Diverse Viren auf Win8 Rechner - wie gehts weiter?
Hallo!
durch einen Klick auf "Ihr Videoplayer ist nicht aktuell" hab ich mir (Laptop intel corei7 win8.1 64bit) einiges eingefangen, Umleitungen beim Surfen und eDeals, Rechner sehr langsam, Firefox sehr langsam, Rechner startet sehr langsam, Poups mit Umfragen etc., Dropbox findet keine Internetverbindung mehr etc.
frst und frst64 laufen wohl nicht auf win8, oder?
In den Programmen finde ich nichts, was mir auffällig vorkommt, leider, also nichts, was ich deinstallieren könnte (siehe Liste unten; bin aber auch kein Profi...).
Spyhunter findet u.a. diese hier (aber Spyhunter kommt bei euch ja nicht so toll weg - weiß schon, aber war mal in der Nacht dann etwas hilflos...):
Istartsurf.com
Snap.do
Webssearches.com
2o7
Adserver
Adtech
Advert
Advertising
Avware.V-bates
Adware.Web Frog
CasableMedia
Media
Mediaplex
PUP.Freemake.Video Converter
PUP.NewPlayer
PUP.SupTab
OTL sagt Code:
ebOTL logfile created on: 12.09.2014 16:59:26 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\DieSinnnwells\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17278)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,91 Gb Total Physical Memory | 5,62 Gb Available Physical Memory | 71,05% Memory free
9,73 Gb Paging File | 6,33 Gb Available in Paging File | 65,03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 891,22 Gb Total Space | 525,17 Gb Free Space | 58,93% Space Free | Partition Type: NTFS
Drive D: | 25,00 Gb Total Space | 22,73 Gb Free Space | 90,93% Space Free | Partition Type: NTFS
Drive E: | 931,46 Gb Total Space | 542,70 Gb Free Space | 58,26% Space Free | Partition Type: NTFS
Drive G: | 1862,82 Gb Total Space | 1167,45 Gb Free Space | 62,67% Space Free | Partition Type: NTFS
Computer Name: SINNWELLNOTE | User Name: DieSinnnwells | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014.09.11 10:59:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\DieSinnnwells\Desktop\OTL.exe
PRC - [2014.09.04 20:49:42 | 000,060,452 | ---- | M] () -- C:\Windows\SysWOW64\DebugDirect3dMotion\DebugDirect3dMotion.exe
PRC - [2014.09.04 20:49:34 | 000,251,429 | ---- | M] () -- C:\Users\DieSinnnwells\AppData\Local\AppCursorFunction\BIOSPathTask.exe
PRC - [2014.09.04 20:49:34 | 000,107,557 | ---- | M] () -- C:\Users\DieSinnnwells\AppData\Local\AppCursorFunction\AppCursorFunction.exe
PRC - [2014.08.06 09:19:58 | 000,430,160 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2014.08.06 09:19:44 | 001,021,520 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
PRC - [2014.08.06 09:19:43 | 000,751,184 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2014.08.06 09:19:43 | 000,430,160 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2014.08.04 14:20:42 | 000,161,584 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
PRC - [2014.07.30 02:22:10 | 036,414,496 | ---- | M] (Dropbox, Inc.) -- C:\Users\DieSinnnwells\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013.12.21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.12.12 21:56:14 | 003,145,536 | ---- | M] () -- C:\Users\DieSinnnwells\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
PRC - [2013.06.07 17:08:36 | 017,124,256 | ---- | M] (PACE Anti-Piracy, Inc.) -- C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
PRC - [2013.05.17 01:06:26 | 000,366,552 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2013.05.17 01:06:22 | 000,169,432 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
PRC - [2013.05.16 16:44:06 | 001,012,000 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013.05.14 10:02:50 | 000,552,960 | ---- | M] (Vimicro) -- C:\Program Files (x86)\USB Camera\VM331STI.EXE
PRC - [2013.04.30 12:25:22 | 000,286,704 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2013.04.30 12:25:22 | 000,015,344 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2013.03.18 15:25:26 | 001,161,592 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2013.03.18 15:25:08 | 001,124,728 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2013.03.08 15:18:34 | 000,095,192 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
PRC - [2013.01.09 08:06:06 | 001,259,872 | ---- | M] (SafeNet, Inc) -- C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
PRC - [2013.01.09 02:03:02 | 000,376,832 | ---- | M] (SafeNet, Inc.) -- C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
PRC - [2013.01.09 02:00:02 | 000,293,216 | ---- | M] (SafeNet, Inc.) -- C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe
PRC - [2012.12.13 22:18:54 | 000,070,152 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\NLSSRV32.EXE
PRC - [2012.10.30 20:11:32 | 000,168,464 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
PRC - [2012.03.26 18:35:16 | 000,449,168 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
PRC - [2004.12.14 02:12:02 | 000,483,328 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.exe
========== Modules (No Company Name) ==========
MOD - [2014.09.12 16:27:55 | 000,043,008 | ---- | M] () -- c:\users\diesin~1\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplpivmj.dll
MOD - [2014.09.11 01:38:26 | 000,250,880 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsForm0b574481#\72004d1b2eec7dfa9cc465c9804c9e20\WindowsFormsIntegration.ni.dll
MOD - [2014.09.11 01:38:13 | 002,964,480 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\d82137c37ef37707446bb6056c0ee9c4\System.IdentityModel.ni.dll
MOD - [2014.09.11 01:37:59 | 000,786,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\668eb7171833079353583f414ea7192d\System.ServiceModel.Internals.ni.dll
MOD - [2014.09.11 01:37:59 | 000,118,272 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\9c66601bad4851a24e037f606482160f\SMDiagnostics.ni.dll
MOD - [2014.09.11 01:35:52 | 007,785,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\462e6667cb4ef74abec9524d96c4d7d5\System.Xml.ni.dll
MOD - [2014.09.11 01:35:49 | 001,874,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\dd08601ab40a3c0743ee8d7b4350debe\System.Xaml.ni.dll
MOD - [2014.09.11 01:35:48 | 012,856,832 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\cc272fa4bc8ae7c468e3c75a57ae3c72\System.Windows.Forms.ni.dll
MOD - [2014.09.11 01:35:43 | 000,219,136 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\e99d52ddc175721f6ed14653e32ba4c5\System.ServiceProcess.ni.dll
MOD - [2014.09.11 01:35:42 | 019,567,616 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\528be8efca0c6b6c9ce63f3664c80443\System.ServiceModel.ni.dll
MOD - [2014.09.11 01:35:33 | 002,803,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\cf112546e5e77b821db19d8b958cfeee\System.Runtime.Serialization.ni.dll
MOD - [2014.09.11 01:35:30 | 001,635,328 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\9e99d85dfa5a3de8e34fe912acf82021\System.Drawing.ni.dll
