Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Seit ein paar tagen geht das Fenster aufmachen in Mozila so langsam und lädt immer

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 24.01.2012, 09:58   #1
turbospeida
 
Seit ein paar tagen geht das Fenster aufmachen in Mozila so langsam und lädt immer - Standard

Seit ein paar tagen geht das Fenster aufmachen in Mozila so langsam und lädt immer



Hallo bin neu hier und kenne mich nicht wirklich so gut mit pcs aus, aber seit Tagen laden die Mozilla Fenster immer so langsam und wenn ich den PC runterfahre steht da Beenden Erzwingen da im Hintergrund noch ein Programm läuft welches ich nicht kenne bzw. weiß welches das sein könnte.

Habe den Avira Free Virenscanner und dieser hat mir gestern einen Virus angezeigt aber konnte nichts machen und heute ist er weg aber das selbe Problem immer noch.

Kann auch das Update von Windows 7 Runterladen, da immer ein Fehler kommt und meinen PC zurück setzt usw.Habe als Betriebssystem Win7 in der 84Bit version, auch wenn ich so Fenster aufmachen dauert es bis diese laden.

Bitte kann mir da jemand helfen??? Haben mit Malwarebytes nen Scan gemacht und hier der LOG:
Malwarebytes Anti-Malware (Test) 1.60.0.1800
www.malwarebytes.org

Datenbank Version: v2012.01.24.02

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
TeVi :: SPEIDA [Administrator]

Schutz: Aktiviert

24.01.2012 09:28:25
mbam-log-2012-01-24 (09-28-25).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 182734
Laufzeit: 4 Minute(n), 17 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Wie soll ich weiter vorgehen????

Mfg

Alt 24.01.2012, 10:09   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Seit ein paar tagen geht das Fenster aufmachen in Mozila so langsam und lädt immer - Standard

Seit ein paar tagen geht das Fenster aufmachen in Mozila so langsam und lädt immer



Zitat:
Habe den Avira Free Virenscanner und dieser hat mir gestern einen Virus angezeigt
Solche Angaben reichen nicht, bitte poste die vollständigen Angaben/Logs der Virenscanner.
__________________

__________________

Alt 24.01.2012, 10:10   #3
turbospeida
 
Seit ein paar tagen geht das Fenster aufmachen in Mozila so langsam und lädt immer - Standard

Seit ein paar tagen geht das Fenster aufmachen in Mozila so langsam und lädt immer



Jetzt mit OTLOTL Logfile:
Code:
ATTFilter
OTL logfile created on: 24.01.2012 09:59:33 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\TeVi\Downloads
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,68 Gb Total Physical Memory | 1,68 Gb Available Physical Memory | 45,81% Memory free
7,35 Gb Paging File | 5,17 Gb Available in Paging File | 70,37% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451,66 Gb Total Space | 331,24 Gb Free Space | 73,34% Space Free | Partition Type: NTFS
 
Computer Name: SPEIDA | User Name: TeVi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.01.24 09:43:34 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\TeVi\Downloads\OTL.exe
PRC - [2012.01.15 13:33:09 | 000,939,872 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2012.01.07 20:16:52 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012.01.03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.12.24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.12.24 17:50:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011.10.26 06:12:58 | 000,490,448 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\program files (x86)\avira\antivir desktop\avscan.exe
PRC - [2011.10.11 13:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011.10.11 13:59:37 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.10.11 13:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.10.11 13:59:36 | 000,306,128 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\program files (x86)\avira\antivir desktop\avcenter.exe
PRC - [2011.01.17 17:50:34 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2011.01.17 17:50:34 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2010.04.23 17:46:32 | 000,124,136 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe
PRC - [2010.03.11 06:11:56 | 000,407,920 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
PRC - [2010.03.11 06:11:42 | 000,201,584 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
PRC - [2010.03.09 00:58:24 | 000,250,368 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
PRC - [2010.03.09 00:56:38 | 000,260,608 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
PRC - [2010.03.04 04:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010.03.04 04:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010.03.03 14:21:16 | 001,300,560 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2010.03.03 14:21:16 | 000,325,200 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2010.03.03 14:21:16 | 000,297,040 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2010.01.29 00:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe
PRC - [2010.01.13 09:47:44 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2009.07.20 04:00:00 | 000,077,824 | ---- | M] () -- C:\Programme\Logitech\SetPoint\x86\SetPoint32.exe
PRC - [2009.01.08 16:10:00 | 000,187,456 | ---- | M] (DATA BECKER GmbH & Co KG) -- C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe
PRC - [2007.09.02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.01.15 13:33:09 | 000,939,872 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2012.01.11 14:26:40 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\442eed762e21796e8e497fcd14f1295a\System.Runtime.Remoting.ni.dll
MOD - [2012.01.07 20:16:52 | 002,124,760 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011.10.14 12:55:15 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\cf95add46bfba066f035bd78f6e21d86\IAStorUtil.ni.dll
MOD - [2011.10.13 20:49:53 | 012,431,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d76221993c2fdfb991b8c12ae50a30eb\System.Windows.Forms.ni.dll
MOD - [2011.10.13 20:49:46 | 001,586,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\0e245eb9c1067cabd5673fe832d28613\System.Drawing.ni.dll
MOD - [2011.10.13 20:49:32 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\3136e12cfb8809d39813e76c766c782c\WindowsBase.ni.dll
MOD - [2011.10.13 20:49:27 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\275680f2b9db0501d53c50ea7d7a43f0\System.Xml.ni.dll
MOD - [2011.10.13 20:49:24 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e9ebeb7959f1c916ebf6fca8f7077d6c\System.Configuration.ni.dll
MOD - [2011.10.13 20:49:22 | 007,949,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\95b9866ab6e4437ef5dc5855ebab4e33\System.ni.dll
MOD - [2011.10.13 20:49:16 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll
MOD - [2011.10.11 13:59:51 | 000,398,288 | ---- | M] () -- C:\program files (x86)\avira\antivir desktop\sqlite3.dll
MOD - [2011.04.18 12:44:28 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2010.06.15 23:30:08 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.06.15 23:30:05 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2010.03.09 01:18:10 | 000,465,576 | ---- | M] () -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
MOD - [2010.01.13 09:47:44 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe
MOD - [2009.07.20 04:00:00 | 000,077,824 | ---- | M] () -- C:\Programme\Logitech\SetPoint\x86\SetPoint32.exe
MOD - [2009.05.20 07:02:04 | 000,072,200 | ---- | M] () -- C:\Program Files (x86)\Launch Manager\CdDirIo.dll
MOD - [2007.09.02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe
MOD - [2007.09.02 13:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011.12.14 12:23:22 | 000,035,648 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2010.09.22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010.03.02 17:12:14 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.11.02 11:48:18 | 000,126,352 | ---- | M] (Intel(R) Corporation) [Disabled | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV - [2012.01.03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.12.24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.12.14 12:23:34 | 002,123,584 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011.12.14 12:23:22 | 000,028,992 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2011.10.11 13:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.10.11 13:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.04.22 13:21:10 | 000,092,592 | ---- | M] (TomTom) [Disabled | Stopped] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2010.04.17 06:56:48 | 000,305,520 | ---- | M] (Egis Technology Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe -- (MWLService)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.10 08:36:42 | 000,820,768 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer PowerSmart Manager\ePowerSvc.exe -- (ePowerSvc)
SRV - [2010.03.09 00:58:24 | 000,250,368 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010.03.04 04:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2010.03.03 14:21:16 | 000,325,200 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2010.01.29 00:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV - [2010.01.08 14:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009.09.30 18:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009.09.30 18:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009.07.20 12:36:14 | 000,160,784 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.01.08 16:10:00 | 000,187,456 | ---- | M] (DATA BECKER GmbH & Co KG) [Auto | Running] -- C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe -- (DBService)
SRV - [2006.12.19 09:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Disabled | Stopped] -- C:\Windows\SysWOW64\IoctlSvc.exe -- (PLFlash DeviceIoControl Service)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2011.12.11 16:43:51 | 000,130,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011.12.10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011.10.11 14:00:01 | 000,097,312 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011.10.11 14:00:01 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011.03.11 07:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.18 16:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010.09.23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010.04.07 03:04:22 | 002,216,960 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010.04.01 09:18:30 | 003,060,800 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010.03.04 03:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.03.02 17:23:12 | 006,402,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.03.02 16:08:12 | 007,843,040 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2010.03.02 16:07:34 | 000,188,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.02.24 11:20:40 | 000,191,616 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\acedrv11.sys -- (acedrv11)
DRV:64bit: - [2010.01.28 03:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010.01.19 00:38:00 | 000,075,304 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010.01.07 06:33:16 | 000,158,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009.11.02 11:48:02 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009.09.17 13:12:06 | 000,292,912 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009.09.17 11:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009.06.17 17:54:30 | 000,057,872 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2009.06.17 17:54:22 | 000,055,312 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2009.06.17 17:54:14 | 000,013,328 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd)
DRV:64bit: - [2009.06.17 17:54:06 | 000,074,256 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.03 03:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009.06.03 03:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009.06.03 03:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2009.05.27 06:32:38 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2009.05.05 09:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009.05.05 09:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV - [2011.09.22 17:10:46 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://isearch.avg.com/?cid={55539903-AC3D-419B-9620-80A87D2C707E}&mid=da80c8371b1a47d1abb51943ef554f2e-77f36269eee083d5f8fd75a9fb6cc2146caa7797&lang=de&ds=tt014&pr=sa&d=2011-12-12 22:23:41&v=9.0.0.22&sap=hp
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "hxxp://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Google"
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties"
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.633: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.633: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.633: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.633: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011.03.09 21:39:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.01.23 21:25:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.01.23 21:25:27 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}: C:\Program Files (x86)\PriceGong\2.1.0\FF [2011.03.12 20:24:15 | 000,000,000 | ---D | M]
 
