| |
| |||||||
Log-Analyse und Auswertung: Firefox und Opera fragen sporadisch nach Zertifikaten.Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
28.03.2012, 23:26
| #1 |
| |  Firefox und Opera fragen sporadisch nach Zertifikaten. Guten Abend, ich habe folgendes Problem und zwar behaupten meine Browser Firefox und Opera, dass z.B. google.de oder msn.de abgelaufene Zertifikate benutzen und ich diese Webseiten als "Ausnahme" einstellen soll. Irgendwie kommt mir das spanisch vor und ich vermute einen Trojaner oder sowas... .DDS Logfile: Code:
ATTFilter DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_30
Run by home at 0:02:07 on 2012-03-29
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.49.1031.18.8175.6072 [GMT 2:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
D:\Programme\Sandbox\SbieSvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\QipGuard\QipGuard.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Hotspot Shield\bin\openvpntray.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
D:\Programme\Sandbox\SbieCtrl.exe
C:\Program Files (x86)\BlueStacks\HD-Agent.exe
C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\XFastUsb\XFastUsb.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
C:\Program Files (x86)\ROCCAT\Kone Mouse\KoneHID.EXE
C:\Users\home\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\ROCCAT\Kone Mouse\osd.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://de.ask.com/?l=dis&o=102869&gct=hp
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = 165.193.102.220:80
mSearchAssistant =
uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
mWinlogon: Userinit=userinit.exe
BHO: Octh Class: {000123b4-9b42-4900-b3f7-f4b073efc214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - No File
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID-Anmelde-Hilfsprogramm: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: QIPBHO Class: {95289393-33ea-4f8d-b952-483415b9c955} - C:\Users\home\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: Hotspot Shield Class: {f9e4a054-e9b1-4bc3-83a3-76a1ae736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll
TB: Grab Pro: {c55bbcd6-41ad-48ad-9953-3609c48eacc7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
uRun: [ASRockXTU]
uRun: [zASRockInstantBoot]
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [PlayNC Launcher]
uRun: [Google Update] "C:\Users\home\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Steam] "D:\Games\steam\steam.exe" -silent
uRun: [SandboxieControl] "D:\Programme\Sandbox\SbieCtrl.exe"
uRun: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
uRun: [ManyCam] "C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe" /silent
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRun: [UpgradeHelper] C:\Users\home\AppData\Roaming\Google Inc.\{8A7C7B9B-4F7F-496B-9DED-50738844047D}\UpgradeHelper.exe
uRun: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [XFastUsb] C:\Program Files (x86)\XFastUsb\XFastUsb.exe
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
mRun: [Kone] "C:\Program Files (x86)\ROCCAT\Kone Mouse\KoneHID.EXE"
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
mRun: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
mRun: [<NO NAME>]
mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
StartupFolder: C:\Users\home\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\home\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AMLDEV~1.LNK - C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/204
IE: An OneNote s&enden - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/202
IE: Nach Microsoft E&xcel exportieren - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.178.1
TCP: Interfaces\{1A0C9458-3D2D-4E9A-9736-CB81D5401609} : DhcpNameServer = 192.168.42.129
TCP: Interfaces\{90F4C2C9-B4FD-48C7-A423-54E4C6ABA4F2} : NameServer = 193.189.244.225 193.189.244.206
TCP: Interfaces\{913EE7C8-3A6A-42B9-9C7A-2A7FA74E7E64} : DhcpNameServer = 193.189.244.225 193.189.244.206
TCP: Interfaces\{9D75991B-8956-47F1-A15E-C524CF14E564} : DhcpNameServer = 10.76.96.1
TCP: Interfaces\{B5D7555E-A199-42C5-BDF0-58AFB3A0118A} : DhcpNameServer = 192.168.178.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
{000123B4-9B42-4900-B3F7-F4B073EFC214}
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
BHO-X64: {1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - No File
{53707962-6F74-2D53-2644-206D7942484F}
{72853161-30C5-4D22-B7F9-0BBC1D38A37E}
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{95289393-33EA-4F8D-B952-483415B9C955}
