Trojaner-Board - Pup.Optional.Quick.Share.A gefunden

Trojaner-Board (https://www.trojaner-board.de/)

- Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)

- - Pup.Optional.Quick.Share.A gefunden (https://www.trojaner-board.de/139591-pup-optional-quick-share-a-gefunden.html)

Pup.Optional.Quick.Share.A gefunden

Hallo zusammen,

mir ist aufgefallen, dass mein Rechner deutlich langsamer wurde. Malwarebytes fand schließlich Pup.Optional.Quick.Share.A und Spybot fand Elexdesk.365. Beide "Dateien" befinden sich jetzt in Quarantäne. Es wäre schön, wenn ihr mir dabei helfen könntet, die restlichen Auswüchse zu bekämpfen.:-)

Anbei mein Malwarebytes-logfile sowie das Logfile von Spybot:

Code:

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 10.0.9200.16635

* :: *-PC [Administrator]
 

09.08.2013 03:18:58

mbam-log-2013-08-09 (03-18-58).txt
 

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)

Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM

Deaktivierte Suchlaufeinstellungen: P2P

Durchsuchte Objekte: 515961

Laufzeit: 1 Stunde(n), 35 Minute(n), 5 Sekunde(n)
 

Infizierte Speicherprozesse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Speichermodule: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungsschlüssel: 1

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} (PUP.Optional.QuickShare.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
 

Infizierte Registrierungswerte: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateiobjekte der Registrierung: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Verzeichnisse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateien: 0

(Keine bösartigen Objekte gefunden)
 

(Ende)

Code:

Search results from Spybot - Search & Destroy
 

8/8/2013 3:18:08 PM

Scan took 01:04:56.

98 items found.
 

Elex.Desk365: [SBI $02119D1D] Settings (Registry Key, nothing done)

  HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ijblflkdjdopkpdgllkmlbgcffjbnfda
 

Elex.V9: [SBI $36B89780] Program directory (Directory, nothing done)

  C:\Program Files (x86)\newtabs\

  Directory.subfile=C:\Program Files (x86)\newtabs\newtabs.exe

  Directory.subfile.size=261032

  Directory.subfile.md5=7331B554FC1CA17DAFAF0837AB91AAC6

  Directory.subfile.filedate=1343857665

  Directory.subfile.filedatetext=2012-08-01 23:47:45
 

Elex.V9: [SBI $A24DFF74]  Executable (File, nothing done)

  C:\Program Files (x86)\newtabs\newtabs.exe

  Properties.size=261032

  Properties.md5=7331B554FC1CA17DAFAF0837AB91AAC6

  Properties.filedate=1343857665

  Properties.filedatetext=2012-08-01 23:47:45
 

Elex.V9: [SBI $69E57A00] Settings (Registry Key, nothing done)

  HKEY_LOCAL_MACHINE\SOFTWARE\V9Software
 

Toolbar.Snap.do: [SBI $8DDCAABF] Settings (Registry Key, nothing done)

  HKEY_CLASSES_ROOT\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
 

Toolbar.Snap.do: [SBI $8DDCAABF] Settings (Registry Key, nothing done)

  HKEY_CLASSES_ROOT\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
 

Toolbar.Snap.do: [SBI $EF91C26E] Root class (Registry Key, nothing done)

  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IESmartBar.BandObjectAttribute
 

Toolbar.Snap.do: [SBI $EF91C26E] Class ID (Registry Key, nothing done)

  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
 

Toolbar.Snap.do: [SBI $EF91C26E] Root class (Registry Key, nothing done)

  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IESmartBar.BandObjectAttribute
 

Toolbar.Snap.do: [SBI $EF91C26E] Class ID (Registry Key, nothing done)

  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
 

Toolbar.Snap.do: [SBI $E9445C6F] Settings (Registry Key, nothing done)

  HKEY_CLASSES_ROOT\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
 

Toolbar.Snap.do: [SBI $E9445C6F] Settings (Registry Key, nothing done)

  HKEY_CLASSES_ROOT\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
 

Toolbar.Snap.do: [SBI $83BB8987] Root class (Registry Key, nothing done)

  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IESmartBar.DockingPanel
 

Toolbar.Snap.do: [SBI $83BB8987] Class ID (Registry Key, nothing done)

  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
 

Toolbar.Snap.do: [SBI $83BB8987] Root class (Registry Key, nothing done)

  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IESmartBar.DockingPanel
 

Toolbar.Snap.do: [SBI $83BB8987] Class ID (Registry Key, nothing done)

  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
 

Toolbar.Snap.do: [SBI $8761DA80] Settings (Registry Key, nothing done)

  HKEY_CLASSES_ROOT\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
 

Toolbar.Snap.do: [SBI $8761DA80] Settings (Registry Key, nothing done)

  HKEY_CLASSES_ROOT\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
 

Toolbar.Snap.do: [SBI $CFA65105] Root class (Registry Key, nothing done)

  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IESmartBar.IESmartBarBandObject
 

Toolbar.Snap.do: [SBI $CFA65105] Class ID (Registry Key, nothing done)

  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
 

Toolbar.Snap.do: [SBI $CFA65105] Root class (Registry Key, nothing done)

  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IESmartBar.IESmartBarBandObject
 

Toolbar.Snap.do: [SBI $CFA65105] Class ID (Registry Key, nothing done)

  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
 

Toolbar.Snap.do: [SBI $2224DEB2] Settings (Registry Key, nothing done)

  HKEY_CLASSES_ROOT\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
 

Toolbar.Snap.do: [SBI $2224DEB2] Settings (Registry Key, nothing done)

  HKEY_CLASSES_ROOT\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
 

Toolbar.Snap.do: [SBI $0B5340BB] Root class (Registry Key, nothing done)

  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IESmartBar.SmartbarMenuForm
 

Toolbar.Snap.do: [SBI $0B5340BB] Class ID (Registry Key, nothing done)

  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
 

Toolbar.Snap.do: [SBI $0B5340BB] Root class (Registry Key, nothing done)

  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IESmartBar.SmartbarMenuForm
 

Toolbar.Snap.do: [SBI $0B5340BB] Class ID (Registry Key, nothing done)

  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
 

Toolbar.Snap.do: [SBI $B8DD52AF] Settings (Registry Key, nothing done)

  HKEY_CLASSES_ROOT\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
 

Toolbar.Snap.do: [SBI $B8DD52AF] Settings (Registry Key, nothing done)

  HKEY_CLASSES_ROOT\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
 

Toolbar.Snap.do: [SBI $5BC1CF35] Root class (Registry Key, nothing done)

  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IESmartBar.IESmartBar
 

Toolbar.Snap.do: [SBI $5BC1CF35] Class ID (Registry Key, nothing done)

  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
 

Toolbar.Snap.do: [SBI $5BC1CF35] Root class (Registry Key, nothing done)

  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IESmartBar.IESmartBar
 

Toolbar.Snap.do: [SBI $5BC1CF35] Class ID (Registry Key, nothing done)

  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
 

Toolbar.Snap.do: [SBI $8A184072] User settings (Registry Key, nothing done)

  HKEY_USERS\S-1-5-21-2742597350-2926104813-441540862-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
 

Toolbar.Snap.do: [SBI $8A184072] User settings (Registry Key, nothing done)

  HKEY_USERS\S-1-5-21-2742597350-2926104813-441540862-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
 

Toolbar.Snap.do: [SBI $2A1CCFF9] IE toolbar (Registry Value, nothing done)

  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113}
 

Toolbar.Snap.do: [SBI $2A1CCFF9] IE toolbar (Registry Value, nothing done)

  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113}
 

Toolbar.Snap.do: [SBI $1A7BE132] Settings (Registry Key, nothing done)

  HKEY_CLASSES_ROOT\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
 

Toolbar.Snap.do: [SBI $BD50E80E] Root class (Registry Key, nothing done)

  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IESmartBar.BHO
 

Toolbar.Snap.do: [SBI $BD50E80E] Class ID (Registry Key, nothing done)

  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
 

Toolbar.Snap.do: [SBI $BD50E80E] Browser helper object (Registry Key, nothing done)

  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
 

Toolbar.Snap.do: [SBI $BD50E80E] Root class (Registry Key, nothing done)

  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IESmartBar.BHO
 

Toolbar.Snap.do: [SBI $28BEF3EF] User settings (Registry Key, nothing done)

  HKEY_USERS\S-1-5-21-2742597350-2926104813-441540862-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
 

Toolbar.Snap.do: [SBI $28BEF3EF] User settings (Registry Key, nothing done)

  HKEY_USERS\S-1-5-21-2742597350-2926104813-441540862-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
 

7-Zip: [SBI $12C3A52C] Folder history (Registry Value, nothing done)

  HKEY_USERS\S-1-5-21-2742597350-2926104813-441540862-1003\Software\7-ZIP\FM\FolderHistory
 

7-Zip: [SBI $3D5692BD] Last used folder (Registry Change, nothing done)

  HKEY_USERS\S-1-5-21-2742597350-2926104813-441540862-1003\Software\7-ZIP\FM\PanelPath0
 

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)

  HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
 

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)

  HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
 

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)

  HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
 

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)

  HKEY_USERS\S-1-5-21-2742597350-2926104813-441540862-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
 

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)

  HKEY_USERS\S-1-5-21-2742597350-2926104813-441540862-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
 

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)

  HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
 

MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)

  HKEY_USERS\S-1-5-21-2742597350-2926104813-441540862-1000\Software\Microsoft\MediaPlayer\Player\Settings\Client ID
 

MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)

  HKEY_USERS\S-1-5-21-2742597350-2926104813-441540862-1003\Software\Microsoft\MediaPlayer\Player\Settings\Client ID
 

MS Direct3D: [SBI $7FB7B83F] Most recent application (Registry Change, nothing done)

  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name
 

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)

  HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name
 

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)

  HKEY_USERS\S-1-5-20\Software\Microsoft\Direct3D\MostRecentApplication\Name
 

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)

  HKEY_USERS\S-1-5-21-2742597350-2926104813-441540862-1003\Software\Microsoft\Direct3D\MostRecentApplication\Name
 

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)

  HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name
 

MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)

  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name
 

MS DirectInput: [SBI $9A063C91] Most recent application (Registry Change, nothing done)

  HKEY_USERS\S-1-5-21-2742597350-2926104813-441540862-1003\Software\Microsoft\DirectInput\MostRecentApplication\Name
 

MS DirectInput: [SBI $7B184199] Most recent application ID (Registry Change, nothing done)

  HKEY_USERS\S-1-5-21-2742597350-2926104813-441540862-1003\Software\Microsoft\DirectInput\MostRecentApplication\Id
 

vanBasco's Karaoke Player: [SBI $C85CC84D] Last used playlist (Registry Change, nothing done)

  HKEY_USERS\S-1-5-21-2742597350-2926104813-441540862-1003\Software\vanBasco\vanBasco's MIDI Player\Playlist\Last
 

vanBasco's Karaoke Player: [SBI $A1B1B280] Last used folder (Registry Value, nothing done)

  HKEY_USERS\S-1-5-21-2742597350-2926104813-441540862-1003\Software\vanBasco\vanBasco's MIDI Player\Playlist\LastDirectory
 

Windows.OpenWith: [SBI $F7204896] Open with list - .AVI extension (Registry Key, nothing done)

  HKEY_USERS\S-1-5-21-2742597350-2926104813-441540862-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList
 

Windows.OpenWith: [SBI $F7204896] Open with list - .AVI extension (Registry Key, nothing done)

  HKEY_USERS\S-1-5-21-2742597350-2926104813-441540862-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList
 

Windows.OpenWith: [SBI $A1C94E79] Open with list - .BMP extension (Registry Key, nothing done)

  HKEY_USERS\S-1-5-21-2742597350-2926104813-441540862-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList
 

Windows.OpenWith: [SBI $9E8D5C8A] Open with list - .CDA extension (Registry Key, nothing done)

  HKEY_USERS\S-1-5-21-2742597350-2926104813-441540862-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CDA\OpenWithList
 

Windows.OpenWith: [SBI $ECC28BDF] Open with list - .CSV extension (Registry Key, nothing done)

  HKEY_USERS\S-1-5-21-2742597350-2926104813-441540862-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSV\OpenWithList
 

Windows.OpenWith: [SBI $F34FE1D0] Open with list - .CUE extension (Registry Key, nothing done)

  HKEY_USERS\S-1-5-21-2742597350-2926104813-441540862-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CUE\OpenWithList
 

Windows Explorer: [SBI $AA0766B5] Stream history (Registry Key, nothing done)

  HKEY_USERS\S-1-5-21-2742597350-2926104813-441540862-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU
 

Windows Explorer: [SBI $AA0766B5] Stream history (Registry Key, nothing done)

  HKEY_USERS\S-1-5-21-2742597350-2926104813-441540862-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU
 

Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)

  HKEY_USERS\S-1-5-21-2742597350-2926104813-441540862-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
 

Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)

  HKEY_USERS\S-1-5-21-2742597350-2926104813-441540862-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
 

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)

  HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
 

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)

  HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
 

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)

  HKEY_USERS\S-1-5-21-2742597350-2926104813-441540862-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
 

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)

  HKEY_USERS\S-1-5-21-2742597350-2926104813-441540862-1003\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
 

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)

  HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
 

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)

  HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
 

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)

  HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
 

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)

  HKEY_USERS\S-1-5-21-2742597350-2926104813-441540862-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
 

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)

  HKEY_USERS\S-1-5-21-2742597350-2926104813-441540862-1003\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
 

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)

  HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
 

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)

  HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
 

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)

  HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
 

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)

  HKEY_USERS\S-1-5-21-2742597350-2926104813-441540862-1000\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
 

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)

  HKEY_USERS\S-1-5-21-2742597350-2926104813-441540862-1003\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
 

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)

  HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
 

WinRAR: [SBI $0B56E92B] Recent file list (Registry Key, nothing done)

  HKEY_USERS\S-1-5-21-2742597350-2926104813-441540862-1003\Software\WinRAR\ArcHistory
 

WinRAR: [SBI $B84F9965] Last used directory (Registry Change, nothing done)

  HKEY_USERS\S-1-5-21-2742597350-2926104813-441540862-1003\Software\WinRAR\General\LastFolder
 

WinRAR: [SBI $B510882E] Extraction directory history (Registry Key, nothing done)

  HKEY_USERS\S-1-5-21-2742597350-2926104813-441540862-1003\Software\WinRAR\DialogEditHistory\ExtrPath
 

Cookie: [SBI $49804B54] Browser: Cookie (1) (Browser: Cookie, nothing done)

  
 

Cache: [SBI $49804B54] Browser: Cache (7) (Browser: Cache, nothing done)

  
 

Verlauf: [SBI $49804B54] Browser: History (1) (Browser: History, nothing done)

  
 

Cookie: [SBI $49804B54] Browser: Cookie (1) (Browser: Cookie, nothing done)

  
 

Cookie: [SBI $49804B54] Browser: Cookie (4) (Browser: Cookie, nothing done)

  
 
 

--- Spybot - Search & Destroy version: 2.1.18.131  DLL (build: 20130516) ---
 

2013-05-16 blindman.exe (2.1.18.151)

2013-05-16 explorer.exe (2.1.18.177)

2013-05-16 SDBootCD.exe (2.1.18.109)

2013-05-16 SDCleaner.exe (2.1.18.110)

2013-05-16 SDDelFile.exe (2.1.18.94)

2013-06-18 SDDisableProxy.exe

2013-05-16 SDFiles.exe (2.1.18.135)

2013-03-20 SDFileScanHelper.exe (2.1.16.1)

2013-05-16 SDFSSvc.exe (2.1.18.208)

2013-05-16 SDHookHelper.exe (2.1.18.2)

2013-05-16 SDHookInst32.exe (2.1.18.2)

2013-05-16 SDHookInst64.exe (2.1.18.2)

2013-05-16 SDImmunize.exe (2.1.18.130)

2013-05-16 SDLogReport.exe (2.1.18.107)

2013-05-16 SDOnAccess.exe (2.1.18.4)

2013-05-16 SDPESetup.exe (2.1.18.3)

2013-05-16 SDPEStart.exe (2.1.18.86)

2013-05-16 SDPhoneScan.exe (2.1.18.28)

2013-05-16 SDPRE.exe (2.1.18.22)

2013-05-16 SDPrepPos.exe (2.1.18.10)

2013-05-16 SDQuarantine.exe (2.1.18.103)

2013-05-16 SDRootAlyzer.exe (2.1.18.116)

2013-05-16 SDSBIEdit.exe (2.1.18.39)

2013-05-16 SDScan.exe (2.1.18.177)

2013-05-16 SDScript.exe (2.1.18.53)

2013-05-16 SDSettings.exe (2.1.18.136)

2013-05-16 SDShell.exe (2.1.18.2)

2013-05-16 SDShred.exe (2.1.18.107)

2013-05-16 SDSysRepair.exe (2.1.18.101)

2013-05-16 SDTools.exe (2.1.18.150)

2013-07-25 SDTray.exe (2.1.21.129)

2013-05-16 SDUpdate.exe (2.1.18.91)

2013-05-16 SDUpdSvc.exe (2.1.18.76)

2013-07-10 SDWelcome.exe (2.1.21.129)

2013-05-15 SDWSCSvc.exe (2.1.18.2)

2013-06-19 spybotsd2-translation-frx.exe

2013-08-08 unins000.exe (51.1052.0.0)

1999-12-02 xcacls.exe

2012-08-23 borlndmm.dll (10.0.2288.42451)

2012-09-05 DelZip190.dll (1.9.0.107)

2012-09-10 libeay32.dll (1.0.0.4)

2012-09-10 libssl32.dll (1.0.0.4)

2013-05-16 SDAdvancedCheckLibrary.dll (2.1.18.98)

2013-05-16 SDAV.dll

2013-05-16 SDECon32.dll (2.1.18.113)

2013-05-16 SDECon64.dll (2.1.18.113)

2013-04-05 SDEvents.dll (2.1.16.2)

2013-05-16 SDFileScanLibrary.dll (2.1.18.12)

2013-05-16 SDHook32.dll (2.1.18.2)

2013-05-16 SDHook64.dll (2.1.18.2)

2013-05-16 SDImmunizeLibrary.dll (2.1.18.2)

2013-05-16 SDLicense.dll (2.1.18.0)

2013-05-16 SDLists.dll (2.1.18.4)

2013-05-16 SDResources.dll (2.1.18.7)

2013-05-16 SDScanLibrary.dll (2.1.18.131)

2013-05-16 SDTasks.dll (2.1.18.15)

2013-05-16 SDWinLogon.dll (2.1.18.0)

2012-08-23 sqlite3.dll

2012-09-10 ssleay32.dll (1.0.0.4)

2013-05-16 Tools.dll (2.1.18.36)

2012-12-18 Includes\Adware.sbi (*)

2013-07-30 Includes\AdwareC.sbi (*)

2010-08-13 Includes\Cookies.sbi (*)

2012-11-14 Includes\Dialer.sbi (*)

2012-11-14 Includes\DialerC.sbi (*)

2012-11-14 Includes\HeavyDuty.sbi (*)

2012-11-14 Includes\Hijackers.sbi (*)

2012-11-14 Includes\HijackersC.sbi (*)

2012-11-14 Includes\iPhone.sbi (*)

2013-06-25 Includes\Keyloggers.sbi (*)

2012-12-18 Includes\KeyloggersC.sbi (*)

2013-05-29 Includes\Malware.sbi (*)

2013-08-06 Includes\MalwareC.sbi (*)

2012-11-14 Includes\PUPS.sbi (*)

2013-08-06 Includes\PUPSC.sbi (*)

2012-11-14 Includes\Security.sbi (*)

2012-11-14 Includes\SecurityC.sbi (*)

2013-05-22 Includes\Spyware.sbi (*)

2013-08-06 Includes\SpywareC.sbi (*)

2011-06-07 Includes\Tracks.sbi (*)

2012-11-19 Includes\Tracks.uti (*)

2013-01-16 Includes\Trojans.sbi (*)

2013-05-13 Includes\TrojansC-02.sbi (*)

2013-07-31 Includes\TrojansC-03.sbi (*)

2013-08-06 Includes\TrojansC-04.sbi (*)

2013-05-08 Includes\TrojansC-05.sbi (*)

2013-08-06 Includes\TrojansC.sbi (*)

Code:

Search results from Spybot - Search & Destroy
 

8/8/2013 7:38:02 PM

Scan took 01:03:33.

4 items found.
 