MOD - [2014.09.11 01:35:29 | 007,385,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\a7d80873c90c120b21057d652b039a52\System.Data.ni.dll
MOD - [2014.09.11 01:35:26 | 000,968,192 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\04d455ea050b547ca661a16509fe4638\System.Configuration.ni.dll
MOD - [2014.09.11 01:35:26 | 000,463,360 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\165bbf987a17d5254aeb43e769ab02f7\PresentationFramework.Aero2.ni.dll
MOD - [2014.09.11 01:35:25 | 018,744,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\201ff175176fa9f3f7930492d6f8e140\PresentationFramework.ni.dll
MOD - [2014.09.11 01:35:18 | 011,027,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\137698b247bb9989ebaf0a9c9528f17a\PresentationCore.ni.dll
MOD - [2014.09.11 01:35:13 | 003,957,760 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\358c6ca55986bf6ef35d4de5806f3f99\WindowsBase.ni.dll
MOD - [2014.09.11 01:35:10 | 006,951,424 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\5e8ea4bc2ddce0edd65f5c68b7241c06\System.Core.ni.dll
MOD - [2014.09.11 01:35:07 | 010,003,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\3028925cf331e81d2b55093a3f131bd5\System.ni.dll
MOD - [2014.09.04 20:49:34 | 000,251,429 | ---- | M] () -- C:\Users\DieSinnnwells\AppData\Local\AppCursorFunction\BIOSPathTask.exe
MOD - [2014.08.04 14:20:34 | 000,052,472 | ---- | M] () -- C:\Users\DIESIN~1\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
MOD - [2014.07.30 02:20:20 | 003,610,624 | ---- | M] () -- C:\Users\DieSinnnwells\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2014.05.07 13:05:21 | 000,146,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Numerics\8e945b32dd6b4b00c900f6c01c0f3c62\System.Numerics.ni.dll
MOD - [2014.01.27 13:52:41 | 017,395,376 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\c90ef9a73ea0044641d31b19023aad61\mscorlib.ni.dll
MOD - [2013.12.12 21:56:14 | 003,145,536 | ---- | M] () -- C:\Users\DieSinnnwells\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
MOD - [2013.08.23 21:01:44 | 025,100,288 | ---- | M] () -- C:\Users\DieSinnnwells\AppData\Roaming\Dropbox\bin\libcef.dll
========== Services (SafeList) ==========
SRV:64bit: - [2014.09.11 10:29:19 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014.04.06 13:20:36 | 000,201,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014.04.03 04:51:48 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2014.03.14 08:26:25 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2014.03.08 07:41:25 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014.03.06 09:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014.02.22 17:53:10 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014.02.22 11:57:16 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014.02.22 11:26:58 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014.02.22 11:25:39 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014.02.22 11:25:14 | 000,269,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014.02.22 11:23:58 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013.12.10 09:35:18 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013.11.23 06:50:00 | 000,282,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013.08.22 14:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013.08.22 13:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013.08.22 13:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013.08.22 13:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013.08.22 13:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013.08.22 13:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013.08.22 12:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013.08.22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013.08.22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013.08.22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013.08.22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013.08.22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013.08.22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013.08.22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013.08.22 12:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013.08.22 11:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013.08.22 11:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013.08.22 11:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013.08.22 11:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013.08.22 11:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013.08.22 11:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013.08.22 11:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013.08.22 11:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV - [2014.09.09 22:17:16 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.09.04 20:49:42 | 000,060,452 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\DebugDirect3dMotion\DebugDirect3dMotion.exe -- (DebugDirect3dMotion)
SRV - [2014.09.04 20:49:34 | 000,107,557 | ---- | M] () [Auto | Running] -- C:\Users\DieSinnnwells\AppData\Local\AppCursorFunction\AppCursorFunction.exe -- (AppCursorFunction.exe)
SRV - [2014.08.06 09:19:58 | 000,430,160 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2014.08.06 09:19:44 | 001,021,520 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe -- (AntiVirWebService)
SRV - [2014.08.06 09:19:43 | 000,430,160 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2014.08.04 14:20:40 | 000,149,296 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe -- (Avira.OE.ServiceHost)
SRV - [2014.07.30 12:05:04 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014.05.12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014.05.12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014.04.03 20:21:48 | 000,315,008 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014.03.14 08:10:16 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2014.01.09 07:15:48 | 001,025,408 | ---- | M] (Enigma Software Group USA, LLC.) [Auto | Running] -- C:\Programme\Enigma Software Group\SpyHunter\SH4Service.exe -- (SpyHunter 4 Service)
SRV - [2013.12.21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.12.21 01:02:54 | 000,279,000 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013.09.05 03:35:24 | 001,364,256 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013.09.01 13:30:33 | 000,068,368 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe -- (VeriFaceSrv)
SRV - [2013.08.28 17:24:04 | 003,378,416 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV - [2013.08.28 17:23:48 | 000,273,136 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV - [2013.08.28 17:23:40 | 000,626,416 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2013.08.28 17:23:20 | 000,149,744 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2013.08.28 01:27:58 | 000,661,832 | ---- | M] (Avid Technology, Inc.) [On_Demand | Stopped] -- C:\Programme\Avid\Editor Transcode\Dynamic Media Files\DMFService.exe -- (Avid DMF Service)