[2011.08.14 12:31:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\TeVi\AppData\Roaming\mozilla\Extensions
[2011.08.14 12:31:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\TeVi\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2012.01.05 18:58:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\TeVi\AppData\Roaming\mozilla\Firefox\Profiles\6iba8zqz.default\extensions
[2011.03.04 20:02:45 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\TeVi\AppData\Roaming\mozilla\Firefox\Profiles\6iba8zqz.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2011.11.19 20:55:06 | 000,000,000 | ---D | M] (WOT) -- C:\Users\TeVi\AppData\Roaming\mozilla\Firefox\Profiles\6iba8zqz.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2011.12.12 22:23:45 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\Users\TeVi\AppData\Roaming\mozilla\Firefox\Profiles\6iba8zqz.default\extensions\avg@toolbar
[2011.06.29 15:33:34 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Users\TeVi\AppData\Roaming\mozilla\Firefox\Profiles\6iba8zqz.default\extensions\de-DE@dictionaries.addons.mozilla.org
[2011.03.12 20:20:39 | 000,003,915 | ---- | M] () -- C:\Users\TeVi\AppData\Roaming\Mozilla\Firefox\Profiles\6iba8zqz.default\searchplugins\sweetim.xml
[2012.01.07 20:17:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
() (No name found) -- C:\USERS\TEVI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6IBA8ZQZ.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012.01.07 20:16:53 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.10.03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011.10.26 19:49:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2011.10.03 09:49:32 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.01.15 13:33:08 | 000,003,768 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2011.10.03 09:49:32 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.10.03 09:49:32 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.10.03 09:49:32 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.10.03 09:49:32 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.10.03 09:49:32 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (PriceGongBHO Class) - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.1.0\PriceGongIE.dll (PriceGong)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll ()
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [OOTag] C:\Program Files (x86)\Acer\OOBEOffer\ootag.exe (Microsoft)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcadeMovieService] C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [FILSHtray] "C:\Program Files (x86)\FILSHtray\FILSHtray.exe" File not found
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [OOTag] C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe (Microsoft)
O4 - HKLM..\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [ROC_roc_dec12] C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKCU..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()
O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\TeVi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{88AECCC0-44D1-42C6-AD2D-AF406C6E9413}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DFEE2242-366F-42A9-B3DE-C4273AB1F84C}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\backitup.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\coverdes.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\discspeed.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\drivespeed.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\hpcustpartic.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\infotool.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\nero.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\neroburnrights.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\nerohome.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\neromediahome.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\nerorescueagent.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\neroscoutoptions.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\nerostartsmart.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\nerovision.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\pdf24-editor.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\photosnap.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\photosnapviewer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\recode.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\setupx.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\showtime.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\soundtrax.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\tomtomhome.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\uninstall tomtom home.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\waveedit.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\backitup.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\coverdes.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\discspeed.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\drivespeed.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\hpcustpartic.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\infotool.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\nero.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\neroburnrights.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\nerohome.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\neromediahome.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\nerorescueagent.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\neroscoutoptions.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\nerostartsmart.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\nerovision.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\pdf24-editor.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\photosnap.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\photosnapviewer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\recode.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\setupx.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\showtime.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\soundtrax.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\tomtomhome.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\uninstall tomtom home.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\waveedit.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.01.24 09:38:53 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{CCF42632-AD35-4543-8CB9-EDBE54A22BC7}
[2012.01.24 09:38:32 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{FB5F5A62-6B04-4AEA-9145-F93C274AB813}
[2012.01.24 09:24:51 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Roaming\Malwarebytes
[2012.01.24 09:24:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.01.24 09:24:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.01.24 09:24:36 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.01.24 09:24:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.01.23 23:13:39 | 052,128,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MRT.exe
[2012.01.23 21:25:48 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Roaming\TeamViewer
[2012.01.23 20:24:53 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{B28101DC-EE64-4DA5-8732-A487973414E8}
[2012.01.23 20:24:42 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{1523117B-E8EE-435F-8E35-D00CFD251F44}
[2012.01.23 15:38:27 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{2D8A8DE4-CDAB-4F51-A07A-713B49ECBCE2}
[2012.01.23 15:38:02 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{D2A82867-3C67-4918-8468-C8D64E3EDFFE}
[2012.01.22 19:47:34 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012.01.22 18:51:50 | 000,000,000 | ---D | C] -- C:\1df072f148a7e78688646363e721
[2012.01.22 15:26:52 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{32ED8C87-14C9-4ED0-A755-7F1FE1D4AD13}
[2012.01.22 15:26:28 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{55EC901C-3297-4DD5-B3D9-5FFEE3DDD281}
[2012.01.20 11:59:34 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{1C8DC8C1-EC06-48F5-9FD4-2DC82A3F97B1}
[2012.01.20 11:59:12 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{79C27051-2A03-4C56-8E13-D0D7EBCA4D15}
[2012.01.19 19:23:08 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{D5807003-C4D3-4073-BB79-5D5A7D5D3E7F}
[2012.01.19 19:22:44 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{D5114A23-41A2-4B45-B7AB-CF7A2FBCE05F}
[2012.01.18 20:47:52 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{5F3E0C43-2E38-481C-A30D-B8B6648A5560}
[2012.01.18 20:47:30 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{64137A58-6881-4DD4-BEDA-A823B576F6F7}
[2012.01.17 12:46:45 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{7E3FDBD9-4E00-4188-9EEA-BC3D03E6EFF1}
[2012.01.17 12:46:23 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{2F3491FA-B6C7-4378-AE33-BCEDDB39C751}
[2012.01.16 18:49:41 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{4FFA93C2-331A-451C-A7DB-699CAB598555}
[2012.01.16 18:49:16 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{FD990988-A0C2-47B5-B42E-F889D5A5C8A8}
[2012.01.15 11:46:52 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{6209AD39-3C71-4113-820D-30095B8B1053}
[2012.01.15 11:46:29 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{23CD9C9B-C5D3-4678-AE0E-2D0D65801AA9}
[2012.01.14 12:07:20 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{933A413E-4253-40C5-ACC4-E71682ED1530}
[2012.01.14 12:06:59 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{1CD3A480-A6D6-45F6-9FC9-B102B17DF2CA}
[2012.01.13 14:09:44 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{93BE3861-8DED-412D-9B80-9ABB974DC5DA}
[2012.01.13 14:09:22 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{EEE9C81E-4862-4F0E-9059-7BD3EB6FCE19}
[2012.01.12 13:08:15 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{8454D6B2-3728-4DDB-A4DF-FA2FE2A79358}
[2012.01.12 13:07:53 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{9F0598D2-02CF-49A3-B55E-6B1EF3B68581}
[2012.01.11 14:14:46 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012.01.11 14:14:45 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012.01.11 14:14:45 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012.01.11 14:14:45 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012.01.11 14:14:45 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012.01.11 14:14:45 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012.01.11 13:21:34 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012.01.11 13:21:34 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012.01.11 13:21:34 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012.01.11 13:21:33 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012.01.11 13:21:31 | 001,739,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012.01.11 13:21:30 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012.01.11 13:21:30 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012.01.11 13:15:31 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{8173E4CD-B196-4B6B-B56B-77723A6382B8}
[2012.01.11 13:15:09 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{27F7DC36-8A89-4381-AFB0-32C4668AF864}
[2012.01.10 11:20:41 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{226D5019-A4A6-4D64-B351-78A7558DDFF4}
[2012.01.10 11:20:17 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{11F795E9-B89B-4F57-8427-FE5D083BCE84}
[2012.01.09 15:21:08 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{C5D99653-C721-49A6-9E55-7D57CDFCE92F}
[2012.01.09 15:20:50 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{7209EE81-C960-4AE8-B98C-80B61B23B2A6}
[2012.01.08 20:55:26 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{D450A392-6802-47B6-B2DC-EADE3D5EB7C5}
[2012.01.08 20:55:03 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{0DED55CC-0F32-4995-AEFE-D1122F51E4AE}
[2012.01.07 22:53:02 | 000,000,000 | ---D | C] -- C:\Users\TeVi\Documents\FILSHtray
[2012.01.07 22:53:02 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\FILSH_Media_GmbH
[2012.01.07 22:53:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FILSHtray
[2012.01.07 21:53:37 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{E65D36E9-8538-472F-BC7E-AD618686C500}
[2012.01.07 21:53:15 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{1579FA8D-69E1-414D-BA2C-715DE3C3BFD2}
[2012.01.07 09:03:00 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{8F864D4C-6F2C-4ED4-A6CD-8C94A2755E12}
[2012.01.07 09:02:35 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{FD2F6B3E-85EC-4050-9A4E-1001F6DC1ECB}
[2012.01.06 14:25:04 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{A53800E1-856E-45FC-A1E5-5E841DDF8398}
[2012.01.06 14:24:42 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{7EF0DA36-070F-4367-879F-4F84C87A92CF}
[2012.01.05 17:23:45 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{CF7D8AAE-02B6-4E74-8F9D-EF27D489D0E3}
[2012.01.05 17:23:22 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{8727E79C-FFEF-4667-B46F-36F83D5C61A4}
[2012.01.04 16:05:54 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{25692D0F-D930-45EA-9CBB-834EB633063F}
[2012.01.04 16:05:32 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{763B0C2C-005B-4929-B182-C6075105BB2F}
[2012.01.03 20:34:55 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{A7CE97F9-0062-4D17-A2DE-EA170DC97491}
[2012.01.03 20:34:34 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{366EF194-779C-469B-BC6D-A8F0ACC58DC6}
[2012.01.03 08:09:17 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{BD48D1AC-59C8-4C9A-92DF-BB684388A37C}
[2012.01.03 08:09:06 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{9DAB703F-1247-4CEA-929B-00A600E1B893}
[2012.01.02 12:12:13 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{D83225C8-CBA8-438D-9CE3-395B4D5EEFE5}
[2012.01.02 12:11:51 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{21641C22-1F42-43CA-AF8D-5FBE20345801}
[2012.01.01 21:03:43 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{1D6EA0D3-D73C-4A55-AED9-0E9C84F2B657}
[2012.01.01 21:03:31 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{6C8B6F20-56B9-4501-9201-F330688B8B3D}
[2011.12.31 12:13:45 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{565A6C1D-0BC0-411F-9A2D-C822616DDB41}
[2011.12.31 12:13:23 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{D419D6AA-23BD-42CF-906D-6091096B087F}
[2011.12.30 10:04:10 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{4A8FC2EC-9409-4212-B335-0065056876B0}
[2011.12.30 10:03:47 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{780E7637-AA4F-4D22-89B0-90445CF87D1F}
[2011.12.29 23:48:52 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{F371E37B-A470-419E-9310-362E94C9E0C0}
[2011.12.29 23:48:30 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{BF5DFE72-F9CC-4C23-AE87-D27A5D438F35}
[2011.12.29 10:27:49 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{73581D8A-F6C3-4948-A1BF-30227ED3C122}
[2011.12.29 10:27:26 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{D613B4FD-27A8-46EB-A4CB-D3FF7BE49845}
[2011.12.28 12:28:14 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{FC158257-E9C5-4512-B09A-57A1780AB65B}
[2011.12.28 12:26:39 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{8FD4A652-1F8F-474B-AF5B-9CCB79272B29}
[2011.12.28 10:54:40 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{997A5368-A698-4359-A3A1-737A21D1128D}
[2011.12.27 23:39:21 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{4F861D49-3E7F-44D6-9514-2796A10DD766}
[2011.12.27 22:36:04 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{5DAE28A6-7C39-4025-BFB2-DAFFF6A3E0A6}
[2011.12.27 22:35:42 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{90289EF0-A381-4C9C-BFF9-AF92E3C6F0AD}
[2011.12.27 10:27:18 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{879A95B1-A4B1-4A86-9557-1DC1C2660E3E}
[2011.12.27 10:26:56 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{B9AFE160-3C31-432A-B5E2-FCC283BD02D7}
[2011.12.26 10:46:19 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{071C5ABF-F254-4F31-923A-AC64B2FD96A0}
[2011.12.26 10:45:57 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{611FD087-FADD-4E2E-B3B1-35C0394A60A3}
[2011.12.25 18:00:47 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{6692C19D-0CA5-4387-92CC-081C7F8F1360}
[2011.12.25 18:00:27 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{985A3654-9173-4F0D-903D-BD6978C85770}
[2010.06.15 13:51:48 | 000,049,464 | ---- | C] ( ) -- C:\Windows\AutosetFrequency.exe
 