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)

  HKEY_USERS\S-1-5-21-2742597350-2926104813-441540862-1000\Software\Microsoft\Direct3D\MostRecentApplication\Name
 

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)

  HKEY_USERS\S-1-5-21-2742597350-2926104813-441540862-1003\Software\Microsoft\Direct3D\MostRecentApplication\Name
 

Cache: [SBI $49804B54] Browser: Cache (1) (Browser: Cache, nothing done)

  
 

Cookie: [SBI $49804B54] Browser: Cookie (1) (Browser: Cookie, nothing done)

  
 
 

--- Spybot - Search & Destroy version: 2.1.18.131  DLL (build: 20130516) ---
 

2013-05-16 blindman.exe (2.1.18.151)

2013-05-16 explorer.exe (2.1.18.177)

2013-05-16 SDBootCD.exe (2.1.18.109)

2013-05-16 SDCleaner.exe (2.1.18.110)

2013-05-16 SDDelFile.exe (2.1.18.94)

2013-06-18 SDDisableProxy.exe

2013-05-16 SDFiles.exe (2.1.18.135)

2013-03-20 SDFileScanHelper.exe (2.1.16.1)

2013-05-16 SDFSSvc.exe (2.1.18.208)

2013-05-16 SDHookHelper.exe (2.1.18.2)

2013-05-16 SDHookInst32.exe (2.1.18.2)

2013-05-16 SDHookInst64.exe (2.1.18.2)

2013-05-16 SDImmunize.exe (2.1.18.130)

2013-05-16 SDLogReport.exe (2.1.18.107)

2013-05-16 SDOnAccess.exe (2.1.18.4)

2013-05-16 SDPESetup.exe (2.1.18.3)

2013-05-16 SDPEStart.exe (2.1.18.86)

2013-05-16 SDPhoneScan.exe (2.1.18.28)

2013-05-16 SDPRE.exe (2.1.18.22)

2013-05-16 SDPrepPos.exe (2.1.18.10)

2013-05-16 SDQuarantine.exe (2.1.18.103)

2013-05-16 SDRootAlyzer.exe (2.1.18.116)

2013-05-16 SDSBIEdit.exe (2.1.18.39)

2013-05-16 SDScan.exe (2.1.18.177)

2013-05-16 SDScript.exe (2.1.18.53)

2013-05-16 SDSettings.exe (2.1.18.136)

2013-05-16 SDShell.exe (2.1.18.2)

2013-05-16 SDShred.exe (2.1.18.107)

2013-05-16 SDSysRepair.exe (2.1.18.101)

2013-05-16 SDTools.exe (2.1.18.150)

2013-07-25 SDTray.exe (2.1.21.129)

2013-05-16 SDUpdate.exe (2.1.18.91)

2013-05-16 SDUpdSvc.exe (2.1.18.76)

2013-07-10 SDWelcome.exe (2.1.21.129)

2013-05-15 SDWSCSvc.exe (2.1.18.2)

2013-06-19 spybotsd2-translation-frx.exe

2013-08-08 unins000.exe (51.1052.0.0)

1999-12-02 xcacls.exe

2012-08-23 borlndmm.dll (10.0.2288.42451)

2012-09-05 DelZip190.dll (1.9.0.107)

2012-09-10 libeay32.dll (1.0.0.4)

2012-09-10 libssl32.dll (1.0.0.4)

2013-05-16 SDAdvancedCheckLibrary.dll (2.1.18.98)

2013-05-16 SDAV.dll

2013-05-16 SDECon32.dll (2.1.18.113)

2013-05-16 SDECon64.dll (2.1.18.113)

2013-04-05 SDEvents.dll (2.1.16.2)

2013-05-16 SDFileScanLibrary.dll (2.1.18.12)

2013-05-16 SDHook32.dll (2.1.18.2)

2013-05-16 SDHook64.dll (2.1.18.2)

2013-05-16 SDImmunizeLibrary.dll (2.1.18.2)

2013-05-16 SDLicense.dll (2.1.18.0)

2013-05-16 SDLists.dll (2.1.18.4)

2013-05-16 SDResources.dll (2.1.18.7)

2013-05-16 SDScanLibrary.dll (2.1.18.131)

2013-05-16 SDTasks.dll (2.1.18.15)

2013-05-16 SDWinLogon.dll (2.1.18.0)

2012-08-23 sqlite3.dll

2012-09-10 ssleay32.dll (1.0.0.4)

2013-05-16 Tools.dll (2.1.18.36)

2012-12-18 Includes\Adware.sbi (*)

2013-07-30 Includes\AdwareC.sbi (*)

2010-08-13 Includes\Cookies.sbi (*)

2012-11-14 Includes\Dialer.sbi (*)

2012-11-14 Includes\DialerC.sbi (*)

2012-11-14 Includes\HeavyDuty.sbi (*)

2012-11-14 Includes\Hijackers.sbi (*)

2012-11-14 Includes\HijackersC.sbi (*)

2012-11-14 Includes\iPhone.sbi (*)

2013-06-25 Includes\Keyloggers.sbi (*)

2012-12-18 Includes\KeyloggersC.sbi (*)

2013-05-29 Includes\Malware.sbi (*)

2013-08-06 Includes\MalwareC.sbi (*)

2012-11-14 Includes\PUPS.sbi (*)

2013-08-06 Includes\PUPSC.sbi (*)

2012-11-14 Includes\Security.sbi (*)

2012-11-14 Includes\SecurityC.sbi (*)

2013-05-22 Includes\Spyware.sbi (*)

2013-08-06 Includes\SpywareC.sbi (*)

2011-06-07 Includes\Tracks.sbi (*)

2012-11-19 Includes\Tracks.uti (*)

2013-01-16 Includes\Trojans.sbi (*)

2013-05-13 Includes\TrojansC-02.sbi (*)

2013-07-31 Includes\TrojansC-03.sbi (*)

2013-08-06 Includes\TrojansC-04.sbi (*)

2013-05-08 Includes\TrojansC-05.sbi (*)

2013-08-06 Includes\TrojansC.sbi (*)

Code:

Search results from Spybot - Search & Destroy
 

8/8/2013 7:38:02 PM

Scan took 01:03:33.

4 items found.
 

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)

  HKEY_USERS\S-1-5-21-2742597350-2926104813-441540862-1000\Software\Microsoft\Direct3D\MostRecentApplication\Name
 

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)

  HKEY_USERS\S-1-5-21-2742597350-2926104813-441540862-1003\Software\Microsoft\Direct3D\MostRecentApplication\Name
 

Cache: [SBI $49804B54] Browser: Cache (1) (Browser: Cache, nothing done)

  
 

Cookie: [SBI $49804B54] Browser: Cookie (1) (Browser: Cookie, nothing done)

  
 
 

--- Spybot - Search & Destroy version: 2.1.18.131  DLL (build: 20130516) ---
 

2013-05-16 blindman.exe (2.1.18.151)

2013-05-16 explorer.exe (2.1.18.177)

2013-05-16 SDBootCD.exe (2.1.18.109)

2013-05-16 SDCleaner.exe (2.1.18.110)

2013-05-16 SDDelFile.exe (2.1.18.94)

2013-06-18 SDDisableProxy.exe

2013-05-16 SDFiles.exe (2.1.18.135)

2013-03-20 SDFileScanHelper.exe (2.1.16.1)

2013-05-16 SDFSSvc.exe (2.1.18.208)

2013-05-16 SDHookHelper.exe (2.1.18.2)

2013-05-16 SDHookInst32.exe (2.1.18.2)

2013-05-16 SDHookInst64.exe (2.1.18.2)

2013-05-16 SDImmunize.exe (2.1.18.130)

2013-05-16 SDLogReport.exe (2.1.18.107)

2013-05-16 SDOnAccess.exe (2.1.18.4)

2013-05-16 SDPESetup.exe (2.1.18.3)

2013-05-16 SDPEStart.exe (2.1.18.86)

2013-05-16 SDPhoneScan.exe (2.1.18.28)

2013-05-16 SDPRE.exe (2.1.18.22)

2013-05-16 SDPrepPos.exe (2.1.18.10)

2013-05-16 SDQuarantine.exe (2.1.18.103)

2013-05-16 SDRootAlyzer.exe (2.1.18.116)

2013-05-16 SDSBIEdit.exe (2.1.18.39)

2013-05-16 SDScan.exe (2.1.18.177)

2013-05-16 SDScript.exe (2.1.18.53)

2013-05-16 SDSettings.exe (2.1.18.136)

2013-05-16 SDShell.exe (2.1.18.2)

2013-05-16 SDShred.exe (2.1.18.107)

2013-05-16 SDSysRepair.exe (2.1.18.101)

2013-05-16 SDTools.exe (2.1.18.150)

2013-07-25 SDTray.exe (2.1.21.129)

2013-05-16 SDUpdate.exe (2.1.18.91)

2013-05-16 SDUpdSvc.exe (2.1.18.76)

2013-07-10 SDWelcome.exe (2.1.21.129)

2013-05-15 SDWSCSvc.exe (2.1.18.2)

2013-06-19 spybotsd2-translation-frx.exe

2013-08-08 unins000.exe (51.1052.0.0)

1999-12-02 xcacls.exe

2012-08-23 borlndmm.dll (10.0.2288.42451)

2012-09-05 DelZip190.dll (1.9.0.107)

2012-09-10 libeay32.dll (1.0.0.4)

2012-09-10 libssl32.dll (1.0.0.4)

2013-05-16 SDAdvancedCheckLibrary.dll (2.1.18.98)

2013-05-16 SDAV.dll

2013-05-16 SDECon32.dll (2.1.18.113)

2013-05-16 SDECon64.dll (2.1.18.113)

2013-04-05 SDEvents.dll (2.1.16.2)

2013-05-16 SDFileScanLibrary.dll (2.1.18.12)

2013-05-16 SDHook32.dll (2.1.18.2)

2013-05-16 SDHook64.dll (2.1.18.2)

2013-05-16 SDImmunizeLibrary.dll (2.1.18.2)

2013-05-16 SDLicense.dll (2.1.18.0)

2013-05-16 SDLists.dll (2.1.18.4)

2013-05-16 SDResources.dll (2.1.18.7)

2013-05-16 SDScanLibrary.dll (2.1.18.131)

2013-05-16 SDTasks.dll (2.1.18.15)

2013-05-16 SDWinLogon.dll (2.1.18.0)

2012-08-23 sqlite3.dll

2012-09-10 ssleay32.dll (1.0.0.4)

2013-05-16 Tools.dll (2.1.18.36)

2012-12-18 Includes\Adware.sbi (*)

2013-07-30 Includes\AdwareC.sbi (*)

2010-08-13 Includes\Cookies.sbi (*)

2012-11-14 Includes\Dialer.sbi (*)

2012-11-14 Includes\DialerC.sbi (*)

2012-11-14 Includes\HeavyDuty.sbi (*)

2012-11-14 Includes\Hijackers.sbi (*)

2012-11-14 Includes\HijackersC.sbi (*)

2012-11-14 Includes\iPhone.sbi (*)

2013-06-25 Includes\Keyloggers.sbi (*)

2012-12-18 Includes\KeyloggersC.sbi (*)

2013-05-29 Includes\Malware.sbi (*)

2013-08-06 Includes\MalwareC.sbi (*)

2012-11-14 Includes\PUPS.sbi (*)

2013-08-06 Includes\PUPSC.sbi (*)

2012-11-14 Includes\Security.sbi (*)

2012-11-14 Includes\SecurityC.sbi (*)

2013-05-22 Includes\Spyware.sbi (*)

2013-08-06 Includes\SpywareC.sbi (*)

2011-06-07 Includes\Tracks.sbi (*)

2012-11-19 Includes\Tracks.uti (*)

2013-01-16 Includes\Trojans.sbi (*)

2013-05-13 Includes\TrojansC-02.sbi (*)

2013-07-31 Includes\TrojansC-03.sbi (*)

2013-08-06 Includes\TrojansC-04.sbi (*)

2013-05-08 Includes\TrojansC-05.sbi (*)

2013-08-06 Includes\TrojansC.sbi (*)

Code:

Search results from Spybot - Search & Destroy
 

8/9/2013 9:24:39 AM

Scan took 00:53:50.

9 items found.
 

FastClick: [SBI $8E73A7FB] Tracking cookie (Internet Explorer (Benutzer): *) (Browser: Cookie, nothing done)

  
 

DoubleClick: [SBI $8E73A7FB] Tracking cookie (Internet Explorer (Benutzer): *) (Browser: Cookie, nothing done)

  
 

MediaPlex: [SBI $8E73A7FB] Tracking cookie (Internet Explorer (Benutzer): *) (Browser: Cookie, nothing done)

  
 

MediaPlex: [SBI $8E73A7FB] Tracking cookie (Internet Explorer (Benutzer): *) (Browser: Cookie, nothing done)

  
 

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)

  HKEY_USERS\S-1-5-21-2742597350-2926104813-441540862-1000\Software\Microsoft\Direct3D\MostRecentApplication\Name
 

Cookie: [SBI $49804B54] Browser: Cookie (5) (Browser: Cookie, nothing done)

  
 

Cache: [SBI $49804B54] Browser: Cache (20) (Browser: Cache, nothing done)

  
 

Verlauf: [SBI $49804B54] Browser: History (7) (Browser: History, nothing done)

  
 

Cookie: [SBI $49804B54] Browser: Cookie (2) (Browser: Cookie, nothing done)

  
 
 

--- Spybot - Search & Destroy version: 2.1.18.131  DLL (build: 20130516) ---
 

2013-05-16 blindman.exe (2.1.18.151)

2013-05-16 explorer.exe (2.1.18.177)

2013-05-16 SDBootCD.exe (2.1.18.109)

2013-05-16 SDCleaner.exe (2.1.18.110)

2013-05-16 SDDelFile.exe (2.1.18.94)

2013-06-18 SDDisableProxy.exe

2013-05-16 SDFiles.exe (2.1.18.135)

2013-03-20 SDFileScanHelper.exe (2.1.16.1)

2013-05-16 SDFSSvc.exe (2.1.18.208)

2013-05-16 SDHookHelper.exe (2.1.18.2)

2013-05-16 SDHookInst32.exe (2.1.18.2)

2013-05-16 SDHookInst64.exe (2.1.18.2)

2013-05-16 SDImmunize.exe (2.1.18.130)

2013-05-16 SDLogReport.exe (2.1.18.107)

2013-05-16 SDOnAccess.exe (2.1.18.4)

2013-05-16 SDPESetup.exe (2.1.18.3)

2013-05-16 SDPEStart.exe (2.1.18.86)

2013-05-16 SDPhoneScan.exe (2.1.18.28)

2013-05-16 SDPRE.exe (2.1.18.22)

2013-05-16 SDPrepPos.exe (2.1.18.10)

2013-05-16 SDQuarantine.exe (2.1.18.103)

2013-05-16 SDRootAlyzer.exe (2.1.18.116)

2013-05-16 SDSBIEdit.exe (2.1.18.39)

2013-05-16 SDScan.exe (2.1.18.177)

2013-05-16 SDScript.exe (2.1.18.53)

2013-05-16 SDSettings.exe (2.1.18.136)

2013-05-16 SDShell.exe (2.1.18.2)

2013-05-16 SDShred.exe (2.1.18.107)

2013-05-16 SDSysRepair.exe (2.1.18.101)

2013-05-16 SDTools.exe (2.1.18.150)

2013-07-25 SDTray.exe (2.1.21.129)

2013-05-16 SDUpdate.exe (2.1.18.91)

2013-05-16 SDUpdSvc.exe (2.1.18.76)

2013-07-10 SDWelcome.exe (2.1.21.129)

2013-05-15 SDWSCSvc.exe (2.1.18.2)

2013-06-19 spybotsd2-translation-frx.exe

2013-08-08 unins000.exe (51.1052.0.0)

1999-12-02 xcacls.exe

2012-08-23 borlndmm.dll (10.0.2288.42451)

2012-09-05 DelZip190.dll (1.9.0.107)

2012-09-10 libeay32.dll (1.0.0.4)

2012-09-10 libssl32.dll (1.0.0.4)

2013-05-16 SDAdvancedCheckLibrary.dll (2.1.18.98)

2013-05-16 SDAV.dll

2013-05-16 SDECon32.dll (2.1.18.113)

2013-05-16 SDECon64.dll (2.1.18.113)

2013-04-05 SDEvents.dll (2.1.16.2)

2013-05-16 SDFileScanLibrary.dll (2.1.18.12)

2013-05-16 SDHook32.dll (2.1.18.2)

2013-05-16 SDHook64.dll (2.1.18.2)

2013-05-16 SDImmunizeLibrary.dll (2.1.18.2)

2013-05-16 SDLicense.dll (2.1.18.0)

2013-05-16 SDLists.dll (2.1.18.4)

2013-05-16 SDResources.dll (2.1.18.7)

2013-05-16 SDScanLibrary.dll (2.1.18.131)

2013-05-16 SDTasks.dll (2.1.18.15)

2013-05-16 SDWinLogon.dll (2.1.18.0)

2012-08-23 sqlite3.dll

2012-09-10 ssleay32.dll (1.0.0.4)

2013-05-16 Tools.dll (2.1.18.36)

2012-12-18 Includes\Adware.sbi (*)

2013-07-30 Includes\AdwareC.sbi (*)

2010-08-13 Includes\Cookies.sbi (*)

2012-11-14 Includes\Dialer.sbi (*)

2012-11-14 Includes\DialerC.sbi (*)

2012-11-14 Includes\HeavyDuty.sbi (*)

2012-11-14 Includes\Hijackers.sbi (*)

2012-11-14 Includes\HijackersC.sbi (*)

2012-11-14 Includes\iPhone.sbi (*)

2013-06-25 Includes\Keyloggers.sbi (*)

2012-12-18 Includes\KeyloggersC.sbi (*)

2013-05-29 Includes\Malware.sbi (*)

2013-08-06 Includes\MalwareC.sbi (*)

2012-11-14 Includes\PUPS.sbi (*)

2013-08-06 Includes\PUPSC.sbi (*)

2012-11-14 Includes\Security.sbi (*)

2012-11-14 Includes\SecurityC.sbi (*)

2013-05-22 Includes\Spyware.sbi (*)

2013-08-06 Includes\SpywareC.sbi (*)

2011-06-07 Includes\Tracks.sbi (*)

2012-11-19 Includes\Tracks.uti (*)

2013-01-16 Includes\Trojans.sbi (*)

2013-05-13 Includes\TrojansC-02.sbi (*)

2013-07-31 Includes\TrojansC-03.sbi (*)

2013-08-06 Includes\TrojansC-04.sbi (*)

2013-05-08 Includes\TrojansC-05.sbi (*)

2013-08-06 Includes\TrojansC.sbi (*)

Hi, es folgt eine Anweisung für FRST, bitte beachte die Zusatzinfo, die ich für die Additions.txt benötige.

Empfehlungen fürs Deinstallieren
Bitte kopiere die Liste der installierten Programme aus der additions.txt hier in deinen Thread. Notiere mir bitte
hinter jede Zeile, ob folgendes Kategorie zutrifft: Unbekannt, Nötig, Unnötig

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-08-2013 02

Ran by * (administrator) on 09-08-2013 20:18:43

Running from C:\Users\*\Desktop

Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard

Internet Explorer Version 10

Boot Mode: Normal
 

==================== Processes (Whitelisted) =================
 

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

(CSR, plc) C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Intel Corporation) C:\Windows\system32\igfxsrvc.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(CSR, plc) C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe

(FileHippo.com) C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe

(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe

(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe

(Fujitsu Technology Solutions) C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHndHkb.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1861416 2009-10-09] (Synaptics Incorporated)

HKLM\...\Run: [PfNet] - C:\Program Files\Fujitsu\Plugfree NETWORK\PfNet.exe [6310912 2010-06-24] (FUJITSU LIMITED)

HKLM\...\Run: [PSUTility] - C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [188264 2009-07-30] (FUJITSU LIMITED)

HKLM\...\Run: [FDM7] - C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe [164712 2009-11-26] (FUJITSU LIMITED)

HKLM\...\Run: [LoadFujitsuQuickTouch] - C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [157544 2009-10-15] (FUJITSU LIMITED)

HKLM\...\Run: [LoadBtnHnd] - C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [35176 2009-10-15] (FUJITSU LIMITED)

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8312352 2009-10-28] (Realtek Semiconductor)

HKLM\...\Run: [ConMgr] - C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe [535440 2009-12-24] (CSR, plc)

HKCU\...\Run: [FileHippo.com] - C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe [307712 2012-11-23] (FileHippo.com)

HKCU\...\Run: [Spybot-S&D Cleaning] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3642312 2013-05-16] (Safer-Networking Ltd.)

HKLM-x32\...\Run: [LoadFUJ02E3] - C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe [36712 2009-10-08] (FUJITSU LIMITED)

HKLM-x32\...\Run: [IndicatorUtility] - C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [47976 2009-10-09] (FUJITSU LIMITED)

HKLM-x32\...\Run: [YouCam Mirror Tray icon] - C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [162912 2009-07-08] (CyberLink Corp.)