SRV - [2013.08.28 01:25:32 | 000,662,344 | ---- | M] (Avid Technology, Inc.) [Auto | Running] -- C:\Programme\Avid\Editor Transcode\TranscodeService\AvidEditorMSE.exe -- (Avid Editor Broker)
SRV - [2013.08.28 01:25:32 | 000,297,800 | ---- | M] (Avid Technology, Inc.) [Auto | Running] -- C:\Programme\Avid\Editor Transcode\TranscodeService\rnc-central\AvidEditorTranscodeStatus.exe -- (Avid Editor Transcode Status)
SRV - [2013.08.28 01:25:30 | 000,662,344 | ---- | M] (Avid Technology, Inc.) [On_Demand | Stopped] -- C:\Programme\Avid\Editor Transcode\TranscodeService\AvidEditorTranscode.exe -- (Avid Editor Transcode Service)
SRV - [2013.08.28 01:25:30 | 000,661,832 | ---- | M] (Avid Technology, Inc.) [Auto | Running] -- C:\Programme\Avid\Editor Transcode\TranscodeService\AvidEditorDbEngine.exe -- (Avid Editor Db Engine)
SRV - [2013.08.22 14:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013.08.22 05:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013.08.22 04:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013.07.04 20:36:32 | 000,337,920 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Programme\IDT\WDM\stacsv64.exe -- (STacSV)
SRV - [2013.06.07 17:08:36 | 017,124,256 | ---- | M] (PACE Anti-Piracy, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe -- (PaceLicenseDServices)
SRV - [2013.06.04 12:49:42 | 000,156,104 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe -- (Intel(R)
SRV - [2013.05.28 15:37:36 | 000,101,536 | ---- | M] (Intel) [Auto | Running] -- C:\Programme\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe -- (BrcmSetSecurity)
SRV - [2013.05.17 01:06:26 | 000,366,552 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2013.05.17 01:06:22 | 000,169,432 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2013.05.01 09:04:08 | 000,772,064 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV - [2013.04.30 12:25:22 | 000,015,344 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2013.03.18 15:25:26 | 001,161,592 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2013.03.18 15:25:08 | 001,124,728 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2013.02.13 12:47:04 | 000,820,184 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Programme\Intel\iCLS Client\SocketHeciServer.exe -- (Intel(R)
SRV - [2013.02.13 12:46:48 | 000,731,648 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2013.01.09 08:06:06 | 001,259,872 | ---- | M] (SafeNet, Inc) [Auto | Running] -- C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe -- (SentinelProtectionServer)
SRV - [2013.01.09 02:03:02 | 000,376,832 | ---- | M] (SafeNet, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe -- (SentinelKeysServer)
SRV - [2013.01.09 02:00:02 | 000,293,216 | ---- | M] (SafeNet, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe -- (SentinelSecurityRuntime)
SRV - [2012.12.13 22:18:54 | 000,070,152 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\NLSSRV32.EXE -- (nlsX86cc)
SRV - [2012.12.13 22:18:48 | 000,230,408 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Programme\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe -- (NitroDriverReadSpool8)
SRV - [2012.09.12 18:07:06 | 000,135,984 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014.07.08 11:32:06 | 000,042,040 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | Disabled | Unknown] -- C:\Windows\SysNative\drivers\avnetflt.sys -- (avnetflt)
DRV:64bit: - [2014.07.01 15:54:46 | 000,117,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2014.06.05 09:06:52 | 000,130,584 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2014.05.31 12:07:07 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014.05.12 07:26:14 | 000,064,216 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2014.05.12 07:25:56 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2014.05.01 15:31:39 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014.04.01 08:23:41 | 000,384,856 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014.03.24 04:30:57 | 000,257,880 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014.03.24 04:30:57 | 000,123,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2014.03.24 04:27:03 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014.03.20 05:41:20 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014.03.13 14:35:24 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014.03.08 22:40:16 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014.02.22 18:00:25 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014.02.22 17:49:51 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014.02.22 17:49:49 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014.02.22 17:49:49 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014.02.22 17:49:47 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014.02.22 17:44:13 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014.02.22 14:14:02 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2013.12.25 12:37:44 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2013.12.25 12:37:44 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013.12.25 12:37:44 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2013.12.21 01:02:44 | 004,216,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2013.12.15 01:34:54 | 000,039,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2013.12.15 01:34:54 | 000,027,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2013.12.04 20:41:54 | 000,226,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2013.11.14 09:33:28 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013.11.14 09:26:36 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013.11.14 09:13:40 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013.11.14 09:13:36 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013.10.31 20:25:19 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2013.10.08 23:52:34 | 003,648,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETwew02.sys -- (NETwNe64)
DRV:64bit: - [2013.09.25 23:52:42 | 003,589,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwbw02.sys -- (NETwNb64)