{B4F3A835-0E21-4959-BA22-42B3008E02FF}
{D4027C7F-154A-4066-A1AD-4243D8127440}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
{C55BBCD6-41AD-48AD-9953-3609C48EACC7}
{D4027C7F-154A-4066-A1AD-4243D8127440}
mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun-x64: [XFastUsb] C:\Program Files (x86)\XFastUsb\XFastUsb.exe
mRun-x64: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun-x64: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
mRun-x64: [Kone] "C:\Program Files (x86)\ROCCAT\Kone Mouse\KoneHID.EXE"
mRun-x64: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
mRun-x64: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
mRun-x64: [(Standard)]
mRun-x64: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
IE-X64: {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe
SEH-X64: {B5A7F190-DDA6-4420-B3BA-52453494E6CD}: Groove GFS Stub Execution Hook
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\home\AppData\Roaming\Mozilla\Firefox\Profiles\waxx7txo.default\
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Veetle\Player\npvlc.dll
FF - plugin: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
FF - plugin: C:\Users\home\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Users\home\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\home\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R1 AsrAppCharger;AsrAppCharger;C:\Windows\system32\DRIVERS\AsrAppCharger.sys --> C:\Windows\system32\DRIVERS\AsrAppCharger.sys [?]
R1 FNETURPX;FNETURPX;C:\Windows\system32\drivers\FNETURPX.SYS --> C:\Windows\system32\drivers\FNETURPX.SYS [?]
R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 AntiVirSchedulerService;Avira AntiVir Planer;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-7-6 136360]
R2 AntiVirService;Avira AntiVir Guard;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2011-7-6 269480]
R2 avgntflt;avgntflt;C:\Windows\system32\DRIVERS\avgntflt.sys --> C:\Windows\system32\DRIVERS\avgntflt.sys [?]
R2 BstHdDrv;BlueStacks Hypervisor;C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2011-11-23 70496]
R2 Fabs;FABS - Helping agent for MAGIX media database;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-8-27 1253376]
R2 hshld;Hotspot Shield Service;C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe [2012-1-6 331608]
R2 HssWd;Hotspot Shield Monitoring Service;C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe -product HSS --> C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe -product HSS [?]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-6-3 13336]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-3-28 652360]
R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-3-31 80896]
R2 QipGuard;QipGuard;C:\Program Files (x86)\QipGuard\QipGuard.exe [2011-12-31 191440]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-3-28 1153368]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;C:\Windows\system32\Drivers\EtronHub3.sys --> C:\Windows\system32\Drivers\EtronHub3.sys [?]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;C:\Windows\system32\Drivers\EtronXHCI.sys --> C:\Windows\system32\Drivers\EtronXHCI.sys [?]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;C:\Windows\system32\DRIVERS\ManyCam_x64.sys --> C:\Windows\system32\DRIVERS\ManyCam_x64.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 SbieDrv;SbieDrv;D:\Programme\Sandbox\SbieDrv.sys [2011-10-12 157824]
R3 WSDPrintDevice;WSD-Druckunterstützung durch UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?]
S2 BstHdAndroidSvc;BlueStacks Android Service;C:\Program Files (x86)\BlueStacks\HD-Service.exe [2011-11-23 110944]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update-Dienst (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-6-14 136176]
S3 CGVPNCliSrvc;CyberGhost VPN Client;C:\Program Files\CyberGhost VPN\CGVPNCliService.exe [2012-3-10 2430128]
S3 ewusbnet;HUAWEI USB-NDIS miniport;C:\Windows\system32\DRIVERS\ewusbnet.sys --> C:\Windows\system32\DRIVERS\ewusbnet.sys [?]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-8-7 3276800]
S3 FNETTBOH_305;FNETTBOH_305;C:\Windows\system32\drivers\FNETTBOH_305.SYS --> C:\Windows\system32\drivers\FNETTBOH_305.SYS [?]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2011-6-3 130976]
S3 gupdatem;Google Update-Dienst (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-6-14 136176]
S3 HTCAND64;HTC Device Driver;C:\Windows\system32\Drivers\ANDROIDUSB.sys --> C:\Windows\system32\Drivers\ANDROIDUSB.sys [?]