HKLM-x32\...\Run: [DeskUpdateNotifier] - c:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe [102968 2013-02-26] (Fujitsu Technology Solutions)

HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [348664 2012-08-10] (Avira Operations GmbH & Co. KG)

HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)

HKLM-x32\...\Run: [] -  [x]

HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)

Startup: C:\Users\Internetkonto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> C:\Users\*\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)

Startup: C:\Users\Internetkonto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk

ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe (No File)

BootExecute: autocheck autochk * sdnclean64.exe
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=FTSG&bmod=FTSG

SearchScopes: HKLM - DefaultScope value is missing.

SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File

Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 

FireFox:

========

FF ProfilePath: C:\Users\*\AppData\Roaming\Mozilla\Firefox\Profiles\31qy4b1e.default

FF Homepage: hxxp://www.google.de/

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()

FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @videolan.org/vlc,version=2.0.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.0.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - D:\Programme\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - D:\Programme\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @mozilla.zeniko.ch/SumatraPDF_Browser_Plugin - d:\programme\SumatraPDF\npPdfViewer.dll (Simon Bünzli)

FF Plugin-x32: @videolan.org/vlc,version=2.0.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin HKCU: @mozilla.zeniko.ch/SumatraPDF_Browser_Plugin - d:\programme\SumatraPDF\npPdfViewer.dll (Simon Bünzli)

FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 

==================== Services (Whitelisted) =================
 

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86224 2012-05-08] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110032 2012-05-08] (Avira Operations GmbH & Co. KG)

R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()

R2 PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [330240 2010-06-24] (FUJITSU LIMITED)

R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [63336 2009-07-30] (FUJITSU LIMITED)

R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)

R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)

R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)

R2 VFPRadioSupportService; C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe [145840 2009-12-24] (CSR, plc)
 

==================== Drivers (Whitelisted) ====================
 

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98848 2012-05-08] (Avira GmbH)

R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132832 2012-05-08] (Avira GmbH)

R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [27760 2011-12-15] (Avira GmbH)

R3 FUJ02B1; C:\Windows\System32\DRIVERS\FUJ02B1.sys [7808 2006-11-01] (FUJITSU LIMITED)

R3 FUJ02E3; C:\Windows\System32\DRIVERS\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)

S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [x]

S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x]

S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2013-08-09 20:17 - 2013-08-09 20:18 - 01790169 _____ (Farbar) C:\Users\*\Desktop\FRST64.exe

2013-08-08 23:10 - 2013-08-08 23:13 - 110344048 _____ C:\Users\*\Desktop\avira_free_antivirus85_de.exe

2013-08-08 18:10 - 2013-08-08 18:10 - 00000520 _____ C:\Windows\PFRO.log

2013-08-08 16:09 - 2013-08-08 16:09 - 00000000 ____D C:\Users\*\Documents\ProcAlyzer Dumps

2013-08-08 15:47 - 2013-08-08 15:47 - 00000101 _____ C:\Windows\wininit.ini

2013-08-08 14:10 - 2013-08-09 19:37 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy

2013-08-08 14:10 - 2013-08-08 14:12 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2

2013-08-08 14:10 - 2013-08-08 14:10 - 00001385 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk

2013-08-08 14:10 - 2013-08-08 14:10 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking

2013-08-08 14:10 - 2009-01-25 13:14 - 00017272 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe

2013-08-08 14:09 - 2013-08-08 14:09 - 01440846 _____ C:\Users\Internetkonto\Desktop\mbam-chameleon-1.62.1.1000.zip

2013-08-08 14:08 - 2013-08-08 14:08 - 37672592 _____ (Safer-Networking Ltd.                                       ) C:\Users\Internetkonto\Desktop\spybotsd-2.1.21-SR2.exe

2013-08-06 20:18 - 2013-08-09 08:27 - 00000336 _____ C:\Windows\setupact.log

2013-08-06 20:18 - 2013-08-06 20:18 - 00000000 _____ C:\Windows\setuperr.log

2013-08-06 18:16 - 2013-06-07 05:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2013-08-06 18:15 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2013-08-06 18:15 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2013-08-06 18:15 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2013-08-06 18:15 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2013-08-06 18:15 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2013-08-06 18:15 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2013-08-06 18:15 - 2013-06-12 01:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2013-08-06 18:15 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2013-08-06 18:15 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2013-08-06 18:15 - 2013-06-12 01:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2013-08-06 18:15 - 2013-06-12 01:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll

2013-08-06 18:15 - 2013-06-12 01:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2013-08-06 18:15 - 2013-06-12 01:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2013-08-06 18:15 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2013-08-06 18:15 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2013-08-06 18:15 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2013-08-06 18:15 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2013-08-06 18:15 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2013-08-06 18:15 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2013-08-06 18:15 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2013-08-06 18:15 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2013-08-06 18:15 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2013-08-06 18:15 - 2013-06-12 01:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2013-08-06 18:15 - 2013-06-12 01:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2013-08-06 18:15 - 2013-06-12 01:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2013-08-06 18:15 - 2013-06-12 01:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2013-08-06 18:15 - 2013-06-12 01:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2013-08-06 18:15 - 2013-06-12 00:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2013-08-06 18:15 - 2013-06-12 00:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe

2013-08-06 18:15 - 2013-06-07 04:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2013-08-06 18:00 - 2013-06-05 05:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2013-08-06 18:00 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL

2013-08-06 18:00 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL

2013-08-06 18:00 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll

2013-08-06 18:00 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll

2013-08-06 17:59 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll

2013-08-06 17:59 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll

2013-08-06 17:41 - 2013-08-06 17:41 - 00000000 ____D C:\Users\Internetkonto\AppData\Roaming\RCP 6

2013-08-06 17:33 - 2013-08-06 17:33 - 00000000 ____D C:\ConversionOutput

2013-08-06 17:18 - 2013-08-06 17:18 - 00000000 ____D C:\Users\Internetkonto\AppData\Local\PictureConverter

2013-08-06 11:39 - 2013-08-06 11:39 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4

2013-08-06 11:14 - 2013-08-06 11:14 - 00000000 ____D C:\Windows\en

2013-08-06 11:14 - 2013-08-06 11:14 - 00000000 ____D C:\Windows\de

2013-08-06 11:07 - 2013-08-06 11:13 - 143436858 _____ C:\Users\*\Desktop\Apache_OpenOffice_4.0.0_Win_x86_install_en-US.exe

2013-07-14 10:30 - 2013-07-14 10:30 - 00001058 _____ C:\Users\Internetkonto\Desktop\Dropbox.lnk

2013-07-13 12:40 - 2013-07-13 12:40 - 00000584 _____ C:\Users\*\Documents\cc_20130713_124051.reg

2013-07-13 12:30 - 2013-07-13 12:30 - 00055650 _____ C:\Users\*\Documents\cc_20130713_123015.reg

2013-07-13 12:30 - 2013-07-13 12:30 - 00001076 _____ C:\Users\*\Documents\cc_20130713_123029.reg

2013-07-13 12:30 - 2013-07-13 12:30 - 00000082 _____ C:\Users\*\Documents\cc_20130713_123040.reg

2013-07-10 15:38 - 2013-06-09 21:59 - 00216064 _____ C:\Windows\SysWOW64\gcapi_dll.dll

2013-07-10 15:30 - 2013-07-10 15:30 - 00000000 ____D C:\Users\Internetkonto\AppData\Roaming\SumatraPDF
 

==================== One Month Modified Files and Folders =======
 

2013-08-09 20:18 - 2013-08-09 20:18 - 00000000 ____D C:\FRST

2013-08-09 20:18 - 2013-08-09 20:17 - 01790169 _____ (Farbar) C:\Users\*\Desktop\FRST64.exe

2013-08-09 19:56 - 2012-11-21 19:21 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2013-08-09 19:37 - 2013-08-08 14:10 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy

2013-08-09 19:13 - 2009-07-14 06:45 - 00016752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2013-08-09 19:13 - 2009-07-14 06:45 - 00016752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2013-08-09 13:46 - 2012-08-24 12:52 - 00000000 ____D C:\Users\Internetkonto\AppData\Roaming\Dropbox

2013-08-09 08:27 - 2013-08-06 20:18 - 00000336 _____ C:\Windows\setupact.log

2013-08-09 08:27 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2013-08-09 08:26 - 2011-12-26 02:39 - 01103912 _____ C:\Windows\WindowsUpdate.log

2013-08-08 23:13 - 2013-08-08 23:10 - 110344048 _____ C:\Users\*\Desktop\avira_free_antivirus85_de.exe

2013-08-08 18:10 - 2013-08-08 18:10 - 00000520 _____ C:\Windows\PFRO.log

2013-08-08 16:09 - 2013-08-08 16:09 - 00000000 ____D C:\Users\*\Documents\ProcAlyzer Dumps

2013-08-08 15:47 - 2013-08-08 15:47 - 00000101 _____ C:\Windows\wininit.ini

2013-08-08 14:12 - 2013-08-08 14:10 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2

2013-08-08 14:10 - 2013-08-08 14:10 - 00001385 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk

2013-08-08 14:10 - 2013-08-08 14:10 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking

2013-08-08 14:09 - 2013-08-08 14:09 - 01440846 _____ C:\Users\Internetkonto\Desktop\mbam-chameleon-1.62.1.1000.zip

2013-08-08 14:08 - 2013-08-08 14:08 - 37672592 _____ (Safer-Networking Ltd.                                       ) C:\Users\Internetkonto\Desktop\spybotsd-2.1.21-SR2.exe

2013-08-08 09:32 - 2011-02-14 14:57 - 00696870 _____ C:\Windows\system32\perfh007.dat

2013-08-08 09:32 - 2011-02-14 14:57 - 00148134 _____ C:\Windows\system32\perfc007.dat

2013-08-08 09:32 - 2009-07-14 07:13 - 01612484 _____ C:\Windows\system32\PerfStringBackup.INI

2013-08-06 20:18 - 2013-08-06 20:18 - 00000000 _____ C:\Windows\setuperr.log

2013-08-06 19:00 - 2012-09-12 16:32 - 00000000 ____D C:\Users\*\AppData\Local\CrashDumps

2013-08-06 18:57 - 2011-02-14 14:43 - 00000000 ____D C:\Windows\Panther

2013-08-06 18:44 - 2011-12-25 19:05 - 00117024 _____ C:\Users\*\AppData\Local\GDIPFONTCACHEV1.DAT

2013-08-06 18:44 - 2011-12-25 19:04 - 00000000 ____D C:\Users\*

2013-08-06 18:43 - 2009-07-14 06:45 - 00461120 _____ C:\Windows\system32\FNTCACHE.DAT

2013-08-06 18:42 - 2012-05-19 03:02 - 00000000 ____D C:\Program Files\Microsoft Silverlight

2013-08-06 18:42 - 2012-05-19 03:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight

2013-08-06 18:40 - 2010-11-21 09:17 - 00000000 ____D C:\Program Files\Windows Journal

2013-08-06 18:40 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender

2013-08-06 18:40 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender

2013-08-06 18:19 - 2011-12-25 22:04 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2013-08-06 17:41 - 2013-08-06 17:41 - 00000000 ____D C:\Users\Internetkonto\AppData\Roaming\RCP 6

2013-08-06 17:35 - 2011-12-27 00:11 - 00000000 ___RD C:\Users\Internetkonto

2013-08-06 17:33 - 2013-08-06 17:33 - 00000000 ____D C:\ConversionOutput

2013-08-06 17:18 - 2013-08-06 17:18 - 00000000 ____D C:\Users\Internetkonto\AppData\Local\PictureConverter

2013-08-06 12:35 - 2013-07-02 19:01 - 00000000 ____D C:\Users\Internetkonto\AppData\Local\Windows Live

2013-08-06 12:18 - 2011-12-27 00:13 - 00117024 _____ C:\Users\Internetkonto\AppData\Local\GDIPFONTCACHEV1.DAT

2013-08-06 11:39 - 2013-08-06 11:39 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4

2013-08-06 11:39 - 2012-01-25 01:43 - 00000000 ____D C:\Program Files (x86)\OpenOffice.org 3

2013-08-06 11:37 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared

2013-08-06 11:34 - 2011-12-25 19:04 - 00000000 ____D C:\Users\*\AppData\Local\Adobe

2013-08-06 11:30 - 2012-11-21 19:21 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater

2013-08-06 11:30 - 2012-04-04 00:00 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2013-08-06 11:30 - 2011-12-28 22:46 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2013-08-06 11:21 - 2011-12-27 00:00 - 00000828 _____ C:\Users\Public\Desktop\CCleaner.lnk

2013-08-06 11:21 - 2011-12-27 00:00 - 00000000 ____D C:\Program Files\CCleaner

2013-08-06 11:14 - 2013-08-06 11:14 - 00000000 ____D C:\Windows\en

2013-08-06 11:14 - 2013-08-06 11:14 - 00000000 ____D C:\Windows\de

2013-08-06 11:13 - 2013-08-06 11:07 - 143436858 _____ C:\Users\*\Desktop\Apache_OpenOffice_4.0.0_Win_x86_install_en-US.exe

2013-08-06 11:12 - 2011-12-25 19:07 - 00000000 ____D C:\Program Files (x86)\Windows Live

2013-08-06 11:12 - 2011-12-25 19:06 - 00000000 ____D C:\Program Files\Windows Live

2013-07-30 08:50 - 2012-03-13 18:32 - 03864576 ___SH C:\Users\Internetkonto\Desktop\Thumbs.db

2013-07-28 04:46 - 2013-02-23 01:10 - 00000000 ____D C:\Users\Internetkonto\AppData\Roaming\Spotify

2013-07-28 01:23 - 2013-02-23 01:10 - 00000000 ____D C:\Users\Internetkonto\AppData\Local\Spotify

2013-07-14 10:30 - 2013-07-14 10:30 - 00001058 _____ C:\Users\Internetkonto\Desktop\Dropbox.lnk

2013-07-14 10:23 - 2012-08-24 12:53 - 00000000 ____D C:\Users\*\AppData\Roaming\Dropbox

2013-07-14 09:49 - 2012-08-24 12:54 - 00000000 ___RD C:\Users\Internetkonto\Dropbox

2013-07-13 12:40 - 2013-07-13 12:40 - 00000584 _____ C:\Users\*\Documents\cc_20130713_124051.reg

2013-07-13 12:30 - 2013-07-13 12:30 - 00055650 _____ C:\Users\*\Documents\cc_20130713_123015.reg

2013-07-13 12:30 - 2013-07-13 12:30 - 00001076 _____ C:\Users\*\Documents\cc_20130713_123029.reg

2013-07-13 12:30 - 2013-07-13 12:30 - 00000082 _____ C:\Users\*\Documents\cc_20130713_123040.reg

2013-07-10 15:39 - 2013-04-03 10:00 - 00000000 ____D C:\Users\*\AppData\Roaming\Foxit Software

2013-07-10 15:30 - 2013-07-10 15:30 - 00000000 ____D C:\Users\Internetkonto\AppData\Roaming\SumatraPDF
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2013-08-02 02:33
 

==================== End Of Log ============================

--- --- ---

--- --- ---

Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-08-2013 02

Ran by * at 2013-08-09 20:19:17

Running from C:\Users\*\Desktop

Boot Mode: Normal

==========================================================
 
 

==================== Installed Programs =======================
 

   

7-Zip 9.20 (x64 edition) (Version: 9.20.00.0) NÖTIG

Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94) NÖTIG

AIS Connect (x32 Version: 1.1.1.6) UNBEKANNT

AudibleManager (x32 Version: 2003320046.48.56.4001002) NÖTIG

Avira Free Antivirus (x32 Version: 12.1.9.2500) NÖTIG

Bluetooth Feature Pack 5.0 (Version: 5.0.14) UNBEKANNT

CyberLink YouCam (x32 Version: 3.0.1908.7636) UNBEKANNT

D3DX10 (x32 Version: 15.4.2368.0902) UNBEKANNT

DeskUpdate (x32 Version: 4.14.0118) UNBEKANNT

Die Gilde 2 (x32 Version: 1.20) NÖTIG

eaner (Version: 4.04) UNBEKANNT

ElsterFormular (x32 Version: 14.0.0.10960) NÖTIG

FileHippo.com Update Checker (x32) NÖTIG

Fotogalerie (x32 Version: 16.4.3508.0205) UNBEKANNT

Foxit Reader (x32 Version: 6.0.5.618) NÖTIG

Fujitsu Display Manager (Version: 7.01.00.210) UNBEKANNT

Fujitsu Display Manager (x32 Version: ) UNBEKANNT

Fujitsu Hotkey Utility (x32 Version: 3.60.1.0) UNBEKANNT

Fujitsu MobilityCenter Extension Utility (Version: 3.01.00.000) UNBEKANNT

Fujitsu MobilityCenter Extension Utility (x32 Version: ) UNBEKANNT

Fujitsu System Extension Utility (Version: 3.1.1.0) UNBEKANNT

Fujitsu System Extension Utility (x32) UNBEKANNT

FUSSBALL MANAGER 12 (x32 Version: 1.0.0.3) NÖTIG

Futuremark SystemInfo (x32 Version: 4.0.0.0) UNBEKANNT

GIMP 2.6.8 UNNÖTIG

HP Photosmart Plus B210 series - Grundlegende Software für das Gerät (Version: 22.50.231.0) NÖTIG

HP Photosmart Plus B210 series Hilfe (x32 Version: 140.0.54.54) NÖTIG

HP Update (x32 Version: 5.002.006.003) UNBEKANNT

HTC Driver Installer (x32 Version: 4.1.0.001) NÖTIG

ImgBurn (x32 Version: 2.5.8.0) Unnötig

Intel(R) Graphics Media Accelerator Driver (x32 Version: 8.15.10.2025) UNBEKANNT

Intel(R) Management Engine Components (x32 Version: 6.0.0.1179) UNBEKANNT

IPTInstaller (x32 Version: 4.0.8) UNBEKANNT

Java 7 Update 25 (64-bit) (Version: 7.0.250) NÖTIG

Junk Mail filter update (x32 Version: 16.4.3508.0205) UNBEKANNT

LifeBook Application Panel (Version: 8.1.0.0) UNBEKANNT

LifeBook Application Panel (x32) UNBEKANNT

Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300) NÖTIG

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) UNBEKANNT

Microsoft .NET Framework 4 Extended (Version: 4.0.30319) UNBEKANNT

Microsoft Application Error Reporting (Version: 12.0.6015.5000) UNBEKANNT

Microsoft Silverlight (Version: 5.1.20513.0) UNBEKANNT

Microsoft SkyDrive (HKCU Version: 16.4.6013.0910) UNBEKANNT

Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000) UNBEKANNT

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053) UNBEKANNT

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193) UNBEKANNT

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) UNBEKANNT

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729) UNBEKANNT

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148) UNBEKANNT

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) UNBEKANNT

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (x32 Version: 9.0.30411) UNBEKANNT

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729) UNBEKANNT

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) UNBEKANNT

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) UNBEKANNT

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)

Movie Maker (x32 Version: 16.4.3508.0205) UNBEKANNT

Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0) NÖTIG

Mozilla Maintenance Service (x32 Version: 22.0) UNBEKANNT

Mp3tag v2.49b (x32 Version: v2.49b) NÖTIG

MSVCRT (x32 Version: 15.4.2862.0708) UNBEKANNT

MSVCRT_amd64 (x32 Version: 15.4.2862.0708) UNBEKANNT

MSVCRT110 (x32 Version: 16.4.1108.0727) UNBEKANNT

MSVCRT110_amd64 (Version: 16.4.1109.0912) UNBEKANNT

MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0) UNBEKANNT

MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0) UNBEKANNT

MyPhoneExplorer (x32 Version: 1.8.4) NÖTIG

NVIDIA PhysX (x32 Version: 9.10.0513) UNBEKANNT

OpenOffice 4.0.0 (x32 Version: 4.00.9702) NÖTIG

PDF24 Creator 5.4.0 (x32) NÖTIG

Photo Common (x32 Version: 16.4.3508.0205) UNBEKANNT

Photo Gallery (x32 Version: 16.4.3508.0205) UNBEKANNT

Plugfree NETWORK (Version: 5.3.0.1) UNBEKANNT

Plugfree NETWORK (Version: 5.3.001) UNBEKANNT

Power Saving Utility (Version: 31.01.11.013) UNBEKANNT

Power Saving Utility (x32) UNBEKANNT

Realtek High Definition Audio Driver (x32 Version: 6.0.1.5969) NÖTIG

Realtek USB 2.0 Card Reader (x32 Version: 6.1.7100.30087) UNBEKANNT

Scribus 1.4.2 (x32 Version: 1.4.2) UNBEKANNT

Spybot - Search & Destroy (x32 Version: 2.1.21) NÖTIG

Steam (x32 Version: 1.0.0.0) NÖTIG

SumatraPDF (x32 Version: 2.3.2) NÖTIG

Synaptics Pointing Device Driver (Version: 14.0.10.0) UNBEKANNT

Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)