DRV:64bit: - [2013.09.05 03:37:00 | 000,030,496 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2013.09.01 13:33:08 | 000,035,600 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV:64bit: - [2013.08.22 15:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013.08.22 15:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013.08.22 14:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013.08.22 14:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013.08.22 14:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013.08.22 14:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013.08.22 14:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013.08.22 14:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013.08.22 14:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013.08.22 14:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013.08.22 14:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013.08.22 14:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013.08.22 14:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013.08.22 14:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013.08.22 14:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013.08.22 14:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013.08.22 14:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013.08.22 14:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013.08.22 14:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013.08.22 14:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013.08.22 14:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013.08.22 14:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013.08.22 14:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013.08.22 14:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013.08.22 14:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013.08.22 14:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013.08.22 14:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013.08.22 14:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013.08.22 14:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013.08.22 13:39:58 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2013.08.22 13:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013.08.22 13:39:50 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2013.08.22 13:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013.08.22 13:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013.08.22 13:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013.08.22 13:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013.08.22 13:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013.08.22 13:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013.08.22 13:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013.08.22 13:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013.08.22 13:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013.08.22 13:38:17 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2013.08.22 13:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013.08.22 13:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013.08.22 13:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013.08.22 13:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013.08.22 13:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013.08.22 13:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013.08.22 13:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013.08.22 13:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013.08.22 13:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013.08.22 13:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2013.08.22 13:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013.08.22 13:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013.08.22 10:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013.08.13 01:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013.08.10 02:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013.07.30 20:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013.07.25 21:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013.07.04 20:36:32 | 000,550,912 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2013.06.20 07:29:10 | 000,532,720 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2013.06.20 07:29:08 | 000,033,008 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2013.06.18 16:44:59 | 000,129,224 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C63x64.sys -- (L1C)
DRV:64bit: - [2013.06.04 12:49:20 | 000,115,656 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ibtusb.sys -- (ibtusb)
DRV:64bit: - [2013.05.31 11:45:12 | 001,064,704 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vm331avs.sys -- (vm331avs)
DRV:64bit: - [2013.05.28 15:37:28 | 000,206,744 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usb3Hub.sys -- (usb3Hub)
DRV:64bit: - [2013.05.17 01:06:24 | 000,064,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2013.05.01 09:04:36 | 000,165,344 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2013.04.30 12:25:00 | 000,677,360 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2013.04.11 15:08:40 | 000,106,704 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\Tpkd.sys -- (Tpkd)
DRV:64bit: - [2013.04.09 20:52:32 | 000,100,184 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\IntelPcc.sys -- (IntelHSWPcc)
DRV:64bit: - [2013.03.28 13:47:00 | 001,366,328 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2012.10.03 11:26:58 | 000,095,232 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2012.06.22 11:01:32 | 000,022,704 | ---- | M] () [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\EsgScanner.sys -- (EsgScanner)
DRV:64bit: - [2012.06.13 17:10:32 | 000,102,376 | ---- | M] ("CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd)
DRV:64bit: - [2011.05.24 03:00:00 | 000,055,952 | ---- | M] (Rovi Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009.09.17 08:05:02 | 000,145,448 | ---- | M] (SafeNet, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\sentinel64.sys -- (Sentinel64)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{CD4D22C8-F6CD-46CD-9432-456CB4AA5085}: "URL" = hxxp://url24.info/?id=4412f9766a2094&q={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{E3D32510-4D0D-4B4A-BE19-108A12DB42AD}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*origin.com;*ea.com;*akamaihd.net
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:21521
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:31.0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fmconverter@gmail.com: C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2014.01.09 13:08:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 31.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2013.11.01 00:14:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DieSinnnwells\AppData\Roaming\mozilla\Extensions
[2014.09.08 12:33:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DieSinnnwells\AppData\Roaming\mozilla\Firefox\Profiles\tdaqq3v8.default\extensions
[2014.09.04 13:09:40 | 000,000,000 | ---D | M] (Avira Browser Safety) -- C:\Users\DieSinnnwells\AppData\Roaming\mozilla\Firefox\Profiles\tdaqq3v8.default\extensions\abs@avira.com
[2014.07.30 12:05:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2014.07.30 12:05:06 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
O1 HOSTS File: ([2013.08.22 15:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll (Motorola Solutions, Inc.)
