\APPDATA\LOCAL\Origin
2013-07-30 23:37 - 2012-06-11 19:03 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Origin
2013-07-30 21:47 - 2013-07-30 21:47 - 00000000 ____D C:\NvidiaLogging
2013-07-30 21:47 - 2013-02-06 14:24 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-07-30 21:47 - 2013-02-06 14:23 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-07-29 15:01 - 2013-07-29 15:01 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\OpenOffice
2013-07-29 15:00 - 2013-07-29 15:00 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2013-07-28 00:49 - 2012-12-12 22:25 - 00000000 ____D C:\Users\Daniel\Desktop\Irina Whg
2013-07-27 16:45 - 2013-07-27 16:44 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Yahoo!
2013-07-27 16:44 - 2013-07-27 16:44 - 00000000 ____D C:\ProgramData\Yahoo! Companion
2013-07-27 16:44 - 2013-07-27 16:44 - 00000000 ____D C:\ProgramData\Yahoo!
2013-07-27 16:44 - 2013-07-27 16:44 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2013-07-27 13:38 - 2013-07-27 13:25 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-07-27 13:38 - 2013-07-27 13:24 - 00000000 ____D C:\Users\Daniel\Desktop\Malwarebytes Rootkit
2013-07-27 13:23 - 2013-07-27 13:23 - 13399154 _____ C:\Users\Daniel\Downloads\mbar-1.06.0.1004.zip
2013-07-26 21:57 - 2013-01-08 18:40 - 00000000 ____D C:\Users\Daniel\Desktop\POKER
2013-07-26 07:13 - 2013-08-14 17:08 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-26 07:13 - 2013-08-14 17:08 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-26 07:13 - 2013-08-14 17:08 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-26 07:12 - 2013-08-14 17:08 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-26 07:12 - 2013-08-14 17:08 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-26 07:12 - 2013-08-14 17:08 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-26 07:12 - 2013-08-14 17:08 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-26 07:12 - 2013-08-14 17:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-26 07:12 - 2013-08-14 17:08 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-26 07:12 - 2013-08-14 17:08 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-26 07:12 - 2013-08-14 17:08 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-26 07:12 - 2013-08-14 17:08 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-26 07:12 - 2013-08-14 17:08 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-26 07:12 - 2013-08-14 17:08 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-26 05:35 - 2013-08-14 17:08 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-26 05:13 - 2013-08-14 17:08 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-26 05:13 - 2013-08-14 17:08 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-26 05:12 - 2013-08-14 17:08 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-26 05:12 - 2013-08-14 17:08 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-26 05:12 - 2013-08-14 17:08 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-26 05:12 - 2013-08-14 17:08 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-26 05:12 - 2013-08-14 17:08 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-26 05:12 - 2013-08-14 17:08 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-26 05:12 - 2013-08-14 17:08 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-26 05:12 - 2013-08-14 17:08 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-26 05:12 - 2013-08-14 17:08 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-26 05:11 - 2013-08-14 17:08 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-26 05:11 - 2013-08-14 17:08 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-26 04:49 - 2013-08-14 17:08 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-26 04:39 - 2013-08-14 17:08 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-26 03:59 - 2013-08-14 17:08 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-25 22:16 - 2013-05-22 03:19 - 00020569 _____ C:\Users\Daniel\Desktop\Webseite Milchziegenhof Lippelsdorf.odt
2013-07-25 19:23 - 2013-07-25 19:23 - 00001782 _____ C:\Users\Public\Desktop\EuroKingCasino.lnk
2013-07-25 11:25 - 2013-08-14 14:01 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-25 10:57 - 2013-08-14 14:01 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-22 00:50

==================== End Of Log ============================
Addition:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-08-2013 01
Ran by Daniel at 2013-08-24 00:01:25
Running from F:\Trojaner Board Software
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

 
15354 Webcam Live (x32 Version: 1.2.0.0)
3DMark 11 (x32 Version: 1.0.3)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
888casino (x32)
888poker (x32)
Adobe Acrobat XI Pro (x32 Version: 11.0.03)
Adobe AIR (x32 Version: 3.7.0.2090)
Adobe Creative Cloud (x32 Version: 2.0.2.189)
Adobe Download Assistant (x32 Version: 1.2.5)
Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
Adobe Flash Professional CC (x32 Version: 13.0)
Adobe Help Manager (x32 Version: 4.0.244)
Adobe Muse (x32 Version: 3.2.2)
Adobe Reader X (10.1.7) - Deutsch (x32 Version: 10.1.7)
Adobe Shockwave Player 11.6 (x32 Version: 11.6.8.638)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.2.122)
Adobe Support Advisor (x32 Version: 1.6.1)
Adobe Support Advisor (x32 Version: 1.6.1.20120504)
Adobe Widget Browser (x32 Version: 2.0 Build 348)
Adobe Widget Browser (x32 Version: 2.0.348)
Adobe® Content Viewer (x32 Version: 3.2.0)
Alan Wake (x32)
Alan Wake Version 1.06.17.0155 (x32 Version: 1.06.17.0155)
Alan Wake's American Nightmare (x32)
Alan Wakes American Nightmare Version 1.03.17.1781 (x32 Version: 1.03.17.1781)
Alice Madness Returns (x32 Version: 1.0.0.0)
Allgemeine Runtime Files (x86) (Version: 1.0.3.5)
Apple Application Support (x32 Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
ArcSoft TotalMedia 3.5 (x32 Version: 3.5.7.307)
Ashampoo Burning Studio 2013 v.11.0.6 (x32 Version: 11.0.6)
Asmedia ASM104x USB 3.0 Host Controller Driver (x32 Version: 1.14.10.0)
Asmedia ASM106x SATA Host Controller Driver (x32 Version: 1.3.9.000)
ASRock 3TB+ Unlocker v1.0
ASRock App Charger v1.0.5
ASRock eXtreme Tuner v0.1.251 (x32)
ASRock XFast RAM v2.0.9
Astral Masters (x32 Version: 1.0)
Astral Masters (x32)
ASUS PMP Lite (x32 Version: 1.00.0000)
ASUS Xonar DX Audio Driver
Authorizer 1.0.5 (x32 Version: 1.0.5)
Authorizer Ignition Key Support (Version: 1.0.3.0)
Batman: Arkham Cityâ„¢ (x32)
Battlefield 3â„¢ (x32 Version: 1.0.0.0)
Battlefield 3â„¢ (x32 Version: 1.3.0.0)
Battlelog Web Plugins (x32 Version: 2.1.7)
Bitdefender Antivirus Plus 2013 (Version: 16.29.0.1830)
BitTorrent (x32 Version: 7.8.0.29676)
bl (x32 Version: 1.0.0)
Bonjour (Version: 3.0.0.10)
Call of Duty Black Ops II (x32)
Call of Duty: Modern Warfare 3 - Multiplayer (x32)
Call of Duty: Modern Warfare 3 (x32)
CCleaner (Version: 4.04)
CDBurnerXP (x32 Version: 4.5.1.3868)
cFos Broadband Connect v1.06 (Version: 1.06)
cFosSpeed v9.04 (Version: 9.04)
Chivalry: Medieval Warfare (x32)
Citrix Online Launcher (x32 Version: 1.0.117)
Clever Privacy (x32 Version: 1.0.0.36)
CPUID CPU-Z 1.61.3
Creative Live! Cam Center (x32 Version: 1.00)
Creative WebCam Vista/Live! Cam Chat (VF0330) Driver (1.12.01.00)
CrystalDiskInfo 5.0.0 (x32 Version: 5.0.0)
CyberLink BD_3D Advisor 2.0 (x32 Version: 2.0.4017)
CyberLink Blu-ray Disc Suite (x32 Version: 6.0.5024)
CyberLink LabelPrint (x32 Version: 2.5.3624)
CyberLink Power2Go (x32 Version: 6.1.4715)
CyberLink PowerBackup (x32 Version: 2.5.6023)
CyberLink PowerDirector (x32 Version: 7.0.3708)
CyberLink PowerDVD 12 (x32 Version: 12.0.2118a.57)
CyberLink PowerProducer (x32 Version: 5.0.2.2820)
D3DX10 (x32 Version: 15.4.2368.0902)
DAEMON Tools Lite (x32 Version: 4.46.1.0327)
Diablo III (x32 Version: 1.0.6.13644)
DmC Devil may Cry version 5.1 (x32 Version: 5.1)
Dragon's Prophet (x32 Version: 1.0.1087.10)
Driver Genius Professional Edition (x32 Version: 11.0)
DriverAgent by eSupport.com
eReg (x32 Version: 1.20.138.34)
ESN Sonar (x32 Version: 0.70.4)
EuroKingCasino (x32)
EVEREST Home Edition v2.20 (x32 Version: 2.20)
EVGA Precision X 4.0.0 (x32 Version: 4.0.0)
ffdshow x64 v1.3.4515 [2013-06-12] (Version: 1.3.4515.0)
FIFA 10 (x32 Version: 1.0.0.0)
FileZilla Client 3.7.2 (x32 Version: 3.7.2)
Firebird SQL Server - MAGIX Edition (x32 Version: 2.1.31.0)
Flash Optimizer 2 (x32 Version: 2.1)
FormatFactory 3.0.1 (x32 Version: 3.0.1)
Free YouTube Download version 3.2.8.717 (x32 Version: 3.2.8.717)
Freemake Music Box (x32 Version: 1.0.0)
Full Tilt Poker (x32 Version: 4.48.3.WIN.FullTilt.COM)
Full Tilt Poker.Eu (x32 Version: 4.55.4.WIN.FullTilt.EU)
G DATA Logox 4 Speechengine (x32)
G DATA WebSpeech 4 (x32)
GoldWave v5.67 (x32)
Google Chrome (HKCU Version: 29.0.1547.57)
GoToMeeting 5.7.0.1172 (HKCU Version: 5.7.0.1172)
Grand Theft Auto IV (x32 Version: 1.0.0013.131)
Grand Theft Auto IV (x32 Version: 1.00.0000)
Grand Theft Auto: Episodes From Liberty City (x32 Version: 1.1.0.0)
Heaven DX11 Benchmark version 3.0 (Version: 3.0)
Hi-Rez Studios Authenticate and Update Service (x32 Version: 3.0.0.0)
Hitman Absolution (x32)
iCloud (Version: 2.1.2.8)
ICQ 8.0 (build 6008, für aktuellen Benutzer) (HKCU Version: 8.0.6008.0)
iFunbox (v2.1.2228.731), iFunbox DevTeam (x32 Version: v2.1.2228.731)
ImgBurn (x32 Version: 2.5.7.0)
Intel(R) Control Center (x32 Version: 1.2.1.1010)
Intel(R) Manageability Engine Firmware Recovery Agent (x32 Version: 1.0.0.36702)
Intel(R) Management Engine Components (x32 Version: 9.0.0.1310)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2932)
Intel(R) Rapid Storage Technology (x32 Version: 11.7.1.1001)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149)
Intel(R) Smart Connect Technology 3.0 x64 (Version: 3.0.30.1483)
Intel(R) Solid-State Drive Toolbox (x32 Version: 3.0.3.400)
Intel® Trusted Connect Service Client (Version: 1.27.757.1)
Internet-TV für Windows Media Center (x32 Version: 4.2.2.0)
iPhone-Konfigurationsprogramm (x32 Version: 3.6.2.300)
IrfanView (remove only) (x32 Version: 4.32)
iTunes (Version: 11.0.4.4)
Java 7 Update 17 (64-bit) (Version: 7.0.170)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
JavaFX 2.1.1 (x32 Version: 2.1.1)
JDownloader 2 (x32 Version: 2)
Junk Mail filter update (x32 Version: 16.4.3505.0912)
Kabel Deutschland Installations-Software (x32 Version: 3.6.0.0)
K-Lite Codec Pack 9.0.2 (64-bit) (Version: 9.0.2)
KungFu Strike Demo (x32)
LightScribe System Software (x32 Version: 1.18.20.1)
Line 6 Uninstaller (x32 Version: )
Linotype FontExplorer X Public Beta (x32 Version: 0.9.1.2250)
Logitech Gaming Software 5.10 (Version: 5.10.127)
Logitech Gaming Software 8.40 (Version: 8.40.83)
Logitech SetPoint 6.32 (Version: 6.32.20)
Mafia II (x32)
MAGIX Music Maker MX Premium Download Version (Demo songs) (x32 Version: 1.0.0.0)
MAGIX Music Maker MX Premium Download Version (Instrument package 1) (x32 Version: 1.0.0.0)
MAGIX Music Maker MX Premium Download Version (Instrument package 2) (x32 Version: 1.0.0.0)
MAGIX Music Maker MX Premium Download Version (Instrument package 3) (x32 Version: 1.0.0.0)
MAGIX Music Maker MX Premium Download Version (Introductory videos) (x32 Version: 1.0.0.0)
MAGIX Music Maker MX Premium Download Version (Sound package) (x32 Version: 1.0.0.0)
MAGIX Music Maker MX Premium Download Version (Synthesizer and effects) (x32 Version: 1.0.0.0)
MAGIX Music Maker MX Premium Download Version (Visuals) (x32 Version: 1.0.0.0)
MAGIX Music Maker MX Premium Download Version (x32 Version: 18.0.0.42)
MAGIX Music Maker MX Production Suite Download Version (Instrument package 1) (x32 Version: 1.0.0.0)
MAGIX Music Maker MX Production Suite Download Version (x32 Version: 18.0.1.11)
MAGIX Screenshare (x32 Version: 4.3.6.1987)
MAGIX Speed burnR (MSI) (x32 Version: 7.0.2.6)
MAGIX Video deluxe MX Plus Download-Version (Individuelle Menüvorlagen) (x32 Version: 1.0.0.0)
MAGIX Video deluxe MX Plus Download-Version (Menüvorlagen 1) (x32 Version: 1.0.0.0)
MAGIX Video deluxe MX Plus Download-Version (Menüvorlagen 2) (x32 Version: 1.0.0.0)
MAGIX Video deluxe MX Plus Download-Version (proDAD Adorage Starter Paket) (x32 Version: 1.0.0.0)
MAGIX Video deluxe MX Plus Download-Version (Ãœberblendeffekte) (x32 Version: 1.0.0.0)
MAGIX Video deluxe MX Plus Download-Version (x32 Version: 11.0.0.38)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
M-Audio Axiom DirectLink for Reason 1.0.0 (x86) (x32 Version: 1.0.0)
M-Audio Axiom Driver 1.1.2 (x64) (Version: 1.1.2)
MetaTrader - FXOpen (x32 Version: 4.00)
Metro 2033 (x32)
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322)
Microsoft .NET Framework 1.1 (x32)
Microsoft .NET Framework 1.1 Security Update (KB2656370) (x32)
Microsoft .NET Framework 1.1 Security Update (KB2698023) (x32)
Microsoft .NET Framework 1.1 Security Update (KB979906) (x32)
Microsoft .NET Framework 1.1 SP1
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Camera Codec Pack (Version: 16.3.1483.0410)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (x32 Version: 3.5.30730.0)
Microsoft Flight (x32 Version: 1.0.0005.129)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0)
Microsoft Outlook Hotmail Connector 64-Bit (Version: 14.0.6106.5001)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 64-bit (Version: 14.0.5120.5000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (Version: 2.0.50728)
Microsoft XML Parser (x32 Version: 8.0.7820.0)
Microsoft XNA Framework Redistributable 3.1 (x32 Version: 3.1.10527.0)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000)
Microsoft-Maus- und Tastatur-Center (Version: 2.1.177.0)
Migration System Updater RBP (x32 Version: 1.2.0.0)
MozBackup 1.5.1 (x32)
Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)
MyFreeCodec (HKCU)
MySQL Connector/ODBC 5.1 (x32 Version: 5.1.5)
Napster 5 Beta (x32 Version: 1.0.61)
Natural Color Pro (x32 Version: 1.0.0.6)
NEF to JPG (x32)
Nexuiz STUPID Mode (x32)
Nikon File Uploader 2 (x32 Version: 2.00.0001)
Nikon Message Center 2 (x32 Version: 2.0.1)
No23 Recorder (x32 Version: 2.1.0.3)
Notepad++ (x32 Version: 6.2)
NVIDIA 3D Vision Controller-Treiber 320.49 (Version: 320.49)
NVIDIA 3D Vision Treiber 320.49 (Version: 320.49)
NVIDIA GeForce Experience 1.6 (Version: 1.6)
NVIDIA Grafiktreiber 320.49 (Version: 320.49)
NVIDIA HD-Audiotreiber 1.3.24.2 (Version: 1.3.24.2)
NVIDIA Install Application (Version: 2.1002.131.854)
NVIDIA PhysX (x32 Version: 9.13.0604)
NVIDIA PhysX-Systemsoftware 9.13.0604 (Version: 9.13.0604)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2049)
NVIDIA Systemsteuerung 320.49 (Version: 320.49)
NVIDIA Update 7.2.17 (Version: 7.2.17)
NVIDIA Update Components (Version: 7.2.17)
NVIDIA Virtual Audio 1.2.1 (Version: 1.2.1)
OpenAL (x32)
OpenOffice 4.0.0 (x32 Version: 4.00.9702)
Opera 12.14 (x32 Version: 12.14.1738)
Origin (x32 Version: 9.1.3.2637)
orola Bluetooth (Version: 3.0.02.288)
PartyPoker (x32)
PCMark Vantage (x32 Version: 1.0.3.1)
PDF Settings CS6 (x32 Version: 11.0)
Perfect Effects 4.0.4 (x32 Version: 4.0.4)
ph (x32 Version: 1.0.0)
Picture Control Utility (x32 Version: 1.2.0)
PixelRuler v9.0.0.0 (x32)
PKR (x32)
PlanetSide 2 (x32)
Poker Host (HKCU Version: 6.0)
PokerStars (x32)
PokerStars.eu (x32)
proDAD Adorage 3.0 (x32 Version: 3.0.92)
PxMergeModule (x32 Version: 1.00.0000)
Quake Live Mozilla Plugin (x32 Version: 1.0.520)
QuickTime (x32 Version: 7.73.80.64)
Raptr (x32)
REALTEK DTV USB DEVICE (x32 Version: 1.00.0000)
Realtek Ethernet Controller Driver (x32 Version: 7.72.410.2013)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6662)
RegistryWizard 3.1.1.218 (x32)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.28.1)
RESIDENT EVIL 5 (x32 Version: 1.0.0.129)
Roadkil's Unstoppable Copier Version 5.2 (x32)
Samsung Magician (x32 Version: 4.0.1)
Samsung_MonSetup (x32 Version: 1.00.0000)
SeaTools for Windows (x32 Version: 1.2.0.6)
SHIELD Streaming (Version: 1.05.19)
SHIFT 2 UNLEASHEDâ„¢ (x32 Version: 1.0.2.0)
Skypeâ„¢ 6.6 (x32 Version: 6.6.106)
SpeedFan (remove only) (x32)
Spotify (HKCU Version: 0.8.8.459.g4430eae7)
Star Wars: The Force Unleashed 2 (x32 Version: 1.0)
Steam (x32 Version: 1.0.0.0)
Stormblade Launcher 1.1 (x32)
swMSM (x32 Version: 12.0.0.1)
System Requirements Lab for Intel (x32 Version: 4.5.13.0)
TeamSpeak 3 Client (x32 Version: 3.0.9.2)
TeamViewer 7 (x32 Version: 7.0.14563)
Text-To-Speech-Runtime (x32 Version: 1.0.0.0)
Thrustmaster Force Feedback Driver (x32 Version: 2.FFD.2009)
THX TruStudio (x32 Version: 1.00.01)
Titan Poker (x32)
Torchlight (x32)
TV-Browser 3.3RC1 (x32 Version: 3.3RC1)
UltraMon (Version: 3.2.1)
Update for Microsoft .NET Framework 4.5 (KB2750147) (x32 Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805221) (x32 Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805226) (x32 Version: 1)
Villagers & Heroes of A Mystical Land (x32 Version: 26577)
VIRTU MVP 2.1.114 (Version: 2.1.114)
VLC media player 2.0.2 (Version: 2.0.2)
VLC media player 2.0.7 (x32 Version: 2.0.7)
Wacom Tablett (Version: 6.3.5-3)
WebTablet FB Plugin 32 bit (x32 Version: 2.1.0.3)
WebTablet FB Plugin 64 bit (Version: 2.1.0.3)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912)
Windows Live Essentials (x32 Version: 16.4.3505.0912)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (x32 Version: 16.4.3505.0912)
Windows Live Mail (x32 Version: 16.4.3505.0912)
Windows Live Messenger (x32 Version: 16.4.3505.0912)
Windows Live MIME IFilter (Version: 16.4.3505.0912)
Windows Live Photo Common (x32 Version: 16.4.3505.0912)
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912)
Windows Live SOXE (x32 Version: 16.4.3505.0912)
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912)
Windows Live UX Platform (x32 Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912)
Windows Live Writer (x32 Version: 16.4.3505.0912)
Windows Live Writer Resources (x32 Version: 16.4.3505.0912)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)
Wisdom-soft AutoScreenRecorder 3.1 Pro (x32)
x64 Components v3.9.5 (Version: 3.9.5)
XFastUSB (x32 Version: 3.02.30)
Yahoo! Messenger (x32)
Yahoo! Software Update (x32)
Yahoo! Toolbar (x32)
YGOPro DevPro Version 1.9.2r2 (x32 Version: 1.9.2r2)