VirtualDJ Home FREE (x32 Version: 7.0.5) NÖTIG

VLC media player 2.0.7 (Version: 2.0.7) NÖTIG

Windows Live Communications Platform (x32 Version: 16.4.3508.0205)

Windows Live Essentials (x32 Version: 16.4.3508.0205)

Windows Live Family Safety (Version: 16.4.3508.0205)

Windows Live Family Safety (x32 Version: 16.4.3508.0205)

Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)

Windows Live Installer (x32 Version: 16.4.3508.0205)

Windows Live Mail (x32 Version: 16.4.3508.0205)

Windows Live Messenger (x32 Version: 16.4.3508.0205)

Windows Live MIME IFilter (Version: 16.4.3508.0205)

Windows Live Photo Common (x32 Version: 16.4.3508.0205)

Windows Live PIMT Platform (x32 Version: 16.4.3508.0205)

Windows Live SOXE (x32 Version: 16.4.3508.0205)

Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205)

Windows Live UX Platform (x32 Version: 16.4.3508.0205)

Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205)

Windows Live Writer (x32 Version: 16.4.3508.0205)

Windows Live Writer Resources (x32 Version: 16.4.3508.0205)
 

==================== Restore Points  =========================
 

07-08-2013 22:00:02 Geplanter Prüfpunkt

08-08-2013 13:47:46 S

08-08-2013 13:48:38 S
 

==================== Hosts content: ==========================
 

2009-07-14 04:34 - 2012-11-26 19:53 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: {03ED20E5-6DD6-4450-9DF8-6582622BC2CD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-06] (Adobe Systems Incorporated)

Task: {2AB5D8C4-867D-414B-A8E7-8A15026AD4B3} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task

Task: {3FCE60E6-0D19-42B0-AC13-E6247C625EBC} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe No File

Task: {46499856-DDFD-41AC-853B-3B53FB23322D} - System32\Tasks\PandaUSBVaccine => C:\Program Files (x86)\Panda USB Vaccine\RunInteractiveWin.exe No File

Task: {4870DD65-6D6E-4AA0-BD04-F8FF4967ED01} - System32\Tasks\WPD\SqmUpload_S-1-5-21-2742597350-2926104813-441540862-1003 => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)

Task: {5537BE2F-0BFF-4ECF-BCC6-23858B8260C7} - System32\Tasks\Fujitsu\DeskUpdate => c:\Fujitsu\Programs\DeskUpdate\ducmd.exe [2013-02-26] (Fujitsu Technology Solutions)

Task: {7355AFC4-D5FB-4B21-B620-8F6C3B1AFAFC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd)

Task: {85C89B54-D15D-4AC2-B444-83A9BB64AA23} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe No File

Task: {9C4716E8-8167-4791-B10F-2A571FFCA98E} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)

Task: {B15B2A64-8F4D-4D6F-892B-5D49B9D9E425} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe No File

Task: {C1EB6372-3B20-4A2F-A0FB-22EC5BE63B79} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-21] (Microsoft Corporation)

Task: {FAEEF2BF-4BDF-40D3-B14B-978A9E6F47DC} - System32\Tasks\hpUtility.exe => C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\utils\hpUtility.exe [2010-11-16] (Hewlett-Packard Co.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
 

==================== Faulty Device Manager Devices =============
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (08/09/2013 08:28:01 AM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (08/08/2013 06:32:49 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (08/08/2013 06:11:45 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (08/08/2013 03:48:38 PM) (Source: Microsoft-Windows-CAPI2) (User: )

Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
 
 

Details:

AddLegacyDriverFiles: Unable to back up image of binary SASKUTIL.
 

System Error:

Das System kann die angegebene Datei nicht finden.

.
 

Error: (08/08/2013 03:47:57 PM) (Source: Microsoft-Windows-CAPI2) (User: )

Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
 
 

Details:

AddLegacyDriverFiles: Unable to back up image of binary SASKUTIL.
 

System Error:

Das System kann die angegebene Datei nicht finden.

.
 

Error: (08/06/2013 08:20:42 PM) (Source: Windows Search Service) (User: )

Description: Der Index kann nicht initialisiert werden.
 
 

Details:

        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
 

Error: (08/06/2013 08:20:42 PM) (Source: Windows Search Service) (User: )

Description: Die Anwendung kann nicht initialisiert werden.
 

Kontext: Windows Anwendung
 
 

Details:

        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
 

Error: (08/06/2013 08:20:42 PM) (Source: Windows Search Service) (User: )

Description: Das Gatherer-Objekt kann nicht initialisiert werden.
 

Kontext: Windows Anwendung, SystemIndex Katalog
 
 

Details:

        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
 

Error: (08/06/2013 08:20:42 PM) (Source: Windows Search Service) (User: )

Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.
 

Kontext: Windows Anwendung, SystemIndex Katalog
 
 

Details:

        Element nicht gefunden.  (HRESULT : 0x80070490) (0x80070490)
 

Error: (08/06/2013 08:20:41 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 

System errors:

=============

Error: (08/09/2013 08:27:52 AM) (Source: Service Control Manager) (User: )

Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1053
 

Error: (08/09/2013 08:27:52 AM) (Source: Service Control Manager) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.
 

Error: (08/08/2013 06:32:16 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1053
 

Error: (08/08/2013 06:32:16 PM) (Source: Service Control Manager) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.
 

Error: (08/08/2013 06:31:36 PM) (Source: EventLog) (User: )

Description: Das System wurde zuvor am ‎08.‎08.‎2013 um 18:15:32 unerwartet heruntergefahren.
 

Error: (08/08/2013 06:15:44 PM) (Source: Microsoft-Windows-Kernel-Power) (User: NT-AUTORITÄT)

Description: Das System wurde aufgrund eines kritischen thermischen Ereignisses heruntergefahren.

            

Zeit für das Herunterfahren = 2013-08-08T16:15:44.711165100Z

            

ACPI-Thermozone = ACPI\ThermalZone\THRM

            

_CRT = 362K
 

Error: (08/08/2013 06:11:21 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1053
 

Error: (08/08/2013 06:11:21 PM) (Source: Service Control Manager) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.
 

Error: (08/07/2013 02:21:16 AM) (Source: volsnap) (User: )

Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
 

Error: (08/06/2013 08:20:45 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
 
 

Microsoft Office Sessions:

=========================

Error: (08/09/2013 08:28:01 AM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (08/08/2013 06:32:49 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (08/08/2013 06:11:45 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (08/08/2013 03:48:38 PM) (Source: Microsoft-Windows-CAPI2)(User: )

Description: 

Details:

AddLegacyDriverFiles: Unable to back up image of binary SASKUTIL.
 

System Error:

Das System kann die angegebene Datei nicht finden.
 

Error: (08/08/2013 03:47:57 PM) (Source: Microsoft-Windows-CAPI2)(User: )

Description: 

Details:

AddLegacyDriverFiles: Unable to back up image of binary SASKUTIL.
 

System Error:

Das System kann die angegebene Datei nicht finden.
 

Error: (08/06/2013 08:20:42 PM) (Source: Windows Search Service)(User: )

Description: 

Details:

        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
 

Error: (08/06/2013 08:20:42 PM) (Source: Windows Search Service)(User: )

Description: Kontext: Windows Anwendung
 
 

Details:

        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
 

Error: (08/06/2013 08:20:42 PM) (Source: Windows Search Service)(User: )

Description: Kontext: Windows Anwendung, SystemIndex Katalog
 
 

Details:

        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
 

Error: (08/06/2013 08:20:42 PM) (Source: Windows Search Service)(User: )

Description: Kontext: Windows Anwendung, SystemIndex Katalog
 
 

Details:

        Element nicht gefunden.  (HRESULT : 0x80070490) (0x80070490)

Search.TripoliIndexer
 

Error: (08/06/2013 08:20:41 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 

CodeIntegrity Errors:

===================================

  Date: 2012-11-26 18:53:24.964

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2012-11-26 18:53:24.933

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2012-08-28 09:33:57.758

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\*\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2012-08-28 09:33:57.743

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\*\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2012-08-28 09:33:57.547

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2012-08-28 09:33:57.532

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2011-12-30 19:24:34.551

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\*\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2011-12-30 19:24:34.533

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users*\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2011-12-30 19:24:34.222

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Programme\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2011-12-30 19:24:34.205

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Programme\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 
 

==================== Memory info =========================== 
 

Percentage of memory in use: 41%

Total physical RAM: 3892.55 MB

Available physical RAM: 2259.1 MB

Total Pagefile: 7783.29 MB

Available Pagefile: 5824.24 MB

Total Virtual: 8192 MB

Available Virtual: 8191.83 MB
 

==================== Drives ================================
 

Drive c: (System) (Fixed) (Total:50 GB) (Free:12.48 GB) NTFS (Disk=0 Partition=2) ==>[System with boot components (obtained from reading drive)]

Drive d: (Data) (Fixed) (Total:413.76 GB) (Free:110.82 GB) NTFS (Disk=0 Partition=3)
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: B477DB1C)

Partition 1: (Active) - (Size=2 GB) - (Type=27)

Partition 2: (Not Active) - (Size=50 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=414 GB) - (Type=07 NTFS)
 

==================== End Of Log ============================

Hi,
es sind 2 Logs zu erstellen, bitte gleichzeitig posten, wenn möglich.
1. deinstaliere:
Futuremark
GIMP
ImgBurn
Spybot : kann weg, nimm lieber malwarebytes.
Neustarten.
2.
Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

3.
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Beim Durchlaufen der Combofix-Software fährt irgendwann der Rechner von selbst runter, denke das ist nicht richtig so, oder? Ich kann zudem kein logfile finden.

Code:

13:52:35.0196 4940  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

13:52:35.0448 4940  ============================================================

13:52:35.0448 4940  Current date / time: 2013/08/13 13:52:35.0448

13:52:35.0448 4940  SystemInfo:

13:52:35.0448 4940  

13:52:35.0448 4940  OS Version: 6.1.7601 ServicePack: 1.0

13:52:35.0448 4940  Product type: Workstation

13:52:35.0448 4940  ComputerName: DANJESSI-PC

13:52:35.0448 4940  UserName: DanJessi

13:52:35.0448 4940  Windows directory: C:\Windows

13:52:35.0448 4940  System windows directory: C:\Windows

13:52:35.0448 4940  Running under WOW64

13:52:35.0448 4940  Processor architecture: Intel x64

13:52:35.0448 4940  Number of processors: 2

13:52:35.0448 4940  Page size: 0x1000

13:52:35.0448 4940  Boot type: Normal boot

13:52:35.0448 4940  ============================================================

13:52:38.0464 4940  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

13:52:38.0474 4940  ============================================================

13:52:38.0474 4940  \Device\Harddisk0\DR0:

13:52:38.0474 4940  MBR partitions:

13:52:38.0474 4940  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x401000, BlocksNum 0x6400800

13:52:38.0474 4940  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x6801800, BlocksNum 0x33B84000

13:52:38.0474 4940  ============================================================

13:52:38.0524 4940  C: <-> \Device\Harddisk0\DR0\Partition1

13:52:38.0664 4940  D: <-> \Device\Harddisk0\DR0\Partition2

13:52:38.0664 4940  ============================================================

13:52:38.0664 4940  Initialize success

13:52:38.0664 4940  ============================================================

13:53:50.0153 4724  ============================================================

13:53:50.0153 4724  Scan started

13:53:50.0153 4724  Mode: Manual; SigCheck; TDLFS; 

13:53:50.0153 4724  ============================================================

13:53:50.0512 4724  ================ Scan system memory ========================

13:53:50.0512 4724  System memory - ok

13:53:50.0512 4724  ================ Scan services =============================

13:53:50.0699 4724  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys

13:53:50.0777 4724  1394ohci - ok

13:53:50.0824 4724  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys

13:53:50.0840 4724  ACPI - ok

13:53:50.0887 4724  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys

13:53:50.0965 4724  AcpiPmi - ok

13:53:51.0136 4724  [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

13:53:51.0152 4724  AdobeFlashPlayerUpdateSvc - ok

13:53:51.0214 4724  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys

13:53:51.0230 4724  adp94xx - ok

13:53:51.0277 4724  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys

13:53:51.0292 4724  adpahci - ok

13:53:51.0308 4724  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys

13:53:51.0323 4724  adpu320 - ok

13:53:51.0355 4724  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll

13:53:51.0542 4724  AeLookupSvc - ok

13:53:51.0589 4724  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys

13:53:51.0651 4724  AFD - ok

13:53:51.0698 4724  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys

13:53:51.0729 4724  agp440 - ok

13:53:51.0760 4724  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe

13:53:51.0807 4724  ALG - ok

13:53:51.0838 4724  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys

13:53:51.0869 4724  aliide - ok

13:53:51.0901 4724  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys

13:53:51.0916 4724  amdide - ok

13:53:51.0947 4724  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys

13:53:51.0979 4724  AmdK8 - ok

13:53:51.0994 4724  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys

13:53:52.0041 4724  AmdPPM - ok

13:53:52.0072 4724  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys

13:53:52.0088 4724  amdsata - ok

13:53:52.0119 4724  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys

13:53:52.0135 4724  amdsbs - ok

13:53:52.0150 4724  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys

13:53:52.0150 4724  amdxata - ok

13:53:52.0197 4724  [ 4DE0D5D747A73797C95A97DCCE5018B5 ] androidusb      C:\Windows\system32\Drivers\ssadadb.sys

13:53:52.0275 4724  androidusb - ok

13:53:52.0400 4724  [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

13:53:52.0415 4724  AntiVirSchedulerService - ok

13:53:52.0509 4724  [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

13:53:52.0525 4724  AntiVirService - ok

13:53:52.0571 4724  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys

13:53:52.0759 4724  AppID - ok

13:53:52.0774 4724  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll

13:53:52.0852 4724  AppIDSvc - ok

13:53:52.0899 4724  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll

13:53:52.0961 4724  Appinfo - ok

13:53:53.0008 4724  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys

13:53:53.0039 4724  arc - ok

13:53:53.0071 4724  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys

13:53:53.0086 4724  arcsas - ok

13:53:53.0195 4724  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

13:53:53.0211 4724  aspnet_state - ok

13:53:53.0242 4724  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys

13:53:53.0320 4724  AsyncMac - ok

13:53:53.0351 4724  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys

13:53:53.0367 4724  atapi - ok

13:53:53.0429 4724  [ D6CAD7E5B05055BB8226BDCB1644DA27 ] athr            C:\Windows\system32\DRIVERS\athrx.sys

13:53:53.0523 4724  athr - ok

13:53:53.0570 4724  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

13:53:53.0663 4724  AudioEndpointBuilder - ok

13:53:53.0757 4724  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll

13:53:53.0804 4724  AudioSrv - ok

13:53:53.0866 4724  [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys

13:53:53.0882 4724  avgntflt - ok

13:53:53.0944 4724  [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys

13:53:53.0960 4724  avipbb - ok

13:53:53.0991 4724  [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys

13:53:54.0007 4724  avkmgr - ok

13:53:54.0053 4724  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll

13:53:54.0163 4724  AxInstSV - ok

13:53:54.0194 4724  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys

13:53:54.0241 4724  b06bdrv - ok

13:53:54.0303 4724  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys

13:53:54.0334 4724  b57nd60a - ok

13:53:54.0397 4724  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll

13:53:54.0443 4724  BDESVC - ok

13:53:54.0475 4724  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys

13:53:54.0537 4724  Beep - ok

13:53:54.0599 4724  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll

13:53:54.0693 4724  BFE - ok

13:53:54.0740 4724  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll

13:53:54.0833 4724  BITS - ok

13:53:54.0865 4724  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys

13:53:54.0911 4724  blbdrive - ok

13:53:54.0943 4724  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys

13:53:54.0989 4724  bowser - ok

13:53:55.0036 4724  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys

13:53:55.0083 4724  BrFiltLo - ok

13:53:55.0114 4724  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys

13:53:55.0130 4724  BrFiltUp - ok

13:53:55.0145 4724  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys

13:53:55.0208 4724  BridgeMP - ok

13:53:55.0239 4724  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll

13:53:55.0286 4724  Browser - ok

13:53:55.0317 4724  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys

13:53:55.0379 4724  Brserid - ok

13:53:55.0411 4724  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys

13:53:55.0442 4724  BrSerWdm - ok

13:53:55.0457 4724  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys

13:53:55.0504 4724  BrUsbMdm - ok

13:53:55.0535 4724  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys

13:53:55.0567 4724  BrUsbSer - ok

13:53:55.0598 4724  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys

13:53:55.0660 4724  BthEnum - ok

13:53:55.0691 4724  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys

13:53:55.0754 4724  BTHMODEM - ok

13:53:55.0785 4724  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys

13:53:55.0816 4724  BthPan - ok

13:53:55.0847 4724  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys

13:53:55.0894 4724  BTHPORT - ok

13:53:55.0925 4724  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll

13:53:55.0972 4724  bthserv - ok

13:53:56.0019 4724  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys

13:53:56.0066 4724  BTHUSB - ok

13:53:56.0128 4724  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys

13:53:56.0191 4724  cdfs - ok

13:53:56.0237 4724  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys

13:53:56.0269 4724  cdrom - ok

13:53:56.0331 4724  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll

13:53:56.0378 4724  CertPropSvc - ok

13:53:56.0440 4724  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys

13:53:56.0487 4724  circlass - ok

13:53:56.0534 4724  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys

13:53:56.0565 4724  CLFS - ok

13:53:56.0627 4724  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

13:53:56.0659 4724  clr_optimization_v2.0.50727_32 - ok

13:53:56.0705 4724  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

13:53:56.0721 4724  clr_optimization_v2.0.50727_64 - ok

13:53:56.0783 4724  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

13:53:56.0799 4724  clr_optimization_v4.0.30319_32 - ok

13:53:56.0830 4724  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

13:53:56.0830 4724  clr_optimization_v4.0.30319_64 - ok

13:53:56.0861 4724  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys

13:53:56.0877 4724  CmBatt - ok

13:53:56.0908 4724  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys

13:53:56.0924 4724  cmdide - ok

13:53:56.0971 4724  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys

13:53:57.0017 4724  CNG - ok

13:53:57.0033 4724  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys

13:53:57.0049 4724  Compbatt - ok

13:53:57.0095 4724  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys

13:53:57.0142 4724  CompositeBus - ok

13:53:57.0158 4724  COMSysApp - ok

13:53:57.0189 4724  cpuz135 - ok

13:53:57.0220 4724  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys

13:53:57.0236 4724  crcdisk - ok

13:53:57.0283 4724  [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc        C:\Windows\system32\cryptsvc.dll

13:53:57.0345 4724  CryptSvc - ok

13:53:57.0423 4724  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll

13:53:57.0485 4724  DcomLaunch - ok

13:53:57.0595 4724  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll

13:53:57.0844 4724  defragsvc - ok

13:53:57.0891 4724  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys

13:53:57.0953 4724  DfsC - ok

13:53:57.0985 4724  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll

13:53:58.0047 4724  Dhcp - ok

13:53:58.0078 4724  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys

13:53:58.0141 4724  discache - ok

13:53:58.0172 4724  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys

13:53:58.0203 4724  Disk - ok

13:53:58.0234 4724  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll

13:53:58.0297 4724  Dnscache - ok

13:53:58.0328 4724  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll

13:53:58.0406 4724  dot3svc - ok

13:53:58.0437 4724  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll

13:53:58.0515 4724  DPS - ok

13:53:58.0562 4724  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys

13:53:58.0609 4724  drmkaud - ok

13:53:58.0702 4724  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys

13:53:58.0733 4724  DXGKrnl - ok

13:53:58.0780 4724  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll

13:53:58.0843 4724  EapHost - ok

13:53:58.0952 4724  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys

13:53:59.0061 4724  ebdrv - ok

13:53:59.0092 4724  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe

13:53:59.0123 4724  EFS - ok

13:53:59.0186 4724  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe

13:53:59.0248 4724  ehRecvr - ok

13:53:59.0264 4724  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe

13:53:59.0311 4724  ehSched - ok

13:53:59.0342 4724  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys

13:53:59.0373 4724  elxstor - ok

13:53:59.0404 4724  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys

13:53:59.0435 4724  ErrDev - ok

13:53:59.0482 4724  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll

13:53:59.0545 4724  EventSystem - ok

13:53:59.0607 4724  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys

13:53:59.0669 4724  exfat - ok

13:53:59.0701 4724  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys

13:53:59.0779 4724  fastfat - ok

13:53:59.0825 4724  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe

13:53:59.0872 4724  Fax - ok

13:53:59.0888 4724  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys

13:53:59.0935 4724  fdc - ok

13:53:59.0966 4724  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll

13:54:00.0028 4724  fdPHost - ok

13:54:00.0044 4724  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll

13:54:00.0106 4724  FDResPub - ok

13:54:00.0122 4724  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys

13:54:00.0137 4724  FileInfo - ok

13:54:00.0153 4724  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys

13:54:00.0231 4724  Filetrace - ok

13:54:00.0262 4724  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys

13:54:00.0278 4724  flpydisk - ok

13:54:00.0309 4724  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys

13:54:00.0325 4724  FltMgr - ok

13:54:00.0418 4724  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll

13:54:00.0481 4724  FontCache - ok

13:54:00.0527 4724  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

13:54:00.0543 4724  FontCache3.0.0.0 - ok

13:54:00.0574 4724  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys

13:54:00.0590 4724  FsDepends - ok

13:54:00.0621 4724  [ C2E475625F2C6F7DCDE4E920523A0573 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys

13:54:00.0637 4724  fssfltr - ok

13:54:00.0761 4724  [ B6AB40819ECEC4BA07266EC0EBBC85A7 ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe

13:54:00.0839 4724  fsssvc - ok

13:54:00.0855 4724  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys

13:54:00.0871 4724  Fs_Rec - ok

13:54:00.0886 4724  [ BA0C1FFDA496D8BCBCAC63F8D98D20E3 ] FUJ02B1         C:\Windows\system32\DRIVERS\FUJ02B1.sys

13:54:00.0933 4724  FUJ02B1 - ok

13:54:00.0949 4724  [ 7135030CBF87D724B6037BB023923730 ] FUJ02E3         C:\Windows\system32\DRIVERS\FUJ02E3.sys

13:54:00.0995 4724  FUJ02E3 - ok

13:54:01.0027 4724  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys

13:54:01.0058 4724  fvevol - ok

13:54:01.0089 4724  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys

13:54:01.0105 4724  gagp30kx - ok

13:54:01.0167 4724  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll

13:54:01.0245 4724  gpsvc - ok

13:54:01.0276 4724  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys

13:54:01.0323 4724  hcw85cir - ok

13:54:01.0339 4724  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

13:54:01.0370 4724  HdAudAddService - ok

13:54:01.0401 4724  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys

13:54:01.0417 4724  HDAudBus - ok

13:54:01.0448 4724  [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys

13:54:01.0463 4724  HECIx64 - ok

13:54:01.0495 4724  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys

13:54:01.0526 4724  HidBatt - ok

13:54:01.0541 4724  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys

13:54:01.0573 4724  HidBth - ok

13:54:01.0604 4724  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys

13:54:01.0619 4724  HidIr - ok

13:54:01.0651 4724  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll

13:54:01.0713 4724  hidserv - ok

13:54:01.0744 4724  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys

13:54:01.0760 4724  HidUsb - ok

13:54:01.0775 4724  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll

13:54:01.0869 4724  hkmsvc - ok

13:54:01.0885 4724  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

13:54:01.0931 4724  HomeGroupListener - ok

13:54:01.0963 4724  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

13:54:01.0994 4724  HomeGroupProvider - ok

13:54:02.0025 4724  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys

13:54:02.0041 4724  HpSAMD - ok

13:54:02.0072 4724  [ F47CEC45FB85791D4AB237563AD0FA8F ] HTCAND64        C:\Windows\system32\Drivers\ANDROIDUSB.sys

13:54:02.0103 4724  HTCAND64 - ok

13:54:02.0165 4724  [ B8B1B284362E1D8135112573395D5DA5 ] htcnprot        C:\Windows\system32\DRIVERS\htcnprot.sys

13:54:02.0181 4724  htcnprot - ok

13:54:02.0212 4724  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys

13:54:02.0275 4724  HTTP - ok

13:54:02.0275 4724  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys

13:54:02.0290 4724  hwpolicy - ok

13:54:02.0321 4724  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys

13:54:02.0337 4724  i8042prt - ok

13:54:02.0368 4724  [ 2064090C9FAAD92C090D77E50E735B2E ] iaStor          C:\Windows\system32\drivers\iaStor.sys

13:54:02.0399 4724  iaStor - ok

13:54:02.0446 4724  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys

13:54:02.0462 4724  iaStorV - ok

13:54:02.0524 4724  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

13:54:02.0571 4724  idsvc - ok

13:54:02.0774 4724  [ 8E509DE232CFA4F8A5B34F01802F500E ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys

13:54:03.0055 4724  igfx - ok

13:54:03.0086 4724  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys

13:54:03.0101 4724  iirsp - ok

13:54:03.0133 4724  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll

13:54:03.0211 4724  IKEEXT - ok

13:54:03.0242 4724  [ 36FDF367A1DABFF903E2214023D71368 ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys

13:54:03.0289 4724  Impcd - ok

13:54:03.0429 4724  [ 42943BB3AB7A405B30EFF7C8283CC129 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

13:54:03.0476 4724  IntcAzAudAddService - ok

13:54:03.0523 4724  [ D248AAE81C156C0D47A77CD61BC24CD4 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys

13:54:03.0538 4724  IntcDAud - ok

13:54:03.0554 4724  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys

13:54:03.0569 4724  intelide - ok

13:54:03.0601 4724  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys

13:54:03.0632 4724  intelppm - ok

13:54:03.0647 4724  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll

13:54:03.0710 4724  IPBusEnum - ok

13:54:03.0741 4724  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys

13:54:03.0803 4724  IpFilterDriver - ok

13:54:03.0819 4724  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll

13:54:03.0881 4724  iphlpsvc - ok

13:54:03.0897 4724  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys

13:54:03.0913 4724  IPMIDRV - ok

13:54:03.0944 4724  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys

13:54:04.0006 4724  IPNAT - ok

13:54:04.0053 4724  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys

13:54:04.0069 4724  IRENUM - ok

13:54:04.0100 4724  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys

13:54:04.0115 4724  isapnp - ok

13:54:04.0162 4724  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys

13:54:04.0178 4724  iScsiPrt - ok

13:54:04.0225 4724  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys

13:54:04.0225 4724  kbdclass - ok

13:54:04.0271 4724  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys

13:54:04.0303 4724  kbdhid - ok

13:54:04.0334 4724  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe

13:54:04.0349 4724  KeyIso - ok

13:54:04.0381 4724  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys

13:54:04.0396 4724  KSecDD - ok

13:54:04.0427 4724  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys

13:54:04.0443 4724  KSecPkg - ok

13:54:04.0459 4724  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys

13:54:04.0521 4724  ksthunk - ok

13:54:04.0537 4724  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll

13:54:04.0599 4724  KtmRm - ok

13:54:04.0646 4724  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll

13:54:04.0708 4724  LanmanServer - ok

13:54:04.0755 4724  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

13:54:04.0802 4724  LanmanWorkstation - ok

13:54:04.0864 4724  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys

13:54:04.0927 4724  lltdio - ok

13:54:04.0958 4724  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll

13:54:05.0020 4724  lltdsvc - ok

13:54:05.0036 4724  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll

13:54:05.0083 4724  lmhosts - ok

13:54:05.0145 4724  [ A1C148801B4AF64847AEB9F3AD9594EF ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

13:54:05.0176 4724  LMS ( UnsignedFile.Multi.Generic ) - warning

13:54:05.0176 4724  LMS - detected UnsignedFile.Multi.Generic (1)

13:54:05.0207 4724  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys

13:54:05.0239 4724  LSI_FC - ok

13:54:05.0254 4724  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys

13:54:05.0270 4724  LSI_SAS - ok

13:54:05.0301 4724  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys

13:54:05.0317 4724  LSI_SAS2 - ok

13:54:05.0317 4724  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys

13:54:05.0332 4724  LSI_SCSI - ok

13:54:05.0379 4724  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys

13:54:05.0457 4724  luafv - ok

13:54:05.0488 4724  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll

13:54:05.0519 4724  Mcx2Svc - ok

13:54:05.0535 4724  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys

13:54:05.0551 4724  megasas - ok

13:54:05.0597 4724  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys

13:54:05.0629 4724  MegaSR - ok

13:54:05.0644 4724  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll

13:54:05.0738 4724  MMCSS - ok

13:54:05.0753 4724  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys

13:54:05.0816 4724  Modem - ok

13:54:05.0847 4724  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys

13:54:05.0878 4724  monitor - ok

13:54:05.0925 4724  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys

13:54:05.0941 4724  mouclass - ok

13:54:05.0972 4724  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys

13:54:05.0987 4724  mouhid - ok

13:54:06.0003 4724  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys

13:54:06.0034 4724  mountmgr - ok

13:54:06.0081 4724  [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

13:54:06.0097 4724  MozillaMaintenance - ok

13:54:06.0159 4724  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys

13:54:06.0175 4724  mpio - ok

13:54:06.0221 4724  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys

13:54:06.0284 4724  mpsdrv - ok

13:54:06.0331 4724  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll

13:54:06.0409 4724  MpsSvc - ok

13:54:06.0424 4724  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys

13:54:06.0455 4724  MRxDAV - ok

13:54:06.0487 4724  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys

13:54:06.0518 4724  mrxsmb - ok

13:54:06.0549 4724  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys

13:54:06.0565 4724  mrxsmb10 - ok

13:54:06.0580 4724  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys

13:54:06.0627 4724  mrxsmb20 - ok

13:54:06.0643 4724  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys

13:54:06.0658 4724  msahci - ok

13:54:06.0689 4724  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys

13:54:06.0705 4724  msdsm - ok

13:54:06.0721 4724  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe

13:54:06.0783 4724  MSDTC - ok

13:54:06.0814 4724  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys

13:54:06.0877 4724  Msfs - ok

13:54:06.0908 4724  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys

13:54:06.0955 4724  mshidkmdf - ok

13:54:06.0986 4724  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys

13:54:07.0001 4724  msisadrv - ok

13:54:07.0033 4724  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll

13:54:07.0095 4724  MSiSCSI - ok

13:54:07.0095 4724  msiserver - ok

13:54:07.0157 4724  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys

13:54:07.0204 4724  MSKSSRV - ok

13:54:07.0220 4724  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys

13:54:07.0267 4724  MSPCLOCK - ok

13:54:07.0282 4724  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys

13:54:07.0345 4724  MSPQM - ok

13:54:07.0376 4724  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys

13:54:07.0407 4724  MsRPC - ok

13:54:07.0423 4724  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys

13:54:07.0438 4724  mssmbios - ok

13:54:07.0454 4724  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys

13:54:07.0501 4724  MSTEE - ok

13:54:07.0532 4724  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys

13:54:07.0563 4724  MTConfig - ok

13:54:07.0579 4724  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys

13:54:07.0594 4724  Mup - ok

13:54:07.0641 4724  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll

13:54:07.0703 4724  napagent - ok

13:54:07.0750 4724  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys

13:54:07.0813 4724  NativeWifiP - ok

13:54:07.0875 4724  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys

13:54:07.0922 4724  NDIS - ok

13:54:07.0953 4724  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys

13:54:08.0000 4724  NdisCap - ok

13:54:08.0031 4724  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys

13:54:08.0078 4724  NdisTapi - ok

13:54:08.0093 4724  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys

13:54:08.0171 4724  Ndisuio - ok

13:54:08.0187 4724  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys

13:54:08.0249 4724  NdisWan - ok

13:54:08.0265 4724  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys

13:54:08.0327 4724  NDProxy - ok

13:54:08.0343 4724  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys

13:54:08.0405 4724  NetBIOS - ok

13:54:08.0421 4724  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys

13:54:08.0483 4724  NetBT - ok

13:54:08.0515 4724  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe

13:54:08.0530 4724  Netlogon - ok

13:54:08.0561 4724  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll

13:54:08.0639 4724  Netman - ok

13:54:08.0671 4724  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

13:54:08.0702 4724  NetMsmqActivator - ok

13:54:08.0733 4724  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

13:54:08.0749 4724  NetPipeActivator - ok

13:54:08.0780 4724  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll

13:54:08.0842 4724  netprofm - ok

13:54:08.0858 4724  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

13:54:08.0873 4724  NetTcpActivator - ok

13:54:08.0889 4724  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

13:54:08.0889 4724  NetTcpPortSharing - ok

13:54:08.0936 4724  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys

13:54:08.0951 4724  nfrd960 - ok

13:54:08.0983 4724  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll

13:54:09.0014 4724  NlaSvc - ok

13:54:09.0029 4724  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys

13:54:09.0092 4724  Npfs - ok

13:54:09.0107 4724  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll

13:54:09.0154 4724  nsi - ok

13:54:09.0170 4724  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys

13:54:09.0232 4724  nsiproxy - ok

13:54:09.0295 4724  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys

13:54:09.0404 4724  Ntfs - ok

13:54:09.0419 4724  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys

13:54:09.0482 4724  Null - ok

13:54:09.0513 4724  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys

13:54:09.0529 4724  nvraid - ok

13:54:09.0544 4724  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys

13:54:09.0560 4724  nvstor - ok

13:54:09.0575 4724  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys

13:54:09.0591 4724  nv_agp - ok

13:54:09.0622 4724  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys

13:54:09.0669 4724  ohci1394 - ok

13:54:09.0700 4724  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll

13:54:09.0731 4724  p2pimsvc - ok

13:54:09.0778 4724  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll

13:54:09.0809 4724  p2psvc - ok

13:54:09.0841 4724  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys

13:54:09.0872 4724  Parport - ok

13:54:09.0887 4724  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys

13:54:09.0919 4724  partmgr - ok

13:54:09.0981 4724  [ 3CAE2BBC86FCF7F94C9696994AF30386 ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

13:54:10.0012 4724  PassThru Service ( UnsignedFile.Multi.Generic ) - warning

13:54:10.0012 4724  PassThru Service - detected UnsignedFile.Multi.Generic (1)

13:54:10.0043 4724  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll

13:54:10.0075 4724  PcaSvc - ok

13:54:10.0106 4724  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys

13:54:10.0121 4724  pci - ok

13:54:10.0137 4724  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys

13:54:10.0153 4724  pciide - ok

13:54:10.0184 4724  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys

13:54:10.0199 4724  pcmcia - ok

13:54:10.0231 4724  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys

13:54:10.0246 4724  pcw - ok

13:54:10.0277 4724  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys

13:54:10.0355 4724  PEAUTH - ok

13:54:10.0480 4724  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe

13:54:10.0496 4724  PerfHost - ok

13:54:10.0589 4724  [ C0F1CFCEE7E8AFF3AE0A7F54A7D3D6BE ] PFNService      C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe

13:54:10.0621 4724  PFNService ( UnsignedFile.Multi.Generic ) - warning

13:54:10.0621 4724  PFNService - detected UnsignedFile.Multi.Generic (1)

13:54:10.0683 4724  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll

13:54:10.0808 4724  pla - ok

13:54:10.0870 4724  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll

13:54:10.0917 4724  PlugPlay - ok

13:54:10.0948 4724  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll

13:54:10.0995 4724  PNRPAutoReg - ok

13:54:11.0042 4724  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll

13:54:11.0073 4724  PNRPsvc - ok

13:54:11.0120 4724  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll

13:54:11.0182 4724  PolicyAgent - ok

13:54:11.0229 4724  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll

13:54:11.0291 4724  Power - ok

13:54:11.0338 4724  [ 843BA5F09A391D52AC1F8486C5FC3D4F ] PowerSavingUtilityService C:\Program Files\Fujitsu\PSUtility\PSUService.exe

13:54:11.0354 4724  PowerSavingUtilityService - ok

13:54:11.0385 4724  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys

13:54:11.0447 4724  PptpMiniport - ok

13:54:11.0463 4724  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys

13:54:11.0479 4724  Processor - ok

13:54:11.0510 4724  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll

13:54:11.0541 4724  ProfSvc - ok

13:54:11.0557 4724  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe

13:54:11.0572 4724  ProtectedStorage - ok

13:54:11.0603 4724  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys

13:54:11.0650 4724  Psched - ok

13:54:11.0697 4724  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys

13:54:11.0775 4724  ql2300 - ok

13:54:11.0791 4724  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys

13:54:11.0806 4724  ql40xx - ok

13:54:11.0837 4724  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll

13:54:11.0869 4724  QWAVE - ok

13:54:11.0900 4724  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys

13:54:11.0915 4724  QWAVEdrv - ok

13:54:11.0947 4724  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys

13:54:11.0993 4724  RasAcd - ok

13:54:12.0009 4724  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys

13:54:12.0071 4724  RasAgileVpn - ok

13:54:12.0087 4724  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll

13:54:12.0149 4724  RasAuto - ok

13:54:12.0165 4724  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys

13:54:12.0227 4724  Rasl2tp - ok

13:54:12.0274 4724  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll

13:54:12.0337 4724  RasMan - ok

13:54:12.0352 4724  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys

13:54:12.0415 4724  RasPppoe - ok

13:54:12.0446 4724  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys

13:54:12.0524 4724  RasSstp - ok

13:54:12.0539 4724  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys

13:54:12.0602 4724  rdbss - ok

13:54:12.0633 4724  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys

13:54:12.0664 4724  rdpbus - ok

13:54:12.0680 4724  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys

13:54:12.0742 4724  RDPCDD - ok

13:54:12.0758 4724  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys

13:54:12.0820 4724  RDPENCDD - ok

13:54:12.0836 4724  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys

13:54:12.0898 4724  RDPREFMP - ok

13:54:12.0929 4724  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys

13:54:12.0976 4724  RdpVideoMiniport - ok

13:54:13.0007 4724  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys

13:54:13.0054 4724  RDPWD - ok

13:54:13.0101 4724  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys

13:54:13.0117 4724  rdyboost - ok

13:54:13.0163 4724  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll

13:54:13.0226 4724  RemoteAccess - ok

13:54:13.0257 4724  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll

13:54:13.0319 4724  RemoteRegistry - ok

13:54:13.0366 4724  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys

13:54:13.0413 4724  RFCOMM - ok

13:54:13.0444 4724  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll

13:54:13.0491 4724  RpcEptMapper - ok

13:54:13.0522 4724  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe

13:54:13.0553 4724  RpcLocator - ok

13:54:13.0585 4724  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll

13:54:13.0631 4724  RpcSs - ok

13:54:13.0663 4724  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys

13:54:13.0725 4724  rspndr - ok

13:54:13.0756 4724  [ 4A25DC970C58104602ED274DACAFD784 ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys

13:54:13.0787 4724  RSUSBSTOR - ok

13:54:13.0834 4724  [ 7EA8D2EB9BBFD2AB8A3117A1E96D3B3A ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys

13:54:13.0850 4724  RTL8167 - ok

13:54:13.0865 4724  RtsUIR - ok

13:54:13.0881 4724  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe

13:54:13.0897 4724  SamSs - ok

13:54:13.0928 4724  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys

13:54:13.0943 4724  sbp2port - ok

13:54:13.0975 4724  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll

13:54:14.0021 4724  SCardSvr - ok

13:54:14.0037 4724  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys

13:54:14.0099 4724  scfilter - ok

13:54:14.0131 4724  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll

13:54:14.0224 4724  Schedule - ok

13:54:14.0240 4724  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll

13:54:14.0302 4724  SCPolicySvc - ok

13:54:14.0318 4724  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll

13:54:14.0333 4724  SDRSVC - ok

13:54:14.0365 4724  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys

13:54:14.0427 4724  secdrv - ok

13:54:14.0458 4724  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll

13:54:14.0505 4724  seclogon - ok

13:54:14.0536 4724  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll

13:54:14.0614 4724  SENS - ok

13:54:14.0630 4724  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll

13:54:14.0677 4724  SensrSvc - ok

13:54:14.0708 4724  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys

13:54:14.0739 4724  Serenum - ok

13:54:14.0755 4724  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys

13:54:14.0786 4724  Serial - ok

13:54:14.0801 4724  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys

13:54:14.0833 4724  sermouse - ok

13:54:14.0864 4724  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll

13:54:14.0942 4724  SessionEnv - ok

13:54:14.0989 4724  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys

13:54:15.0004 4724  sffdisk - ok

13:54:15.0035 4724  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys

13:54:15.0082 4724  sffp_mmc - ok

13:54:15.0098 4724  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys

13:54:15.0129 4724  sffp_sd - ok

13:54:15.0176 4724  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys

13:54:15.0191 4724  sfloppy - ok

13:54:15.0238 4724  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll

13:54:15.0301 4724  SharedAccess - ok

13:54:15.0332 4724  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

13:54:15.0410 4724  ShellHWDetection - ok

13:54:15.0441 4724  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys

13:54:15.0457 4724  SiSRaid2 - ok

13:54:15.0472 4724  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys

13:54:15.0488 4724  SiSRaid4 - ok

13:54:15.0519 4724  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys

13:54:15.0597 4724  Smb - ok

13:54:15.0644 4724  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe

13:54:15.0691 4724  SNMPTRAP - ok

13:54:15.0706 4724  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys

13:54:15.0722 4724  spldr - ok

13:54:15.0769 4724  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe

13:54:15.0815 4724  Spooler - ok

13:54:15.0925 4724  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe

13:54:16.0081 4724  sppsvc - ok

13:54:16.0096 4724  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll

13:54:16.0159 4724  sppuinotify - ok

13:54:16.0190 4724  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys

13:54:16.0237 4724  srv - ok

13:54:16.0252 4724  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys

13:54:16.0283 4724  srv2 - ok

13:54:16.0299 4724  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys

13:54:16.0330 4724  srvnet - ok

13:54:16.0393 4724  [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus         C:\Windows\system32\DRIVERS\ssadbus.sys

13:54:16.0439 4724  ssadbus - ok

13:54:16.0455 4724  [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl        C:\Windows\system32\DRIVERS\ssadmdfl.sys

13:54:16.0486 4724  ssadmdfl - ok

13:54:16.0517 4724  [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm         C:\Windows\system32\DRIVERS\ssadmdm.sys

13:54:16.0564 4724  ssadmdm - ok

13:54:16.0611 4724  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll

13:54:16.0689 4724  SSDPSRV - ok

13:54:16.0705 4724  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll

13:54:16.0751 4724  SstpSvc - ok

13:54:16.0798 4724  Steam Client Service - ok

13:54:16.0814 4724  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys

13:54:16.0829 4724  stexstor - ok

13:54:16.0892 4724  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll

13:54:16.0985 4724  stisvc - ok

13:54:17.0001 4724  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys

13:54:17.0017 4724  swenum - ok

13:54:17.0048 4724  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll

13:54:17.0110 4724  swprv - ok

13:54:17.0157 4724  [ 2F827BB08CC7F1A17DF2EAD7B424D731 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys

13:54:17.0173 4724  SynTP - ok

13:54:17.0453 4724  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll

13:54:17.0594 4724  SysMain - ok

13:54:17.0609 4724  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

13:54:17.0641 4724  TabletInputService - ok

13:54:17.0687 4724  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll

13:54:17.0812 4724  TapiSrv - ok

13:54:17.0828 4724  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll

13:54:17.0921 4724  TBS - ok

13:54:17.0999 4724  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip           C:\Windows\system32\drivers\tcpip.sys

13:54:18.0124 4724  Tcpip - ok

13:54:18.0233 4724  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys

13:54:18.0296 4724  TCPIP6 - ok

13:54:18.0327 4724  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys

13:54:18.0389 4724  tcpipreg - ok

13:54:18.0421 4724  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys

13:54:18.0467 4724  TDPIPE - ok

13:54:18.0499 4724  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys

13:54:18.0530 4724  TDTCP - ok

13:54:18.0561 4724  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys

13:54:18.0623 4724  tdx - ok

13:54:18.0670 4724  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys

13:54:18.0686 4724  TermDD - ok

13:54:18.0811 4724  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll

13:54:18.0920 4724  TermService - ok

13:54:18.0920 4724  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll

13:54:18.0951 4724  Themes - ok

13:54:18.0998 4724  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll

13:54:19.0060 4724  THREADORDER - ok

13:54:19.0107 4724  [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM             C:\Windows\system32\drivers\tpm.sys

13:54:19.0138 4724  TPM - ok

13:54:19.0169 4724  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll

13:54:19.0232 4724  TrkWks - ok

13:54:19.0357 4724  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

13:54:19.0435 4724  TrustedInstaller - ok

13:54:19.0466 4724  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys

13:54:19.0544 4724  tssecsrv - ok

13:54:19.0606 4724  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys

13:54:19.0653 4724  TsUsbFlt - ok

13:54:19.0669 4724  [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys

13:54:19.0700 4724  TsUsbGD - ok

13:54:19.0731 4724  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys

13:54:19.0793 4724  tunnel - ok

13:54:19.0856 4724  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys

13:54:19.0887 4724  uagp35 - ok

13:54:19.0934 4724  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys

13:54:20.0012 4724  udfs - ok

13:54:20.0043 4724  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe

13:54:20.0059 4724  UI0Detect - ok

13:54:20.0090 4724  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys

13:54:20.0105 4724  uliagpkx - ok

13:54:20.0137 4724  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys

13:54:20.0183 4724  umbus - ok

13:54:20.0215 4724  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys

13:54:20.0246 4724  UmPass - ok

13:54:20.0636 4724  [ 41118D920B2B268C0ADC36421248CDCF ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

13:54:20.0776 4724  UNS ( UnsignedFile.Multi.Generic ) - warning

13:54:20.0776 4724  UNS - detected UnsignedFile.Multi.Generic (1)

13:54:20.0807 4724  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll

13:54:20.0870 4724  upnphost - ok

13:54:20.0917 4724  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys

13:54:20.0963 4724  usbaudio - ok

13:54:20.0979 4724  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys

13:54:21.0041 4724  usbccgp - ok

13:54:21.0041 4724  USBCCID - ok

13:54:21.0104 4724  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys

13:54:21.0166 4724  usbcir - ok

13:54:21.0213 4724  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys

13:54:21.0260 4724  usbehci - ok

13:54:21.0291 4724  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys

13:54:21.0322 4724  usbhub - ok

13:54:21.0338 4724  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys

13:54:21.0353 4724  usbohci - ok

13:54:21.0400 4724  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys

13:54:21.0431 4724  usbprint - ok

13:54:21.0463 4724  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys

13:54:21.0494 4724  usbscan - ok

13:54:21.0525 4724  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS

13:54:21.0587 4724  USBSTOR - ok

13:54:21.0619 4724  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys

13:54:21.0650 4724  usbuhci - ok

13:54:21.0712 4724  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys

13:54:21.0775 4724  usbvideo - ok

13:54:21.0821 4724  [ 7B28E2FBE75115660FAB31079C0A9F29 ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys

13:54:21.0868 4724  usb_rndisx - ok

13:54:21.0884 4724  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll

13:54:21.0962 4724  UxSms - ok

13:54:22.0009 4724  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe

13:54:22.0024 4724  VaultSvc - ok

13:54:22.0087 4724  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys

13:54:22.0102 4724  vdrvroot - ok

13:54:22.0180 4724  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe

13:54:22.0289 4724  vds - ok

13:54:22.0399 4724  [ D9656445499625B0ED88C0B203F3C16F ] VFPRadioSupportService C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe

13:54:22.0414 4724  VFPRadioSupportService - ok

13:54:22.0461 4724  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys

13:54:22.0477 4724  vga - ok

13:54:22.0492 4724  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys

13:54:22.0555 4724  VgaSave - ok

13:54:22.0586 4724  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys

13:54:22.0601 4724  vhdmp - ok

13:54:22.0633 4724  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys

13:54:22.0648 4724  viaide - ok

13:54:22.0679 4724  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys

13:54:22.0695 4724  volmgr - ok

13:54:22.0726 4724  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys

13:54:22.0757 4724  volmgrx - ok

13:54:22.0804 4724  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys

13:54:22.0851 4724  volsnap - ok

13:54:22.0882 4724  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys

13:54:22.0898 4724  vsmraid - ok

13:54:23.0163 4724  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe

13:54:23.0303 4724  VSS - ok

13:54:23.0366 4724  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys

13:54:23.0444 4724  vwifibus - ok

13:54:23.0459 4724  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys

13:54:23.0522 4724  vwififlt - ok

13:54:23.0553 4724  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys

13:54:23.0569 4724  vwifimp - ok

13:54:23.0600 4724  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll

13:54:23.0678 4724  W32Time - ok

13:54:23.0709 4724  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys

13:54:23.0725 4724  WacomPen - ok

13:54:23.0756 4724  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys

13:54:23.0849 4724  WANARP - ok

13:54:23.0849 4724  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys

13:54:23.0896 4724  Wanarpv6 - ok

13:54:24.0052 4724  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe

13:54:24.0193 4724  wbengine - ok

13:54:24.0208 4724  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll

13:54:24.0239 4724  WbioSrvc - ok

13:54:24.0302 4724  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll

13:54:24.0380 4724  wcncsvc - ok

13:54:24.0427 4724  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

13:54:24.0442 4724  WcsPlugInService - ok

13:54:24.0473 4724  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys

13:54:24.0505 4724  Wd - ok

13:54:24.0567 4724  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys

13:54:24.0645 4724  Wdf01000 - ok

13:54:24.0692 4724  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll

13:54:24.0817 4724  WdiServiceHost - ok

13:54:24.0832 4724  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll

13:54:24.0848 4724  WdiSystemHost - ok

13:54:24.0895 4724  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll

13:54:24.0926 4724  WebClient - ok

13:54:24.0941 4724  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll

13:54:25.0004 4724  Wecsvc - ok

13:54:25.0035 4724  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll

13:54:25.0082 4724  wercplsupport - ok

13:54:25.0113 4724  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll

13:54:25.0160 4724  WerSvc - ok

13:54:25.0191 4724  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys

13:54:25.0238 4724  WfpLwf - ok

13:54:25.0253 4724  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys

13:54:25.0269 4724  WIMMount - ok

13:54:25.0285 4724  WinDefend - ok

13:54:25.0300 4724  WinHttpAutoProxySvc - ok

13:54:25.0394 4724  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll

13:54:25.0503 4724  Winmgmt - ok

13:54:25.0659 4724  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll

13:54:25.0799 4724  WinRM - ok

13:54:25.0846 4724  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys

13:54:25.0877 4724  WinUsb - ok

13:54:26.0018 4724  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll

13:54:26.0096 4724  Wlansvc - ok

13:54:26.0345 4724  [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

13:54:26.0486 4724  wlidsvc - ok

13:54:26.0517 4724  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys

13:54:26.0548 4724  WmiAcpi - ok

13:54:26.0579 4724  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe

13:54:26.0611 4724  wmiApSrv - ok

13:54:26.0642 4724  WMPNetworkSvc - ok

13:54:26.0673 4724  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll

13:54:26.0689 4724  WPCSvc - ok

13:54:26.0704 4724  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll

13:54:26.0720 4724  WPDBusEnum - ok

13:54:26.0751 4724  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys

13:54:26.0813 4724  ws2ifsl - ok

13:54:26.0860 4724  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll

13:54:26.0891 4724  wscsvc - ok

13:54:26.0891 4724  WSearch - ok

13:54:27.0375 4724  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll

13:54:27.0500 4724  wuauserv - ok

13:54:27.0515 4724  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys

13:54:27.0547 4724  WudfPf - ok

13:54:27.0593 4724  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys

13:54:27.0609 4724  WUDFRd - ok

13:54:27.0625 4724  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll

13:54:27.0656 4724  wudfsvc - ok

13:54:27.0671 4724  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll

13:54:27.0703 4724  WwanSvc - ok

13:54:27.0749 4724  ================ Scan global ===============================

13:54:27.0781 4724  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

13:54:27.0796 4724  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll

13:54:27.0812 4724  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll

13:54:27.0843 4724  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

13:54:27.0874 4724  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

13:54:27.0874 4724  [Global] - ok

13:54:27.0874 4724  ================ Scan MBR ==================================

13:54:27.0905 4724  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

13:54:28.0732 4724  \Device\Harddisk0\DR0 - ok

13:54:28.0732 4724  ================ Scan VBR ==================================

13:54:28.0779 4724  [ 0A936B485AE1DB8F13FB6124BD5BF3AC ] \Device\Harddisk0\DR0\Partition1

13:54:28.0779 4724  \Device\Harddisk0\DR0\Partition1 - ok

13:54:28.0795 4724  [ 6961590AD28749F465417238D89F14E9 ] \Device\Harddisk0\DR0\Partition2

13:54:28.0795 4724  \Device\Harddisk0\DR0\Partition2 - ok

13:54:28.0795 4724  ============================================================

13:54:28.0795 4724  Scan finished

13:54:28.0795 4724  ============================================================

13:54:28.0810 0656  Detected object count: 4

13:54:28.0810 0656  Actual detected object count: 4

13:58:17.0631 0656  LMS ( UnsignedFile.Multi.Generic ) - skipped by user

13:58:17.0631 0656  LMS ( UnsignedFile.Multi.Generic ) - User select action: Skip 

13:58:17.0647 0656  PassThru Service ( UnsignedFile.Multi.Generic ) - skipped by user

13:58:17.0647 0656  PassThru Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 

13:58:17.0647 0656  PFNService ( UnsignedFile.Multi.Generic ) - skipped by user

13:58:17.0647 0656  PFNService ( UnsignedFile.Multi.Generic ) - User select action: Skip 

13:58:17.0647 0656  UNS ( UnsignedFile.Multi.Generic ) - skipped by user

13:58:17.0647 0656  UNS ( UnsignedFile.Multi.Generic ) - User select action: Skip

Hi,
versuch mal bitte folgenes.
combofix.exe löschen, neu laden.
Starte neu, drücke f8 wähle abgebsicherter Modus.
Melde dich in deinem Konto an, führe Combofix erneut aus.
wenn alles klappt, starte in den normalen Modus, poste das Log, bzw falls nich,die Info das es einen Fehler gab.

Hi,
jetzt gent leider gar nichts mehr. Blue Screen nach Neustart. Weder normales Booten noch über die Systemwiederherstellung möglich.

Systemwiederherstellung war Jetzt doch möglich.

Ok, nach der Systemwiederherstellung auf einen älteren Stand konnte ich combofix jetzt normal ausführen.

Code:

ComboFix 13-08-14.02 - * 15.08.2013  12:54:35.2.2 - x64

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3893.2260 [GMT 2:00]

ausgeführt von:: c:\users\*\Desktop\ComboFix.exe

AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((   Dateien erstellt von 2013-07-15 bis 2013-08-15  ))))))))))))))))))))))))))))))

.

.

2013-08-15 11:01 . 2013-08-15 11:01        --------        d-----w-        c:\users\TxR\AppData\Local\temp

2013-08-15 11:01 . 2013-08-15 11:01        --------        d-----w-        c:\users\systemprofile\AppData\Local\temp

2013-08-15 11:01 . 2013-08-15 11:01        --------        d-----w-        c:\users\RegBack\AppData\Local\temp

2013-08-15 11:01 . 2013-08-15 11:01        --------        d-----w-        c:\users\Public\AppData\Local\temp

2013-08-15 11:01 . 2013-08-15 11:01        --------        d-----w-        c:\users\Journal\AppData\Local\temp

2013-08-15 11:01 . 2013-08-15 11:01        --------        d-----w-        c:\users\Internetkonto\AppData\Local\temp

2013-08-15 11:01 . 2013-08-15 11:01        --------        d-----w-        c:\users\Default\AppData\Local\temp

2013-08-13 17:00 . 2013-08-13 17:00        --------        d-----w-        c:\users\*\AppData\Roaming\OpenOffice

2013-08-09 18:18 . 2013-08-09 18:18        --------        d-----w-        C:\FRST

2013-08-08 12:10 . 2013-08-09 17:37        --------        d-----w-        c:\programdata\Spybot - Search & Destroy

2013-08-08 12:10 . 2013-08-13 10:48        --------        d-----w-        c:\program files (x86)\Spybot - Search & Destroy 2

2013-08-06 16:34 . 2013-07-02 08:34        9460976        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{0A6B3CEE-E943-4B18-B824-89DA4A1A5F5B}\mpengine.dll

2013-08-06 16:16 . 2013-06-07 03:22        2706432        ----a-w-        c:\windows\system32\mshtml.tlb

2013-08-06 15:59 . 2013-06-04 06:00        624128        ----a-w-        c:\windows\system32\qedit.dll

2013-08-06 15:59 . 2013-06-04 04:53        509440        ----a-w-        c:\windows\SysWow64\qedit.dll

2013-08-06 15:41 . 2013-08-06 15:41        --------        d-----w-        c:\users\Internetkonto\AppData\Roaming\RCP 6

2013-08-06 15:33 . 2013-08-06 15:33        --------        d-----w-        C:\ConversionOutput

2013-08-06 15:18 . 2013-08-06 15:18        --------        d-----w-        c:\users\Internetkonto\AppData\Local\PictureConverter

2013-08-06 09:39 . 2013-08-06 09:39        --------        d-----w-        c:\program files (x86)\OpenOffice 4

2013-08-06 09:14 . 2013-08-06 09:14        --------        d-----w-        c:\windows\en

2013-08-06 09:14 . 2013-08-06 09:14        --------        d-----w-        c:\windows\de

.

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-08-06 16:19 . 2011-12-25 20:04        78185248        ----a-w-        c:\windows\system32\MRT.exe

2013-08-06 09:30 . 2012-04-03 22:00        692104        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe

2013-08-06 09:30 . 2011-12-28 20:46        71048        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-07-08 21:02 . 2013-07-08 21:02        312232        ----a-w-        c:\windows\system32\javaws.exe

2013-07-08 21:02 . 2013-07-08 21:02        189352        ----a-w-        c:\windows\system32\javaw.exe

2013-07-08 21:02 . 2013-07-08 21:02        188840        ----a-w-        c:\windows\system32\java.exe

2013-07-08 21:02 . 2013-07-08 21:02        108968        ----a-w-        c:\windows\system32\WindowsAccessBridge-64.dll

2013-07-08 21:02 . 2011-12-28 20:48        972712        ----a-w-        c:\windows\system32\deployJava1.dll

2013-07-08 21:02 . 2011-12-28 20:48        1093032        ----a-w-        c:\windows\system32\npdeployJava1.dll

2013-06-09 19:59 . 2013-07-10 13:38        216064        ----a-w-        c:\windows\SysWow64\gcapi_dll.dll

2013-05-24 05:25 . 2013-05-24 05:25        1054720        ----a-w-        c:\windows\system32\MsSpellCheckingFacility.exe

2013-05-24 05:25 . 2013-05-24 05:25        719360        ----a-w-        c:\windows\SysWow64\mshtmlmedia.dll

2013-05-24 05:25 . 2013-05-24 05:25        523264        ----a-w-        c:\windows\SysWow64\vbscript.dll

2013-05-24 05:25 . 2013-05-24 05:25        38400        ----a-w-        c:\windows\SysWow64\imgutil.dll

2013-05-24 05:25 . 2013-05-24 05:25        226304        ----a-w-        c:\windows\system32\elshyph.dll

2013-05-24 05:25 . 2013-05-24 05:25        185344        ----a-w-        c:\windows\SysWow64\elshyph.dll

2013-05-24 05:25 . 2013-05-24 05:25        158720        ----a-w-        c:\windows\SysWow64\msls31.dll

2013-05-24 05:25 . 2013-05-24 05:25        150528        ----a-w-        c:\windows\SysWow64\iexpress.exe

2013-05-24 05:25 . 2013-05-24 05:25        138752        ----a-w-        c:\windows\SysWow64\wextract.exe

2013-05-24 05:25 . 2013-05-24 05:25        137216        ----a-w-        c:\windows\SysWow64\ieUnatt.exe

2013-05-24 05:25 . 2013-05-24 05:25        12800        ----a-w-        c:\windows\SysWow64\mshta.exe

2013-05-24 05:25 . 2013-05-24 05:25        73728        ----a-w-        c:\windows\SysWow64\SetIEInstalledDate.exe

2013-05-24 05:25 . 2013-05-24 05:25        61952        ----a-w-        c:\windows\SysWow64\tdc.ocx

2013-05-24 05:25 . 2013-05-24 05:25        48640        ----a-w-        c:\windows\SysWow64\mshtmler.dll

2013-05-24 05:25 . 2013-05-24 05:25        110592        ----a-w-        c:\windows\SysWow64\IEAdvpack.dll