========== Files - Modified Within 30 Days ==========
 
[2012.01.24 09:44:43 | 000,000,000 | ---- | M] () -- C:\Users\TeVi\defogger_reenable
[2012.01.24 09:37:10 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.01.24 08:52:06 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.01.24 08:52:06 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.01.24 08:43:54 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.01.24 08:43:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.01.24 08:43:36 | 2960,510,976 | -HS- | M] () -- C:\hiberfil.sys
[2012.01.23 22:30:24 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2012.01.23 20:20:49 | 293,397,967 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.01.23 19:12:40 | 000,003,544 | ---- | M] () -- C:\bootsqm.dat
[2012.01.12 22:23:32 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.01.12 22:23:32 | 000,654,400 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.01.12 22:23:32 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.01.12 22:23:32 | 000,130,240 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.01.12 22:23:32 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.01.12 17:16:38 | 000,131,330 | ---- | M] () -- C:\Users\TeVi\Documents\Lebenslauf 11-2010 - Kopie (2).pdf
[2012.01.10 19:01:01 | 001,303,530 | ---- | M] () -- C:\Users\TeVi\Documents\Wertgutachten.pdf
[2012.01.04 17:15:16 | 052,128,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MRT.exe
[2011.12.30 13:32:56 | 000,643,545 | ---- | M] () -- C:\Users\TeVi\Documents\Handy abzocke.pdf
 