O4:64bit: - HKLM..\Run: [DolbyTrayApp] c:\program files (x86)\Dolby Home Theater v4\pcee4.exe (Dolby Laboratories Inc.)
O4:64bit: - HKLM..\Run: [Energy Manager] C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe (Lenovo(beijing) Limited)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Lenovo Utility] C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe (Lenovo(beijing) Limited)
O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [OnekeyStudio] C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe (Lenovo)
O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331STI.EXE (Vimicro)
O4 - HKLM..\Run: [Acrobat Assistant 7.0] C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.)
O4 - HKLM..\Run: [Intel AppUp(SM) center] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Intel Corporation)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [YouCam Tray] C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe (CyberLink Corp.)
O4 - HKCU..\Run: [Amazon Cloud Player] C:\Users\DieSinnnwells\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe ()
O4 - HKCU..\Run: [GMX Application {sync-000021}] C:\Users\DieSinnnwells\AppData\Local\GMX Application {sync-000021}\gmx_mediacenter.exe (1&1 Mail & Media GmbH)
O4 - Startup: C:\Users\DieSinnnwells\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Users\DieSinnnwells\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\DieSinnnwells\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 1
O8:64bit: - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Auswahl in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: In vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: In vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1D3612D4-07E1-4BDB-AF25-4BCFD39A5773}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\WINDOWS\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\WINDOWS\System32\Userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (bj.dll) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014.09.11 09:00:37 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014.09.12 16:58:53 | 000,000,000 | ---D | C] -- C:\_OTL
[2014.09.11 11:08:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group
[2014.09.11 11:08:49 | 000,000,000 | ---D | C] -- C:\Users\DieSinnnwells\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2014.09.11 10:59:21 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\DieSinnnwells\Desktop\OTL.exe
[2014.09.11 09:00:13 | 000,000,000 | ---D | C] -- C:\Users\DieSinnnwells\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
[2014.09.11 09:00:12 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2014.09.11 09:00:12 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2014.09.11 08:59:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2014.09.08 12:48:29 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014.09.08 12:48:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014.09.08 12:48:20 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbamchameleon.sys
[2014.09.08 12:48:20 | 000,064,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mwac.sys
[2014.09.08 12:48:20 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2014.09.08 12:48:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014.09.08 12:48:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014.09.08 12:09:42 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.09.04 20:52:20 | 000,000,000 | ---D | C] -- C:\Users\DieSinnnwells\AppData\Local\com
[2014.09.04 20:49:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\DebugDirect3dMotion
[2014.09.04 20:49:32 | 000,000,000 | ---D | C] -- C:\Users\DieSinnnwells\AppData\Local\AppCursorFunction
[2014.09.03 17:00:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014.09.12 16:26:25 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014.09.11 11:08:49 | 000,001,295 | ---- | M] () -- C:\Users\DieSinnnwells\Desktop\Revo Uninstaller.lnk
[2014.09.11 10:59:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\DieSinnnwells\Desktop\OTL.exe
[2014.09.11 10:44:59 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014.09.11 10:33:03 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014.09.11 10:32:58 | 2503,389,183 | -HS- | M] () -- C:\hiberfil.sys
[2014.09.11 10:32:22 | 000,012,800 | ---- | M] () -- C:\WINDOWS\SysNative\VfService.trf
[2014.09.11 10:17:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014.09.11 09:00:37 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2014.09.11 09:00:13 | 000,002,301 | ---- | M] () -- C:\Users\DieSinnnwells\Desktop\SpyHunter.lnk