S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\system32\DRIVERS\htcnprot.sys --> C:\Windows\system32\DRIVERS\htcnprot.sys [?]
S3 hwusbdev;Huawei DataCard USB PNP Device;C:\Windows\system32\DRIVERS\ewusbdev.sys --> C:\Windows\system32\DRIVERS\ewusbdev.sys [?]
S3 KoneFltr;ROCCAT Kone;C:\Windows\system32\drivers\Kone.sys --> C:\Windows\system32\drivers\Kone.sys [?]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]
S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\Windows\system32\DRIVERS\MijXfilt.sys --> C:\Windows\system32\DRIVERS\MijXfilt.sys [?]
S3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\system32\DRIVERS\netaapl64.sys --> C:\Windows\system32\DRIVERS\netaapl64.sys [?]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
S3 NisSrv;Microsoft-Netzwerkinspektion;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]
S3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des -service --> C:\Windows\system32\GameMon.des -service [?]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
.
=============== Created Last 30 ================
.
2012-03-28 20:45:22 -------- d-----w- C:\Users\home\AppData\Roaming\Malwarebytes
2012-03-28 20:45:17 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-03-28 20:45:17 -------- d-----w- C:\ProgramData\Malwarebytes
2012-03-28 20:45:17 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-03-28 20:02:37 -------- d-----w- C:\Users\home\AppData\Roaming\Windows Desktop Search
2012-03-28 20:02:15 -------- d-----w- C:\Users\home\AppData\Roaming\Google Inc
2012-03-28 19:59:58 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2012-03-28 19:59:58 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2012-03-28 19:47:59 -------- d-----w- C:\Users\home\AppData\Local\{29B6CC2E-446E-4CB9-A748-B3DB33A7FD46}
2012-03-28 19:42:59 8669240 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A86865C0-AC2E-4D03-B04F-6E5BA96EB538}\mpengine.dll
2012-03-28 19:37:35 -------- d-----w- C:\Windows\PCHEALTH
2012-03-27 11:44:12 -------- d-----w- C:\Users\home\AppData\Local\{66A321F4-9294-4344-9856-F458966ADEEB}
2012-03-27 11:44:02 -------- d-----w- C:\Users\home\AppData\Local\{135B37AC-8F62-4B97-843A-37BD47756E94}
2012-03-26 12:52:22 -------- d-----w- C:\Users\home\AppData\Local\{9B0351EA-4806-450C-90C5-48ADAB046C62}
2012-03-26 12:52:02 -------- d-----w- C:\Users\home\AppData\Local\{69091EFF-1A36-4BD2-8CA2-B49FA083652A}
2012-03-25 12:53:16 -------- d-----w- C:\Users\home\AppData\Local\{8EF5A100-3EDF-4807-9200-1FEA8AA0059F}
2012-03-25 12:52:55 -------- d-----w- C:\Users\home\AppData\Local\{4702BFD1-E542-4F96-BFDF-132BDB6D48C9}
2012-03-25 00:52:32 -------- d-----w- C:\Users\home\AppData\Local\{3202B326-202A-4C56-B096-F6CEB5D0118F}
2012-03-25 00:52:11 -------- d-----w- C:\Users\home\AppData\Local\{BB8F8D57-D9B9-4CE9-B045-5024BAB73026}