==================== Restore Points  =========================

21-08-2013 03:08:43 DirectX wurde installiert

==================== Hosts content: ==========================

2012-08-06 18:49 - 2013-05-28 19:59 - 00449253 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 adobe.activate.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 adobeereg.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1        www.007guard.com
127.0.0.1        007guard.com
127.0.0.1        008i.com
127.0.0.1        www.008k.com
127.0.0.1        008k.com
127.0.0.1        www.00hq.com
127.0.0.1        00hq.com
127.0.0.1        010402.com
127.0.0.1        www.032439.com
127.0.0.1        032439.com
127.0.0.1        www.0scan.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {04E318C0-4866-4A3D-883A-4DBB696E8B23} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2099724549-3202807456-1940011630-1000Core => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-20] (Google Inc.)
Task: {07831795-0524-4ABA-8891-AE3D2F3FEAFF} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {154E0A32-7E51-4232-BC6C-F7C13228A4E7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {1BF3D2BD-B9C7-4ACA-8EF2-8E4D619B5AE4} - System32\Tasks\Ad-Aware Antivirus Scheduled Scan => C:\PROGRA~2\AD-AWA~1\AdAwareLauncher.exe No File
Task: {23105C8F-505D-4402-8D5E-9A7B6FD8027A} - System32\Tasks\Software Updater Ui => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Ui.exe No File
Task: {23F605D2-580F-4862-8CDB-DCB02C82A782} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-12] (Adobe Systems Incorporated)
Task: {23F8B639-5052-4284-9EFF-C49DF771CA64} - System32\Tasks\Asrsetup => D:\ASRSetup.exe No File
Task: {2980438E-75FA-4A91-85B4-C2F51C3799E1} - System32\Tasks\MigrationUpdateTask => C:\Users\Daniel\AppData\Local\MigsUpdater\mupdater.exe [2013-05-05] ()
Task: {2A17C865-E1A2-45A3-A8D9-D7298577939D} - System32\Tasks\Trigger KMS Activation => F:\DOWNLOADS\KMSNano v13 Offline Office and Windows KMS Activator\TriggerKMS.exe No File
Task: {2FEC0373-3A8B-48BC-829D-AD5258EF4B0E} - System32\Tasks\Browser Updater\Browser Updater => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {30E48EBE-E6FA-44C1-B5CF-76FE7A060968} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {32A1F1EE-54CA-4EC6-A765-8A59EC2AD7E1} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe No File
Task: {33695109-E08D-4A9B-B073-3419B53C3372} - System32\Tasks\{5F5E1B98-8DEE-480D-833B-226DD91CB52D} => C:\ADOBE\Acrobat 10.0\Acrobat\AcroRd32.exe No File
Task: {3CB06802-72ED-4E56-BEF3-F0F29986CF80} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {42A97CA2-053C-47B2-BD82-5D6615957C16} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {482A6A91-094B-4D4F-B32D-448CC3C473C3} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-11-21] (Microsoft Corporation)
Task: {4BF5735A-F072-44FB-B487-C4FB38AF4961} - System32\Tasks\{E6DC504C-AA27-4451-A591-1E89C96E94A3} => C:\ADOBE\Acrobat 10.0\Acrobat\AcroRd32.exe No File
Task: {50FEC2D5-6A32-497E-9F2A-C162F0D34A6F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd)
Task: {57347239-C4C8-45B3-8748-0C6F011084CD} - System32\Tasks\Microsoft\Windows\PLA\System\{B04B9C26-8212-4C03-947F-7A49A9FDEE9B}_System Diagnostics => C:\Windows\system32\schtasks.exe [2010-11-21] (Microsoft Corporation)
Task: {5E6D9355-D733-4A28-AB9F-C9D4D616BFDE} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-01-29] (Microsoft)
Task: {5E8B11A8-331F-4830-98CA-29502B4B00BE} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {6533E5DD-AC05-4BE3-9EF6-CD996ABB574C} - System32\Tasks\{09801694-8BB5-432B-9BC8-29D4BC53D866} => C:\ADOBE\Acrobat 10.0\Acrobat\AcroRd32.exe No File
Task: {6B17C696-BA89-44D6-9208-7FC0D8F20385} - System32\Tasks\AdobeAAMUpdater-1.0-Daniel-PC-Daniel => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03] (Adobe Systems Incorporated)
Task: {81F40BA7-D88F-42D4-B505-A10D59DE406D} - System32\Tasks\Software Updater => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe No File
Task: {87E0A1CA-6223-4AA1-BB23-E6A47F53A5D0} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {A6EF2F7F-BFB9-4C94-AED4-9B2DD1E9A6C4} - System32\Tasks\{77FEA98D-2C8E-4A8F-9A10-0471F55AB34D} => C:\Windows\System32\msiexec.exe [2010-11-21] (Microsoft Corporation)
Task: {AE2EE930-6C93-4834-B583-32977E2A1121} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-21] (Microsoft Corporation)
Task: {BAE38BD4-4463-4ABB-B123-B0E773F961FE} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {E2C3910F-D8B0-4C5F-BA28-5DE97F0D236D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2099724549-3202807456-1940011630-1000UA => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-20] (Google Inc.)
Task: {F59DEE19-4152-4B7E-929C-99FF90F16B55} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2099724549-3202807456-1940011630-1000Core.job => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2099724549-3202807456-1940011630-1000UA.job => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Faulty Device Manager Devices =============

Name: Intel(R) HD Graphics 3000
Description: Intel(R) HD Graphics 3000
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: igfx
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/23/2013 09:44:01 PM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.

Error: (08/23/2013 09:43:50 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcUnregistering VAD endpoint [0]

Error: (08/23/2013 09:43:46 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcNvVAD endpoint registered successfully [0]

Error: (08/23/2013 04:33:56 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 10.0.9200.16660, Zeitstempel: 0x51f1c5f3
Name des fehlerhaften Moduls: MSHTML.dll, Version: 10.0.9200.16660, Zeitstempel: 0x51f1d37a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000b1d73
ID des fehlerhaften Prozesses: 0x2170
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3

Error: (08/22/2013 09:09:18 PM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.

Error: (08/22/2013 09:09:12 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcUnregistering VAD endpoint [0]

Error: (08/22/2013 09:09:07 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcNvVAD endpoint registered successfully [0]

Error: (08/21/2013 11:31:25 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/21/2013 11:31:25 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/21/2013 11:17:18 PM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.


System errors:
=============
Error: (08/23/2013 09:44:08 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (08/23/2013 09:44:08 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (08/23/2013 09:43:58 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (08/23/2013 09:43:58 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (08/23/2013 09:43:55 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
acedrv06

Error: (08/23/2013 09:43:51 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (08/23/2013 09:43:47 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (08/23/2013 09:43:47 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (08/23/2013 09:43:44 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (08/23/2013 00:08:57 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.


Microsoft Office Sessions:
=========================
Error: (08/23/2013 09:44:01 PM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/23/2013 09:43:50 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcUnregistering VAD endpoint [0]

Error: (08/23/2013 09:43:46 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcNvVAD endpoint registered successfully [0]

Error: (08/23/2013 04:33:56 AM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE10.0.9200.1666051f1c5f3MSHTML.dll10.0.9200.1666051f1d37ac0000005000b1d73217001ce9fa93611ab64C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\system32\MSHTML.dll74b6da61-0b9c-11e3-9725-6c7763666e00

Error: (08/22/2013 09:09:18 PM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/22/2013 09:09:12 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcUnregistering VAD endpoint [0]

Error: (08/22/2013 09:09:07 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcNvVAD endpoint registered successfully [0]

Error: (08/21/2013 11:31:25 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestF:\DOWNLOADS\SoftonicDownloader_fuer_questhelper.exe

Error: (08/21/2013 11:31:25 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestF:\DOWNLOADS\SoftonicDownloader_fuer_atlasloot-enhanced.exe

Error: (08/21/2013 11:17:18 PM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2013-08-23 21:43:31.173
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv06.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-08-23 21:43:31.142
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv06.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-08-22 21:08:53.220
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv06.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-08-22 21:08:53.189
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv06.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-08-21 23:16:52.392
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv06.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-08-21 23:16:52.345
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv06.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-08-20 17:45:59.360
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv06.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-08-20 17:45:59.329
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv06.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-08-19 18:47:19.565
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv06.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-08-19 18:47:19.456
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv06.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Percentage of memory in use: 25%
Total physical RAM: 16265.34 MB
Available physical RAM: 12140.08 MB
Total Pagefile: 32528.87 MB
Available Pagefile: 27806.32 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.14 GB) (Free:15.76 GB) NTFS
Drive f: () (Fixed) (Total:1863.01 GB) (Free:65.8 GB) NTFS
Drive g: () (Fixed) (Total:439.45 GB) (Free:338.67 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: C71388A3)
Partition 1: (Active) - (Size=-198626508800) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: 20D463C9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 466 GB) (Disk ID: 1CD40207)
Partition 1: (Not Active) - (Size=439 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Bitdefender Screenshots liegen im Anhang bei. Mehr Angaben habe ich nicht :balla:
Vielen Dank vorab!

schrauber 24.08.2013 08:36
hi,
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

ddPlr 24.08.2013 18:28
Combofix ausgeführt:

Code:
ComboFix 13-08-22.01 - Daniel 24.08.2013  19:20:39.1.4 - x64
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.16265.13096 [GMT 2:00]
ausgeführt von:: f:\trojaner board software\ComboFix.exe
AV: Bitdefender Virenschutz *Disabled/Updated* {9B5F5313-CAF9-DD97-C460-E778420237B4}
FW: Bitdefender Firewall *Disabled* {A364D236-8096-DCCF-EF3F-4E4DBCD170CF}
SP: Bitdefender Spyware-Schutz *Disabled/Updated* {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\1357421298.bdinstall.bin
c:\programdata\1368710650.bdinstall.bin
c:\programdata\1370054432.bdinstall.bin
c:\users\Daniel\AppData\Local\TEMPFullTiltPokerEuSetup.exe
c:\windows\SysWow64\DEBUG.log
c:\windows\SysWow64\tmpFFA2.tmp
c:\windows\SysWow64\tmpFFA3.tmp
F:\install.exe
.
.
(((((((((((((((((((((((  Dateien erstellt von 2013-07-24 bis 2013-08-24  ))))))))))))))))))))))))))))))
.
.
2013-08-24 17:24 . 2013-08-24 17:24        --------        d-----w-        c:\users\UpdatusUser\AppData\Local\temp
2013-08-24 17:24 . 2013-08-24 17:24        --------        d-----w-        c:\users\Default\AppData\Local\temp
2013-08-23 22:40 . 2013-08-23 22:40        --------        d-----w-        c:\users\Daniel\AppData\Local\Opera Software
2013-08-23 22:40 . 2013-08-23 22:40        --------        d-----w-        c:\users\Daniel\AppData\Roaming\Opera Software
2013-08-17 14:44 . 2013-08-17 14:56        --------        d-----w-        c:\program files (x86)\Advanced Fix 2013
2013-08-15 18:37 . 2013-08-15 18:37        --------        d-----w-        c:\program files (x86)\MySQL
2013-08-15 18:37 . 2010-12-11 09:47        231936        ----a-w-        c:\windows\SysWow64\sevXPCtl.ocx
2013-08-15 18:37 . 2010-12-05 12:15        370176        ----a-w-        c:\windows\SysWow64\sevDataGrid2.ocx
2013-08-15 18:37 . 2010-10-08 05:49        294400        ----a-w-        c:\windows\SysWow64\sevEin20.ocx
2013-08-15 18:37 . 2010-04-11 09:33        117248        ----a-w-        c:\windows\SysWow64\sevClb20.ocx
2013-08-15 18:37 . 2010-02-21 11:34        141824        ----a-w-        c:\windows\SysWow64\sevCmd3.ocx
2013-08-15 18:37 . 2009-12-03 10:21        125712        ----a-w-        c:\windows\SysWow64\VB6DE.DLL
2013-08-15 18:37 . 2006-10-07 11:04        62976        ----a-w-        c:\windows\SysWow64\sevList32.ocx
2013-08-15 18:37 . 2013-08-16 17:58        --------        d-----w-        C:\Stormblade
2013-08-14 15:20 . 2013-08-14 15:20        --------        d-----w-        C:\FRST
2013-08-14 15:18 . 2013-08-24 17:13        --------        d-----w-        c:\program files\cFosSpeed
2013-08-14 12:01 . 2013-07-09 05:52        224256        ----a-w-        c:\windows\system32\wintrust.dll
2013-08-11 02:26 . 2013-08-11 02:26        --------        d-----w-        c:\users\Daniel\AppData\Roaming\RBotPlus
2013-08-06 15:36 . 2013-08-06 15:36        --------        d-----w-        c:\program files (x86)\Citrix
2013-08-06 15:36 . 2013-08-06 15:36        --------        d-----w-        c:\users\Daniel\AppData\Local\Citrix
2013-08-01 14:45 . 2013-08-01 14:45        --------        d-----w-        c:\programdata\MetaQuotes
2013-08-01 14:43 . 2013-08-01 14:44        --------        d-----w-        c:\program files (x86)\MetaTrader - FXOpen
2013-07-31 14:00 . 2013-07-31 14:06        --------        d-----w-        c:\users\Daniel\AppData\Roaming\CasinoOnNet
2013-07-31 13:59 . 2013-08-17 14:50        --------        d-----w-        c:\program files (x86)\CasinoOnNet
2013-07-31 11:08 . 2013-07-31 11:13        --------        d-----w-        c:\programdata\MGS
2013-07-31 11:08 . 2013-07-31 11:08        --------        d-----w-        C:\Microgaming
2013-07-30 19:47 . 2013-07-30 19:47        --------        d-----w-        C:\NvidiaLogging
2013-07-30 19:47 . 2013-05-14 19:28        39712        ----a-w-        c:\windows\system32\drivers\nvvad64v.sys
2013-07-30 19:47 . 2013-05-14 19:27        29984        ----a-w-        c:\windows\system32\nvaudcap64v.dll
2013-07-30 19:47 . 2013-05-14 19:27        28448        ----a-w-        c:\windows\SysWow64\nvaudcap32v.dll
2013-07-29 16:26 . 2013-07-31 10:35        --------        d-----w-        c:\users\Daniel\AppData\Roaming\AutoBinarySEA DE
2013-07-29 13:01 . 2013-07-29 13:01        --------        d-----w-        c:\users\Daniel\AppData\Roaming\OpenOffice
2013-07-29 13:00 . 2013-07-29 13:00        --------        d-----w-        c:\program files (x86)\OpenOffice 4
2013-07-27 14:44 . 2013-07-27 14:45        --------        d-----w-        c:\users\Daniel\AppData\Roaming\Yahoo!
2013-07-27 14:44 . 2013-07-27 14:44        --------        d-----w-        c:\programdata\Yahoo! Companion
2013-07-27 14:44 . 2013-07-27 14:44        --------        d-----w-        c:\programdata\Yahoo!
2013-07-27 14:44 . 2013-07-27 14:44        --------        d-----w-        c:\program files (x86)\Yahoo!
2013-07-27 11:25 . 2013-07-27 11:38        --------        d-----w-        c:\programdata\Malwarebytes' Anti-Malware (portable)
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-20 00:25 . 2012-06-11 18:33        290184        ----a-w-        c:\windows\SysWow64\PnkBstrB.xtr
2013-08-20 00:25 . 2012-06-11 18:07        290184        ----a-w-        c:\windows\SysWow64\PnkBstrB.exe
2013-08-20 00:24 . 2012-06-11 18:07        283304        ----a-w-        c:\windows\SysWow64\PnkBstrB.ex0
2013-08-14 15:05 . 2012-05-10 18:20        78161360        ----a-w-        c:\windows\system32\MRT.exe
2013-07-24 13:16 . 2013-07-24 13:16        597776        ----a-w-        c:\windows\system32\drivers\avckf.sys
2013-07-23 19:06 . 2012-08-31 19:31        893552        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2013-07-23 19:05 . 2012-08-31 19:30        42776        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2013-07-12 14:26 . 2012-08-06 23:45        71048        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-12 14:26 . 2012-08-06 23:45        692104        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2013-07-09 04:45 . 2013-08-14 12:01        44032        ----a-w-        c:\windows\apppatch\acwow64.dll
2013-07-01 22:21 . 2012-07-29 21:27        34752        ----a-w-        c:\windows\system32\drivers\WPRO_41_2001.sys
2013-07-01 22:19 . 2013-07-01 22:19        96168        ----a-w-        c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-07-01 22:19 . 2012-06-11 17:21        867240        ----a-w-        c:\windows\SysWow64\npDeployJava1.dll
2013-07-01 22:19 . 2012-06-11 17:21        789416        ----a-w-        c:\windows\SysWow64\deployJava1.dll
2013-06-21 12:06 . 2013-07-06 13:29        7641832        ----a-w-        c:\windows\system32\nvopencl.dll
2013-06-21 12:06 . 2013-07-06 13:29        6324360        ----a-w-        c:\windows\SysWow64\nvopencl.dll
2013-06-21 12:06 . 2013-07-06 13:29        572704        ----a-w-        c:\windows\system32\NvFBC64.dll
2013-06-21 12:06 . 2013-07-06 13:29        570656        ----a-w-        c:\windows\system32\NvIFR64.dll
2013-06-21 12:06 . 2013-07-06 13:29        467232        ----a-w-        c:\windows\SysWow64\NvIFR.dll
2013-06-21 12:06 . 2013-07-06 13:29        465184        ----a-w-        c:\windows\SysWow64\NvFBC.dll
2013-06-21 12:06 . 2013-07-06 13:29        432928        ----a-w-        c:\windows\system32\nvEncodeAPI64.dll
2013-06-21 12:06 . 2013-07-06 13:29        372000        ----a-w-        c:\windows\SysWow64\nvEncodeAPI.dll
2013-06-21 12:06 . 2013-07-06 13:29        2953504        ----a-w-        c:\windows\system32\nvcuvid.dll
2013-06-21 12:06 . 2013-07-06 13:29        2777888        ----a-w-        c:\windows\SysWow64\nvcuvid.dll
2013-06-21 12:06 . 2013-07-06 13:29        2363680        ----a-w-        c:\windows\system32\nvcuvenc.dll
2013-06-21 12:06 . 2013-07-06 13:29        218592        ----a-w-        c:\windows\system32\nvoglshim64.dll
2013-06-21 12:06 . 2013-07-06 13:29        21102368        ----a-w-        c:\windows\SysWow64\nvoglv32.dll
2013-06-21 12:06 . 2013-07-06 13:29        2002720        ----a-w-        c:\windows\SysWow64\nvcuvenc.dll
2013-06-21 12:06 . 2013-07-06 13:29        1832224        ----a-w-        c:\windows\system32\nvdispco6432049.dll
2013-06-21 12:06 . 2013-07-06 13:29        181488        ----a-w-        c:\windows\SysWow64\nvoglshim32.dll
2013-06-21 12:06 . 2013-07-06 13:29        1511712        ----a-w-        c:\windows\system32\nvdispgenco6432049.dll
2013-06-21 12:06 . 2013-07-06 13:29        11235104        ----a-w-        c:\windows\system32\drivers\nvlddmkm.sys
2013-06-21 12:06 . 2013-07-06 13:29        9239344        ----a-w-        c:\windows\system32\nvcuda.dll
2013-06-21 12:06 . 2013-07-06 13:29        7687592        ----a-w-        c:\windows\SysWow64\nvcuda.dll
2013-06-21 12:06 . 2013-07-06 13:29        2936208        ----a-w-        c:\windows\system32\nvapi64.dll
2013-06-21 12:06 . 2013-07-06 13:29        25256224        ----a-w-        c:\windows\system32\nvcompiler.dll
2013-06-21 12:06 . 2013-07-06 13:29        17560352        ----a-w-        c:\windows\SysWow64\nvcompiler.dll
2013-06-21 12:06 . 2013-02-06 12:24        27781920        ----a-w-        c:\windows\system32\nvoglv64.dll
2013-06-21 12:06 . 2013-02-06 12:24        13411896        ----a-w-        c:\windows\SysWow64\nvwgf2um.dll
2013-06-21 12:06 . 2013-02-06 12:24        925648        ----a-w-        c:\windows\SysWow64\nvumdshim.dll
2013-06-21 12:06 . 2013-02-06 12:24        266448        ----a-w-        c:\windows\system32\nvinitx.dll
2013-06-21 12:06 . 2013-02-06 12:24        214448        ----a-w-        c:\windows\SysWow64\nvinit.dll
2013-06-21 12:06 . 2013-02-06 12:24        15920536        ----a-w-        c:\windows\system32\nvwgf2umx.dll
2013-06-21 12:06 . 2013-02-06 12:24        15144928        ----a-w-        c:\windows\system32\nvd3dumx.dll
2013-06-21 12:06 . 2013-02-06 12:24        12427240        ----a-w-        c:\windows\SysWow64\nvd3dum.dll
2013-06-21 12:06 . 2013-02-06 12:24        1059560        ----a-w-        c:\windows\system32\nvumdshimx.dll
2013-06-21 12:06 . 2013-02-06 12:24        2597856        ----a-w-        c:\windows\SysWow64\nvapi.dll
2013-06-21 10:23 . 2013-02-06 12:24        6496544        ----a-w-        c:\windows\system32\nvcpl.dll
2013-06-21 10:23 . 2013-02-06 12:24        3514656        ----a-w-        c:\windows\system32\nvsvc64.dll
2013-06-21 10:23 . 2013-02-06 12:24        884512        ----a-w-        c:\windows\system32\nvvsvc.exe
2013-06-21 10:23 . 2013-02-06 12:24        63776        ----a-w-        c:\windows\system32\nvshext.dll
2013-06-21 10:23 . 2013-02-06 12:24        2555680        ----a-w-        c:\windows\system32\nvsvcr.dll
2013-06-21 10:23 . 2013-02-06 12:24        237856        ----a-w-        c:\windows\system32\nvmctray.dll
2013-06-21 03:16 . 2013-06-21 03:16        566048        ----a-w-        c:\windows\SysWow64\nvStreaming.exe
2013-06-20 04:17 . 2013-02-06 12:24        3253909        ----a-w-        c:\windows\system32\nvcoproc.bin
2013-06-12 20:01 . 2012-07-25 10:59        127488        ----a-w-        c:\windows\system32\ff_vfw.dll
2013-06-05 03:34 . 2013-07-11 03:14        3153920        ----a-w-        c:\windows\system32\win32k.sys
2013-06-04 07:15 . 2013-06-04 07:15        103448        ----a-w-        c:\windows\system32\drivers\ssudbus.sys
2013-06-04 07:15 . 2013-06-04 07:15        203672        ----a-w-        c:\windows\system32\drivers\ssudmdm.sys
2013-06-04 06:00 . 2013-07-11 03:14        624128        ----a-w-        c:\windows\system32\qedit.dll
2013-06-04 04:53 . 2013-07-11 03:14        509440        ----a-w-        c:\windows\SysWow64\qedit.dll
2013-06-01 02:51 . 2013-06-01 02:51        76944        ----a-w-        c:\windows\system32\drivers\bdvedisk.sys
2013-06-01 02:51 . 2013-06-01 02:41        382536        ----a-w-        c:\windows\system32\drivers\trufos.sys
2013-05-28 11:32 . 2013-05-28 11:32        14456        ----a-w-        c:\windows\system32\drivers\gfibto.sys
2013-05-27 19:49 . 2012-08-07 01:02        32320        ----a-w-        c:\windows\system32\drivers\FNETTBOH_305.SYS
2012-08-08 21:37 . 2012-08-08 21:37        4024320        ----a-w-        c:\program files (x86)\GUTDD83.tmp
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2013-07-17 17:30        277512        ----a-w-        c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2013-04-05 59720]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2013-04-05 59720]
"com.apple.dav.bookmarks.daemon"="c:\program files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe" [2013-04-05 59720]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"V0330Mon.exe"="c:\windows\V0330Mon.exe" [2007-04-29 32768]
"UpdatePSTShortCut"="c:\program files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe" [2011-03-01 222504]
"UpdatePDRShortCut"="c:\program files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-12-20 56720]
"XFastUSB"="c:\program files (x86)\XFastUSB\XFastUsb.exe" [2012-08-07 5019360]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2013-04-25 1075296]
"THX TruStudio NB Settings"="c:\program files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe" [2011-05-19 909824]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-05-31 152392]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"Adobe Creative Cloud"="c:\program files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" [2013-07-12 2236816]
.
c:\users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Daniel.lnk - c:\users\Daniel\AppData\Roaming\Realtime Soft\UltraMon\3.2.1\Profiles\Daniel.umprofile [2012-11-22 277]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
UltraMon.lnk - c:\windows\Installer\{ED7FE81C-378C-411D-B5B4-509B978BA204}\IcoUltraMon.ico /auto [2012-11-22 29310]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\progra~2\NVIDIA~1\NVSTRE~1\rxinput.dll
.
R1 acedrv06;acedrv06;c:\windows\system32\drivers\acedrv06.sys;c:\windows\SYSNATIVE\drivers\acedrv06.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Freemake Improver;Freemake Improver;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [x]
R2 KMService;KMService;c:\windows\system32\srvany.exe;c:\windows\SYSNATIVE\srvany.exe [x]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AsrCDDrv;AsrCDDrv; [x]
R3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys;c:\windows\SYSNATIVE\DRIVERS\avckf.sys [x]
R3 AXIOM;Service for M-Audio Axiom;c:\windows\system32\DRIVERS\MAudioAxiom.sys;c:\windows\SYSNATIVE\DRIVERS\MAudioAxiom.sys [x]
R3 BDSandBox;BDSandBox;c:\windows\system32\drivers\bdsandbox.sys;c:\windows\SYSNATIVE\drivers\bdsandbox.sys [x]
R3 btmaudio;Motorola Bluetooth Audio Service;c:\windows\system32\drivers\btmaud.sys;c:\windows\SYSNATIVE\drivers\btmaud.sys [x]
R3 BTMCOM;Bluetooth Serial Port;c:\windows\system32\Drivers\btmcom.sys;c:\windows\SYSNATIVE\Drivers\btmcom.sys [x]
R3 BTMNET;Motorola Bluetooth Network Adapter Service;c:\windows\system32\DRIVERS\btmnet.sys;c:\windows\SYSNATIVE\DRIVERS\btmnet.sys [x]
R3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\Drivers\btmusb.sys;c:\windows\SYSNATIVE\Drivers\btmusb.sys [x]
R3 cpudrv64;cpudrv64;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys;c:\windows\SYSNATIVE\drivers\dgderdrv.sys [x]
R3 dpclat_driver;dpclat_driver;c:\windows\system32\drivers\dpclat_driver.sys;c:\windows\SYSNATIVE\drivers\dpclat_driver.sys [x]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [x]
R3 hidkmdf;KMDF Driver;c:\windows\system32\DRIVERS\hidkmdf.sys;c:\windows\SYSNATIVE\DRIVERS\hidkmdf.sys [x]
R3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
R3 MonitorFunction;Driver for Monitor;c:\windows\system32\DRIVERS\TVMonitor.sys;c:\windows\SYSNATIVE\DRIVERS\TVMonitor.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL2832U_IRHID;HID Infrared Remote Receiver;c:\windows\system32\DRIVERS\RTL2832U_IRHID.sys;c:\windows\SYSNATIVE\DRIVERS\RTL2832U_IRHID.sys [x]
R3 RTL2832UBDA;REALTEK 2832U BDA Driver;c:\windows\system32\drivers\RTL2832UBDA.sys;c:\windows\SYSNATIVE\drivers\RTL2832UBDA.sys [x]
R3 RTL2832UUSB;REALTEK 2832U USB Driver;c:\windows\system32\Drivers\RTL2832UUSB.sys;c:\windows\SYSNATIVE\Drivers\RTL2832UUSB.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WacHidRouter;Wacom Hid Router;c:\windows\system32\DRIVERS\wachidrouter.sys;c:\windows\SYSNATIVE\DRIVERS\wachidrouter.sys [x]
R3 wacomrouterfilter;Wacom Router Filter Driver;c:\windows\system32\DRIVERS\wacomrouterfilter.sys;c:\windows\SYSNATIVE\DRIVERS\wacomrouterfilter.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001);c:\windows\system32\drivers\WPRO_41_2001.sys;c:\windows\SYSNATIVE\drivers\WPRO_41_2001.sys [x]
R4 AxiomAudioDevMon;Axiom Audio Device Monitor;c:\program files (x86)\M-Audio\Axiom\AudioDevMon.exe;c:\program files (x86)\M-Audio\Axiom\AudioDevMon.exe [x]
R4 Bluetooth Device Manager;Bluetooth Device Manager;c:\program files\Motorola\Bluetooth\devmgrsrv.exe;c:\program files\Motorola\Bluetooth\devmgrsrv.exe [x]
R4 Bluetooth Media Service;Bluetooth Media Service;c:\program files\Motorola\Bluetooth\audiosrv.exe;c:\program files\Motorola\Bluetooth\audiosrv.exe [x]
R4 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files\Motorola\Bluetooth\obexsrv.exe;c:\program files\Motorola\Bluetooth\obexsrv.exe [x]
R4 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [x]
R4 CodeMeter.exe;CodeMeter Runtime Server;c:\program files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe;c:\program files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [x]
R4 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [x]
R4 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [x]
R4 FileZillaServer;FileZillaServer;f:\programmieren\xampp\FileZillaFTP\FileZillaServer.exe;f:\programmieren\xampp\FileZillaFTP\FileZillaServer.exe [x]
R4 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [x]
R4 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R4 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [x]
R4 IAStorDataMgrSvc;Intel(R) Rapid Storage-Technologie;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R4 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R4 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
R4 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R4 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
R4 ISCTAgent;ISCT Always Updated Agent;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [x]
R4 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
R4 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R4 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [x]
R4 WTabletServicePro;Wacom Professional Service;c:\program files\Tablet\Wacom\WTabletServicePro.exe;c:\program files\Tablet\Wacom\WTabletServicePro.exe [x]
S0 asahci64;asahci64;c:\windows\system32\DRIVERS\asahci64.sys;c:\windows\SYSNATIVE\DRIVERS\asahci64.sys [x]
S0 AsrRamDisk;AsrRamDisk;c:\windows\system32\DRIVERS\AsrRamDisk.sys;c:\windows\SYSNATIVE\DRIVERS\AsrRamDisk.sys [x]
S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys;c:\windows\SYSNATIVE\DRIVERS\avc3.sys [x]
S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys;c:\windows\SYSNATIVE\drivers\gfibto.sys [x]
S0 gzflt;gzflt;c:\windows\system32\DRIVERS\gzflt.sys;c:\windows\SYSNATIVE\DRIVERS\gzflt.sys [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 AsrAppCharger;AsrAppCharger;c:\windows\system32\DRIVERS\AsrAppCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AsrAppCharger.sys [x]
S1 bdfwfpf;bdfwfpf;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 FNETURPX;FNETURPX;c:\windows\system32\drivers\FNETURPX.SYS;c:\windows\SYSNATIVE\drivers\FNETURPX.SYS [x]
S2 {73526619-C24F-470B-9BED-53D455FBB5C6};Power Control [2013/01/13 20:05];c:\program files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl;c:\program files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [x]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [x]
S2 ntk_PowerDVD12;ntk_PowerDVD12;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UltraMonUtility;UltraMon Utility Driver;c:\program files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys;c:\program files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys [x]
S2 UPDATESRV;Bitdefender Desktop Update Service;c:\program files\Bitdefender\Bitdefender 2013\updatesrv.exe;c:\program files\Bitdefender\Bitdefender 2013\updatesrv.exe [x]
S3 AsrVDrive;AsrVDrive;c:\windows\system32\DRIVERS\AsrVDrive.sys;c:\windows\SYSNATIVE\DRIVERS\AsrVDrive.sys [x]
S3 avchv;avchv Function Driver;c:\windows\system32\DRIVERS\avchv.sys;c:\windows\SYSNATIVE\DRIVERS\avchv.sys [x]
S3 cFosBC;cFos Broadband Connect (NDIS 6.0) Adapter;c:\windows\system32\DRIVERS\cfosbc6.sys;c:\windows\SYSNATIVE\DRIVERS\cfosbc6.sys [x]
S3 cmudaxp;ASUS Xonar DX Audio Interface;c:\windows\system32\drivers\cmudaxp.sys;c:\windows\SYSNATIVE\drivers\cmudaxp.sys [x]
S3 FNETTBOH_305;FNETTBOH_305;c:\windows\system32\drivers\FNETTBOH_305.SYS;c:\windows\SYSNATIVE\drivers\FNETTBOH_305.SYS [x]
S3 ikbevent;Intel Upper keyboard Class Filter Driver;c:\windows\system32\DRIVERS\ikbevent.sys;c:\windows\SYSNATIVE\DRIVERS\ikbevent.sys [x]
S3 imsevent;Intel Upper Mouse Class Filter Driver;c:\windows\system32\DRIVERS\imsevent.sys;c:\windows\SYSNATIVE\DRIVERS\imsevent.sys [x]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD64.sys;c:\windows\SYSNATIVE\DRIVERS\ISCTD64.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSHidFilt.Sys [x]
S3 LGSUsbFilt;Logitech Gaming KMDF USB Filter Driver;c:\windows\system32\DRIVERS\LGSUsbFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSUsbFilt.Sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 V0330VID;WebCam Vista/Live! Cam Chat VF0330;c:\windows\system32\DRIVERS\V0330Vid.sys;c:\windows\SYSNATIVE\DRIVERS\V0330Vid.sys [x]
S3 VirtuWDDM;VirtuWDDM;c:\windows\system32\DRIVERS\VirtuWDDM.sys;c:\windows\SYSNATIVE\DRIVERS\VirtuWDDM.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-11-22 12:18        451872        ----a-w-        c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-08-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-06 14:26]
.
2013-08-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2099724549-3202807456-1940011630-1000Core.job
- c:\users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-20 11:34]
.
2013-08-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2099724549-3202807456-1940011630-1000UA.job
- c:\users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-20 11:34]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2013-07-17 17:30        336904        ----a-w-        c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2013-06-19 22:45        3317616        ----a-w-        c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2013-06-19 22:45        3317616        ----a-w-        c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2013-06-19 22:45        3317616        ----a-w-        c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-06-11 12503184]
"PAC7302_Monitor"="c:\windows\Pixart\PAC7302\Monitor.exe" [2007-12-10 323584]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152]
"Cmaudio8788GX"="c:\windows\syswow64\HsMgr.exe" [2008-07-11 200704]
"Cmaudio8788GX64"="c:\windows\system\HsMgr64.exe" [2008-07-11 282112]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2013-06-03 472984]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-06-14 190536]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2012-11-29 7406392]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-12-14 172144]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-12-14 399984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-12-14 441968]
"THXCfg64"="c:\windows\system32\THXCfg64.dll" [2011-05-13 26624]
"VIRTU MVP"="c:\program files\Lucidlogix Technologies\VIRTU MVP\MVPControlPanel.Exe" [2012-06-17 3110728]
"Cmaudio8788"="c:\windows\Syswow64\cmicnfgp.dll" [2009-10-30 8151040]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-07-27 1028896]
"Bdagent"="c:\program files\Bitdefender\Bitdefender 2013\bdagent.exe" [2013-07-24 1568512]
"cFosBC Daemon"="c:\program files\cFosBC\wbc.exe" [2009-04-09 685784]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\progra~2\NVIDIA~1\NVSTRE~1\rxinput.dll c:\progra~2\NVIDIA~1\NVSTRE~1\rxinput.dll
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
mStart Page = about:blank
IE: An OneNote s&enden - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: An vorhandene PDF-Datei anfügen - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&xport to Microsoft Excel - f:\office\Office15\EXCEL.EXE/3000
IE: Free YouTube Download - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
IE: In Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Linkziel an vorhandene PDF-Datei anhängen - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Linkziel in Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - f:\office\Office15\ONBttnIE.dll/105
IE: {{bd707fe6-39f6-4bda-9265-86a76719bdc5} - c:\program files\Motorola\Bluetooth\btmiesend.htm
IE: {{1CE4DE72-7FCC-4eb8-8F66-AE6A56A0A54D} - {0854DA01-5BF8-4E9D-A0E9-3CD5500AFB8C} - c:\program files (x86)\Common Files\WebSpeech.4.0\LgxIEBar.dll
IE: {{92808042-fb78-4fa0-bb4f-c9a95e0e9c10} - {ba696155-d96e-4281-b467-0367a0456474} -
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.178.1
DPF: {FA8D54DA-4546-4727-B2C0-88390AA59E03} - hxxp://game.mystical-land.com/pluginInstaller/installers/win32/MysticalLandInstaller.cab
FF - ProfilePath - c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\via57qgr.default\
FF - prefs.js: browser.search.selectedEngine - SecureSearch
FF - prefs.js: browser.startup.homepage - chrome://speeddial/content/speeddial.xul
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2013-06-25 12:34; {6AC85730-7D0F-4de0-B3FA-21142DD85326}; c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\via57qgr.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
FF - ExtSQL: 2013-06-25 18:13; {24532715-4abc-47ee-bd4f-a6774d0723d2}; c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\via57qgr.default\extensions\{24532715-4abc-47ee-bd4f-a6774d0723d2}
FF - ExtSQL: 2013-07-21 11:20; {4BBDD651-70CF-4821-84F8-2B918CF89CA3}; c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\via57qgr.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}
FF - ExtSQL: 2013-07-27 16:44; {635abd67-4fe9-1b23-4f01-e679fa7484c1}; c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\via57qgr.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
.
.
------- Dateityp-Verknüpfung -------
.
JSEFile=%SystemRoot%\SysWow64\CScript.exe "%1" %*
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - (no file)
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
WebBrowser-{64EAD72B-FFD4-4E01-AA3A-4C71665D73E4} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\services\{73526619-C24F-470B-9BED-53D455FBB5C6}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2099724549-3202807456-1940011630-1000\Software\SecuROM\License information*]
"datasecu"=hex:af,ce,33,55,36,bc,25,35,a3,8d,fc,70,31,97,9b,6d,ec,4a,d7,62,f9,
  a7,e8,8c,5c,17,bb,f0,5f,a9,19,5f,73,2e,39,7c,cd,69,d1,f0,af,75,2a,5e,98,3e,\
"rkeysecu"=hex:c6,a7,ec,94,a5,08,0c,ac,34,0f,1a,55,fc,b1,88,4e
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]
"Version"=hex:3f,f5,ef,62,d6,21,55,ea,5d,52,44,fc,5e,00,e3,88,fa,70,4c,ac,62,
  18,1a,48,c4,4d,bb,33,83,82,ed,07,70,25,f2,b4,0b,d2,d0,dc,ec,f1,87,b9,ca,22,\
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version]
"Version"=hex:3f,f5,ef,62,d6,21,55,ea,5d,52,44,fc,5e,00,e3,88,fa,70,4c,ac,62,
  18,1a,48,c4,4d,bb,33,83,82,ed,07,70,25,f2,b4,0b,d2,d0,dc,ec,f1,87,b9,ca,22,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-08-24  19:25:55
ComboFix-quarantined-files.txt  2013-08-24 17:25
.
Vor Suchlauf: 18 Verzeichnis(se), 17.594.748.928 Bytes frei
Nach Suchlauf: 22 Verzeichnis(se), 17.239.998.464 Bytes frei
.
- - End Of File - - 6BE02095E851BAF3E432171D133783A4
72B8CE41AF0DE751C946802B3ED844B4