========== Files Created - No Company Name ==========
 
[2012.01.24 09:44:37 | 000,000,000 | ---- | C] () -- C:\Users\TeVi\defogger_reenable
[2012.01.23 20:20:49 | 293,397,967 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012.01.23 19:12:40 | 000,003,544 | ---- | C] () -- C:\bootsqm.dat
[2012.01.12 17:06:51 | 000,131,330 | ---- | C] () -- C:\Users\TeVi\Documents\Lebenslauf 11-2010 - Kopie (2).pdf
[2012.01.10 19:01:00 | 001,303,530 | ---- | C] () -- C:\Users\TeVi\Documents\Wertgutachten.pdf
[2011.12.30 13:32:56 | 000,643,545 | ---- | C] () -- C:\Users\TeVi\Documents\Handy abzocke.pdf
[2011.07.28 21:01:20 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2011.07.27 13:43:38 | 000,000,026 | ---- | C] () -- C:\Windows\Irremote.ini
[2011.03.03 18:11:11 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.06.15 13:51:48 | 000,632,056 | ---- | C] () -- C:\Windows\Image.dll
[2010.06.15 13:51:48 | 000,206,208 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2010.06.15 13:51:48 | 000,025,848 | ---- | C] () -- C:\Windows\USB_VIDEO_REG.exe
[2010.06.15 13:51:48 | 000,000,637 | ---- | C] () -- C:\Windows\AutoSetFrequency.ini
[2010.06.15 13:51:48 | 000,000,378 | ---- | C] () -- C:\Windows\PidList.ini
[2010.06.15 13:44:38 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.06.15 13:40:49 | 000,001,105 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2010.05.14 03:29:27 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2010.04.14 12:01:04 | 000,001,105 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010.04.14 12:01:02 | 000,870,544 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2010.04.14 12:01:02 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010.04.14 12:01:02 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2010.04.14 12:01:01 | 000,051,068 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2010.04.14 12:01:00 | 000,127,896 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2010.02.11 23:45:52 | 000,015,432 | R--- | C] () -- C:\Windows\SysWow64\drivers\UCORESYS.sys
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

< End of report >
         
--- --- ---
__________________

Alt 24.01.2012, 10:11   #4
turbospeida
 
Seit ein paar tagen geht das Fenster aufmachen in Mozila so langsam und lädt immer - Standard

Seit ein paar tagen geht das Fenster aufmachen in Mozila so langsam und lädt immer



Jetzt mit OTLOTL Logfile:
Code:
ATTFilter
OTL logfile created on: 24.01.2012 09:59:33 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\TeVi\Downloads
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,68 Gb Total Physical Memory | 1,68 Gb Available Physical Memory | 45,81% Memory free
7,35 Gb Paging File | 5,17 Gb Available in Paging File | 70,37% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451,66 Gb Total Space | 331,24 Gb Free Space | 73,34% Space Free | Partition Type: NTFS
 
Computer Name: SPEIDA | User Name: TeVi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.01.24 09:43:34 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\TeVi\Downloads\OTL.exe
PRC - [2012.01.15 13:33:09 | 000,939,872 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2012.01.07 20:16:52 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012.01.03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.12.24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.12.24 17:50:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011.10.26 06:12:58 | 000,490,448 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\program files (x86)\avira\antivir desktop\avscan.exe
PRC - [2011.10.11 13:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011.10.11 13:59:37 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.10.11 13:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.10.11 13:59:36 | 000,306,128 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\program files (x86)\avira\antivir desktop\avcenter.exe
PRC - [2011.01.17 17:50:34 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2011.01.17 17:50:34 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2010.04.23 17:46:32 | 000,124,136 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe
PRC - [2010.03.11 06:11:56 | 000,407,920 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
PRC - [2010.03.11 06:11:42 | 000,201,584 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
PRC - [2010.03.09 00:58:24 | 000,250,368 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
PRC - [2010.03.09 00:56:38 | 000,260,608 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
PRC - [2010.03.04 04:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010.03.04 04:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010.03.03 14:21:16 | 001,300,560 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2010.03.03 14:21:16 | 000,325,200 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2010.03.03 14:21:16 | 000,297,040 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2010.01.29 00:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe
PRC - [2010.01.13 09:47:44 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2009.07.20 04:00:00 | 000,077,824 | ---- | M] () -- C:\Programme\Logitech\SetPoint\x86\SetPoint32.exe
PRC - [2009.01.08 16:10:00 | 000,187,456 | ---- | M] (DATA BECKER GmbH & Co KG) -- C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe
PRC - [2007.09.02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.01.15 13:33:09 | 000,939,872 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2012.01.11 14:26:40 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\442eed762e21796e8e497fcd14f1295a\System.Runtime.Remoting.ni.dll
MOD - [2012.01.07 20:16:52 | 002,124,760 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011.10.14 12:55:15 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\cf95add46bfba066f035bd78f6e21d86\IAStorUtil.ni.dll
MOD - [2011.10.13 20:49:53 | 012,431,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d76221993c2fdfb991b8c12ae50a30eb\System.Windows.Forms.ni.dll
MOD - [2011.10.13 20:49:46 | 001,586,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\0e245eb9c1067cabd5673fe832d28613\System.Drawing.ni.dll
MOD - [2011.10.13 20:49:32 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\3136e12cfb8809d39813e76c766c782c\WindowsBase.ni.dll
MOD - [2011.10.13 20:49:27 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\275680f2b9db0501d53c50ea7d7a43f0\System.Xml.ni.dll
MOD - [2011.10.13 20:49:24 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e9ebeb7959f1c916ebf6fca8f7077d6c\System.Configuration.ni.dll
MOD - [2011.10.13 20:49:22 | 007,949,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\95b9866ab6e4437ef5dc5855ebab4e33\System.ni.dll
MOD - [2011.10.13 20:49:16 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll
MOD - [2011.10.11 13:59:51 | 000,398,288 | ---- | M] () -- C:\program files (x86)\avira\antivir desktop\sqlite3.dll
MOD - [2011.04.18 12:44:28 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2010.06.15 23:30:08 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.06.15 23:30:05 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2010.03.09 01:18:10 | 000,465,576 | ---- | M] () -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
MOD - [2010.01.13 09:47:44 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe
MOD - [2009.07.20 04:00:00 | 000,077,824 | ---- | M] () -- C:\Programme\Logitech\SetPoint\x86\SetPoint32.exe
MOD - [2009.05.20 07:02:04 | 000,072,200 | ---- | M] () -- C:\Program Files (x86)\Launch Manager\CdDirIo.dll
MOD - [2007.09.02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe
MOD - [2007.09.02 13:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011.12.14 12:23:22 | 000,035,648 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2010.09.22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010.03.02 17:12:14 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.11.02 11:48:18 | 000,126,352 | ---- | M] (Intel(R) Corporation) [Disabled | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV - [2012.01.03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.12.24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.12.14 12:23:34 | 002,123,584 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011.12.14 12:23:22 | 000,028,992 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2011.10.11 13:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.10.11 13:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.04.22 13:21:10 | 000,092,592 | ---- | M] (TomTom) [Disabled | Stopped] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2010.04.17 06:56:48 | 000,305,520 | ---- | M] (Egis Technology Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe -- (MWLService)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.10 08:36:42 | 000,820,768 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer PowerSmart Manager\ePowerSvc.exe -- (ePowerSvc)
SRV - [2010.03.09 00:58:24 | 000,250,368 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010.03.04 04:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2010.03.03 14:21:16 | 000,325,200 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2010.01.29 00:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV - [2010.01.08 14:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009.09.30 18:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009.09.30 18:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009.07.20 12:36:14 | 000,160,784 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.01.08 16:10:00 | 000,187,456 | ---- | M] (DATA BECKER GmbH & Co KG) [Auto | Running] -- C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe -- (DBService)
SRV - [2006.12.19 09:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Disabled | Stopped] -- C:\Windows\SysWOW64\IoctlSvc.exe -- (PLFlash DeviceIoControl Service)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2011.12.11 16:43:51 | 000,130,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011.12.10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011.10.11 14:00:01 | 000,097,312 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011.10.11 14:00:01 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011.03.11 07:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.18 16:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010.09.23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010.04.07 03:04:22 | 002,216,960 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010.04.01 09:18:30 | 003,060,800 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010.03.04 03:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.03.02 17:23:12 | 006,402,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.03.02 16:08:12 | 007,843,040 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2010.03.02 16:07:34 | 000,188,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.02.24 11:20:40 | 000,191,616 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\acedrv11.sys -- (acedrv11)
DRV:64bit: - [2010.01.28 03:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010.01.19 00:38:00 | 000,075,304 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010.01.07 06:33:16 | 000,158,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009.11.02 11:48:02 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009.09.17 13:12:06 | 000,292,912 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009.09.17 11:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009.06.17 17:54:30 | 000,057,872 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2009.06.17 17:54:22 | 000,055,312 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2009.06.17 17:54:14 | 000,013,328 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd)
DRV:64bit: - [2009.06.17 17:54:06 | 000,074,256 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.03 03:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009.06.03 03:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009.06.03 03:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2009.05.27 06:32:38 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2009.05.05 09:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009.05.05 09:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV - [2011.09.22 17:10:46 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://isearch.avg.com/?cid={55539903-AC3D-419B-9620-80A87D2C707E}&mid=da80c8371b1a47d1abb51943ef554f2e-77f36269eee083d5f8fd75a9fb6cc2146caa7797&lang=de&ds=tt014&pr=sa&d=2011-12-12 22:23:41&v=9.0.0.22&sap=hp
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "hxxp://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Google"
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties"
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.633: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.633: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.633: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.633: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011.03.09 21:39:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.01.23 21:25:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.01.23 21:25:27 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}: C:\Program Files (x86)\PriceGong\2.1.0\FF [2011.03.12 20:24:15 | 000,000,000 | ---D | M]
 