2012-03-24 12:52:00 -------- d-----w- C:\Users\home\AppData\Local\{E437A1DE-4783-4611-B2A6-40666377F3A2}
2012-03-24 12:51:50 -------- d-----w- C:\Users\home\AppData\Local\{02BF254E-D006-401D-8394-028245F4D841}
2012-03-23 19:30:52 -------- d-----w- C:\Users\home\AppData\Local\{A06A8D4E-3B3C-4913-B298-919EEC217034}
2012-03-23 19:30:31 -------- d-----w- C:\Users\home\AppData\Local\{601AC868-F77A-4F14-AA2E-25733027956E}
2012-03-23 07:30:08 -------- d-----w- C:\Users\home\AppData\Local\{4BE428F8-B146-4AFA-AFCE-20689299D756}
2012-03-23 07:29:58 -------- d-----w- C:\Users\home\AppData\Local\{6E2A1FC6-654F-469F-A51D-6BC970AAD202}
2012-03-22 14:16:04 -------- d-----w- C:\Users\home\AppData\Local\{5BA6ABD3-8495-4A9A-BDAC-008868CDDC32}
2012-03-22 14:15:54 -------- d-----w- C:\Users\home\AppData\Local\{954B1ACC-3AA8-4F0B-9D92-AE207A772AE4}
2012-03-22 00:18:52 -------- d-----w- C:\Users\home\AppData\Local\{391E8281-38A9-4FCC-B572-2A5ED0CF91FD}
2012-03-22 00:18:30 -------- d-----w- C:\Users\home\AppData\Local\{6B471BB8-1DAF-43EE-9780-5CB49B45BFF6}
2012-03-21 12:18:07 -------- d-----w- C:\Users\home\AppData\Local\{13E7607E-446E-42CA-8E7C-57A0B5FE39A1}
2012-03-21 12:17:58 -------- d-----w- C:\Users\home\AppData\Local\{6FAA7E6E-7BCB-4500-9C5B-960841BB2188}
2012-03-20 23:28:12 -------- d-----w- C:\Users\home\AppData\Local\{66A02FDA-FE8D-43CD-AC97-5989D60060D1}
2012-03-20 23:28:03 -------- d-----w- C:\Users\home\AppData\Local\{D513AE2E-FE59-4F75-A3CB-F51C09123706}
2012-03-20 23:27:53 -------- d-----w- C:\Users\home\AppData\Local\{7D4E264C-0D63-43CA-8303-10CE57B4116C}
2012-03-20 23:27:32 -------- d-----w- C:\Users\home\AppData\Local\{F162FE52-4FCD-40D4-81B7-519B5FCBA17D}
2012-03-20 21:12:20 -------- d-----w- C:\ProgramData\AMD
2012-03-20 21:12:20 -------- d-----w- C:\Program Files (x86)\AMD AVT
2012-03-20 21:12:19 -------- d-----w- C:\Program Files (x86)\AMD APP
2012-03-20 18:17:36 -------- d-----w- C:\Users\home\AppData\Roaming\Utnom
2012-03-20 18:17:36 -------- d-----w- C:\Users\home\AppData\Roaming\Oziwow
2012-03-20 11:27:21 -------- d-----w- C:\Users\home\AppData\Local\{15A583FB-396D-4252-878C-8CB7AA5B5554}
2012-03-20 11:27:12 -------- d-----w- C:\Users\home\AppData\Local\{7C0B29C5-48B5-45AB-998E-3027697B48D5}
2012-03-19 14:18:34 -------- d-----w- C:\Users\home\AppData\Local\{9DCF564C-2F21-4656-9BF0-6CE1A9205402}
2012-03-19 14:18:24 -------- d-----w- C:\Users\home\AppData\Local\{5F5A1626-6077-46DC-BC7B-415480CFF8C6}
2012-03-18 16:16:13 258048 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\hpfppw73.dll
2012-03-18 13:27:02 -------- d-----w- C:\Users\home\AppData\Roaming\DiskAid
2012-03-18 13:26:59 -------- d-----w- C:\Program Files (x86)\DigiDNA
2012-03-18 12:20:01 -------- d-----w- C:\Users\home\AppData\Local\{D1A13F73-7676-47FC-91DD-3378F9104ABF}
2012-03-18 12:19:51 -------- d-----w- C:\Users\home\AppData\Local\{63264308-11F1-48F5-826E-3D4AA01723F7}