[2014.09.11 08:47:08 | 001,807,578 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014.09.11 08:47:08 | 000,776,626 | ---- | M] () -- C:\WINDOWS\SysNative\perfh007.dat
[2014.09.11 08:47:08 | 000,731,842 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014.09.11 08:47:08 | 000,164,310 | ---- | M] () -- C:\WINDOWS\SysNative\perfc007.dat
[2014.09.11 08:47:08 | 000,139,818 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014.09.10 14:53:51 | 001,145,741 | ---- | M] () -- C:\Users\DieSinnnwells\Dropbox\Dokumente Laptop\Vertrag_UniBW_Sinnwell_MHSB1EW039EA976.pdf
[2014.09.08 12:48:22 | 000,001,129 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014.09.05 02:42:53 | 004,973,544 | ---- | M] () -- C:\Users\DieSinnnwells\Desktop\danieleAffen.avb
[2014.09.04 22:14:24 | 000,034,646 | ---- | M] () -- C:\Users\DieSinnnwells\Dropbox\Dokumente Laptop\cc_20140904_221415.reg
[2014.09.04 22:11:10 | 000,000,306 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2014.09.04 21:53:44 | 000,059,572 | ---- | M] () -- C:\0525d0a5-f51b-43ca-a1c4-c98e5dba42ec.dmp
[2014.09.04 20:49:21 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_webinstr_01009.Wdf
[2014.09.02 13:33:36 | 000,017,012 | ---- | M] () -- C:\Users\DieSinnnwells\Desktop\Sicherungskopie von To Do_as.wbk
[2014.09.02 10:56:07 | 000,001,133 | ---- | M] () -- C:\Users\DieSinnnwells\Desktop\Cyberlink Power2Go.lnk
[2014.08.28 07:45:50 | 000,001,164 | ---- | M] () -- C:\Users\Public\Desktop\Avira.lnk
[2014.08.28 07:38:51 | 000,499,368 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014.08.22 09:14:31 | 000,022,706 | ---- | M] () -- C:\Users\DieSinnnwells\Desktop\babydi_tstudie_-_den_zucker_im_brei_suchen.pdf
[2014.08.22 09:10:25 | 000,060,370 | ---- | M] () -- C:\Users\DieSinnnwells\Desktop\Newsletter_BABYDIAB.pdf
[2014.08.18 23:45:19 | 000,076,918 | ---- | M] () -- C:\Users\DieSinnnwells\Dropbox\Dokumente Laptop\Antrag_101_Selbst.pdf
[2014.08.18 21:18:06 | 000,058,162 | ---- | M] () -- C:\Users\DieSinnnwells\Desktop\Antrag_101_Selbst.pdf
[2014.08.16 16:32:11 | 002,744,896 | ---- | M] () -- C:\Users\DieSinnnwells\Desktop\__Schnitt Daniele.avb
[2014.08.15 09:57:11 | 000,002,469 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat - Schnellstart.lnk
[2014.08.15 00:19:45 | 000,001,123 | ---- | M] () -- C:\Users\DieSinnnwells\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014.08.15 00:19:24 | 000,001,107 | ---- | M] () -- C:\Users\DieSinnnwells\Desktop\Dropbox.lnk
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014.09.11 11:08:49 | 000,001,295 | ---- | C] () -- C:\Users\DieSinnnwells\Desktop\Revo Uninstaller.lnk
[2014.09.11 09:00:37 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2014.09.11 09:00:17 | 000,022,704 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\EsgScanner.sys
[2014.09.11 09:00:13 | 000,002,301 | ---- | C] () -- C:\Users\DieSinnnwells\Desktop\SpyHunter.lnk
[2014.09.10 14:52:47 | 001,145,741 | ---- | C] () -- C:\Users\DieSinnnwells\Dropbox\Dokumente Laptop\Vertrag_UniBW_Sinnwell_MHSB1EW039EA976.pdf
[2014.09.08 12:48:22 | 000,001,129 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014.09.05 02:42:53 | 004,973,544 | ---- | C] () -- C:\Users\DieSinnnwells\Desktop\danieleAffen.avb
[2014.09.04 22:14:18 | 000,034,646 | ---- | C] () -- C:\Users\DieSinnnwells\Dropbox\Dokumente Laptop\cc_20140904_221415.reg
[2014.09.04 21:53:44 | 000,059,572 | ---- | C] () -- C:\0525d0a5-f51b-43ca-a1c4-c98e5dba42ec.dmp
[2014.09.04 20:49:21 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_webinstr_01009.Wdf
[2014.09.04 20:49:06 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014.09.02 13:33:36 | 000,017,012 | ---- | C] () -- C:\Users\DieSinnnwells\Desktop\Sicherungskopie von To Do_as.wbk
[2014.08.28 07:45:50 | 000,001,164 | ---- | C] () -- C:\Users\Public\Desktop\Avira.lnk
[2014.08.22 09:14:30 | 000,022,706 | ---- | C] () -- C:\Users\DieSinnnwells\Desktop\babydi_tstudie_-_den_zucker_im_brei_suchen.pdf
[2014.08.22 09:10:23 | 000,060,370 | ---- | C] () -- C:\Users\DieSinnnwells\Desktop\Newsletter_BABYDIAB.pdf
[2014.08.18 21:26:52 | 000,076,918 | ---- | C] () -- C:\Users\DieSinnnwells\Dropbox\Dokumente Laptop\Antrag_101_Selbst.pdf
[2014.08.18 21:18:06 | 000,058,162 | ---- | C] () -- C:\Users\DieSinnnwells\Desktop\Antrag_101_Selbst.pdf
[2014.08.15 15:27:11 | 002,744,896 | ---- | C] () -- C:\Users\DieSinnnwells\Desktop\__Schnitt Daniele.avb