[2011.08.14 12:31:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\TeVi\AppData\Roaming\mozilla\Extensions
[2011.08.14 12:31:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\TeVi\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2012.01.05 18:58:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\TeVi\AppData\Roaming\mozilla\Firefox\Profiles\6iba8zqz.default\extensions
[2011.03.04 20:02:45 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\TeVi\AppData\Roaming\mozilla\Firefox\Profiles\6iba8zqz.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2011.11.19 20:55:06 | 000,000,000 | ---D | M] (WOT) -- C:\Users\TeVi\AppData\Roaming\mozilla\Firefox\Profiles\6iba8zqz.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2011.12.12 22:23:45 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\Users\TeVi\AppData\Roaming\mozilla\Firefox\Profiles\6iba8zqz.default\extensions\avg@toolbar
[2011.06.29 15:33:34 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Users\TeVi\AppData\Roaming\mozilla\Firefox\Profiles\6iba8zqz.default\extensions\de-DE@dictionaries.addons.mozilla.org
[2011.03.12 20:20:39 | 000,003,915 | ---- | M] () -- C:\Users\TeVi\AppData\Roaming\Mozilla\Firefox\Profiles\6iba8zqz.default\searchplugins\sweetim.xml
[2012.01.07 20:17:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
() (No name found) -- C:\USERS\TEVI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6IBA8ZQZ.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012.01.07 20:16:53 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.10.03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011.10.26 19:49:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2011.10.03 09:49:32 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.01.15 13:33:08 | 000,003,768 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2011.10.03 09:49:32 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.10.03 09:49:32 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.10.03 09:49:32 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.10.03 09:49:32 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.10.03 09:49:32 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (PriceGongBHO Class) - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.1.0\PriceGongIE.dll (PriceGong)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll ()
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [OOTag] C:\Program Files (x86)\Acer\OOBEOffer\ootag.exe (Microsoft)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcadeMovieService] C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [FILSHtray] "C:\Program Files (x86)\FILSHtray\FILSHtray.exe" File not found
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [OOTag] C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe (Microsoft)
O4 - HKLM..\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [ROC_roc_dec12] C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKCU..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()
O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\TeVi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{88AECCC0-44D1-42C6-AD2D-AF406C6E9413}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DFEE2242-366F-42A9-B3DE-C4273AB1F84C}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\backitup.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\coverdes.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\discspeed.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\drivespeed.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\hpcustpartic.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\infotool.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\nero.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\neroburnrights.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\nerohome.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\neromediahome.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\nerorescueagent.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\neroscoutoptions.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\nerostartsmart.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\nerovision.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\pdf24-editor.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\photosnap.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\photosnapviewer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\recode.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\setupx.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\showtime.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\soundtrax.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\tomtomhome.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\uninstall tomtom home.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\waveedit.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\backitup.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\coverdes.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\discspeed.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\drivespeed.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\hpcustpartic.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\infotool.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\nero.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\neroburnrights.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\nerohome.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\neromediahome.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\nerorescueagent.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\neroscoutoptions.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\nerostartsmart.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\nerovision.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\pdf24-editor.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\photosnap.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\photosnapviewer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\recode.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\setupx.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\showtime.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\soundtrax.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\tomtomhome.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\uninstall tomtom home.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\waveedit.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.01.24 09:38:53 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{CCF42632-AD35-4543-8CB9-EDBE54A22BC7}
[2012.01.24 09:38:32 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{FB5F5A62-6B04-4AEA-9145-F93C274AB813}
[2012.01.24 09:24:51 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Roaming\Malwarebytes
[2012.01.24 09:24:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.01.24 09:24:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.01.24 09:24:36 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.01.24 09:24:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.01.23 23:13:39 | 052,128,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MRT.exe
[2012.01.23 21:25:48 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Roaming\TeamViewer
[2012.01.23 20:24:53 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{B28101DC-EE64-4DA5-8732-A487973414E8}
[2012.01.23 20:24:42 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{1523117B-E8EE-435F-8E35-D00CFD251F44}
[2012.01.23 15:38:27 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{2D8A8DE4-CDAB-4F51-A07A-713B49ECBCE2}
[2012.01.23 15:38:02 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{D2A82867-3C67-4918-8468-C8D64E3EDFFE}
[2012.01.22 19:47:34 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012.01.22 18:51:50 | 000,000,000 | ---D | C] -- C:\1df072f148a7e78688646363e721
[2012.01.22 15:26:52 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{32ED8C87-14C9-4ED0-A755-7F1FE1D4AD13}
[2012.01.22 15:26:28 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{55EC901C-3297-4DD5-B3D9-5FFEE3DDD281}
[2012.01.20 11:59:34 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{1C8DC8C1-EC06-48F5-9FD4-2DC82A3F97B1}
[2012.01.20 11:59:12 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{79C27051-2A03-4C56-8E13-D0D7EBCA4D15}
[2012.01.19 19:23:08 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{D5807003-C4D3-4073-BB79-5D5A7D5D3E7F}
[2012.01.19 19:22:44 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{D5114A23-41A2-4B45-B7AB-CF7A2FBCE05F}
[2012.01.18 20:47:52 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{5F3E0C43-2E38-481C-A30D-B8B6648A5560}
[2012.01.18 20:47:30 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{64137A58-6881-4DD4-BEDA-A823B576F6F7}
[2012.01.17 12:46:45 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{7E3FDBD9-4E00-4188-9EEA-BC3D03E6EFF1}
[2012.01.17 12:46:23 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{2F3491FA-B6C7-4378-AE33-BCEDDB39C751}
[2012.01.16 18:49:41 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{4FFA93C2-331A-451C-A7DB-699CAB598555}
[2012.01.16 18:49:16 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{FD990988-A0C2-47B5-B42E-F889D5A5C8A8}
[2012.01.15 11:46:52 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{6209AD39-3C71-4113-820D-30095B8B1053}
[2012.01.15 11:46:29 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{23CD9C9B-C5D3-4678-AE0E-2D0D65801AA9}
[2012.01.14 12:07:20 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{933A413E-4253-40C5-ACC4-E71682ED1530}
[2012.01.14 12:06:59 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{1CD3A480-A6D6-45F6-9FC9-B102B17DF2CA}
[2012.01.13 14:09:44 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{93BE3861-8DED-412D-9B80-9ABB974DC5DA}
[2012.01.13 14:09:22 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{EEE9C81E-4862-4F0E-9059-7BD3EB6FCE19}
[2012.01.12 13:08:15 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{8454D6B2-3728-4DDB-A4DF-FA2FE2A79358}
[2012.01.12 13:07:53 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{9F0598D2-02CF-49A3-B55E-6B1EF3B68581}
[2012.01.11 14:14:46 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012.01.11 14:14:45 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012.01.11 14:14:45 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012.01.11 14:14:45 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012.01.11 14:14:45 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012.01.11 14:14:45 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012.01.11 13:21:34 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012.01.11 13:21:34 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012.01.11 13:21:34 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012.01.11 13:21:33 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012.01.11 13:21:31 | 001,739,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012.01.11 13:21:30 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012.01.11 13:21:30 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012.01.11 13:15:31 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{8173E4CD-B196-4B6B-B56B-77723A6382B8}
[2012.01.11 13:15:09 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{27F7DC36-8A89-4381-AFB0-32C4668AF864}
[2012.01.10 11:20:41 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{226D5019-A4A6-4D64-B351-78A7558DDFF4}
[2012.01.10 11:20:17 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{11F795E9-B89B-4F57-8427-FE5D083BCE84}
[2012.01.09 15:21:08 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{C5D99653-C721-49A6-9E55-7D57CDFCE92F}
[2012.01.09 15:20:50 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{7209EE81-C960-4AE8-B98C-80B61B23B2A6}
[2012.01.08 20:55:26 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{D450A392-6802-47B6-B2DC-EADE3D5EB7C5}
[2012.01.08 20:55:03 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{0DED55CC-0F32-4995-AEFE-D1122F51E4AE}
[2012.01.07 22:53:02 | 000,000,000 | ---D | C] -- C:\Users\TeVi\Documents\FILSHtray
[2012.01.07 22:53:02 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\FILSH_Media_GmbH
[2012.01.07 22:53:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FILSHtray
[2012.01.07 21:53:37 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{E65D36E9-8538-472F-BC7E-AD618686C500}
[2012.01.07 21:53:15 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{1579FA8D-69E1-414D-BA2C-715DE3C3BFD2}
[2012.01.07 09:03:00 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{8F864D4C-6F2C-4ED4-A6CD-8C94A2755E12}
[2012.01.07 09:02:35 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{FD2F6B3E-85EC-4050-9A4E-1001F6DC1ECB}
[2012.01.06 14:25:04 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{A53800E1-856E-45FC-A1E5-5E841DDF8398}
[2012.01.06 14:24:42 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{7EF0DA36-070F-4367-879F-4F84C87A92CF}
[2012.01.05 17:23:45 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{CF7D8AAE-02B6-4E74-8F9D-EF27D489D0E3}
[2012.01.05 17:23:22 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{8727E79C-FFEF-4667-B46F-36F83D5C61A4}
[2012.01.04 16:05:54 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{25692D0F-D930-45EA-9CBB-834EB633063F}
[2012.01.04 16:05:32 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{763B0C2C-005B-4929-B182-C6075105BB2F}
[2012.01.03 20:34:55 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{A7CE97F9-0062-4D17-A2DE-EA170DC97491}
[2012.01.03 20:34:34 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{366EF194-779C-469B-BC6D-A8F0ACC58DC6}
[2012.01.03 08:09:17 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{BD48D1AC-59C8-4C9A-92DF-BB684388A37C}
[2012.01.03 08:09:06 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{9DAB703F-1247-4CEA-929B-00A600E1B893}
[2012.01.02 12:12:13 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{D83225C8-CBA8-438D-9CE3-395B4D5EEFE5}
[2012.01.02 12:11:51 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{21641C22-1F42-43CA-AF8D-5FBE20345801}
[2012.01.01 21:03:43 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{1D6EA0D3-D73C-4A55-AED9-0E9C84F2B657}
[2012.01.01 21:03:31 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{6C8B6F20-56B9-4501-9201-F330688B8B3D}
[2011.12.31 12:13:45 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{565A6C1D-0BC0-411F-9A2D-C822616DDB41}
[2011.12.31 12:13:23 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{D419D6AA-23BD-42CF-906D-6091096B087F}
[2011.12.30 10:04:10 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{4A8FC2EC-9409-4212-B335-0065056876B0}
[2011.12.30 10:03:47 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{780E7637-AA4F-4D22-89B0-90445CF87D1F}
[2011.12.29 23:48:52 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{F371E37B-A470-419E-9310-362E94C9E0C0}
[2011.12.29 23:48:30 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{BF5DFE72-F9CC-4C23-AE87-D27A5D438F35}
[2011.12.29 10:27:49 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{73581D8A-F6C3-4948-A1BF-30227ED3C122}
[2011.12.29 10:27:26 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{D613B4FD-27A8-46EB-A4CB-D3FF7BE49845}
[2011.12.28 12:28:14 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{FC158257-E9C5-4512-B09A-57A1780AB65B}
[2011.12.28 12:26:39 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{8FD4A652-1F8F-474B-AF5B-9CCB79272B29}
[2011.12.28 10:54:40 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{997A5368-A698-4359-A3A1-737A21D1128D}
[2011.12.27 23:39:21 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{4F861D49-3E7F-44D6-9514-2796A10DD766}
[2011.12.27 22:36:04 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{5DAE28A6-7C39-4025-BFB2-DAFFF6A3E0A6}
[2011.12.27 22:35:42 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{90289EF0-A381-4C9C-BFF9-AF92E3C6F0AD}
[2011.12.27 10:27:18 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{879A95B1-A4B1-4A86-9557-1DC1C2660E3E}
[2011.12.27 10:26:56 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{B9AFE160-3C31-432A-B5E2-FCC283BD02D7}
[2011.12.26 10:46:19 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{071C5ABF-F254-4F31-923A-AC64B2FD96A0}
[2011.12.26 10:45:57 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{611FD087-FADD-4E2E-B3B1-35C0394A60A3}
[2011.12.25 18:00:47 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{6692C19D-0CA5-4387-92CC-081C7F8F1360}
[2011.12.25 18:00:27 | 000,000,000 | ---D | C] -- C:\Users\TeVi\AppData\Local\{985A3654-9173-4F0D-903D-BD6978C85770}
[2010.06.15 13:51:48 | 000,049,464 | ---- | C] ( ) -- C:\Windows\AutosetFrequency.exe
 