2012-03-17 23:49:30 -------- d-----w- C:\Users\home\AppData\Local\{77D583BA-88F3-4877-922B-34C911C47460}
2012-03-17 23:49:09 -------- d-----w- C:\Users\home\AppData\Local\{50021A01-1DA6-49C3-BA88-C01EFBEF47FC}
2012-03-17 11:48:46 -------- d-----w- C:\Users\home\AppData\Local\{88455C9E-2315-463C-9E43-8F64516580B2}
2012-03-17 11:48:36 -------- d-----w- C:\Users\home\AppData\Local\{40D4E908-D0B3-4AD8-B104-A8127F3FFC10}
2012-03-17 00:08:28 -------- d-----w- C:\Users\home\AppData\Local\Opera
2012-03-16 22:25:27 -------- d-----w- C:\Users\home\AppData\Local\{7C686F56-F52F-40DD-B7DE-390100917C91}
2012-03-16 10:25:07 -------- d-----w- C:\Users\home\AppData\Local\{162EDD12-D5A6-442C-82C5-D5A4BC1FF5D4}
2012-03-16 10:24:46 -------- d-----w- C:\Users\home\AppData\Local\{2E34D632-6AA6-4BFB-AFFE-08533D30459C}
2012-03-15 22:24:23 -------- d-----w- C:\Users\home\AppData\Local\{BF70611E-F3AF-4FA4-960C-BCC5CE09C2B1}
2012-03-15 22:24:02 -------- d-----w- C:\Users\home\AppData\Local\{7070CC9B-1C9D-4657-BD1D-D752AADFC666}
2012-03-15 06:36:27 -------- d-----w- C:\Users\home\AppData\Local\{59EA3644-A31A-4060-A0EB-5A6A390DCB78}
2012-03-15 06:36:17 -------- d-----w- C:\Users\home\AppData\Local\{34DB2B28-6BB7-4B72-9170-F9D40094DB19}
2012-03-14 14:19:43 5559152 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-03-14 14:19:42 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-03-14 14:19:42 3913584 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-03-14 12:15:19 3145728 ----a-w- C:\Windows\System32\win32k.sys
2012-03-14 12:15:19 1544192 ----a-w- C:\Windows\System32\DWrite.dll
2012-03-14 12:15:19 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll
2012-03-14 12:14:47 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-03-14 12:14:47 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-03-14 12:14:47 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-03-14 12:14:47 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-03-14 12:14:47 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-03-14 12:14:47 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-03-14 12:14:47 1112064 ----a-w- C:\Windows\System32\rdpcorets.dll
2012-03-14 12:14:47 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-03-14 12:11:42 -------- d-----w- C:\Users\home\AppData\Local\{B8A76CD8-A0A0-44C1-8B0E-75785E6F4BC7}
2012-03-14 12:11:32 -------- d-----w- C:\Users\home\AppData\Local\{CD737A61-0ED8-4454-9513-CAF8AEBD771A}
2012-03-13 14:16:04 -------- d-----w- C:\Users\home\AppData\Local\{A6BE3885-B184-4F2B-9783-7CD5C6F7324F}
2012-03-13 14:15:43 -------- d-----w- C:\Users\home\AppData\Local\{30E417FB-E04D-46FC-A80E-EE0F8FD83089}
2012-03-12 14:29:25 -------- d-----w- C:\Users\home\AppData\Local\{707557CE-1D76-4281-8F95-84D1B3E88211}
2012-03-12 14:29:15 -------- d-----w- C:\Users\home\AppData\Local\{C8F39CD8-8DC5-41DC-9342-FE9329B67677}