2013-05-24 05:25 . 2013-05-24 05:25        361984        ----a-w-        c:\windows\SysWow64\html.iec

2013-05-24 05:25 . 2013-05-24 05:25        452096        ----a-w-        c:\windows\system32\dxtmsft.dll

2013-05-24 05:25 . 2013-05-24 05:25        441856        ----a-w-        c:\windows\system32\html.iec

2013-05-24 05:25 . 2013-05-24 05:25        281600        ----a-w-        c:\windows\system32\dxtrans.dll

2013-05-24 05:25 . 2013-05-24 05:25        23040        ----a-w-        c:\windows\SysWow64\licmgr10.dll

2013-05-24 05:25 . 2013-05-24 05:25        216064        ----a-w-        c:\windows\system32\msls31.dll

2013-05-24 05:25 . 2013-05-24 05:25        197120        ----a-w-        c:\windows\system32\msrating.dll

2013-05-24 05:25 . 2013-05-24 05:25        1441280        ----a-w-        c:\windows\SysWow64\inetcpl.cpl

2013-05-24 05:25 . 2013-05-24 05:25        1400416        ----a-w-        c:\windows\system32\ieapfltr.dat

2013-05-24 05:25 . 2013-05-24 05:25        97280        ----a-w-        c:\windows\system32\mshtmled.dll

2013-05-24 05:25 . 2013-05-24 05:25        92160        ----a-w-        c:\windows\system32\SetIEInstalledDate.exe

2013-05-24 05:25 . 2013-05-24 05:25        905728        ----a-w-        c:\windows\system32\mshtmlmedia.dll

2013-05-24 05:25 . 2013-05-24 05:25        81408        ----a-w-        c:\windows\system32\icardie.dll

2013-05-24 05:25 . 2013-05-24 05:25        77312        ----a-w-        c:\windows\system32\tdc.ocx

2013-05-24 05:25 . 2013-05-24 05:25        762368        ----a-w-        c:\windows\system32\ieapfltr.dll

2013-05-24 05:25 . 2013-05-24 05:25        62976        ----a-w-        c:\windows\system32\pngfilt.dll

2013-05-24 05:25 . 2013-05-24 05:25        599552        ----a-w-        c:\windows\system32\vbscript.dll

2013-05-24 05:25 . 2013-05-24 05:25        52224        ----a-w-        c:\windows\system32\msfeedsbs.dll

2013-05-24 05:25 . 2013-05-24 05:25        51200        ----a-w-        c:\windows\system32\imgutil.dll

2013-05-24 05:25 . 2013-05-24 05:25        48640        ----a-w-        c:\windows\system32\mshtmler.dll

2013-05-24 05:25 . 2013-05-24 05:25        27648        ----a-w-        c:\windows\system32\licmgr10.dll

2013-05-24 05:25 . 2013-05-24 05:25        270848        ----a-w-        c:\windows\system32\iedkcs32.dll

2013-05-24 05:25 . 2013-05-24 05:25        247296        ----a-w-        c:\windows\system32\webcheck.dll

2013-05-24 05:25 . 2013-05-24 05:25        235008        ----a-w-        c:\windows\system32\url.dll

2013-05-24 05:25 . 2013-05-24 05:25        173568        ----a-w-        c:\windows\system32\ieUnatt.exe

2013-05-24 05:25 . 2013-05-24 05:25        167424        ----a-w-        c:\windows\system32\iexpress.exe

2013-05-24 05:25 . 2013-05-24 05:25        1509376        ----a-w-        c:\windows\system32\inetcpl.cpl

2013-05-24 05:25 . 2013-05-24 05:25        149504        ----a-w-        c:\windows\system32\occache.dll

2013-05-24 05:25 . 2013-05-24 05:25        144896        ----a-w-        c:\windows\system32\wextract.exe

2013-05-24 05:25 . 2013-05-24 05:25        13824        ----a-w-        c:\windows\system32\mshta.exe

2013-05-24 05:25 . 2013-05-24 05:25        136192        ----a-w-        c:\windows\system32\iepeers.dll

2013-05-24 05:25 . 2013-05-24 05:25        135680        ----a-w-        c:\windows\system32\IEAdvpack.dll

2013-05-24 05:25 . 2013-05-24 05:25        12800        ----a-w-        c:\windows\system32\msfeedssync.exe

2013-05-24 05:25 . 2013-05-24 05:25        102912        ----a-w-        c:\windows\system32\inseng.dll

2013-05-23 14:03 . 2013-05-23 14:02        5        ----a-w-        c:\windows\SysWow64\lMMLDeleteUserData42107612FX.tmp

2012-09-04 15:26 . 2012-09-04 15:26        1562480        ----a-w-        c:\program files\setup_Mein_CEWE_FOTOBUCH.exe

.

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]

@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"

[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]

2012-10-10 11:42        220632        ----a-w-        c:\users\*\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]

@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"

[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]

2012-10-10 11:42        220632        ----a-w-        c:\users\*\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]

@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"

[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]

2012-10-10 11:42        220632        ----a-w-        c:\users\*\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"FileHippo.com"="c:\program files (x86)\FileHippo.com\UpdateChecker.exe" [2012-11-23 307712]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"LoadFUJ02E3"="c:\program files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe" [2009-10-08 36712]

"IndicatorUtility"="c:\program files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe" [2009-10-09 47976]

"YouCam Mirror Tray icon"="c:\program files (x86)\CyberLink\YouCam\YouCamTray.exe" [2009-07-08 162912]

"DeskUpdateNotifier"="c:\fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe" [2013-02-26 102968]

"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-08-10 348664]

"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux2"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute        REG_MULTI_SZ           autocheck autochk *\0\0sdnclean64.exe

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]

R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]

R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x]

R2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x]

R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]

R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x]

R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [x]

R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]

R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]

R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys;c:\windows\SYSNATIVE\DRIVERS\Rts516xIR.sys [x]

R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]

R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]

R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]

S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]

S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]

S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]

S2 PFNService;PFNService;c:\program files\Fujitsu\Plugfree NETWORK\PFNService.exe;c:\program files\Fujitsu\Plugfree NETWORK\PFNService.exe [x]

S2 PowerSavingUtilityService;PowerSavingUtilityService;c:\program files\Fujitsu\PSUtility\PSUService.exe;c:\program files\Fujitsu\PSUtility\PSUService.exe [x]

S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]

S2 VFPRadioSupportService;Unterstützung für Bluetooth-Funktionen;c:\program files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe;c:\program files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe [x]

S3 FUJ02E3;Fujitsu FUJ02E3 Device Driver;c:\windows\system32\DRIVERS\FUJ02E3.sys;c:\windows\SYSNATIVE\DRIVERS\FUJ02E3.sys [x]

S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]

S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]

S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]

.

.

Inhalt des "geplante Tasks" Ordners

.

2013-08-15 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 09:30]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]

@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"

[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]

2012-10-10 11:42        244696        ----a-w-        c:\users\*\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]

@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"

[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]

2012-10-10 11:42        244696        ----a-w-        c:\users\*\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]

@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"

[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]

2012-10-10 11:42        244696        ----a-w-        c:\users\*\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-01-12 166424]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-01-12 390680]

"Persistence"="c:\windows\system32\igfxpers.exe" [2010-01-12 410136]

"PfNet"="c:\program files\Fujitsu\Plugfree NETWORK\PfNet.exe" [2010-06-24 6310912]

"PSUTility"="c:\program files\Fujitsu\PSUtility\TrayManager.exe" [2009-07-30 188264]

"FDM7"="c:\program files\Fujitsu\FDM7\FdmDaemon.exe" [2009-11-26 164712]

"LoadFujitsuQuickTouch"="c:\program files\Fujitsu\Application Panel\QuickTouch.exe" [2009-10-15 157544]

"LoadBtnHnd"="c:\program files\Fujitsu\Application Panel\BtnHnd.exe" [2009-10-15 35176]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-10-28 8312352]

"ConMgr"="c:\program files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe" [2009-12-24 535440]

.

------- Zusätzlicher Suchlauf -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.google.com

mLocal Page = c:\windows\SysWOW64\blank.htm

uSearchAssistant = hxxp://www.google.com

IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html

TCP: DhcpNameServer = 192.168.1.1

FF - ProfilePath - c:\users\*\AppData\Roaming\Mozilla\Firefox\Profiles\31qy4b1e.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/

.

- - - - Entfernte verwaiste Registrierungseinträge - - - -

.

Toolbar-Locked - (no file)

ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)

Wow6432Node-HKLM-Run-<NO NAME> - (no file)

Wow6432Node-HKLM-Run-SDTray - c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe

c:\users\Internetkonto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk - c:\users\*\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup

c:\users\Internetkonto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe

Notify-SDWinLogon - SDWinLogon.dll

HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start

ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)

HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe

AddRemove-ImgBurn - c:\program files (x86)\ImgBurn\uninstall.exe

AddRemove-{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1 - c:\program files (x86)\Spybot - Search & Destroy 2\unins000.exe

AddRemove-{BEE64C14-BEF1-4610-8A68-A16EAA47B882} - c:\program files (x86)\InstallShield Installation Information\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}\setup.exe

.

.

.

--------------------- Gesperrte Registrierungsschluessel ---------------------

.

[HKEY_USERS\S-1-5-21-2742597350-2926104813-441540862-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLive.PhotoGallery.bmp.15.4"

.

[HKEY_USERS\S-1-5-21-2742597350-2926104813-441540862-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.DIB\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLive.PhotoGallery.bmp.15.4"

.

[HKEY_USERS\S-1-5-21-2742597350-2926104813-441540862-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.Email.1"

.

[HKEY_USERS\S-1-5-21-2742597350-2926104813-441540862-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ICO\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLive.PhotoGallery.ico.15.4"

.

[HKEY_USERS\S-1-5-21-2742597350-2926104813-441540862-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.JFIF\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLive.PhotoGallery.jpg.15.4"

.

[HKEY_USERS\S-1-5-21-2742597350-2926104813-441540862-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.JPE\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLive.PhotoGallery.jpg.15.4"

.

[HKEY_USERS\S-1-5-21-2742597350-2926104813-441540862-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.JPEG\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLive.PhotoGallery.jpg.15.4"

.

[HKEY_USERS\S-1-5-21-2742597350-2926104813-441540862-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.JPG\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLive.PhotoGallery.jpg.15.4"

.

[HKEY_USERS\S-1-5-21-2742597350-2926104813-441540862-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.PNG\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLive.PhotoGallery.png.15.4"

.

[HKEY_USERS\S-1-5-21-2742597350-2926104813-441540862-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TIF\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLive.PhotoGallery.tif.15.4"

.

[HKEY_USERS\S-1-5-21-2742597350-2926104813-441540862-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TIFF\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLive.PhotoGallery.tif.15.4"

.

[HKEY_USERS\S-1-5-21-2742597350-2926104813-441540862-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.VCard.1"

.

[HKEY_USERS\S-1-5-21-2742597350-2926104813-441540862-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.WDP\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLive.PhotoGallery.wdp.15.4"

.

[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]

@="?????????????????? v1"

.

[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]

@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"

.

[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]

@="?????????????????? v2"

.

[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]

@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Zeit der Fertigstellung: 2013-08-15  13:05:00

ComboFix-quarantined-files.txt  2013-08-15 11:04

.

Vor Suchlauf: 14 Verzeichnis(se), 13.836.128.256 Bytes frei

Nach Suchlauf: 16 Verzeichnis(se), 13.811.937.280 Bytes frei

.

- - End Of File - - 09169855F598B629A9DB63EA8BF54083

D41D8CD98F00B204E9800998ECF8427E

Sorry, war gestern nicht zuhaus.
es sind 3 Logs zu erstellen, bitte gleichzeitg posten, wenn möglich.
1.
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Neustarten.
2.

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

neustarten.
3.
Hitmanpro laden:
HitmanPro - Download - Filepony
Doppelklicken, Scan klicken. Log pseichern und posten, bzw als XML exportieren, packen und anhängen.

Code:

# AdwCleaner v2.306 - Datei am 16/08/2013 um 15:51:26 erstellt

# Aktualisiert am 19/07/2013 von Xplode

# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)

# Benutzer : * - *-PC

# Bootmodus : Normal

# Ausgeführt unter : C:\Users\*\Desktop\adwcleaner.exe

# Option [Löschen]
 
 

**** [Dienste] ****
 
 

***** [Dateien / Ordner] *****
 

Datei Gelöscht : C:\Users\Internetkonto\AppData\Roaming\Mozilla\Firefox\Profiles\2bvwygqm.default\foxydeal.sqlite

Ordner Gelöscht : C:\Users\*\AppData\Local\PackageAware
 

***** [Registrierungsdatenbank] *****
 

Schlüssel Gelöscht : HKCU\Software\APN PIP

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS

Schlüssel Gelöscht : HKLM\Software\PIP
 

***** [Internet Browser] *****
 

-\\ Internet Explorer v10.0.9200.16635
 

Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\SearchUrl - Default] = hxxp://feed.snap.do/?publisher=SnapdoIMonetizer&dpid=SnapdoIMonetizer&co=DE&userid=29dc6f1c-d78c-409e-8a81-3391a0e2bb65&searchtype=ds&q={searchTerms} --> hxxp://www.google.com

Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl - Default] = hxxp://feed.snap.do/?publisher=SnapdoIMonetizer&dpid=SnapdoIMonetizer&co=DE&userid=29dc6f1c-d78c-409e-8a81-3391a0e2bb65&searchtype=ds&q={searchTerms} --> hxxp://www.google.com
 

-\\ Mozilla Firefox v22.0 (de)
 

Datei : C:\Users\*\AppData\Roaming\Mozilla\Firefox\Profiles\31qy4b1e.default\prefs.js
 

[OK] Die Datei ist sauber.
 

Datei : C:\Users\Internetkonto\AppData\Roaming\Mozilla\Firefox\Profiles\2bvwygqm.default\prefs.js
 

[OK] Die Datei ist sauber.
 

*************************
 

AdwCleaner[S1].txt - [3470 octets] - [25/11/2012 10:55:01]

AdwCleaner[S2].txt - [1790 octets] - [16/08/2013 15:51:26]
 

########## EOF - C:\AdwCleaner[S2].txt - [1850 octets] ##########

Code:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 5.4.6 (08.15.2013:1)

OS: Windows 7 Home Premium x64

Ran by * on 16.08.2013 at 16:02:05,64

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 

~~~ Services
 
 
 

~~~ Registry Values
 
 
 

~~~ Registry Keys
 

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\pricegong_rasapi32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\pricegong_rasmancs
 
 
 

~~~ Files
 

Successfully deleted: [File] "C:\Windows\wininit.ini"
 
 
 

~~~ Folders
 

Successfully deleted: [Empty Folder] C:\Users\*\appdata\local\{2370E373-1B32-4EDF-B009-A7A600AD76D6}
 
 
 

~~~ FireFox
 

Emptied folder: C:\Users\*\AppData\Roaming\mozilla\firefox\profiles\31qy4b1e.default\minidumps [24 files]
 