========== Files - Modified Within 30 Days ==========
 
[2012.01.24 09:44:43 | 000,000,000 | ---- | M] () -- C:\Users\TeVi\defogger_reenable
[2012.01.24 09:37:10 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.01.24 08:52:06 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.01.24 08:52:06 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.01.24 08:43:54 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.01.24 08:43:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.01.24 08:43:36 | 2960,510,976 | -HS- | M] () -- C:\hiberfil.sys
[2012.01.23 22:30:24 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2012.01.23 20:20:49 | 293,397,967 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.01.23 19:12:40 | 000,003,544 | ---- | M] () -- C:\bootsqm.dat
[2012.01.12 22:23:32 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.01.12 22:23:32 | 000,654,400 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.01.12 22:23:32 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.01.12 22:23:32 | 000,130,240 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.01.12 22:23:32 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.01.12 17:16:38 | 000,131,330 | ---- | M] () -- C:\Users\TeVi\Documents\Lebenslauf 11-2010 - Kopie (2).pdf
[2012.01.10 19:01:01 | 001,303,530 | ---- | M] () -- C:\Users\TeVi\Documents\Wertgutachten.pdf
[2012.01.04 17:15:16 | 052,128,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MRT.exe
[2011.12.30 13:32:56 | 000,643,545 | ---- | M] () -- C:\Users\TeVi\Documents\Handy abzocke.pdf
 