schrauber 24.08.2013 19:18
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

ddPlr 25.08.2013 01:32
Hier die Ergebnisse

Malwarebytes:
Code:
Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.08.24.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16660
Daniel :: DANIEL-PC [Administrator]

Schutz: Deaktiviert

24.08.2013 23:23:52
mbam-log-2013-08-24 (23-23-52).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|F:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 1290650
Laufzeit: 2 Stunde(n), 10 Minute(n), 54 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 3
F:\DOWNLOADS\SoftonicDownloader_fuer_atlasloot-enhanced.exe (PUP.Optional.Softonic) -> Erfolgreich gelöscht und in Quarantäne gestellt.
F:\DOWNLOADS\SoftonicDownloader_fuer_questhelper.exe (PUP.Optional.Softonic) -> Erfolgreich gelöscht und in Quarantäne gestellt.
F:\TREIBER & SOFTWARE\SOFTWARE\DTLite4454-0314.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

AdwCleaner:
Code:
# AdwCleaner v3.001 - Report created 24/08/2013 at 23:02:39
# Updated 24/08/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Daniel - DANIEL-PC
# Running from : F:\Trojaner Board Software\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Daniel\AppData\Local\cre
Folder Deleted : C:\Users\Daniel\AppData\LocalLow\SimplyTech
Folder Deleted : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\oj9v8t9h.default\Extensions\{24532715-4abc-47ee-bd4f-a6774d0723d2}
Folder Deleted : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\via57qgr.default\Extensions\{24532715-4abc-47ee-bd4f-a6774d0723d2}
File Deleted : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\via57qgr.default\foxydeal.sqlite
File Deleted : C:\Windows\System32\Tasks\Browser Updater
File Deleted : C:\Windows\System32\Tasks\Software Updater Ui
File Deleted : C:\Windows\System32\Tasks\Software Updater

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fgibjgmnimooanbagcfpnkmngejcojaf
Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\Software\Covus Freemium GmbH
Key Deleted : HKLM\Software\Uniblue\DriverScanner

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16660


-\\ Mozilla Firefox v22.0 (de)

[ File : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\oj9v8t9h.default\prefs.js ]


[ File : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\via57qgr.default\prefs.js ]


-\\ Google Chrome v

[ File : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [4936 octets] - [24/08/2013 22:58:35]
AdwCleaner[R1].txt - [5055 octets] - [24/08/2013 23:01:49]
AdwCleaner[S0].txt - [304 octets] - [24/08/2013 22:59:07]
AdwCleaner[S1].txt - [4899 octets] - [24/08/2013 23:02:39]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [4959 octets] ##########

JRT:
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.4 (08.22.2013:1)
OS: Windows 7 Home Premium x64
Ran by Daniel on 24.08.2013 at 23:04:29,41
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AboutURLs\\Tabs



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\hometab.dll
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\simplytech
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\simplytech
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\uniblue
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\hometab_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\hometab_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160}



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted the following from C:\Users\Daniel\AppData\Roaming\mozilla\firefox\profiles\via57qgr.default\prefs.js

user_pref("browser.search.selectedEngine", "SecureSearch");
Emptied folder: C:\Users\Daniel\AppData\Roaming\mozilla\firefox\profiles\via57qgr.default\minidumps [81 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24.08.2013 at 23:10:10,80
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

schrauber 25.08.2013 10:31

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

ddPlr 27.08.2013 20:06
Nun bin ich baff, er zeigt einen worm an...?

ESET (Fehlerbefund, eigene Kopie):
Code:
C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave1.zip        Win32/Bagle.gen.zip worm
C:\Stormblade\launcher.exe        probably unknown NewHeur_PE virus
C:\Stormblade\updater.exe        probably unknown NewHeur_PE virus
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BarowwsoeSave1.zip        Win32/Bagle.gen.zip worm
F:\DOWNLOADS\PCMAX_AF_ErrorsFix_Setup.exe        a variant of Win32/RegistryNuke application

ESET (Original Logfile):
Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=508cccb567c0c048a4116174f4c691d0
# engine=14911
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-08-27 04:50:19
# local_time=2013-08-27 06:50:19 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 4060917 129208869 0 0
# scanned=1090725
# found=5
# cleaned=0
# scan_time=29294
sh=B8968BD1D88BC9AC9C766FD759E5116817E8E683 ft=0 fh=0000000000000000 vn="Win32/Bagle.gen.zip worm" ac=I fn="C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave1.zip"
sh=D79C6C2D3E1846218091D644E480A6527B4D6B8D ft=1 fh=bc4ada3753448e23 vn="probably unknown NewHeur_PE virus" ac=I fn="C:\Stormblade\launcher.exe"
sh=7B97035C62C3AE5A593D7886966BF085527BD6B4 ft=1 fh=2478213a9cb5fecc vn="probably unknown NewHeur_PE virus" ac=I fn="C:\Stormblade\updater.exe"
sh=B8968BD1D88BC9AC9C766FD759E5116817E8E683 ft=0 fh=0000000000000000 vn="Win32/Bagle.gen.zip worm" ac=I fn="C:\Users\All Users\Spybot - Search & Destroy\Recovery\BarowwsoeSave1.zip"
sh=09C59868AAFA15C0AF2F9A138437088BFC04388F ft=1 fh=e0c447245419e0f7 vn="a variant of Win32/RegistryNuke application" ac=I fn="F:\DOWNLOADS\PCMAX_AF_ErrorsFix_Setup.exe"
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=508cccb567c0c048a4116174f4c691d0
# engine=14911
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-08-27 07:53:51
# local_time=2013-08-27 09:53:51 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 4071929 129219881 0 0
# scanned=443755
# found=4
# cleaned=0
# scan_time=10916
sh=B8968BD1D88BC9AC9C766FD759E5116817E8E683 ft=0 fh=0000000000000000 vn="Win32/Bagle.gen.zip worm" ac=I fn="C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave1.zip"
sh=D79C6C2D3E1846218091D644E480A6527B4D6B8D ft=1 fh=bc4ada3753448e23 vn="probably unknown NewHeur_PE virus" ac=I fn="C:\Stormblade\launcher.exe"
sh=7B97035C62C3AE5A593D7886966BF085527BD6B4 ft=1 fh=2478213a9cb5fecc vn="probably unknown NewHeur_PE virus" ac=I fn="C:\Stormblade\updater.exe"
sh=B8968BD1D88BC9AC9C766FD759E5116817E8E683 ft=0 fh=0000000000000000 vn="Win32/Bagle.gen.zip worm" ac=I fn="C:\Users\All Users\Spybot - Search & Destroy\Recovery\BarowwsoeSave1.zip"
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=508cccb567c0c048a4116174f4c691d0
# engine=14911
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-08-27 03:47:01
# local_time=2013-08-27 05:47:01 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 4100319 129248271 0 0
# scanned=1202897
# found=5
# cleaned=0
# scan_time=28300
sh=B8968BD1D88BC9AC9C766FD759E5116817E8E683 ft=0 fh=0000000000000000 vn="Win32/Bagle.gen.zip worm" ac=I fn="C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave1.zip"
sh=D79C6C2D3E1846218091D644E480A6527B4D6B8D ft=1 fh=bc4ada3753448e23 vn="probably unknown NewHeur_PE virus" ac=I fn="C:\Stormblade\launcher.exe"
sh=7B97035C62C3AE5A593D7886966BF085527BD6B4 ft=1 fh=2478213a9cb5fecc vn="probably unknown NewHeur_PE virus" ac=I fn="C:\Stormblade\updater.exe"
sh=B8968BD1D88BC9AC9C766FD759E5116817E8E683 ft=0 fh=0000000000000000 vn="Win32/Bagle.gen.zip worm" ac=I fn="C:\Users\All Users\Spybot - Search & Destroy\Recovery\BarowwsoeSave1.zip"
sh=09C59868AAFA15C0AF2F9A138437088BFC04388F ft=1 fh=e0c447245419e0f7 vn="a variant of Win32/RegistryNuke application" ac=I fn="F:\DOWNLOADS\PCMAX_AF_ErrorsFix_Setup.exe"