2012-03-11 23:03:02 -------- d-----w- C:\Users\home\AppData\Local\{761E705B-7567-4A37-B19A-97ED7F9A5C28}
2012-03-11 23:02:44 -------- d-----w- C:\Users\home\AppData\Local\{989B11A3-20E0-45AE-A5B6-8C23C8402ECF}
2012-03-11 19:36:38 -------- d-----w- C:\Program Files (x86)\pidgin-otr
2012-03-11 11:02:21 -------- d-----w- C:\Users\home\AppData\Local\{D4125962-6B10-49E8-A900-3246D062AC90}
2012-03-11 11:02:11 -------- d-----w- C:\Users\home\AppData\Local\{92E8654E-1BDC-4543-93D5-DBE3D3356E36}
2012-03-10 15:21:42 29696 ----a-w- C:\Windows\System32\drivers\tap0901.sys
2012-03-10 15:21:41 -------- d-----w- C:\Program Files\CyberGhost VPN
2012-03-10 15:07:13 -------- d-----w- C:\Users\home\AppData\Local\{0B661169-FFF5-4D93-92A4-D2DA2BDA2EC5}
2012-03-10 15:07:03 -------- d-----w- C:\Users\home\AppData\Local\{7D3576A6-1FE5-49CE-8B09-010ADFAF8DCC}
2012-03-09 19:13:18 -------- d-----w- C:\Users\home\AppData\Local\{6B30A435-92CF-4D6F-9608-66D7CFFF903E}
2012-03-09 19:13:08 -------- d-----w- C:\Users\home\AppData\Local\{ED1CA00E-E10A-448A-B1F7-4B2416019DA2}
2012-03-09 19:12:59 -------- d-----w- C:\Users\home\AppData\Local\{5DD296A5-296D-4123-AF39-000F7429646D}
2012-03-09 19:12:38 -------- d-----w- C:\Users\home\AppData\Local\{C2CF58C8-27F7-4CB9-9A12-787E9BCF3CEF}
2012-03-09 07:12:15 -------- d-----w- C:\Users\home\AppData\Local\{2E4AF11A-62CA-4ED4-9D6B-C0BAD1F95617}
2012-03-09 07:12:05 -------- d-----w- C:\Users\home\AppData\Local\{F83A6ECC-2B95-4023-8789-F09A47EFD9A6}
2012-03-08 23:22:27 -------- d-----w- C:\Program Files\iPod
2012-03-08 23:22:26 -------- d-----w- C:\Program Files\iTunes
2012-03-08 23:22:26 -------- d-----w- C:\Program Files (x86)\iTunes
2012-03-08 16:50:28 49016 ----a-w- C:\Windows\SysWow64\sirenacm.dll
2012-03-08 14:12:28 -------- d-----w- C:\Users\home\AppData\Local\{80DCD778-ABC2-49A3-B017-145C1A42A38C}
2012-03-08 14:12:17 -------- d-----w- C:\Users\home\AppData\Local\{25530F9D-296A-406E-B178-517F6A050461}
2012-03-08 00:20:47 -------- d-----w- C:\Users\home\AppData\Local\{759858BE-0F23-4177-9275-31EA247ABB89}
2012-03-08 00:20:36 -------- d-----w- C:\Users\home\AppData\Local\{94E16D21-746F-4141-BE9F-D1684CD9DFAD}
2012-03-07 20:00:03 -------- d-----w- C:\ProgramData\CCP
2012-03-07 19:34:45 -------- d-----w- C:\Users\home\AppData\Local\CCP
2012-03-07 16:24:21 -------- d-----w- C:\Program Files (x86)\Gameforge
2012-03-07 12:20:13 -------- d-----w- C:\Users\home\AppData\Local\{65B9FFCC-7A23-4A6A-9BF0-4F7F6D7C3A2A}
2012-03-07 12:20:03 -------- d-----w- C:\Users\home\AppData\Local\{3F00E095-3778-4006-9879-D724640BA657}
2012-03-06 12:08:30 -------- d-----w- C:\Users\home\AppData\Local\{436C021F-0A39-4D71-9F35-3627ECBB8579}
2012-03-06 12:08:21 -------- d-----w- C:\Users\home\AppData\Local\{EB910320-6915-46A4-9604-9450EC5BA0E6}