========== Files Created - No Company Name ==========
 
[2012.01.24 09:44:37 | 000,000,000 | ---- | C] () -- C:\Users\TeVi\defogger_reenable
[2012.01.23 20:20:49 | 293,397,967 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012.01.23 19:12:40 | 000,003,544 | ---- | C] () -- C:\bootsqm.dat
[2012.01.12 17:06:51 | 000,131,330 | ---- | C] () -- C:\Users\TeVi\Documents\Lebenslauf 11-2010 - Kopie (2).pdf
[2012.01.10 19:01:00 | 001,303,530 | ---- | C] () -- C:\Users\TeVi\Documents\Wertgutachten.pdf
[2011.12.30 13:32:56 | 000,643,545 | ---- | C] () -- C:\Users\TeVi\Documents\Handy abzocke.pdf
[2011.07.28 21:01:20 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2011.07.27 13:43:38 | 000,000,026 | ---- | C] () -- C:\Windows\Irremote.ini
[2011.03.03 18:11:11 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.06.15 13:51:48 | 000,632,056 | ---- | C] () -- C:\Windows\Image.dll
[2010.06.15 13:51:48 | 000,206,208 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2010.06.15 13:51:48 | 000,025,848 | ---- | C] () -- C:\Windows\USB_VIDEO_REG.exe
[2010.06.15 13:51:48 | 000,000,637 | ---- | C] () -- C:\Windows\AutoSetFrequency.ini
[2010.06.15 13:51:48 | 000,000,378 | ---- | C] () -- C:\Windows\PidList.ini
[2010.06.15 13:44:38 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.06.15 13:40:49 | 000,001,105 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2010.05.14 03:29:27 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2010.04.14 12:01:04 | 000,001,105 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010.04.14 12:01:02 | 000,870,544 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2010.04.14 12:01:02 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010.04.14 12:01:02 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2010.04.14 12:01:01 | 000,051,068 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2010.04.14 12:01:00 | 000,127,896 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2010.02.11 23:45:52 | 000,015,432 | R--- | C] () -- C:\Windows\SysWow64\drivers\UCORESYS.sys
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

< End of report >
         
--- --- ---

Alt 24.01.2012, 10:15   #5
turbospeida
 
Seit ein paar tagen geht das Fenster aufmachen in Mozila so langsam und lädt immer - Standard

Seit ein paar tagen geht das Fenster aufmachen in Mozila so langsam und lädt immer



Hier der LOG Vom Virus Scanner


Avira Free Antivirus
Erstellungsdatum der Reportdatei: Montag, 23. Januar 2012 22:21

Es wird nach 3213551 Virenstämmen gesucht.

Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer : Avira AntiVir Personal - Free Antivirus
Seriennummer : 0000149996-ADJIE-0000001
Plattform : Windows 7 x64
Windowsversion : (plain) [6.1.7600]
Boot Modus : Normal gebootet
Benutzername : TeVi
Computername : SPEIDA

Versionsinformationen:
BUILD.DAT : 12.0.0.872 Bytes 15.12.2011 16:24:00
AVSCAN.EXE : 12.1.0.18 490448 Bytes 26.10.2011 05:12:58
AVSCAN.DLL : 12.1.0.17 65744 Bytes 11.10.2011 12:59:58
LUKE.DLL : 12.1.0.17 68304 Bytes 11.10.2011 12:59:47
AVSCPLR.DLL : 12.1.0.21 99536 Bytes 11.12.2011 15:43:53
AVREG.DLL : 12.1.0.27 227536 Bytes 11.12.2011 15:43:52
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06.11.2009 18:18:34
VBASE001.VDF : 7.11.0.0 13342208 Bytes 14.12.2010 09:07:39
VBASE002.VDF : 7.11.19.170 14374912 Bytes 20.12.2011 19:34:18
VBASE003.VDF : 7.11.19.171 2048 Bytes 20.12.2011 19:34:18
VBASE004.VDF : 7.11.19.172 2048 Bytes 20.12.2011 19:34:19
VBASE005.VDF : 7.11.19.173 2048 Bytes 20.12.2011 19:34:19
VBASE006.VDF : 7.11.19.174 2048 Bytes 20.12.2011 19:34:20
VBASE007.VDF : 7.11.19.175 2048 Bytes 20.12.2011 19:34:20
VBASE008.VDF : 7.11.19.176 2048 Bytes 20.12.2011 19:34:20
VBASE009.VDF : 7.11.19.177 2048 Bytes 20.12.2011 19:34:20
VBASE010.VDF : 7.11.19.178 2048 Bytes 20.12.2011 19:34:20
VBASE011.VDF : 7.11.19.179 2048 Bytes 20.12.2011 19:34:20
VBASE012.VDF : 7.11.19.180 2048 Bytes 20.12.2011 19:34:20
VBASE013.VDF : 7.11.19.217 182784 Bytes 22.12.2011 14:13:06
VBASE014.VDF : 7.11.19.255 148480 Bytes 24.12.2011 16:57:44
VBASE015.VDF : 7.11.20.29 164352 Bytes 27.12.2011 09:44:29
VBASE016.VDF : 7.11.20.70 180224 Bytes 29.12.2011 09:44:11
VBASE017.VDF : 7.11.20.102 240640 Bytes 02.01.2012 19:59:40
VBASE018.VDF : 7.11.20.139 164864 Bytes 04.01.2012 19:59:40
VBASE019.VDF : 7.11.20.178 167424 Bytes 06.01.2012 22:23:54
VBASE020.VDF : 7.11.20.207 230400 Bytes 10.01.2012 17:52:40
VBASE021.VDF : 7.11.20.236 150528 Bytes 11.01.2012 18:04:01
VBASE022.VDF : 7.11.21.13 135168 Bytes 13.01.2012 19:46:02
VBASE023.VDF : 7.11.21.40 163840 Bytes 16.01.2012 19:46:04
VBASE024.VDF : 7.11.21.65 1001472 Bytes 17.01.2012 19:46:19
VBASE025.VDF : 7.11.21.98 487424 Bytes 19.01.2012 19:47:11
VBASE026.VDF : 7.11.21.99 2048 Bytes 19.01.2012 19:47:11
VBASE027.VDF : 7.11.21.100 2048 Bytes 19.01.2012 19:47:12
VBASE028.VDF : 7.11.21.101 2048 Bytes 19.01.2012 19:47:13
VBASE029.VDF : 7.11.21.102 2048 Bytes 19.01.2012 19:47:13
VBASE030.VDF : 7.11.21.103 2048 Bytes 19.01.2012 19:47:13
VBASE031.VDF : 7.11.21.137 209920 Bytes 23.01.2012 20:46:17
Engineversion : 8.2.8.34
AEVDF.DLL : 8.1.2.2 106868 Bytes 26.10.2011 05:12:52
AESCRIPT.DLL : 8.1.4.1 434553 Bytes 19.01.2012 19:49:01
AESCN.DLL : 8.1.8.1 127348 Bytes 19.01.2012 19:48:53
AESBX.DLL : 8.2.4.5 434549 Bytes 01.12.2011 18:33:54
AERDL.DLL : 8.1.9.15 639348 Bytes 08.09.2011 21:16:06
AEPACK.DLL : 8.2.16.1 799094 Bytes 17.01.2012 19:46:28
AEOFFICE.DLL : 8.1.2.25 201084 Bytes 03.01.2012 20:00:00
AEHEUR.DLL : 8.1.3.19 4309367 Bytes 19.01.2012 19:48:51
AEHELP.DLL : 8.1.19.0 254327 Bytes 19.01.2012 19:47:24
AEGEN.DLL : 8.1.5.17 405877 Bytes 11.12.2011 15:43:13
AEEMU.DLL : 8.1.3.0 393589 Bytes 01.09.2011 21:46:01
AECORE.DLL : 8.1.25.2 201079 Bytes 19.01.2012 19:47:19
AEBB.DLL : 8.1.1.0 53618 Bytes 01.09.2011 21:46:01
AVWINLL.DLL : 12.1.0.17 27344 Bytes 11.10.2011 12:59:41
AVPREF.DLL : 12.1.0.17 51920 Bytes 11.10.2011 12:59:38
AVREP.DLL : 12.1.0.17 179408 Bytes 11.10.2011 12:59:38
AVARKT.DLL : 12.1.0.19 208848 Bytes 11.12.2011 15:43:36
AVEVTLOG.DLL : 12.1.0.17 169168 Bytes 11.10.2011 12:59:37
SQLITE3.DLL : 3.7.0.0 398288 Bytes 11.10.2011 12:59:51
AVSMTP.DLL : 12.1.0.17 62928 Bytes 11.10.2011 12:59:39
NETNT.DLL : 12.1.0.17 17104 Bytes 11.10.2011 12:59:47
RCIMAGE.DLL : 12.1.0.17 4447952 Bytes 11.10.2011 13:00:00
RCTEXT.DLL : 12.1.0.16 98512 Bytes 11.10.2011 13:00:00