Security Checker:
Code:
Results of screen317's Security Check version 0.99.72 
 Windows 7 Service Pack 1 x64 (UAC is disabled!) 
 Internet Explorer 10 
``````````````Antivirus/Firewall Check:``````````````
Bitdefender Virenschutz 
 Antivirus up to date! 
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware Version 1.75.0.1300 
 JavaFX 2.1.1   
 Java 7 Update 25 
 Adobe Flash Player 11.8.800.94 
 Adobe Reader XI 
 Mozilla Firefox 22.0 Firefox out of Date! 
 Google Chrome 28.0.1500.95 
 Google Chrome 29.0.1547.57 
````````Process Check: objlist.exe by Laurent```````` 
 Malwarebytes' Anti-Malware mbamscheduler.exe 
 Bitdefender Bitdefender 2013 vsserv.exe 
 Bitdefender Bitdefender 2013 updatesrv.exe 
 Bitdefender Bitdefender 2013 bdagent.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````

FRST:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-08-2013 01
Ran by Daniel (administrator) on 27-08-2013 21:04:30
Running from F:\Trojaner Board Software
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(PixArt Imaging Incorporation) C:\Windows\Pixart\Pac7302\Monitor.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
() C:\Windows\SysWOW64\HsMgr.exe
() C:\Windows\system\HsMgr64.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe
(cFos Software GmbH) C:\Program Files\cFosBC\wbc.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(CMedia) C:\Program Files\ASUS Xonar DX Audio\Customapp\ASUSAUDIOCENTER.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Realtime Soft Ltd) C:\Program Files\UltraMon\UltraMon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Creative Technology Ltd.) C:\Windows\V0330Mon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(FNet Co., Ltd.) C:\Program Files (x86)\XFastUSB\XFastUsb.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Adobe Systems Inc.) F:\ADOBE MC 5.5\Acrobat 10.0\Acrobat\acrotray.exe
(Realtime Soft Ltd) C:\Program Files\UltraMon\UltraMonTaskbar.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
(Geek Software GmbH) F:\OFFICE\PDF24\pdf24.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Realtime Soft Ltd) C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\prevhost.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe
(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [PAC7302_Monitor] - C:\Windows\Pixart\PAC7302\Monitor.exe [323584 2007-12-10] (PixArt Imaging Incorporation)
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [Cmaudio8788GX] - C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cmaudio8788GX64] - C:\Windows\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-13] (Adobe Systems Incorporated)
HKLM\...\Run: [Start WingMan Profiler] - C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [7406392 2012-11-29] (Logitech Inc.)
HKLM\...\Run: [THXCfg64] - C:\Windows\system32\THXCfg64.dll [26624 2011-05-13] (Creative Technology Ltd.)
HKLM\...\Run: [VIRTU MVP] - C:\Program Files\Lucidlogix Technologies\VIRTU MVP\MVPControlPanel.Exe [3110728 2012-06-17] ()
HKLM\...\Run: [Cmaudio8788] - C:\Windows\Syswow64\cmicnfgp.dll [8151040 2009-10-30] (C-Media Corporation)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-27] (NVIDIA Corporation)
HKLM\...\Run: [Bdagent] - C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe [1568512 2013-07-24] (Bitdefender)
HKLM\...\Run: [cFosBC Daemon] - C:\Program Files\cFosBC\wbc.exe [685784 2009-04-09] (cFos Software GmbH)
HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-04-05] (Apple Inc.)
HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-04-05] (Apple Inc.)
HKCU\...\Run: [com.apple.dav.bookmarks.daemon] - C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe [59720 2013-04-05] (Apple Inc.)
HKCU\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKCU\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe -update activex [814472 2013-06-12] (Adobe Systems Incorporated)
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKCU\...\Policies\system: [LogonHoursAction] 2
HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKLM-x32\...\Run: [V0330Mon.exe] - C:\Windows\V0330Mon.exe [32768 2007-04-30] (Creative Technology Ltd.)
HKLM-x32\...\Run: [UpdatePSTShortCut] - C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe [222504 2011-03-01] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePDRShortCut] - C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-12-11] (Intel Corporation)
HKLM-x32\...\Run: [XFastUSB] - C:\Program Files (x86)\XFastUSB\XFastUsb.exe [5019360 2012-08-07] (FNet Co., Ltd.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [THX TruStudio NB Settings] - C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe [909824 2011-05-19] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] - C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [] -  [x]
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ArcSoft Connection Service] - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2236816 2013-08-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] - F:\Programme\Quicktime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-08-16] (Apple Inc.)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - F:\ADOBE MC 5.5\Acrobat 10.0\Acrobat\Acrobat_sl.exe [38984 2013-05-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - F:\ADOBE MC 5.5\Acrobat 10.0\Acrobat\Acrotray.exe [840768 2013-05-10] (Adobe Systems Inc.)
HKLM-x32\...\Run: [PDFPrint] - F:\OFFICE\PDF24\pdf24.exe [162856 2013-07-22] (Geek Software GmbH)
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll C:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll [593696 2013-07-27] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll [593696 2013-07-27] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UltraMon.lnk
ShortcutTarget: UltraMon.lnk -> C:\Windows\Installer\{ED7FE81C-378C-411D-B5B4-509B978BA204}\IcoUltraMon.ico ()
Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Daniel.lnk
ShortcutTarget: Daniel.lnk -> C:\Users\Daniel\AppData\Roaming\Realtime Soft\UltraMon\3.2.1\Profiles\Daniel.umprofile ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - F:\ADOBE MC 5.5\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: WebSpeechBHO Class - {83A30C59-3A50-49E6-9DAF-4923C4EA3C23} - C:\Program Files (x86)\Common Files\WebSpeech.4.0\LgxIEBar.dll (G DATA Software AG)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - F:\ADOBE MC 5.5\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
DPF: HKLM-x32 {FA8D54DA-4546-4727-B2C0-88390AA59E03} hxxp://game.mystical-land.com/pluginInstaller/installers/win32/MysticalLandInstaller.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\via57qgr.default
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.138.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @idsoftware.com/QuakeLive - C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: Adobe Acrobat - F:\ADOBE MC 5.5\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\Daniel\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Daniel\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Daniel\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Extension: Ghostery - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\via57qgr.default\Extensions\firefox@ghostery.com
FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\via57qgr.default\Extensions\ich@maltegoetz.de
FF Extension: Pocket - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\via57qgr.default\Extensions\isreaditlater@ideashower.com
FF Extension: Mystical Land Installer - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\via57qgr.default\Extensions\MysticalLandInstaller@madottergames.com
FF Extension: FEBE - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\via57qgr.default\Extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}
FF Extension: Yahoo! Toolbar - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\via57qgr.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF Extension: ColorZilla - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\via57qgr.default\Extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
FF Extension: Bitdefender QuickScan - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\via57qgr.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
FF Extension: jid1-qQSMEVsYTOjgYA - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\via57qgr.default\Extensions\jid1-qQSMEVsYTOjgYA@jetpack.xpi
FF Extension: No Name - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\via57qgr.default\Extensions\WTB_GLOBAL.sqlite
FF Extension: No Name - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\via57qgr.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi
FF Extension: No Name - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\via57qgr.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
FF Extension: No Name - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\via57qgr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\via57qgr.default\Extensions\{E10A6337-382E-4FE6-96DE-936ADC34DD04}.xpi
FF Extension: No Name - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\via57qgr.default\Extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] F:\ADOBE MC 5.5\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - F:\ADOBE MC 5.5\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF HKLM-x32\...\Firefox\Extensions: [{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}] F:\ADOBE MC 5.5\Adobe Contribute CS5.1\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
FF Extension: Adobe Contribute Toolbar - F:\ADOBE MC 5.5\Adobe Contribute CS5.1\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}

Chrome:
=======
CHR HomePage: about:newtab?source=home
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\Daniel\AppData\Local\Google\Chrome\Application\21.0.1180.79\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\Daniel\AppData\Local\Google\Chrome\Application\29.0.1547.57\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Daniel\AppData\Local\Google\Chrome\Application\29.0.1547.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Daniel\AppData\Local\Google\Chrome\Application\29.0.1547.57\pdf.dll ()
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Adobe Acrobat) - F:\ADOBE\Acrobat 10.0\Acrobat\Browser\nppdf32.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL No File
CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll No File
CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U5) - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.50.255) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Google Update) - C:\Users\Daniel\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Extension: (ProxTube) - C:\USERS\DANIEL\APPDATA\LOCAL\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek\1.2.3_0
CHR Extension: (Awesome Screenshot: Capture & Annotate) - C:\USERS\DANIEL\APPDATA\LOCAL\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce\3.4.5_0
CHR Extension: (ColorZilla) - C:\USERS\DANIEL\APPDATA\LOCAL\Google\Chrome\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp\0.5.3_0
CHR Extension: (iCloud) - C:\USERS\DANIEL\APPDATA\LOCAL\Google\Chrome\User Data\Default\Extensions\bjhodfififgcgedifpkenofdhlaafokk\1.2.2_0
CHR Extension: (YouTube) - C:\USERS\DANIEL\APPDATA\LOCAL\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Facebook Secret Emoticons) - C:\USERS\DANIEL\APPDATA\LOCAL\Google\Chrome\User Data\Default\Extensions\bpgpffljkgjmijjdmjbdppndoojdgboe\1.8.2_0
CHR Extension: (Adobe Acrobat - Create PDF) - C:\USERS\DANIEL\APPDATA\LOCAL\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\11.0.3.37_0
CHR Extension: (Box - 5 GB Free Storage) - C:\USERS\DANIEL\APPDATA\LOCAL\Google\Chrome\User Data\Default\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl\1.1.6_0
CHR Extension: (Photo Zoom for Facebook) - C:\USERS\DANIEL\APPDATA\LOCAL\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi\1.1208.30.1_0
CHR Extension: (Foxtab Speed Dial) - C:\USERS\DANIEL\APPDATA\LOCAL\Google\Chrome\User Data\Default\Extensions\fcoecifcadmambfikillppkoafmgachp\9.2_0
CHR Extension: (Unfriend Finder) - C:\USERS\DANIEL\APPDATA\LOCAL\Google\Chrome\User Data\Default\Extensions\hkpodjahcdiajfnjijhleidnjmkgkbko\41.997_0
CHR Extension: (FB unseen) - C:\USERS\DANIEL\APPDATA\LOCAL\Google\Chrome\User Data\Default\Extensions\ihcedcpmfdpjijiamkaeaefgfagnnpei\0.1.7.10_0
CHR Extension: (Dropbox) - C:\USERS\DANIEL\APPDATA\LOCAL\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl\3.0.8_0
CHR Extension: (Leo Dictionary Widget) - C:\USERS\DANIEL\APPDATA\LOCAL\Google\Chrome\User Data\Default\Extensions\kepemmpmljphklmpfgfmhpjhpdlccpke\1.0.8_0
CHR Extension: (Auto HD For YouTube) - C:\USERS\DANIEL\APPDATA\LOCAL\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak\4.0.2_0
CHR Extension: (Google Maps) - C:\USERS\DANIEL\APPDATA\LOCAL\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0
CHR Extension: (Battlefield 3) - C:\USERS\DANIEL\APPDATA\LOCAL\Google\Chrome\User Data\Default\Extensions\mfnfmkcieabpcdabgfjpiffdnbcdfoci\2_0
CHR Extension: (Ghostery) - C:\USERS\DANIEL\APPDATA\LOCAL\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\4.1.2_0
CHR Extension: (DVDVideoSoft) - C:\USERS\DANIEL\APPDATA\LOCAL\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.2.3.3_0
CHR Extension: (Chrome In-App Payments service) - C:\USERS\DANIEL\APPDATA\LOCAL\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0
CHR Extension: (Hover Zoom) - C:\USERS\DANIEL\APPDATA\LOCAL\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl\4.19_0
CHR Extension: (Battlefield Play4Free) - C:\USERS\DANIEL\APPDATA\LOCAL\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh\1.0.96.0_0
CHR Extension: (LEO W\u00F6rterbuchsuche) - C:\USERS\DANIEL\APPDATA\LOCAL\Google\Chrome\User Data\Default\Extensions\ojniiiidjmoaiehegaedmfdclmgmmpdp\1.4_0
CHR Extension: (Gmail) - C:\USERS\DANIEL\APPDATA\LOCAL\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx
CHR HKLM-x32\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - C:\Program Files (x86)\adawaretb\chrome-newtab-search.crx
CHR HKLM-x32\...\Chrome\Extension: [phegaokedjdajgnfphbnpkcfdgjbidko] - C:\ProgramData\adawaretb\toolbar\chrome\toolbar.crx

==================== Services (Whitelisted) =================

S4 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S4 AxiomAudioDevMon; C:\Program Files (x86)\M-Audio\Axiom\AudioDevMon.exe [1636872 2010-03-11] (M-Audio)
S4 CLHNServiceForPowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [90640 2012-09-19] (CyberLink Corp.)
S4 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [78352 2012-09-19] (CyberLink)
S4 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [295440 2012-09-19] (CyberLink)
S4 FileZillaServer; F:\PROGRAMMIEREN\xampp\FileZillaFTP\FileZillaServer.exe [632320 2012-05-11] (FileZilla Project)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [100864 2012-06-06] (Freemake)
S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
S4 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129824 2012-08-23] (Intel Corporation)
S4 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [145960 2012-06-29] ()
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-01-23] (Intel Corporation)
S2 KMService; C:\Windows\SysWow64\srvany.exe [8192 2012-06-10] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14984480 2013-07-27] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-08-27] ()
S4 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-07] ()
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe [67320 2013-07-24] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe [1646280 2013-07-24] (Bitdefender)
S4 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [613688 2013-02-08] (Wacom Technology, Corp.)