2012-03-05 20:10:33 -------- d-----w- C:\Users\home\AppData\Local\{50BFCB9F-DDB8-4EC0-8F65-1743F3FA140B}
2012-03-05 20:10:12 -------- d-----w- C:\Users\home\AppData\Local\{B4486BD4-5B9B-4AAD-82CA-9328A5CB62FC}
2012-03-05 07:40:39 -------- d-----w- C:\Users\home\AppData\Local\{A385F8C3-5CF8-4128-B24A-B8B479AECE83}
2012-03-05 07:40:27 -------- d-----w- C:\Users\home\AppData\Local\{EE937100-30E8-458B-A2F7-95A2BD7D32EF}
2012-03-04 15:03:54 -------- d-----w- C:\Users\home\AppData\Local\{85E7CDA6-21D4-4599-8F54-E9A4823A2138}
2012-03-04 15:03:32 -------- d-----w- C:\Users\home\AppData\Local\{7ED35182-B29F-4DB2-A011-77786B1178F5}
2012-03-04 03:03:09 -------- d-----w- C:\Users\home\AppData\Local\{E51263A9-3BA1-48CF-AED6-12777C1DF0C6}
2012-03-04 03:02:51 -------- d-----w- C:\Users\home\AppData\Local\{4278B73A-C077-4937-AE64-C7C2CB3B2097}
2012-03-03 14:57:24 -------- d-----w- C:\Users\home\AppData\Local\{EBF0C8BD-A17E-4263-BC06-B221FDE47339}
2012-03-03 14:57:14 -------- d-----w- C:\Users\home\AppData\Local\{A6CCD878-1F8F-45D0-B6D1-3FE889E59A83}
2012-03-03 14:48:00 -------- d-----w- C:\Users\home\AppData\Local\{1B1938D1-FAF0-4141-BB15-3EB00F815E53}
2012-03-02 19:20:39 -------- d-----w- C:\Users\home\AppData\Local\{782CA924-7697-468A-86AB-D3F76D0C33C9}
2012-03-02 19:20:18 -------- d-----w- C:\Users\home\AppData\Local\{61A677DA-34B0-45E7-8D0C-376FFF31511E}
2012-03-02 07:19:55 -------- d-----w- C:\Users\home\AppData\Local\{4B456DD9-A384-4788-AE3D-849415CF2D43}
2012-03-02 07:19:45 -------- d-----w- C:\Users\home\AppData\Local\{3FB905BE-52B3-4395-86E2-F10F5D8555CF}
2012-03-01 14:08:45 -------- d-----w- C:\Users\home\AppData\Local\{1D14BAE5-12A4-42C2-B700-EB12810F5ECA}
2012-03-01 14:08:35 -------- d-----w- C:\Users\home\AppData\Local\{0C29C5E4-970E-4F93-8D28-16BB56AC16EA}
2012-03-01 00:37:29 -------- d-----w- C:\Users\home\AppData\Local\{6EE30619-C092-489D-A6D6-DF9A867B14AD}
2012-03-01 00:37:19 -------- d-----w- C:\Users\home\AppData\Local\{13781590-5AC5-4BE0-922C-F48C76AF234D}
2012-02-29 19:31:29 -------- d-----w- C:\Program Files (x86)\Ask.com
2012-02-29 19:31:25 -------- d-----w- C:\Users\home\AppData\Local\ManyCam
2012-02-29 19:05:44 -------- d-----w- C:\Program Files\ThinkBuzan
2012-02-29 18:59:17 -------- d-----w- C:\Users\home\.thinkbuzan
2012-02-29 18:59:11 -------- d-----w- C:\ProgramData\ThinkBuzan
2012-02-29 18:59:11 -------- d-----w- C:\ProgramData\JSoft
2012-02-29 18:51:47 -------- d-----w- C:\Program Files (x86)\ThinkBuzan
2012-02-29 12:19:48 -------- d-----w- C:\Users\home\AppData\Local\{A2024235-0825-4A0C-B816-20233D41BEB9}
2012-02-29 12:19:38 -------- d-----w- C:\Users\home\AppData\Local\{A2DA9F80-77EC-4CCB-9B34-66B81B97608F}
2012-02-28 14:25:39 -------- d-----w- C:\Users\home\AppData\Local\{ECACFA59-0C0F-4DA6-B258-3B5E0090CCC7}
2012-02-28 14:25:30 -------- d-----w- C:\Users\home\AppData\Local\{E4B2D56D-5F49-474D-888B-C61B4A20C0B1}
.