[2014.08.15 00:19:45 | 000,001,123 | ---- | C] () -- C:\Users\DieSinnnwells\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014.04.29 18:32:07 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2014.04.28 13:16:02 | 000,019,474 | ---- | C] () -- C:\WINDOWS\prodsett_copy.ini
[2014.03.18 16:24:24 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014.01.10 02:42:48 | 000,175,616 | ---- | C] () -- C:\WINDOWS\SysWow64\unrar.dll
[2013.12.21 01:02:44 | 000,280,064 | ---- | C] () -- C:\WINDOWS\SysWow64\igdmd32.dll
[2013.12.21 01:02:40 | 000,182,272 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2013.12.21 01:02:40 | 000,142,848 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll
[2013.11.14 12:03:26 | 000,243,288 | ---- | C] () -- C:\WINDOWS\SysWow64\qtmlClient.dll
[2013.09.01 13:11:47 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2013.09.01 13:10:40 | 000,001,677 | ---- | C] () -- C:\WINDOWS\vm331Rmv.ini
[2013.09.01 13:10:40 | 000,001,677 | ---- | C] () -- C:\WINDOWS\SysWow64\vm331Rmv.ini
[2013.09.01 13:10:08 | 001,809,786 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2013.08.22 17:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013.08.22 17:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013.08.22 16:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013.08.22 09:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013.08.22 05:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013.08.22 01:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013.08.22 01:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013.02.13 12:27:54 | 000,001,536 | ---- | C] () -- C:\WINDOWS\SysWow64\IusEventLog.dll
========== ZeroAccess Check ==========
[2014.01.09 13:09:04 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014.04.06 18:31:39 | 021,268,952 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.04.06 17:22:20 | 018,755,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013.08.22 11:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013.08.22 04:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013.08.22 11:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2014.04.03 21:36:43 | 000,000,000 | ---D | M] -- C:\Users\DieSinnnwells\AppData\Roaming\Avid Technology
[2014.03.04 14:17:39 | 000,000,000 | ---D | M] -- C:\Users\DieSinnnwells\AppData\Roaming\Avid Technology Inc
[2014.01.07 09:03:02 | 000,000,000 | ---D | M] -- C:\Users\DieSinnnwells\AppData\Roaming\Canon
[2014.09.04 08:33:41 | 000,000,000 | ---D | M] -- C:\Users\DieSinnnwells\AppData\Roaming\Dropbox
[2014.07.07 09:40:06 | 000,000,000 | ---D | M] -- C:\Users\DieSinnnwells\AppData\Roaming\DVDVideoSoft
[2014.01.03 13:32:05 | 000,000,000 | ---D | M] -- C:\Users\DieSinnnwells\AppData\Roaming\HandBrake
[2014.01.10 02:42:56 | 000,000,000 | ---D | M] -- C:\Users\DieSinnnwells\AppData\Roaming\Leawo
[2013.11.01 00:01:55 | 000,000,000 | ---D | M] -- C:\Users\DieSinnnwells\AppData\Roaming\Lenovo
[2013.11.27 10:06:41 | 000,000,000 | ---D | M] -- C:\Users\DieSinnnwells\AppData\Roaming\MyPhoneExplorer
[2013.10.23 22:00:42 | 000,000,000 | ---D | M] -- C:\Users\DieSinnnwells\AppData\Roaming\Nitro
[2014.09.08 15:43:27 | 000,000,000 | ---D | M] -- C:\Users\DieSinnnwells\AppData\Roaming\Nitro PDF
[2014.03.04 14:18:01 | 000,000,000 | ---D | M] -- C:\Users\DieSinnnwells\AppData\Roaming\PACE Anti-Piracy
[2014.01.10 14:03:45 | 000,000,000 | ---D | M] -- C:\Users\DieSinnnwells\AppData\Roaming\Sony
[2014.01.10 03:03:54 | 000,000,000 | ---D | M] -- C:\Users\DieSinnnwells\AppData\Roaming\Sony Creative Software Inc
[2014.04.03 21:17:58 | 000,000,000 | ---D | M] -- C:\Users\DieSinnnwells\AppData\Roaming\SorensonMedia
[2014.01.10 02:44:00 | 000,000,000 | ---D | M] -- C:\Users\DieSinnnwells\AppData\Roaming\tiger-k
[2014.01.03 13:28:45 | 000,000,000 | ---D | M] -- C:\Users\DieSinnnwells\AppData\Roaming\TuneUp Software
[2013.11.01 00:07:26 | 000,000,000 | ---D | M] -- C:\Users\DieSinnnwells\AppData\Roaming\WebApp
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 65536 bytes -> C:\Users\DieSinnnwells\Desktop\danieleAffen.avb:BINSTATE_RSRC
@Alternate Data Stream - 65536 bytes -> C:\Users\DieSinnnwells\Desktop\__SCHNITTvv.avb:BINSTATE_RSRC
@Alternate Data Stream - 65536 bytes -> C:\Users\DieSinnnwells\Desktop\__SCHNITT.avb:BINSTATE_RSRC
@Alternate Data Stream - 65536 bytes -> C:\Users\DieSinnnwells\Desktop\__Schnitt Daniele.avb:BINSTATE_RSRC
@Alternate Data Stream - 161 bytes -> C:\Users\DieSinnnwells\Dropbox\Dokumente Laptop\P1160684klein.jpg:com.dropbox.attributes
@Alternate Data Stream - 1047 bytes -> C:\Users\DieSinnnwells\AppData\Local\h4FUwrDK:Q7XyeUI637PNQWgnQxGGdIdqyf