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Lokale Laufwerke
Konfigurationsdatei...................: C:\program files (x86)\avira\antivir desktop\alldrives.avp
Protokollierung.......................: standard
Primäre Aktion........................: interaktiv
Sekundäre Aktion......................: ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, D:,
Durchsuche aktive Programme...........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: aus
Integritätsprüfung von Systemdateien..: aus
Datei Suchmodus.......................: Intelligente Dateiauswahl
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert

Beginn des Suchlaufs: Montag, 23. Januar 2012 22:21

Der Suchlauf über die Masterbootsektoren wird begonnen:
Masterbootsektor HD0
[INFO] Es wurde kein Virus gefunden!
[INFO] Bitte starten Sie den Suchlauf erneut mit Administratorrechten

Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'C:\'
[INFO] Es wurde kein Virus gefunden!
[INFO] Bitte starten Sie den Suchlauf erneut mit Administratorrechten

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'avscan.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'firefox.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'SetPoint32.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'EgisUpdate.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'vprot.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'ArcadeMovieService.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'soffice.bin' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'LManager.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'BackupManagerTray.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'PmmUpdate.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'soffice.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'IAStorIcon.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'RocketDock.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'PLFSetI.exe' - '1' Modul(e) wurden durchsucht

Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '3589' Dateien ).


Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'C:\' <Acer>
C:\Users\Public\Videos\Sample Videos\Deutsche-Amateure - Aische pervers 1\Amateure 3Clips.7z
[WARNUNG] Die Datei konnte nicht gelesen werden!
C:\Users\TeVi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\52H7I0PG\wbkE0C7.tmp
[FUND] Enthält Erkennungsmuster der Phish-Datei/Email PHISH/MasterCar.A.2
Beginne mit der Suche in 'D:\'
Der zu durchsuchende Pfad D:\ konnte nicht geöffnet werden!
Systemfehler [21]: Das Gerät ist nicht bereit.

Beginne mit der Desinfektion:
C:\Users\TeVi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\52H7I0PG\wbkE0C7.tmp
[FUND] Enthält Erkennungsmuster der Phish-Datei/Email PHISH/MasterCar.A.2
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4b154ded.qua' verschoben!


Ende des Suchlaufs: Montag, 23. Januar 2012 23:43
Benötigte Zeit: 1:18:01 Stunde(n)

Der Suchlauf wurde vollständig durchgeführt.

28019 Verzeichnisse wurden überprüft
655265 Dateien wurden geprüft
1 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
1 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
0 Dateien konnten nicht durchsucht werden
655264 Dateien ohne Befall
4492 Archive wurden durchsucht
1 Warnungen
1 Hinweise


Alt 24.01.2012, 11:02   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Seit ein paar tagen geht das Fenster aufmachen in Mozila so langsam und lädt immer - Standard

Seit ein paar tagen geht das Fenster aufmachen in Mozila so langsam und lädt immer



Bitte nun routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Außerdem müssen alle Funde entfernt werden.

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset





Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
ATTFilter
 hier steht das Log
         
__________________
--> Seit ein paar tagen geht das Fenster aufmachen in Mozila so langsam und lädt immer

Alt 24.01.2012, 11:18   #7
turbospeida
 
Seit ein paar tagen geht das Fenster aufmachen in Mozila so langsam und lädt immer - Standard

Seit ein paar tagen geht das Fenster aufmachen in Mozila so langsam und lädt immer



Code:
ATTFilter
 Malwarebytes Anti-Malware  (Test) 1.60.0.1800
www.malwarebytes.org

Datenbank Version: v2012.01.24.02

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
TeVi :: SPEIDA [Administrator]

Schutz: Aktiviert

24.01.2012 11:06:53
mbam-log-2012-01-24 (11-06-53).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 182734
Laufzeit: 9 Minute(n), 19 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         

Alt 24.01.2012, 11:39   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Seit ein paar tagen geht das Fenster aufmachen in Mozila so langsam und lädt immer - Standard

Seit ein paar tagen geht das Fenster aufmachen in Mozila so langsam und lädt immer



Zitat:
Art des Suchlaufs: Quick-Scan
Sry aber ich wollte einen Vollscan sehen...bitte nachholen und Log posten!
Denk dran vorher die Signaturen von Malwarebytes zu aktualisieren, da gibt es sehr häufig neue Updates!
__________________
Logfiles bitte immer in CODE-Tags posten

Antwort

Themen zu Seit ein paar tagen geht das Fenster aufmachen in Mozila so langsam und lädt immer
administrator, anti-malware, autostart, avira, beenden, dateien, dateisystem, explorer, fehler, free, heuristiks/extra, heuristiks/shuriken, hintergrund, langsam, log, lädt, malwarebytes, mozilla, neu, problem, programm, scan, speicher, update, virenscanner, virus, win7, windows



Ähnliche Themen: Seit ein paar tagen geht das Fenster aufmachen in Mozila so langsam und lädt immer


  1. Popups und neue Seiten öffnen sich seit ein paar Tagen, sobald ich in chrome arbeite.
    Plagegeister aller Art und deren Bekämpfung - 25.02.2015 (20)
  2. Pc ist seit paar Tagen sehr Langsam!
    Plagegeister aller Art und deren Bekämpfung - 17.03.2014 (32)
  3. Pc ist seit paar Tagen sehr Langsam!
    Mülltonne - 16.03.2014 (1)
  4. Win7 Computer geht seit ein paar Tagen massiv "in die Knie"
    Plagegeister aller Art und deren Bekämpfung - 27.02.2014 (8)
  5. Mozilla öffnet ständig selbst neue Seiten, seit paar Tagen >> PC langsam
    Plagegeister aller Art und deren Bekämpfung - 16.06.2013 (36)
  6. Windows 8 / neuer Laptop nach paar Tagen sehr langsam geworden!
    Plagegeister aller Art und deren Bekämpfung - 07.05.2013 (1)
  7. (2x) Seit ein paar tagen einen verschlüsselungstrojaner auf dem Laptop
    Mülltonne - 24.06.2012 (0)
  8. Firefox lädt ein paar Seiten bzw. Videos sehr langsam
    Log-Analyse und Auswertung - 28.03.2012 (1)
  9. PC Auslastung seit paar tagen Extrem hoch.
    Plagegeister aller Art und deren Bekämpfung - 26.03.2012 (25)
  10. Mein Netbook macht seit ein paar Tagen Sonderzeichen immer doppelt. --> keylogger?
    Plagegeister aller Art und deren Bekämpfung - 18.08.2011 (4)
  11. Netbook seit paar Tagen sehr langsam (300 Ping)
    Log-Analyse und Auswertung - 10.05.2011 (6)
  12. Ich lande seit ein paar Tagen beim anklicken von Links immer auf anderen Seiten
    Plagegeister aller Art und deren Bekämpfung - 02.12.2010 (9)
  13. Internet ist seit ein paar Tagen langsam!
    Log-Analyse und Auswertung - 30.05.2010 (0)
  14. Pc ist seit kurzem sehr langsam,nach Anschaltung immer langsamer bis nichts mehr geht
    Plagegeister aller Art und deren Bekämpfung - 13.01.2010 (3)
  15. Seit paar Tagen nervige Popups
    Log-Analyse und Auswertung - 05.01.2010 (17)
  16. Ständig Werbefenster seit ein paar Tagen
    Plagegeister aller Art und deren Bekämpfung - 19.12.2009 (16)
  17. Hallo Internet seit paar Tagen langsam
    Log-Analyse und Auswertung - 21.07.2009 (1)

Zum Thema Seit ein paar tagen geht das Fenster aufmachen in Mozila so langsam und lädt immer - Hallo bin neu hier und kenne mich nicht wirklich so gut mit pcs aus, aber seit Tagen laden die Mozilla Fenster immer so langsam und wenn ich den PC runterfahre - Seit ein paar tagen geht das Fenster aufmachen in Mozila so langsam und lädt immer...
Archiv
Du betrachtest: Seit ein paar tagen geht das Fenster aufmachen in Mozila so langsam und lädt immer auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.