 
 

~~~ Event Viewer Logs were cleared
 
 
 
 
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 16.08.2013 at 16:10:50,67

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Code:

HitmanPro 3.7.7.203

www.hitmanpro.com
 

   Computer name . . . . : *-PC

   Windows . . . . . . . : 6.1.1.7601.X64/2

   User name . . . . . . : *-PC\*

   UAC . . . . . . . . . : Enabled

   License . . . . . . . : Free
 

   Scan date . . . . . . : 2013-08-16 16:23:21

   Scan mode . . . . . . : Normal

   Scan duration . . . . : 5m 57s

   Disk access mode  . . : Direct disk access (SRB)

   Cloud . . . . . . . . : Internet

   Reboot  . . . . . . . : No
 

   Threats . . . . . . . : 13

   Traces  . . . . . . . : 37
 

   Objects scanned . . . : 1.145.884

   Files scanned . . . . : 16.942

   Remnants scanned  . . : 234.228 files / 894.714 keys
 

Malware _____________________________________________________________________
 

   C:\$RECYCLE.BIN\S-1-5-21-2742597350-2926104813-441540862-1000\$RUZ4FPK.exe

      Size . . . . . . . : 1.159.319 bytes

      Age  . . . . . . . : 0.0 days (2013-08-16 15:56:40)

      Entropy  . . . . . : 7.9

      SHA-256  . . . . . : B95348C64C56A7BDE7EF2CBCBE84C2976BE414A3E98F4A2FCC9D35A454578697

      Product  . . . . . : Junkware Removal Tool

      Publisher  . . . . : Thisisu

      Version  . . . . . : 5.4.6

    > G Data . . . . . . : Trojan.GenericKDV.1184898

    > Ikarus . . . . . . : Virus.Win32.PePatch!IK

      Fuzzy  . . . . . . : 114.0
 

   C:\Users\*\Desktop\JRT.exe

      Size . . . . . . . : 1.159.319 bytes

      Age  . . . . . . . : 0.0 days (2013-08-16 16:01:20)

      Entropy  . . . . . : 7.9

      SHA-256  . . . . . : B95348C64C56A7BDE7EF2CBCBE84C2976BE414A3E98F4A2FCC9D35A454578697

      Product  . . . . . : Junkware Removal Tool

      Publisher  . . . . : Thisisu

      Version  . . . . . : 5.4.6

    > G Data . . . . . . : Trojan.GenericKDV.1184898

    > Ikarus . . . . . . : Virus.Win32.PePatch!IK

      Fuzzy  . . . . . . : 114.0
 
 

Cookies _____________________________________________________________________
 

   C:\Users\*\AppData\Roaming\Microsoft\Windows\Cookies\9G14AMSA.txt

   C:\Users\*\AppData\Roaming\Microsoft\Windows\Cookies\TH43OGXB.txt

   C:\Users\*\AppData\Roaming\Microsoft\Windows\Cookies\TSKIYVKJ.txt

Hi,
erst mal sorry für die Wartezeit, war unerwartet länger weg.
Kannst du mit Hitmanpro alles gefundene löschen, Browser vorher schließen.
Dann neues FRST Log

Kein Problem, ich bin froh, dass du hilfst.

Code:

HitmanPro 3.7.7.203

www.hitmanpro.com
 

   Computer name . . . . : *-PC

   Windows . . . . . . . : 6.1.1.7601.X64/2

   User name . . . . . . : *-PC\*

   UAC . . . . . . . . . : Enabled

   License . . . . . . . : Free
 

   Scan date . . . . . . : 2013-08-16 16:23:21

   Scan mode . . . . . . : Normal

   Scan duration . . . . : 5m 57s

   Disk access mode  . . : Direct disk access (SRB)

   Cloud . . . . . . . . : Internet

   Reboot  . . . . . . . : No
 

   Threats . . . . . . . : 13

   Traces  . . . . . . . : 37
 

   Objects scanned . . . : 1.145.884

   Files scanned . . . . : 16.942

   Remnants scanned  . . : 234.228 files / 894.714 keys
 

Malware _____________________________________________________________________
 

   C:\$RECYCLE.BIN\S-1-5-21-2742597350-2926104813-441540862-1000\$RUZ4FPK.exe

      Size . . . . . . . : 1.159.319 bytes

      Age  . . . . . . . : 0.0 days (2013-08-16 15:56:40)

      Entropy  . . . . . : 7.9

      SHA-256  . . . . . : B95348C64C56A7BDE7EF2CBCBE84C2976BE414A3E98F4A2FCC9D35A454578697

      Product  . . . . . : Junkware Removal Tool

      Publisher  . . . . : Thisisu

      Version  . . . . . : 5.4.6

    > G Data . . . . . . : Trojan.GenericKDV.1184898

    > Ikarus . . . . . . : Virus.Win32.PePatch!IK

      Fuzzy  . . . . . . : 114.0
 

   C:\Users\*\Desktop\JRT.exe

      Size . . . . . . . : 1.159.319 bytes

      Age  . . . . . . . : 0.0 days (2013-08-16 16:01:20)

      Entropy  . . . . . : 7.9

      SHA-256  . . . . . : B95348C64C56A7BDE7EF2CBCBE84C2976BE414A3E98F4A2FCC9D35A454578697

      Product  . . . . . : Junkware Removal Tool

      Publisher  . . . . : Thisisu

      Version  . . . . . : 5.4.6

    > G Data . . . . . . : Trojan.GenericKDV.1184898

    > Ikarus . . . . . . : Virus.Win32.PePatch!IK

      Fuzzy  . . . . . . : 114.0
 
 

Cookies _____________________________________________________________________
 

   C:\Users\*\AppData\Roaming\Microsoft\Windows\Cookies\9G14AMSA.txt

   C:\Users\*\AppData\Roaming\Microsoft\Windows\Cookies\TH43OGXB.txt

   C:\Users\*\AppData\Roaming\Microsoft\Windows\Cookies\TSKIYVKJ.txt

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-08-2013 02

Ran by * (administrator) on 22-08-2013 15:26:38

Running from C:\Users\*\Desktop

Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard

Internet Explorer Version 10

Boot Mode: Normal
 

==================== Processes (Whitelisted) =================
 

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe

(CSR, plc) C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(CSR, plc) C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe

(FileHippo.com) C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe

(Intel Corporation) C:\Windows\system32\igfxsrvc.exe

(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe

(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe

(Fujitsu Technology Solutions) C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHndHkb.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1861416 2009-10-09] (Synaptics Incorporated)

HKLM\...\Run: [PfNet] - C:\Program Files\Fujitsu\Plugfree NETWORK\PfNet.exe [6310912 2010-06-24] (FUJITSU LIMITED)

HKLM\...\Run: [PSUTility] - C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [188264 2009-07-30] (FUJITSU LIMITED)

HKLM\...\Run: [FDM7] - C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe [164712 2009-11-26] (FUJITSU LIMITED)

HKLM\...\Run: [LoadFujitsuQuickTouch] - C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [157544 2009-10-15] (FUJITSU LIMITED)

HKLM\...\Run: [LoadBtnHnd] - C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [35176 2009-10-15] (FUJITSU LIMITED)

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8312352 2009-10-28] (Realtek Semiconductor)

HKLM\...\Run: [ConMgr] - C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe [535440 2009-12-24] (CSR, plc)

HKCU\...\Run: [FileHippo.com] - C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe [307712 2012-11-23] (FileHippo.com)

HKLM-x32\...\Run: [LoadFUJ02E3] - C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe [36712 2009-10-08] (FUJITSU LIMITED)

HKLM-x32\...\Run: [IndicatorUtility] - C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [47976 2009-10-09] (FUJITSU LIMITED)

HKLM-x32\...\Run: [YouCam Mirror Tray icon] - C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [162912 2009-07-08] (CyberLink Corp.)

HKLM-x32\...\Run: [DeskUpdateNotifier] - c:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe [102968 2013-02-26] (Fujitsu Technology Solutions)

HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [348664 2012-08-10] (Avira Operations GmbH & Co. KG)

HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)

HKLM-x32\...\Run: [] -  [x]
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=FTSG&bmod=FTSG

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe

SearchScopes: HKLM - DefaultScope value is missing.

SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File

Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 

FireFox:

========

FF ProfilePath: C:\Users\*\AppData\Roaming\Mozilla\Firefox\Profiles\31qy4b1e.default

FF Homepage: hxxp://www.google.de/

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()

FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @videolan.org/vlc,version=2.0.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.0.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - D:\Programme\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - D:\Programme\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @mozilla.zeniko.ch/SumatraPDF_Browser_Plugin - d:\programme\SumatraPDF\npPdfViewer.dll (Simon Bünzli)

FF Plugin-x32: @videolan.org/vlc,version=2.0.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin HKCU: @mozilla.zeniko.ch/SumatraPDF_Browser_Plugin - d:\programme\SumatraPDF\npPdfViewer.dll (Simon Bünzli)

FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 

==================== Services (Whitelisted) =================
 

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86224 2012-05-08] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110032 2012-05-08] (Avira Operations GmbH & Co. KG)

R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()

R2 PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [330240 2010-06-24] (FUJITSU LIMITED)

R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [63336 2009-07-30] (FUJITSU LIMITED)

R2 VFPRadioSupportService; C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe [145840 2009-12-24] (CSR, plc)

S3 Futuremark SystemInfo Service; "C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe" [x]

S2 SDScannerService; "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" [x]

S2 SDUpdateService; "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" [x]

S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x]
 

==================== Drivers (Whitelisted) ====================
 

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98848 2012-05-08] (Avira GmbH)

R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132832 2012-05-08] (Avira GmbH)

R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [27760 2011-12-15] (Avira GmbH)

R3 FUJ02B1; C:\Windows\System32\DRIVERS\FUJ02B1.sys [7808 2006-11-01] (FUJITSU LIMITED)

R3 FUJ02E3; C:\Windows\System32\DRIVERS\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)

R3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32000 2013-08-22] ()

S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [x]

S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x]

S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2013-08-22 15:18 - 2013-08-22 15:18 - 00032000 _____ C:\Windows\system32\Drivers\hitmanpro37.sys

2013-08-22 15:17 - 2013-08-22 15:17 - 00000476 _____ C:\Windows\system32\.crusader

2013-08-22 15:13 - 2013-08-22 15:13 - 00001911 _____ C:\Users\Public\Desktop\HitmanPro.lnk

2013-08-22 15:13 - 2013-08-22 15:13 - 00000000 ____D C:\Program Files\HitmanPro

2013-08-17 11:35 - 2013-08-17 11:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2013-08-16 16:32 - 2013-08-16 16:32 - 00004390 _____ C:\Users\*\Desktop\HitmanPro_20130816_1632.log

2013-08-16 16:22 - 2013-08-22 15:17 - 00000000 ____D C:\ProgramData\HitmanPro

2013-08-16 16:21 - 2013-08-16 16:22 - 09853928 _____ (SurfRight B.V.) C:\Users\*\Desktop\HitmanPro_x64.exe

2013-08-16 16:10 - 2013-08-16 16:16 - 00001320 _____ C:\Users\*\Desktop\JRT.txt

2013-08-16 16:02 - 2013-08-16 16:02 - 00000000 ____D C:\Windows\ERUNT

2013-08-16 15:54 - 2013-08-16 15:54 - 00001884 _____ C:\Users\*\Desktop\AdwCleaner[S2].txt

2013-08-16 15:51 - 2013-08-16 15:51 - 00001919 _____ C:\AdwCleaner[S2].txt

2013-08-16 15:50 - 2013-08-16 15:50 - 00666633 _____ C:\Users\*\Desktop\adwcleaner.exe

2013-08-16 14:49 - 2013-08-16 14:49 - 00005947 _____ C:\Users\Internetkonto\Desktop\Mobilfunkvertrag_Musterkuendigung.zip

2013-08-16 14:46 - 2013-08-16 14:46 - 00000000 ____D C:\Users\Internetkonto\AppData\Roaming\OpenOffice

2013-08-15 13:05 - 2013-08-15 13:05 - 00023376 _____ C:\ComboFix.txt

2013-08-13 22:55 - 2013-08-15 12:51 - 05104931 ____R (Swearware) C:\Users\*\Desktop\ComboFix.exe

2013-08-13 19:01 - 2013-08-13 19:01 - 00013493 _____ C:\Users\*\Desktop\AbbuchungCambioSTornierung.odt

2013-08-13 19:00 - 2013-08-13 19:00 - 00000000 ____D C:\Users\*\AppData\Roaming\OpenOffice

2013-08-13 13:34 - 2013-08-13 13:34 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\*\Desktop\tdsskiller.exe

2013-08-13 12:54 - 2013-08-15 13:05 - 00000000 ____D C:\Qoobox

2013-08-13 12:54 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe

2013-08-13 12:54 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe

2013-08-13 12:54 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe

2013-08-13 12:54 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe

2013-08-13 12:54 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe

2013-08-13 12:54 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe

2013-08-13 12:54 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe

2013-08-13 12:54 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe

2013-08-09 20:19 - 2013-08-09 20:19 - 00022377 _____ C:\Users\*\Desktop\Addition.txt

2013-08-09 20:18 - 2013-08-09 20:18 - 00000000 ____D C:\FRST

2013-08-08 23:10 - 2013-08-08 23:13 - 110344048 _____ C:\Users\*\Desktop\avira_free_antivirus85_de.exe

2013-08-08 18:10 - 2013-08-16 12:13 - 00005290 _____ C:\Windows\PFRO.log

2013-08-08 16:09 - 2013-08-08 16:09 - 00000000 ____D C:\Users\*\Documents\ProcAlyzer Dumps

2013-08-08 14:10 - 2013-08-13 12:48 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2

2013-08-08 14:10 - 2013-08-09 19:37 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy

2013-08-08 14:10 - 2013-08-08 14:10 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking

2013-08-08 14:09 - 2013-08-08 14:09 - 01440846 _____ C:\Users\Internetkonto\Desktop\mbam-chameleon-1.62.1.1000.zip

2013-08-08 14:08 - 2013-08-08 14:08 - 37672592 _____ (Safer-Networking Ltd.                                       ) C:\Users\Internetkonto\Desktop\spybotsd-2.1.21-SR2.exe

2013-08-06 20:18 - 2013-08-22 15:18 - 00001456 _____ C:\Windows\setupact.log

2013-08-06 20:18 - 2013-08-06 20:18 - 00000000 _____ C:\Windows\setuperr.log

2013-08-06 18:16 - 2013-06-07 05:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2013-08-06 18:15 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2013-08-06 18:15 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2013-08-06 18:15 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2013-08-06 18:15 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2013-08-06 18:15 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2013-08-06 18:15 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2013-08-06 18:15 - 2013-06-12 01:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2013-08-06 18:15 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2013-08-06 18:15 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2013-08-06 18:15 - 2013-06-12 01:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2013-08-06 18:15 - 2013-06-12 01:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll

2013-08-06 18:15 - 2013-06-12 01:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2013-08-06 18:15 - 2013-06-12 01:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2013-08-06 18:15 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2013-08-06 18:15 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2013-08-06 18:15 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2013-08-06 18:15 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2013-08-06 18:15 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2013-08-06 18:15 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2013-08-06 18:15 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2013-08-06 18:15 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2013-08-06 18:15 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2013-08-06 18:15 - 2013-06-12 01:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2013-08-06 18:15 - 2013-06-12 01:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2013-08-06 18:15 - 2013-06-12 01:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2013-08-06 18:15 - 2013-06-12 01:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2013-08-06 18:15 - 2013-06-12 01:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2013-08-06 18:15 - 2013-06-12 00:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2013-08-06 18:15 - 2013-06-12 00:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe

2013-08-06 18:15 - 2013-06-07 04:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2013-08-06 18:00 - 2013-06-05 05:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2013-08-06 18:00 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL

2013-08-06 18:00 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL

2013-08-06 18:00 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll

2013-08-06 18:00 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll

2013-08-06 17:59 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll

2013-08-06 17:59 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll

2013-08-06 17:41 - 2013-08-06 17:41 - 00000000 ____D C:\Users\Internetkonto\AppData\Roaming\RCP 6

2013-08-06 17:33 - 2013-08-06 17:33 - 00000000 ____D C:\ConversionOutput

2013-08-06 17:18 - 2013-08-06 17:18 - 00000000 ____D C:\Users\Internetkonto\AppData\Local\PictureConverter

2013-08-06 11:39 - 2013-08-06 11:39 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4

2013-08-06 11:14 - 2013-08-06 11:14 - 00000000 ____D C:\Windows\en

2013-08-06 11:14 - 2013-08-06 11:14 - 00000000 ____D C:\Windows\de

2013-08-06 11:07 - 2013-08-06 11:13 - 143436858 _____ C:\Users\*\Desktop\Apache_OpenOffice_4.0.0_Win_x86_install_en-US.exe
 

==================== One Month Modified Files and Folders =======
 

2013-08-22 15:26 - 2013-08-22 15:26 - 01576476 _____ (Farbar) C:\Users\*\Desktop\FRST64.exe

2013-08-22 15:26 - 2009-07-14 06:45 - 00016752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2013-08-22 15:26 - 2009-07-14 06:45 - 00016752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2013-08-22 15:25 - 2011-02-14 14:57 - 00696870 _____ C:\Windows\system32\perfh007.dat

2013-08-22 15:25 - 2011-02-14 14:57 - 00148134 _____ C:\Windows\system32\perfc007.dat

2013-08-22 15:25 - 2009-07-14 07:13 - 01612484 _____ C:\Windows\system32\PerfStringBackup.INI

2013-08-22 15:18 - 2013-08-22 15:18 - 00032000 _____ C:\Windows\system32\Drivers\hitmanpro37.sys

2013-08-22 15:18 - 2013-08-06 20:18 - 00001456 _____ C:\Windows\setupact.log

2013-08-22 15:18 - 2013-01-21 16:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2013-08-22 15:18 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2013-08-22 15:17 - 2013-08-22 15:17 - 00000476 _____ C:\Windows\system32\.crusader

2013-08-22 15:17 - 2013-08-16 16:22 - 00000000 ____D C:\ProgramData\HitmanPro

2013-08-22 15:17 - 2011-12-26 02:39 - 01359197 _____ C:\Windows\WindowsUpdate.log

2013-08-22 15:13 - 2013-08-22 15:13 - 00001911 _____ C:\Users\Public\Desktop\HitmanPro.lnk

2013-08-22 15:13 - 2013-08-22 15:13 - 00000000 ____D C:\Program Files\HitmanPro

2013-08-22 15:01 - 2012-11-21 19:21 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2013-08-19 15:01 - 2012-08-24 12:52 - 00000000 ____D C:\Users\Internetkonto\AppData\Roaming\Dropbox

2013-08-17 11:35 - 2013-08-17 11:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2013-08-16 16:32 - 2013-08-16 16:32 - 00004390 _____ C:\Users\*\Desktop\HitmanPro_20130816_1632.log

2013-08-16 16:22 - 2013-08-16 16:21 - 09853928 _____ (SurfRight B.V.) C:\Users\*\Desktop\HitmanPro_x64.exe

2013-08-16 16:16 - 2013-08-16 16:10 - 00001320 _____ C:\Users\*\Desktop\JRT.txt

2013-08-16 16:02 - 2013-08-16 16:02 - 00000000 ____D C:\Windows\ERUNT

2013-08-16 15:54 - 2013-08-16 15:54 - 00001884 _____ C:\Users\*\Desktop\AdwCleaner[S2].txt

2013-08-16 15:51 - 2013-08-16 15:51 - 00001919 _____ C:\AdwCleaner[S2].txt

2013-08-16 15:50 - 2013-08-16 15:50 - 00666633 _____ C:\Users\*\Desktop\adwcleaner.exe

2013-08-16 14:49 - 2013-08-16 14:49 - 00005947 _____ C:\Users\Internetkonto\Desktop\Mobilfunkvertrag_Musterkuendigung.zip

2013-08-16 14:46 - 2013-08-16 14:46 - 00000000 ____D C:\Users\Internetkonto\AppData\Roaming\OpenOffice

2013-08-16 12:13 - 2013-08-08 18:10 - 00005290 _____ C:\Windows\PFRO.log

2013-08-15 13:05 - 2013-08-15 13:05 - 00023376 _____ C:\ComboFix.txt

2013-08-15 13:05 - 2013-08-13 12:54 - 00000000 ____D C:\Qoobox

2013-08-15 13:01 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini

2013-08-15 12:51 - 2013-08-13 22:55 - 05104931 ____R (Swearware) C:\Users\*\Desktop\ComboFix.exe

2013-08-13 19:01 - 2013-08-13 19:01 - 00013493 _____ C:\Users\*\Desktop\AbbuchungCambioSTornierung.odt

2013-08-13 19:00 - 2013-08-13 19:00 - 00000000 ____D C:\Users\*\AppData\Roaming\OpenOffice

2013-08-13 13:34 - 2013-08-13 13:34 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\*\Desktop\tdsskiller.exe

2013-08-13 12:48 - 2013-08-08 14:10 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2

2013-08-13 12:46 - 2011-12-30 20:32 - 00000000 ____D C:\Program Files (x86)\Futuremark

2013-08-13 12:46 - 2011-12-26 02:39 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information

2013-08-09 20:19 - 2013-08-09 20:19 - 00022377 _____ C:\Users\*\Desktop\Addition.txt

2013-08-09 20:18 - 2013-08-09 20:18 - 00000000 ____D C:\FRST

2013-08-09 19:37 - 2013-08-08 14:10 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy

2013-08-08 23:13 - 2013-08-08 23:10 - 110344048 _____ C:\Users\*\Desktop\avira_free_antivirus85_de.exe

2013-08-08 16:09 - 2013-08-08 16:09 - 00000000 ____D C:\Users\*\Documents\ProcAlyzer Dumps

2013-08-08 14:10 - 2013-08-08 14:10 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking

2013-08-08 14:09 - 2013-08-08 14:09 - 01440846 _____ C:\Users\Internetkonto\Desktop\mbam-chameleon-1.62.1.1000.zip

2013-08-08 14:08 - 2013-08-08 14:08 - 37672592 _____ (Safer-Networking Ltd.                                       ) C:\Users\Internetkonto\Desktop\spybotsd-2.1.21-SR2.exe

2013-08-06 20:18 - 2013-08-06 20:18 - 00000000 _____ C:\Windows\setuperr.log

2013-08-06 19:00 - 2012-09-12 16:32 - 00000000 ____D C:\Users\*\AppData\Local\CrashDumps

2013-08-06 18:57 - 2011-02-14 14:43 - 00000000 ____D C:\Windows\Panther

2013-08-06 18:44 - 2011-12-25 19:05 - 00117024 _____ C:\Users\*\AppData\Local\GDIPFONTCACHEV1.DAT

2013-08-06 18:44 - 2011-12-25 19:04 - 00000000 ____D C:\Users\*

2013-08-06 18:43 - 2009-07-14 06:45 - 00461120 _____ C:\Windows\system32\FNTCACHE.DAT

2013-08-06 18:42 - 2012-05-19 03:02 - 00000000 ____D C:\Program Files\Microsoft Silverlight

2013-08-06 18:42 - 2012-05-19 03:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight

2013-08-06 18:40 - 2010-11-21 09:17 - 00000000 ____D C:\Program Files\Windows Journal

2013-08-06 18:40 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender

2013-08-06 18:40 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender

2013-08-06 18:19 - 2011-12-25 22:04 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2013-08-06 17:41 - 2013-08-06 17:41 - 00000000 ____D C:\Users\Internetkonto\AppData\Roaming\RCP 6

2013-08-06 17:35 - 2011-12-27 00:11 - 00000000 ___RD C:\Users\Internetkonto

2013-08-06 17:33 - 2013-08-06 17:33 - 00000000 ____D C:\ConversionOutput

2013-08-06 17:18 - 2013-08-06 17:18 - 00000000 ____D C:\Users\Internetkonto\AppData\Local\PictureConverter

2013-08-06 12:35 - 2013-07-02 19:01 - 00000000 ____D C:\Users\Internetkonto\AppData\Local\Windows Live

2013-08-06 12:18 - 2011-12-27 00:13 - 00117024 _____ C:\Users\Internetkonto\AppData\Local\GDIPFONTCACHEV1.DAT

2013-08-06 11:39 - 2013-08-06 11:39 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4

2013-08-06 11:39 - 2012-01-25 01:43 - 00000000 ____D C:\Program Files (x86)\OpenOffice.org 3

2013-08-06 11:37 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared

2013-08-06 11:34 - 2011-12-25 19:04 - 00000000 ____D C:\Users\*\AppData\Local\Adobe

2013-08-06 11:30 - 2012-11-21 19:21 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater

2013-08-06 11:30 - 2012-04-04 00:00 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2013-08-06 11:30 - 2011-12-28 22:46 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2013-08-06 11:21 - 2011-12-27 00:00 - 00000828 _____ C:\Users\Public\Desktop\CCleaner.lnk

2013-08-06 11:21 - 2011-12-27 00:00 - 00000000 ____D C:\Program Files\CCleaner

2013-08-06 11:14 - 2013-08-06 11:14 - 00000000 ____D C:\Windows\en

2013-08-06 11:14 - 2013-08-06 11:14 - 00000000 ____D C:\Windows\de

2013-08-06 11:13 - 2013-08-06 11:07 - 143436858 _____ C:\Users\*\Desktop\Apache_OpenOffice_4.0.0_Win_x86_install_en-US.exe

2013-08-06 11:12 - 2011-12-25 19:07 - 00000000 ____D C:\Program Files (x86)\Windows Live

2013-08-06 11:12 - 2011-12-25 19:06 - 00000000 ____D C:\Program Files\Windows Live

2013-07-30 08:50 - 2012-03-13 18:32 - 03864576 ___SH C:\Users\Internetkonto\Desktop\Thumbs.db

2013-07-28 04:46 - 2013-02-23 01:10 - 00000000 ____D C:\Users\Internetkonto\AppData\Roaming\Spotify

2013-07-28 01:23 - 2013-02-23 01:10 - 00000000 ____D C:\Users\Internetkonto\AppData\Local\Spotify
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2013-08-12 15:11
 

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

Logge ich mich auf meinem Nicht-Admin-Account ein, fährt der Rechner jetzt einfach runter.

Logge ich mich auf meinem Nicht-Admin-Account ein, fährt der Rechner jetzt einfach runter.

Sieht das logfile soweit in Ordnung aus?