==================== Drivers (Whitelisted) ====================

S1 acedrv06; C:\Windows\system32\drivers\acedrv06.sys [147456 2012-07-10] ()
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49560 2012-09-17] (Asmedia Technology)
R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [31016 2012-01-13] (ASRock Inc.)
R3 AsrVDrive; C:\Windows\System32\DRIVERS\AsrVDrive.sys [23048 2011-01-26] (ASRock Inc.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2013-04-17] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [597776 2013-07-24] (BitDefender)
S3 AXIOM; C:\Windows\System32\DRIVERS\MAudioAxiom.sys [137736 2010-03-11] (M-Audio)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82384 2012-11-12] (BitDefender SRL)
S3 BTMNET; C:\Windows\System32\DRIVERS\btmnet.sys [30208 2010-07-16] (Motorola, Inc.)
R3 cFosBC; C:\Windows\System32\DRIVERS\cfosbc6.sys [452312 2009-04-09] (cFos Software GmbH)
R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [1257472 2009-10-19] (C-Media Inc)
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-11-29] (DT Soft Ltd)
R3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [32320 2013-05-27] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [15936 2012-08-07] (FNet Co., Ltd.)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-05-28] (GFI Software)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [147232 2012-10-04] (BitDefender LLC)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28216 2012-12-11] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [20968 2012-06-29] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [19944 2012-06-29] ()
S3 irsir; C:\Windows\System32\DRIVERS\irsir.sys [27648 2008-01-19] (Microsoft Corporation)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46016 2012-06-29] ()
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [66360 2012-10-03] (Logitech Inc.)
R3 LGSUsbFilt; C:\Windows\System32\DRIVERS\LGSUsbFilt.Sys [43832 2012-10-03] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R2 ntk_PowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [83704 2012-06-20] (Cyberlink Corp.)
R2 ntk_PowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [83704 2012-06-20] (Cyberlink Corp.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39712 2013-05-14] (NVIDIA Corporation)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13368 2013-01-23] ()
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13368 2013-01-23] ()
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-06-01] (BitDefender S.R.L.)
R2 UltraMonUtility; C:\Program Files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys [20512 2008-11-14] (Realtime Soft Ltd)
R3 V0330VID; C:\Windows\System32\DRIVERS\V0330Vid.sys [193408 2009-07-03] (Creative Technology Ltd.)
S3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2013-07-02] ()
R2 {73526619-C24F-470B-9BED-53D455FBB5C6}; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [147704 2012-09-19] (CyberLink Corp.)
R2 {73526619-C24F-470B-9BED-53D455FBB5C6}; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [147704 2012-09-19] (CyberLink Corp.)
S3 AsrCDDrv; No ImagePath
S3 btmaudio; system32\drivers\btmaud.sys [x]
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 dgderdrv; System32\drivers\dgderdrv.sys [x]
S3 dpclat_driver; \??\C:\Windows\system32\drivers\dpclat_driver.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-27 09:54 - 2013-08-27 09:54 - 00001408 _____ C:\Windows\PFRO.log
2013-08-27 09:54 - 2013-08-27 09:54 - 00000168 _____ C:\Windows\setupact.log
2013-08-27 09:54 - 2013-08-27 09:54 - 00000000 _____ C:\Windows\setuperr.log
2013-08-27 08:47 - 2013-08-27 08:47 - 00000715 _____ C:\Users\Public\Desktop\Age of Wulin.lnk
2013-08-27 06:09 - 2013-08-27 06:50 - 00000000 ____D C:\Users\Daniel\Documents\Battlefield Play4Free
2013-08-27 05:20 - 2013-08-27 05:20 - 00000000 ____D C:\USERS\DANIEL\APPDATA\LOCAL\PDF24
2013-08-27 05:18 - 2013-08-27 05:18 - 00000690 _____ C:\Users\Public\Desktop\PDF24 Editor.lnk
2013-08-27 05:18 - 2013-08-27 05:18 - 00000681 _____ C:\Users\Public\Desktop\PDF24 Fax.lnk
2013-08-27 03:11 - 2013-08-21 12:02 - 02570640 _____ (REALiX) C:\Users\Daniel\Desktop\HWiNFO64.exe
2013-08-27 03:11 - 2013-05-12 14:54 - 00002821 _____ C:\Users\Daniel\Desktop\HWiNFO64.INI
2013-08-26 22:42 - 2013-08-26 22:38 - 00891115 _____ C:\Users\Daniel\Desktop\SecurityCheck.exe
2013-08-26 22:41 - 2013-08-26 22:41 - 00000000 ____D C:\Program Files (x86)\ESET
2013-08-26 22:35 - 2013-08-26 22:35 - 00001668 _____ C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
2013-08-26 06:09 - 2013-08-27 03:18 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2013-08-26 06:09 - 2013-08-26 06:09 - 00001090 _____ C:\Users\Daniel\Desktop\MSI Afterburner.lnk
2013-08-26 06:09 - 2013-08-26 06:09 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2013-08-26 04:26 - 2013-08-26 04:26 - 00000057 _____ C:\Users\Daniel\AppData\Roaming\WB.CFG
2013-08-26 03:25 - 2013-08-27 20:26 - 00000290 _____ C:\Windows\Tasks\DSite.job
2013-08-26 03:25 - 2013-08-26 03:25 - 00003234 _____ C:\Windows\System32\Tasks\DSite
2013-08-26 03:25 - 2013-08-26 03:25 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\DSite
2013-08-26 03:25 - 2013-08-26 03:25 - 00000000 ____D C:\Program Files (x86)\Image Converter
2013-08-26 01:46 - 2013-08-26 01:46 - 00000681 _____ C:\Users\Daniel\Desktop\ADOBE MC 5.5 - Verknüpfung.lnk
2013-08-26 01:24 - 2013-08-26 03:00 - 00001456 _____ C:\USERS\DANIEL\APPDATA\LOCAL\Adobe Save for Web 12.0 Prefs
2013-08-26 01:06 - 2013-08-26 01:06 - 00000000 ____D C:\Program Files (x86)\Adobe Story
2013-08-25 23:59 - 2013-08-27 14:40 - 01348034 _____ C:\Users\Daniel\Desktop\schriftzug.eps
2013-08-25 20:34 - 2013-08-25 20:34 - 02340466 _____ C:\Users\Daniel\Desktop\logo_auto.eps
2013-08-25 16:23 - 2013-08-25 16:23 - 00000000 ____D C:\Users\Daniel\Desktop\Bewerbungsunterlagen Momox
2013-08-25 16:08 - 2013-08-25 16:08 - 00001070 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-08-25 15:53 - 2013-08-25 15:53 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-25 15:53 - 2013-08-25 15:53 - 00000000 ____D C:\Program Files\iTunes
2013-08-25 15:53 - 2013-08-25 15:53 - 00000000 ____D C:\Program Files\iPod
2013-08-25 15:53 - 2013-08-25 15:53 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-08-25 15:52 - 2013-08-25 15:52 - 00001576 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2013-08-24 23:43 - 2013-08-24 23:43 - 00000000 ____D C:\Users\Daniel\Documents\Live! Cam Center
2013-08-24 23:43 - 2013-08-24 23:43 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Creative
2013-08-24 23:04 - 2013-08-24 23:04 - 00000000 ____D C:\Windows\ERUNT
2013-08-24 22:58 - 2013-08-24 23:04 - 00000000 ____D C:\AdwCleaner
2013-08-24 19:25 - 2013-08-24 19:25 - 00042339 _____ C:\ComboFix.txt
2013-08-24 19:19 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-08-24 19:19 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-08-24 19:19 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-08-24 19:19 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-08-24 19:19 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-08-24 19:19 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-08-24 19:19 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-08-24 19:19 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-08-24 19:18 - 2013-08-24 19:25 - 00000000 ____D C:\Qoobox
2013-08-24 19:18 - 2013-08-24 19:24 - 00000000 ____D C:\Windows\erdnt
2013-08-24 00:40 - 2013-08-24 00:40 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Opera Software
2013-08-24 00:40 - 2013-08-24 00:40 - 00000000 ____D C:\USERS\DANIEL\APPDATA\LOCAL\Opera Software
2013-08-23 23:58 - 2013-08-23 23:58 - 00000000 _____ C:\Users\Daniel\defogger_reenable
2013-08-21 05:11 - 2013-08-21 10:52 - 00000000 ____D C:\Users\Daniel\Documents\dragoon
2013-08-21 05:08 - 2013-08-21 05:08 - 00000838 _____ C:\Users\Public\Desktop\Dragon's Prophet.lnk
2013-08-17 16:57 - 2013-08-17 16:57 - 00030072 _____ C:\Users\Public\Documents\cc_20130817_165726.reg
2013-08-17 00:40 - 2013-08-17 00:40 - 00000799 _____ C:\Users\Daniel\Desktop\Stormblade WoW.lnk
2013-08-15 20:39 - 2013-08-05 16:00 - 75778376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MRT.exe
2013-08-15 20:37 - 2013-08-16 19:58 - 00000000 ____D C:\Stormblade
2013-08-15 20:37 - 2013-08-15 20:37 - 00000244 _____ C:\Windows\ODBCINST.INI
2013-08-15 20:37 - 2013-08-15 20:37 - 00000000 ____D C:\Program Files (x86)\MySQL
2013-08-15 20:37 - 2010-12-11 11:47 - 00231936 _____ (Tools & Components) C:\Windows\SysWOW64\sevXPCtl.ocx
2013-08-15 20:37 - 2010-12-05 14:15 - 00370176 _____ (Tools & Components) C:\Windows\SysWOW64\sevDataGrid2.ocx
2013-08-15 20:37 - 2010-10-08 07:49 - 00294400 _____ (Tools & Components) C:\Windows\SysWOW64\sevEin20.ocx
2013-08-15 20:37 - 2010-04-11 11:33 - 00117248 _____ (Tools & Components) C:\Windows\SysWOW64\sevClb20.ocx
2013-08-15 20:37 - 2010-02-21 13:34 - 00141824 _____ (Tools & Components) C:\Windows\SysWOW64\sevCmd3.ocx
2013-08-15 20:37 - 2009-12-03 12:21 - 00125712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB6DE.DLL
2013-08-15 20:37 - 2006-10-07 13:04 - 00062976 _____ (Tools & Components) C:\Windows\SysWOW64\sevList32.ocx
2013-08-14 17:20 - 2013-08-14 17:20 - 00000000 ____D C:\FRST
2013-08-14 17:18 - 2013-08-24 19:13 - 00000000 ____D C:\Program Files\cFosSpeed
2013-08-14 17:08 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-14 17:08 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-14 17:08 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-14 17:08 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-14 17:08 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-14 17:08 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-14 17:08 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-14 17:08 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-14 17:08 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-14 17:08 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-14 17:08 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-14 17:08 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-14 17:08 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-14 17:08 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-14 17:08 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-14 17:08 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-14 17:08 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-14 17:08 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-14 17:08 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-14 17:08 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-14 17:08 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-14 17:08 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-14 17:08 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-14 17:08 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-14 17:08 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-14 17:08 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-14 17:08 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-14 17:08 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-14 17:08 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-14 17:08 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-14 17:08 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-14 14:01 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-14 14:01 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-14 14:01 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-14 14:01 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-14 14:01 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-14 14:01 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-14 14:01 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-14 14:01 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-14 14:01 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-14 14:01 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-14 14:01 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-14 14:01 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-14 14:01 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-14 14:01 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-14 14:01 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-14 14:01 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-14 14:01 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-14 14:01 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-14 14:01 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-14 14:01 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-14 14:01 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-14 14:01 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-14 14:01 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-14 14:01 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-14 14:01 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-14 14:01 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-14 14:01 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-11 04:26 - 2013-08-11 04:26 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\RBotPlus
2013-08-06 17:36 - 2013-08-06 17:36 - 00000000 ____D C:\USERS\DANIEL\APPDATA\LOCAL\Citrix
2013-08-06 17:36 - 2013-08-06 17:36 - 00000000 ____D C:\Program Files (x86)\Citrix
2013-08-01 16:45 - 2013-08-01 16:45 - 00000000 ____D C:\ProgramData\MetaQuotes
2013-08-01 16:43 - 2013-08-01 16:44 - 00000000 ____D C:\Program Files (x86)\MetaTrader - FXOpen
2013-07-31 16:00 - 2013-07-31 16:06 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\CasinoOnNet
2013-07-31 16:00 - 2013-07-31 16:00 - 00002042 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\888casino.lnk
2013-07-31 16:00 - 2013-07-31 16:00 - 00002018 _____ C:\Users\UpdatusUser\Desktop\888casino.lnk
2013-07-31 16:00 - 2013-07-31 16:00 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\888casino
2013-07-31 15:59 - 2013-08-17 16:50 - 00000000 ____D C:\Program Files (x86)\CasinoOnNet
2013-07-31 13:08 - 2013-07-31 13:13 - 00000000 ____D C:\ProgramData\MGS
2013-07-31 13:08 - 2013-07-31 13:08 - 00000000 ____D C:\Microgaming
2013-07-30 21:47 - 2013-07-30 21:47 - 00000000 ____D C:\NvidiaLogging
2013-07-30 21:47 - 2013-05-14 21:28 - 00039712 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2013-07-30 21:47 - 2013-05-14 21:27 - 00029984 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2013-07-30 21:47 - 2013-05-14 21:27 - 00028448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2013-07-29 18:26 - 2013-07-31 12:35 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\AutoBinarySEA DE
2013-07-29 15:01 - 2013-07-29 15:01 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\OpenOffice
2013-07-29 15:00 - 2013-07-29 15:00 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4