< End of report >
ADWCLEANER findet nix, Code:
# AdwCleaner v3.309 - Bericht erstellt am 11/09/2014 um 10:09:59
# Aktualisiert 02/09/2014 von Xplode
# Betriebssystem : Windows 8.1 (64 bits)
# Benutzername : DieSinnnwells - SINNWELLNOTE
# Gestartet von : C:\Users\DieSinnnwells\Downloads\adwcleaner_3.309.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKCU\Software\STool
Schlüssel Gelöscht : HKLM\SOFTWARE\Upt
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17239
-\\ Mozilla Firefox v31.0 (x86 de)
[ Datei : C:\Users\DieSinnnwells\AppData\Roaming\Mozilla\Firefox\Profiles\tdaqq3v8.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [10644 octets] - [08/09/2014 12:09:45]
AdwCleaner[R1].txt - [10432 octets] - [08/09/2014 12:35:50]
AdwCleaner[R2].txt - [1158 octets] - [11/09/2014 10:09:17]
AdwCleaner[S0].txt - [7637 octets] - [08/09/2014 12:36:37]
AdwCleaner[S1].txt - [1032 octets] - [11/09/2014 10:09:59]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1092 octets] ##########
Installierte Programme:
Name Version
Avid Codecs LE 2.4.0
SpyHunter 4.17.6.4336
Adobe Common File Installer 1.00.001
Microsoft Office OneNote MUI (German) 2007 12.0.6612.1000
Microsoft Office InfoPath MUI (German) 2007 12.0.6612.1000
Microsoft Office Access MUI (German) 2007 12.0.6612.1000
Microsoft Office Excel MUI (German) 2007 12.0.6612.1000
Microsoft Office PowerPoint MUI (German) 2007 12.0.6612.1000
Microsoft Office Publisher MUI (German) 2007 12.0.6612.1000
Microsoft Office Outlook MUI (German) 2007 12.0.6612.1000
Microsoft Office Office 64-bit Components 2007 12.0.6612.1000
Microsoft Office Shared 64-bit MUI (German) 2007 12.0.6612.1000
Microsoft Office Groove MUI (German) 2007 12.0.6612.1000
Microsoft Office Word MUI (German) 2007 12.0.6612.1000
Microsoft Office Proofing (German) 2007 12.0.4518.1014
Microsoft Office Shared MUI (German) 2007 12.0.6612.1000
Microsoft Office Proof (Italian) 2007 12.0.6612.1000
Microsoft Office Proof (German) 2007 12.0.6612.1000
Microsoft Office Proof (English) 2007 12.0.6612.1000
Microsoft Office Proof (French) 2007 12.0.6612.1000
Microsoft Office Enterprise 2007 12.0.6612.1000
Microsoft Office File Validation Add-In 14.0.5130.5003
Microsoft Office 15.0.4454.1510
Adobe Bridge 1.0 001.000.001
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed 16.0.5.0046
Intel® Trusted Connect Service Client 1.27.798.1
PACE License Support Win64 2.0.0.0256
Intel(R) Update Manager 2.3.1338
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 10.0.40219
Microsoft Visual C++ 2005 Redistributable (x64) 8.0.61000
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology 3.0.1306.0342
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 10.0.40219
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 9.0.30729
NVIDIA PhysX 9.13.0604
Sony PDZK-MA2 v3.21 3.21
Adobe InDesign CS2 004.000.000
Microsoft Visual C++ 2005 Redistributable 8.0.59193
OneKey Recovery 5.70.0000
Visual Studio C++ 10.0 Runtime 10.0.0
Avid License Control 3.0.1
Apple Software Update 2.1.3.127
Dolby Home Theater v4 7.2.8000.17
Adobe Photoshop CS2 9.0
Java 7 Update 67 7.0.670
Skype™ 6.18 6.18.106
Apple Application Support 2.3.6
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 9.0.30729
Intel(R) WiDi 4.1.19.0
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 9.0.30729.6161
Adobe Acrobat 7.0 Professional - English, Français, Deutsch 7.0.0
Adobe Reader XI (11.0.09) - Deutsch 11.0.09
Avid FX (64 Bit) 6.4.0001
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 9.0.21022
Energy Manager 1.0.0.28
Adobe Stock Photos 1.0 1.0.1
Intel(R) PRO/Wireless Driver 16.01.5000.0577
Microsoft Office Live Add-in 1.5 2.0.4024.1
Shared C Run-time for x64 10.0.0
Microsoft Visual C++ 2005 Redistributable (x64) 8.0.56336
Adobe Help Center 1.0 1.0.1
YouCam 4.10.0000
Avid DVD by Sonic 6.4.4
Benutzerhandbuch 1.0.0.15
Alcor Micro USB Card Reader 3.1.1245.72250
Intel(R) Rapid Storage Technology 12.6.0.1033
Avid Media Composer 7.0.3
Intel® PROSet/Wireless WiFi Software 16.01.5000.0269
Microsoft Visual C++ 2005 Redistributable 8.0.61001
Sentinel Protection Installer 7.6.6 7.6.6
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 9.0.30729
Avid Editor Transcode 3.0.6
Microsoft .NET Framework 1.1 1.1.4322
PowerDVD 10.00.0000
Nitro Pro 8 8.0.10.7
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 9.0.30729
Java Auto Updater 2.1.67.1
Avira 1.1.21.25162
QuickTime 7 7.75.80.95
Wer kann mir helfen???
Danke 1000x,
lg
Arne |
FRST 32-Bit | FRST 64-Bit
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