==================== One Month Modified Files and Folders =======

2013-08-27 21:01 - 2013-08-27 21:01 - 00000000 ____D C:\Program Files (x86)\7-Zip
2013-08-27 20:41 - 2012-08-07 01:45 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-27 20:26 - 2013-08-26 03:25 - 00000290 _____ C:\Windows\Tasks\DSite.job
2013-08-27 20:15 - 2012-08-20 13:34 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2099724549-3202807456-1940011630-1000UA.job
2013-08-27 14:40 - 2013-08-25 23:59 - 01348034 _____ C:\Users\Daniel\Desktop\schriftzug.eps
2013-08-27 11:56 - 2012-09-03 20:40 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Adobe
2013-08-27 10:58 - 2013-01-10 20:53 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\TV-Browser
2013-08-27 10:02 - 2012-05-10 19:14 - 01405448 _____ C:\Windows\WindowsUpdate.log
2013-08-27 10:01 - 2009-07-14 06:45 - 00028336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-27 10:01 - 2009-07-14 06:45 - 00028336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-27 10:00 - 2011-04-12 09:43 - 00715124 _____ C:\Windows\system32\perfh007.dat
2013-08-27 10:00 - 2011-04-12 09:43 - 00156452 _____ C:\Windows\system32\perfc007.dat
2013-08-27 10:00 - 2009-07-14 07:13 - 01664092 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-27 09:54 - 2013-08-27 09:54 - 00001408 _____ C:\Windows\PFRO.log
2013-08-27 09:54 - 2013-08-27 09:54 - 00000168 _____ C:\Windows\setupact.log
2013-08-27 09:54 - 2013-08-27 09:54 - 00000000 _____ C:\Windows\setuperr.log
2013-08-27 09:54 - 2013-07-02 09:39 - 00000000 ____D C:\Program Files\cFosBC
2013-08-27 09:54 - 2012-09-03 20:40 - 00000000 ____D C:\USERS\DANIEL\APPDATA\LOCAL\Adobe
2013-08-27 09:54 - 2012-07-29 22:21 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-27 09:54 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-27 08:47 - 2013-08-27 08:47 - 00000715 _____ C:\Users\Public\Desktop\Age of Wulin.lnk
2013-08-27 08:47 - 2012-05-10 19:21 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-08-27 06:51 - 2012-09-03 21:48 - 00000000 ____D C:\Users\Daniel\Desktop\ADOBE
2013-08-27 06:50 - 2013-08-27 06:09 - 00000000 ____D C:\Users\Daniel\Documents\Battlefield Play4Free
2013-08-27 06:15 - 2012-06-11 20:33 - 00282104 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-08-27 06:15 - 2012-06-11 20:07 - 00282104 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-08-27 06:15 - 2012-06-11 20:07 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2013-08-27 06:10 - 2012-06-11 20:33 - 00000000 ____D C:\USERS\DANIEL\APPDATA\LOCAL\PunkBuster
2013-08-27 05:20 - 2013-08-27 05:20 - 00000000 ____D C:\USERS\DANIEL\APPDATA\LOCAL\PDF24
2013-08-27 05:18 - 2013-08-27 05:18 - 00000690 _____ C:\Users\Public\Desktop\PDF24 Editor.lnk
2013-08-27 05:18 - 2013-08-27 05:18 - 00000681 _____ C:\Users\Public\Desktop\PDF24 Fax.lnk
2013-08-27 03:27 - 2012-12-12 17:57 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-08-27 03:27 - 2012-10-30 00:46 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\FontExplorerX
2013-08-27 03:26 - 2013-04-09 02:04 - 00000000 ____D C:\USERS\DANIEL\APPDATA\LOCAL\2K Games
2013-08-27 03:18 - 2013-08-26 06:09 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2013-08-27 00:15 - 2012-08-20 13:34 - 00001072 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2099724549-3202807456-1940011630-1000Core.job
2013-08-26 22:41 - 2013-08-26 22:41 - 00000000 ____D C:\Program Files (x86)\ESET
2013-08-26 22:38 - 2013-08-26 22:42 - 00891115 _____ C:\Users\Daniel\Desktop\SecurityCheck.exe
2013-08-26 22:35 - 2013-08-26 22:35 - 00001668 _____ C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
2013-08-26 22:33 - 2009-07-14 06:45 - 16187320 _____ C:\Windows\system32\FNTCACHE.DAT
2013-08-26 06:09 - 2013-08-26 06:09 - 00001090 _____ C:\Users\Daniel\Desktop\MSI Afterburner.lnk
2013-08-26 06:09 - 2013-08-26 06:09 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2013-08-26 06:09 - 2012-07-29 22:24 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-08-26 04:26 - 2013-08-26 04:26 - 00000057 _____ C:\Users\Daniel\AppData\Roaming\WB.CFG
2013-08-26 03:25 - 2013-08-26 03:25 - 00003234 _____ C:\Windows\System32\Tasks\DSite
2013-08-26 03:25 - 2013-08-26 03:25 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\DSite
2013-08-26 03:25 - 2013-08-26 03:25 - 00000000 ____D C:\Program Files (x86)\Image Converter
2013-08-26 03:00 - 2013-08-26 01:24 - 00001456 _____ C:\USERS\DANIEL\APPDATA\LOCAL\Adobe Save for Web 12.0 Prefs
2013-08-26 01:47 - 2012-05-10 21:06 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2013-08-26 01:46 - 2013-08-26 01:46 - 00000681 _____ C:\Users\Daniel\Desktop\ADOBE MC 5.5 - Verknüpfung.lnk
2013-08-26 01:15 - 2012-05-10 19:23 - 00311584 _____ C:\USERS\DANIEL\APPDATA\LOCAL\GDIPFONTCACHEV1.DAT
2013-08-26 01:14 - 2013-05-23 23:23 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\BitTorrent
2013-08-26 01:13 - 2012-08-20 17:14 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-08-26 01:11 - 2012-09-03 20:47 - 00000000 ____D C:\ProgramData\Adobe
2013-08-26 01:06 - 2013-08-26 01:06 - 00000000 ____D C:\Program Files (x86)\Adobe Story
2013-08-26 01:03 - 2012-09-03 20:48 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-08-26 00:07 - 2012-10-11 15:19 - 00000000 ____D C:\Program Files\Adobe
2013-08-25 20:34 - 2013-08-25 20:34 - 02340466 _____ C:\Users\Daniel\Desktop\logo_auto.eps
2013-08-25 16:23 - 2013-08-25 16:23 - 00000000 ____D C:\Users\Daniel\Desktop\Bewerbungsunterlagen Momox
2013-08-25 16:17 - 2013-01-08 18:40 - 00000000 ____D C:\Users\Daniel\Desktop\POKER
2013-08-25 16:15 - 2012-06-03 14:17 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\vlc
2013-08-25 16:08 - 2013-08-25 16:08 - 00001070 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-08-25 16:01 - 2013-02-08 07:45 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\JAM Software
2013-08-25 16:00 - 2012-07-30 07:41 - 00000000 ____D C:\Users\Daniel\Unigine Heaven
2013-08-25 15:59 - 2013-02-27 03:00 - 00000979 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-08-25 15:58 - 2012-07-31 08:28 - 00000000 ____D C:\USERS\DANIEL\APPDATA\LOCAL\CrashDumps
2013-08-25 15:53 - 2013-08-25 15:53 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-25 15:53 - 2013-08-25 15:53 - 00000000 ____D C:\Program Files\iTunes
2013-08-25 15:53 - 2013-08-25 15:53 - 00000000 ____D C:\Program Files\iPod
2013-08-25 15:53 - 2013-08-25 15:53 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-08-25 15:53 - 2013-06-26 03:16 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-08-25 15:52 - 2013-08-25 15:52 - 00001576 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2013-08-25 15:50 - 2013-06-26 15:44 - 00381192 ____H C:\Windows\SysWOW64\mlfcache.dat
2013-08-24 23:43 - 2013-08-24 23:43 - 00000000 ____D C:\Users\Daniel\Documents\Live! Cam Center
2013-08-24 23:43 - 2013-08-24 23:43 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Creative
2013-08-24 23:04 - 2013-08-24 23:04 - 00000000 ____D C:\Windows\ERUNT
2013-08-24 23:04 - 2013-08-24 22:58 - 00000000 ____D C:\AdwCleaner
2013-08-24 23:02 - 2013-06-25 16:13 - 00000000 ____D C:\Windows\System32\Tasks\Browser Updater
2013-08-24 19:25 - 2013-08-24 19:25 - 00042339 _____ C:\ComboFix.txt
2013-08-24 19:25 - 2013-08-24 19:18 - 00000000 ____D C:\Qoobox
2013-08-24 19:24 - 2013-08-24 19:18 - 00000000 ____D C:\Windows\erdnt
2013-08-24 19:24 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2013-08-24 19:13 - 2013-08-14 17:18 - 00000000 ____D C:\Program Files\cFosSpeed
2013-08-24 00:40 - 2013-08-24 00:40 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Opera Software
2013-08-24 00:40 - 2013-08-24 00:40 - 00000000 ____D C:\USERS\DANIEL\APPDATA\LOCAL\Opera Software
2013-08-23 23:58 - 2013-08-23 23:58 - 00000000 _____ C:\Users\Daniel\defogger_reenable
2013-08-23 23:58 - 2012-05-10 19:14 - 00000000 ____D C:\Users\Daniel
2013-08-22 00:17 - 2012-08-20 13:34 - 00002374 _____ C:\Users\Daniel\Desktop\Google Chrome.lnk
2013-08-21 12:02 - 2013-08-27 03:11 - 02570640 _____ (REALiX) C:\Users\Daniel\Desktop\HWiNFO64.exe
2013-08-21 10:52 - 2013-08-21 05:11 - 00000000 ____D C:\Users\Daniel\Documents\dragoon
2013-08-21 05:08 - 2013-08-21 05:08 - 00000838 _____ C:\Users\Public\Desktop\Dragon's Prophet.lnk
2013-08-20 17:46 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-20 02:24 - 2012-06-11 20:07 - 00283304 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-08-17 16:57 - 2013-08-17 16:57 - 00030072 _____ C:\Users\Public\Documents\cc_20130817_165726.reg
2013-08-17 16:56 - 2012-08-01 18:54 - 00000000 ____D C:\Program Files\CCleaner
2013-08-17 16:50 - 2013-07-31 15:59 - 00000000 ____D C:\Program Files (x86)\CasinoOnNet
2013-08-17 16:50 - 2013-03-02 17:05 - 00000000 ____D C:\Program Files (x86)\Astral Masters
2013-08-17 00:40 - 2013-08-17 00:40 - 00000799 _____ C:\Users\Daniel\Desktop\Stormblade WoW.lnk
2013-08-16 21:29 - 2012-05-21 20:59 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Skype
2013-08-16 21:18 - 2013-07-22 00:59 - 00000000 ____D C:\USERS\DANIEL\APPDATA\LOCAL\Freemake Music Box
2013-08-16 19:58 - 2013-08-15 20:37 - 00000000 ____D C:\Stormblade
2013-08-15 20:37 - 2013-08-15 20:37 - 00000244 _____ C:\Windows\ODBCINST.INI
2013-08-15 20:37 - 2013-08-15 20:37 - 00000000 ____D C:\Program Files (x86)\MySQL
2013-08-15 20:37 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Help
2013-08-15 20:07 - 2012-11-03 01:23 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\FileZilla
2013-08-15 19:47 - 2012-05-10 20:09 - 00000000 ____D C:\Windows\Panther
2013-08-15 19:19 - 2012-12-14 13:52 - 00000849 _____ C:\Users\Public\Desktop\FileZilla Client.lnk
2013-08-14 18:22 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-08-14 17:44 - 2013-01-08 13:03 - 00000000 ____D C:\USERS\DANIEL\APPDATA\LOCAL\PokerStars.EU
2013-08-14 17:20 - 2013-08-14 17:20 - 00000000 ____D C:\FRST
2013-08-14 17:07 - 2013-07-15 00:43 - 00000000 ____D C:\Windows\system32\MRT
2013-08-14 17:05 - 2012-05-10 20:20 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-11 20:51 - 2013-02-04 14:39 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-08-11 20:51 - 2012-05-21 20:59 - 00000000 ____D C:\ProgramData\Skype
2013-08-11 04:26 - 2013-08-11 04:26 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\RBotPlus
2013-08-07 09:46 - 2012-08-07 13:31 - 00000132 _____ C:\Users\Daniel\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2013-08-06 17:36 - 2013-08-06 17:36 - 00000000 ____D C:\USERS\DANIEL\APPDATA\LOCAL\Citrix
2013-08-06 17:36 - 2013-08-06 17:36 - 00000000 ____D C:\Program Files (x86)\Citrix
2013-08-05 16:00 - 2013-08-15 20:39 - 75778376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MRT.exe
2013-08-04 18:37 - 2012-08-07 15:29 - 00001456 _____ C:\USERS\DANIEL\APPDATA\LOCAL\Adobe Für Web speichern 13.0 Prefs
2013-08-01 16:45 - 2013-08-01 16:45 - 00000000 ____D C:\ProgramData\MetaQuotes
2013-08-01 16:44 - 2013-08-01 16:43 - 00000000 ____D C:\Program Files (x86)\MetaTrader - FXOpen
2013-07-31 16:06 - 2013-07-31 16:00 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\CasinoOnNet
2013-07-31 16:00 - 2013-07-31 16:00 - 00002042 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\888casino.lnk
2013-07-31 16:00 - 2013-07-31 16:00 - 00002018 _____ C:\Users\UpdatusUser\Desktop\888casino.lnk
2013-07-31 16:00 - 2013-07-31 16:00 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\888casino
2013-07-31 13:13 - 2013-07-31 13:08 - 00000000 ____D C:\ProgramData\MGS
2013-07-31 13:08 - 2013-07-31 13:08 - 00000000 ____D C:\Microgaming
2013-07-31 12:35 - 2013-07-29 18:26 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\AutoBinarySEA DE
2013-07-30 23:37 - 2012-06-11 19:04 - 00000000 ____D C:\USERS\DANIEL\APPDATA\LOCAL\Origin
2013-07-30 23:37 - 2012-06-11 19:03 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Origin
2013-07-30 21:47 - 2013-07-30 21:47 - 00000000 ____D C:\NvidiaLogging
2013-07-30 21:47 - 2013-02-06 14:24 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-07-30 21:47 - 2013-02-06 14:23 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-07-29 15:01 - 2013-07-29 15:01 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\OpenOffice
2013-07-29 15:00 - 2013-07-29 15:00 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-22 00:50

==================== End Of Log ============================
--- --- ---



Addition:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-08-2013 01
Ran by Daniel at 2013-08-27 21:05:03
Running from F:\Trojaner Board Software
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

 
15354 Webcam Live (x32 Version: 1.2.0.0)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
7-Zip 9.21 (x32 Version: 9.21.00.0)
888casino (x32)
888poker (x32)
Adobe Acrobat X Pro - English, Français, Deutsch (x32 Version: 10.1.7)
Adobe Acrobat XI Pro (x32 Version: 11.0.03)
Adobe AIR (x32 Version: 3.7.0.2090)
Adobe Creative Cloud (x32 Version: 2.1.1.220)
Adobe Creative Suite 5.5 Master Collection (x32 Version: 5.5)
Adobe Download Assistant (x32 Version: 1.2.5)
Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
Adobe Flash Professional CC (x32 Version: 13.0)
Adobe Help Manager (x32 Version: 4.0.244)
Adobe Muse (x32 Version: 3.2.2)
Adobe Photoshop CC (x32 Version: 14.0)
Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03)
Adobe Shockwave Player 11.6 (x32 Version: 11.6.8.638)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.2.122)
Adobe Story (x32 Version: 1.0.571)
Adobe Support Advisor (x32 Version: 1.6.1)
Adobe Support Advisor (x32 Version: 1.6.1.20120504)
Adobe Widget Browser (x32 Version: 2.0 Build 348)
Adobe Widget Browser (x32 Version: 2.0.348)
Adobe® Content Viewer (x32 Version: 3.2.0)
Age of Wulin (x32 Version: 0.0.1.011)
Alan Wake (x32)
Alan Wake Version 1.06.17.0155 (x32 Version: 1.06.17.0155)
Alan Wake's American Nightmare (x32)
Alan Wakes American Nightmare Version 1.03.17.1781 (x32 Version: 1.03.17.1781)
Alice Madness Returns (x32 Version: 1.0.0.0)
Allgemeine Runtime Files (x86) (Version: 1.0.3.5)
Apple Application Support (x32 Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
ArcSoft TotalMedia 3.5 (x32 Version: 3.5.7.307)
Ashampoo Burning Studio 2013 v.11.0.6 (x32 Version: 11.0.6)
Asmedia ASM104x USB 3.0 Host Controller Driver (x32 Version: 1.14.10.0)
Asmedia ASM106x SATA Host Controller Driver (x32 Version: 1.3.9.000)
ASRock 3TB+ Unlocker v1.0
ASRock App Charger v1.0.5
ASRock eXtreme Tuner v0.1.251 (x32)
ASRock XFast RAM v2.0.9
Astral Masters (x32 Version: 1.0)
Astral Masters (x32)
ASUS PMP Lite (x32 Version: 1.00.0000)
ASUS Xonar DX Audio Driver
Authorizer 1.0.5 (x32 Version: 1.0.5)
Authorizer Ignition Key Support (Version: 1.0.3.0)
Batman: Arkham City™ (x32)
Battlefield 3™ (x32 Version: 1.0.0.0)
Battlefield 3™ (x32 Version: 1.3.0.0)
Battlefield Play4Free (x32)
Battlelog Web Plugins (x32 Version: 2.1.7)
Bitdefender Antivirus Plus 2013 (Version: 16.29.0.1830)
BitTorrent (x32 Version: 7.8.0.29676)
bl (x32 Version: 1.0.0)
Bonjour (Version: 3.0.0.10)
Call of Duty: Modern Warfare 3 - Multiplayer (x32)
Call of Duty: Modern Warfare 3 (x32)
CCleaner (Version: 4.04)
CDBurnerXP (x32 Version: 4.5.1.3868)
cFos Broadband Connect v1.06 (Version: 1.06)
Citrix Online Launcher (x32 Version: 1.0.117)
Clever Privacy (x32 Version: 1.0.0.36)
CPUID CPU-Z 1.61.3
Creative Live! Cam Center (x32 Version: 1.00)
Creative WebCam Vista/Live! Cam Chat (VF0330) Driver (1.12.01.00)
CrystalDiskInfo 5.0.0 (x32 Version: 5.0.0)
CyberLink BD_3D Advisor 2.0 (x32 Version: 2.0.4017)
CyberLink Blu-ray Disc Suite (x32 Version: 6.0.5024)
CyberLink LabelPrint (x32 Version: 2.5.3624)
CyberLink Power2Go (x32 Version: 6.1.4715)
CyberLink PowerBackup (x32 Version: 2.5.6023)
CyberLink PowerDirector (x32 Version: 7.0.3708)
CyberLink PowerDVD 12 (x32 Version: 12.0.2118a.57)
CyberLink PowerProducer (x32 Version: 5.0.2.2820)
D3DX10 (x32 Version: 15.4.2368.0902)
DAEMON Tools Lite (x32 Version: 4.46.1.0327)
Diablo III (x32 Version: 1.0.6.13644)
DmC Devil may Cry version 5.1 (x32 Version: 5.1)
Dragon's Prophet (x32 Version: 1.0.1087.10)
Driver Genius Professional Edition (x32 Version: 11.0)
DriverAgent by eSupport.com
eReg (x32 Version: 1.20.138.34)
ESN Sonar (x32 Version: 0.70.4)
EVEREST Home Edition v2.20 (x32 Version: 2.20)
EVGA Precision X 4.0.0 (x32 Version: 4.0.0)
ffdshow x64 v1.3.4515 [2013-06-12] (Version: 1.3.4515.0)
FIFA 10 (x32 Version: 1.0.0.0)
FileZilla Client 3.7.2 (x32 Version: 3.7.2)
Firebird SQL Server - MAGIX Edition (x32 Version: 2.1.31.0)
Flash Optimizer 2 (x32 Version: 2.1)
FormatFactory 3.0.1 (x32 Version: 3.0.1)
Free YouTube Download version 3.2.8.717 (x32 Version: 3.2.8.717)
Freemake Music Box (x32 Version: 1.0.0)
Full Tilt Poker (x32 Version: 4.48.3.WIN.FullTilt.COM)
Full Tilt Poker.Eu (x32 Version: 4.55.4.WIN.FullTilt.EU)
G DATA Logox 4 Speechengine (x32)
G DATA WebSpeech 4 (x32)
GoldWave v5.67 (x32)
Google Chrome (HKCU Version: 29.0.1547.57)
GoToMeeting 5.7.0.1172 (HKCU Version: 5.7.0.1172)
Grand Theft Auto IV (x32 Version: 1.0.0013.131)
Grand Theft Auto IV (x32 Version: 1.00.0000)
Grand Theft Auto: Episodes From Liberty City (x32 Version: 1.1.0.0)
Hi-Rez Studios Authenticate and Update Service (x32 Version: 3.0.0.0)
Hitman Absolution (x32)
iCloud (Version: 2.1.2.8)
ICQ 8.0 (build 6008, für aktuellen Benutzer) (HKCU Version: 8.0.6008.0)
iFunbox (v2.1.2228.731), iFunbox DevTeam (x32 Version: v2.1.2228.731)
ImgBurn (x32 Version: 2.5.7.0)
Intel(R) Control Center (x32 Version: 1.2.1.1010)
Intel(R) Manageability Engine Firmware Recovery Agent (x32 Version: 1.0.0.36702)
Intel(R) Management Engine Components (x32 Version: 9.0.0.1310)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2932)
Intel(R) Rapid Storage Technology (x32 Version: 11.7.1.1001)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149)
Intel(R) Smart Connect Technology 3.0 x64 (Version: 3.0.30.1483)
Intel(R) Solid-State Drive Toolbox (x32 Version: 3.0.3.400)
Intel® Trusted Connect Service Client (Version: 1.27.757.1)
Internet-TV für Windows Media Center (x32 Version: 4.2.2.0)
iPhone-Konfigurationsprogramm (x32 Version: 3.6.2.300)
IrfanView (remove only) (x32 Version: 4.32)
iTunes (Version: 11.0.5.5)
Java 7 Update 17 (64-bit) (Version: 7.0.170)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
JavaFX 2.1.1 (x32 Version: 2.1.1)
JDownloader 2 (x32 Version: 2)
Junk Mail filter update (x32 Version: 16.4.3505.0912)
Kabel Deutschland Installations-Software (x32 Version: 3.6.0.0)
K-Lite Codec Pack 9.0.2 (64-bit) (Version: 9.0.2)
LightScribe System Software (x32 Version: 1.18.20.1)
Line 6 Uninstaller (x32 Version: )
Logitech Gaming Software 5.10 (Version: 5.10.127)
Logitech Gaming Software 8.40 (Version: 8.40.83)
Logitech SetPoint 6.32 (Version: 6.32.20)
MAGIX Music Maker MX Premium Download Version (Demo songs) (x32 Version: 1.0.0.0)
MAGIX Music Maker MX Premium Download Version (Instrument package 1) (x32 Version: 1.0.0.0)
MAGIX Music Maker MX Premium Download Version (Instrument package 2) (x32 Version: 1.0.0.0)
MAGIX Music Maker MX Premium Download Version (Instrument package 3) (x32 Version: 1.0.0.0)
MAGIX Music Maker MX Premium Download Version (Introductory videos) (x32 Version: 1.0.0.0)
MAGIX Music Maker MX Premium Download Version (Sound package) (x32 Version: 1.0.0.0)
MAGIX Music Maker MX Premium Download Version (Synthesizer and effects) (x32 Version: 1.0.0.0)
MAGIX Music Maker MX Premium Download Version (Visuals) (x32 Version: 1.0.0.0)
MAGIX Music Maker MX Premium Download Version (x32 Version: 18.0.0.42)
MAGIX Music Maker MX Production Suite Download Version (Instrument package 1) (x32 Version: 1.0.0.0)
MAGIX Music Maker MX Production Suite Download Version (x32 Version: 18.0.1.11)
MAGIX Screenshare (x32 Version: 4.3.6.1987)
MAGIX Speed burnR (MSI) (x32 Version: 7.0.2.6)
MAGIX Video deluxe MX Plus Download-Version (Individuelle Menüvorlagen) (x32 Version: 1.0.0.0)
MAGIX Video deluxe MX Plus Download-Version (Menüvorlagen 1) (x32 Version: 1.0.0.0)
MAGIX Video deluxe MX Plus Download-Version (Menüvorlagen 2) (x32 Version: 1.0.0.0)
MAGIX Video deluxe MX Plus Download-Version (proDAD Adorage Starter Paket) (x32 Version: 1.0.0.0)
MAGIX Video deluxe MX Plus Download-Version (Überblendeffekte) (x32 Version: 1.0.0.0)
MAGIX Video deluxe MX Plus Download-Version (x32 Version: 11.0.0.38)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
M-Audio Axiom DirectLink for Reason 1.0.0 (x86) (x32 Version: 1.0.0)
M-Audio Axiom Driver 1.1.2 (x64) (Version: 1.1.2)
MetaTrader - FXOpen (x32 Version: 4.00)
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322)
Microsoft .NET Framework 1.1 (x32)
Microsoft .NET Framework 1.1 Security Update (KB2656370) (x32)
Microsoft .NET Framework 1.1 Security Update (KB2698023) (x32)
Microsoft .NET Framework 1.1 Security Update (KB979906) (x32)
Microsoft .NET Framework 1.1 SP1
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Camera Codec Pack (Version: 16.3.1483.0410)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (x32 Version: 3.5.30730.0)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0)
Microsoft Outlook Hotmail Connector 64-Bit (Version: 14.0.6106.5001)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 64-bit (Version: 14.0.5120.5000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (Version: 2.0.50728)
Microsoft XML Parser (x32 Version: 8.0.7820.0)
Microsoft XNA Framework Redistributable 3.1 (x32 Version: 3.1.10527.0)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000)
Microsoft-Maus- und Tastatur-Center (Version: 2.1.177.0)
MozBackup 1.5.1 (x32)
Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0)
MSI Afterburner 2.3.1 (x32 Version: 2.3.1)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)
MyFreeCodec (HKCU)
MySQL Connector/ODBC 5.1 (x32 Version: 5.1.5)
Napster 5 Beta (x32 Version: 1.0.61)
Natural Color Pro (x32 Version: 1.0.0.6)
NEF to JPG (x32)
Nexuiz STUPID Mode (x32)
Nikon File Uploader 2 (x32 Version: 2.00.0001)
Nikon Message Center 2 (x32 Version: 2.0.1)
No23 Recorder (x32 Version: 2.1.0.3)
Notepad++ (x32 Version: 6.2)
NVIDIA 3D Vision Controller-Treiber 320.49 (Version: 320.49)
NVIDIA 3D Vision Treiber 320.49 (Version: 320.49)
NVIDIA GeForce Experience 1.6 (Version: 1.6)
NVIDIA Grafiktreiber 320.49 (Version: 320.49)
NVIDIA HD-Audiotreiber 1.3.24.2 (Version: 1.3.24.2)
NVIDIA Install Application (Version: 2.1002.131.854)
NVIDIA PhysX (x32 Version: 9.13.0604)
NVIDIA PhysX-Systemsoftware 9.13.0604 (Version: 9.13.0604)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2049)
NVIDIA Systemsteuerung 320.49 (Version: 320.49)
NVIDIA Update 7.2.17 (Version: 7.2.17)
NVIDIA Update Components (Version: 7.2.17)
NVIDIA Virtual Audio 1.2.1 (Version: 1.2.1)
OpenAL (x32)
OpenOffice 4.0.0 (x32 Version: 4.00.9702)
Opera 12.14 (x32 Version: 12.14.1738)
Opera Stable 15.0.1147.153 (x32 Version: 15.0.1147.153)
Origin (x32 Version: 9.1.3.2637)
orola Bluetooth (Version: 3.0.02.288)
PartyPoker (x32)
PDF Settings CC (x32 Version: 12.0)
PDF Settings CS5 (x32 Version: 10.0)
PDF Settings CS6 (x32 Version: 11.0)
PDF24 Creator 5.7.0 (x32)
Perfect Effects 4.0.4 (x32 Version: 4.0.4)
ph (x32 Version: 1.0.0)
Picture Control Utility (x32 Version: 1.2.0)
PixelRuler v9.0.0.0 (x32)
PKR (x32)
PlanetSide 2 (x32)
PokerStars (x32)
PokerStars.eu (x32)
proDAD Adorage 3.0 (x32 Version: 3.0.92)
PunkBuster Services (x32 Version: 0.990)
PxMergeModule (x32 Version: 1.00.0000)
Quake Live Mozilla Plugin (x32 Version: 1.0.520)
QuickTime (x32 Version: 7.74.80.86)
Raptr (x32)
REALTEK DTV USB DEVICE (x32 Version: 1.00.0000)
Realtek Ethernet Controller Driver (x32 Version: 7.72.410.2013)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6662)
RegistryWizard 3.1.1.218 (x32)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.28.1)
RESIDENT EVIL 5 (x32 Version: 1.0.0.129)
Roadkil's Unstoppable Copier Version 5.2 (x32)
Samsung Magician (x32 Version: 4.0.1)
Samsung_MonSetup (x32 Version: 1.00.0000)
SeaTools for Windows (x32 Version: 1.2.0.6)
SHIELD Streaming (Version: 1.05.19)
SHIFT 2 UNLEASHED™ (x32 Version: 1.0.2.0)
Skype™ 6.6 (x32 Version: 6.6.106)
SpeedFan (remove only) (x32)
Spotify (HKCU Version: 0.8.8.459.g4430eae7)
Star Wars: The Force Unleashed 2 (x32 Version: 1.0)
Steam (x32 Version: 1.0.0.0)
Stormblade Launcher 1.1 (x32)
swMSM (x32 Version: 12.0.0.1)
System Requirements Lab for Intel (x32 Version: 4.5.13.0)
TeamSpeak 3 Client (x32 Version: 3.0.9.2)
TeamViewer 7 (x32 Version: 7.0.14563)
Text-To-Speech-Runtime (x32 Version: 1.0.0.0)
Thrustmaster Force Feedback Driver (x32 Version: 2.FFD.2009)
THX TruStudio (x32 Version: 1.00.01)
Titan Poker (x32)
Torchlight (x32)
TV-Browser 3.3RC1 (x32 Version: 3.3RC1)
UltraMon (Version: 3.2.1)
Update for Image Editor (HKCU)
Update for Microsoft .NET Framework 4.5 (KB2750147) (x32 Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805221) (x32 Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805226) (x32 Version: 1)
Villagers & Heroes of A Mystical Land (x32 Version: 26577)
VIRTU MVP 2.1.114 (Version: 2.1.114)
VLC media player 2.0.2 (Version: 2.0.2)
VLC media player 2.0.8 (x32 Version: 2.0.8)
Wacom Tablett (Version: 6.3.5-3)
WebTablet FB Plugin 32 bit (x32 Version: 2.1.0.3)
WebTablet FB Plugin 64 bit (Version: 2.1.0.3)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912)
Windows Live Essentials (x32 Version: 16.4.3505.0912)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (x32 Version: 16.4.3505.0912)
Windows Live Mail (x32 Version: 16.4.3505.0912)
Windows Live Messenger (x32 Version: 16.4.3505.0912)
Windows Live MIME IFilter (Version: 16.4.3505.0912)
Windows Live Photo Common (x32 Version: 16.4.3505.0912)
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912)
Windows Live SOXE (x32 Version: 16.4.3505.0912)
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912)
Windows Live UX Platform (x32 Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912)
Windows Live Writer (x32 Version: 16.4.3505.0912)
Windows Live Writer Resources (x32 Version: 16.4.3505.0912)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)
Wisdom-soft AutoScreenRecorder 3.1 Pro (x32)
x64 Components v3.9.5 (Version: 3.9.5)
XFastUSB (x32 Version: 3.02.30)
Yahoo! Messenger (x32)
Yahoo! Software Update (x32)
Yahoo! Toolbar (x32)
YGOPro DevPro Version 1.9.2r2 (x32 Version: 1.9.2r2)

==================== Restore Points  =========================

27-08-2013 16:29:38 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2012-08-06 18:49 - 2013-08-24 19:24 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {04E318C0-4866-4A3D-883A-4DBB696E8B23} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2099724549-3202807456-1940011630-1000Core => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-20] (Google Inc.)
Task: {07831795-0524-4ABA-8891-AE3D2F3FEAFF} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {154E0A32-7E51-4232-BC6C-F7C13228A4E7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {1BF3D2BD-B9C7-4ACA-8EF2-8E4D619B5AE4} - System32\Tasks\Ad-Aware Antivirus Scheduled Scan => C:\PROGRA~2\AD-AWA~1\AdAwareLauncher.exe No File
Task: {23105C8F-505D-4402-8D5E-9A7B6FD8027A} - \Software Updater Ui No Task File
Task: {23F605D2-580F-4862-8CDB-DCB02C82A782} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-12] (Adobe Systems Incorporated)
Task: {23F8B639-5052-4284-9EFF-C49DF771CA64} - System32\Tasks\Asrsetup => D:\ASRSetup.exe No File
Task: {2A17C865-E1A2-45A3-A8D9-D7298577939D} - System32\Tasks\Trigger KMS Activation => F:\DOWNLOADS\KMSNano v13 Offline Office and Windows KMS Activator\TriggerKMS.exe No File
Task: {2FEC0373-3A8B-48BC-829D-AD5258EF4B0E} - \Browser Updater\Browser Updater No Task File
Task: {30E48EBE-E6FA-44C1-B5CF-76FE7A060968} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {32A1F1EE-54CA-4EC6-A765-8A59EC2AD7E1} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe No File
Task: {33695109-E08D-4A9B-B073-3419B53C3372} - System32\Tasks\{5F5E1B98-8DEE-480D-833B-226DD91CB52D} => C:\ADOBE\Acrobat 10.0\Acrobat\AcroRd32.exe No File
Task: {3CB06802-72ED-4E56-BEF3-F0F29986CF80} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {42A97CA2-053C-47B2-BD82-5D6615957C16} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {482A6A91-094B-4D4F-B32D-448CC3C473C3} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-11-21] (Microsoft Corporation)
Task: {4BF5735A-F072-44FB-B487-C4FB38AF4961} - System32\Tasks\{E6DC504C-AA27-4451-A591-1E89C96E94A3} => C:\ADOBE\Acrobat 10.0\Acrobat\AcroRd32.exe No File
Task: {50FEC2D5-6A32-497E-9F2A-C162F0D34A6F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd)
Task: {57347239-C4C8-45B3-8748-0C6F011084CD} - System32\Tasks\Microsoft\Windows\PLA\System\{B04B9C26-8212-4C03-947F-7A49A9FDEE9B}_System Diagnostics => C:\Windows\system32\schtasks.exe [2010-11-21] (Microsoft Corporation)
Task: {5E6D9355-D733-4A28-AB9F-C9D4D616BFDE} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-01-29] (Microsoft)
Task: {5E8B11A8-331F-4830-98CA-29502B4B00BE} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {63D6C59F-2658-483C-AF08-41EF74FBE37A} - System32\Tasks\DSite => C:\Users\Daniel\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE [2013-08-26] ()
Task: {6533E5DD-AC05-4BE3-9EF6-CD996ABB574C} - System32\Tasks\{09801694-8BB5-432B-9BC8-29D4BC53D866} => C:\ADOBE\Acrobat 10.0\Acrobat\AcroRd32.exe No File
Task: {6B17C696-BA89-44D6-9208-7FC0D8F20385} - System32\Tasks\AdobeAAMUpdater-1.0-Daniel-PC-Daniel => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-13] (Adobe Systems Incorporated)
Task: {81F40BA7-D88F-42D4-B505-A10D59DE406D} - \Software Updater No Task File
Task: {87E0A1CA-6223-4AA1-BB23-E6A47F53A5D0} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {A6EF2F7F-BFB9-4C94-AED4-9B2DD1E9A6C4} - System32\Tasks\{77FEA98D-2C8E-4A8F-9A10-0471F55AB34D} => C:\Windows\System32\msiexec.exe [2010-11-21] (Microsoft Corporation)
Task: {AE2EE930-6C93-4834-B583-32977E2A1121} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-21] (Microsoft Corporation)
Task: {BAE38BD4-4463-4ABB-B123-B0E773F961FE} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {E2C3910F-D8B0-4C5F-BA28-5DE97F0D236D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2099724549-3202807456-1940011630-1000UA => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-20] (Google Inc.)
Task: {F59DEE19-4152-4B7E-929C-99FF90F16B55} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DSite.job => C:\Users\Daniel\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2099724549-3202807456-1940011630-1000Core.job => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2099724549-3202807456-1940011630-1000UA.job => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Faulty Device Manager Devices =============

Name: Intel(R) HD Graphics 3000
Description: Intel(R) HD Graphics 3000
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: igfx
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/27/2013 08:57:03 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/27/2013 06:24:30 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/27/2013 06:24:15 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/27/2013 09:55:11 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/27/2013 09:55:11 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/27/2013 09:54:52 AM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.

Error: (08/27/2013 09:54:47 AM) (Source: Windows Search Service) (User: )
Description: Der Index kann nicht initialisiert werden.


Details:
        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (08/27/2013 09:54:47 AM) (Source: Windows Search Service) (User: )
Description: Die Anwendung kann nicht initialisiert werden.

Kontext: Windows Anwendung


Details:
        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (08/27/2013 09:54:47 AM) (Source: Windows Search Service) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (08/27/2013 09:54:47 AM) (Source: Windows Search Service) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
        Element nicht gefunden.  (HRESULT : 0x80070490) (0x80070490)


System errors:
=============
Error: (08/27/2013 11:14:07 AM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht vergrößert werden kann.

Error: (08/27/2013 09:55:08 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (08/27/2013 09:55:08 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Search erreicht.

Error: (08/27/2013 09:55:08 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (08/27/2013 09:55:08 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Search erreicht.

Error: (08/27/2013 09:55:06 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (08/27/2013 09:55:06 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Search erreicht.

Error: (08/27/2013 09:55:06 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (08/27/2013 09:55:06 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Search erreicht.

Error: (08/27/2013 09:54:55 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053


Microsoft Office Sessions:
=========================
Error: (08/27/2013 08:57:03 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (08/27/2013 06:24:30 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (08/27/2013 06:24:15 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (08/27/2013 09:55:11 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestF:\Trojaner Board Software\esetsmartinstaller_enu.exe

Error: (08/27/2013 09:55:11 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestF:\Trojaner Board Software\esetsmartinstaller_enu.exe

Error: (08/27/2013 09:54:52 AM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/27/2013 09:54:47 AM) (Source: Windows Search Service)(User: )
Description:
Details:
        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (08/27/2013 09:54:47 AM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung


Details:
        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (08/27/2013 09:54:47 AM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (08/27/2013 09:54:47 AM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
        Element nicht gefunden.  (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer


CodeIntegrity Errors:
===================================
  Date: 2013-08-27 09:54:29.206
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv06.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-08-27 09:54:29.175
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv06.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-08-26 22:32:57.830
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv06.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-08-26 22:32:57.783
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv06.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-08-26 00:58:05.200
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv06.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-08-26 00:58:05.168
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv06.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-08-25 15:54:37.220
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv06.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-08-25 15:54:37.189
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv06.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-08-25 15:40:49.204
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv06.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-08-25 15:40:49.173
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\acedrv06.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Percentage of memory in use: 20%
Total physical RAM: 16265.34 MB
Available physical RAM: 13012.09 MB
Total Pagefile: 32528.87 MB
Available Pagefile: 28572.99 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.14 GB) (Free:2.31 GB) NTFS
Drive f: () (Fixed) (Total:1863.01 GB) (Free:112.16 GB) NTFS
Drive g: () (Fixed) (Total:439.45 GB) (Free:343.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: C71388A3)
Partition 1: (Active) - (Size=-198626508800) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: 20D463C9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 466 GB) (Disk ID: 1CD40207)
Partition 1: (Not Active) - (Size=439 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber 28.08.2013 08:14
Funde von ESET sind irrelevant/schon in Quarantäne.

Fertig :)

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.


Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.


Alle Zeitangaben in WEZ +1. Es ist jetzt 06:53 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131