==================== Find3M ====================
.
2012-03-03 23:18:52 282864 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2012-03-03 23:18:52 282864 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2012-03-03 23:14:56 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2012-03-02 18:51:34 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-15 10:01:50 52736 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys
2012-02-15 10:01:50 4547944 ----a-w- C:\Windows\System32\usbaaplrc.dll
2012-02-15 03:48:32 10856960 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
2012-02-15 03:21:24 25839104 ----a-w- C:\Windows\System32\atio6axx.dll
2012-02-15 03:18:56 159744 ----a-w- C:\Windows\System32\atiapfxx.exe
2012-02-15 03:18:40 791040 ----a-w- C:\Windows\SysWow64\aticfx32.dll
2012-02-15 03:17:04 957952 ----a-w- C:\Windows\System32\aticfx64.dll
2012-02-15 03:13:56 442368 ----a-w- C:\Windows\System32\ATIDEMGX.dll
2012-02-15 03:13:40 496128 ----a-w- C:\Windows\System32\atieclxx.exe
2012-02-15 03:13:00 235520 ----a-w- C:\Windows\System32\atiesrxx.exe
2012-02-15 03:11:42 120320 ----a-w- C:\Windows\System32\atitmm64.dll
2012-02-15 03:10:58 21504 ----a-w- C:\Windows\System32\atimuixx.dll
2012-02-15 03:10:54 59392 ----a-w- C:\Windows\System32\atiedu64.dll
2012-02-15 03:10:48 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll
2012-02-15 03:07:44 6200320 ----a-w- C:\Windows\SysWow64\atidxx32.dll
2012-02-15 02:58:56 19392000 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2012-02-15 02:52:28 7646208 ----a-w- C:\Windows\System32\atidxx64.dll
2012-02-15 02:41:28 1113088 ----a-w- C:\Windows\System32\atiumd6v.dll
2012-02-15 02:40:54 1828864 ----a-w- C:\Windows\SysWow64\atiumdmv.dll
2012-02-15 02:40:42 4958208 ----a-w- C:\Windows\System32\atiumd6a.dll
2012-02-15 02:34:56 51200 ----a-w- C:\Windows\System32\aticalrt64.dll
2012-02-15 02:34:54 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2012-02-15 02:34:46 44544 ----a-w- C:\Windows\System32\aticalcl64.dll
2012-02-15 02:34:44 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2012-02-15 02:34:36 5954048 ----a-w- C:\Windows\SysWow64\atiumdag.dll
2012-02-15 02:34:30 13859840 ----a-w- C:\Windows\System32\aticaldd64.dll
2012-02-15 02:29:52 5062656 ----a-w- C:\Windows\SysWow64\atiumdva.dll
2012-02-15 02:29:50 11561984 ----a-w- C:\Windows\SysWow64\aticaldd.dll
2012-02-15 02:25:06 7551488 ----a-w- C:\Windows\System32\atiumd64.dll
2012-02-15 02:16:38 58880 ----a-w- C:\Windows\System32\coinst.dll
2012-02-15 02:14:00 512000 ----a-w- C:\Windows\System32\atiadlxx.dll
2012-02-15 02:13:50 356352 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
2012-02-15 02:13:36 17408 ----a-w- C:\Windows\System32\atig6pxx.dll
2012-02-15 02:13:32 14336 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
2012-02-15 02:13:32 14336 ----a-w- C:\Windows\System32\atiglpxx.dll
2012-02-15 02:13:28 39936 ----a-w- C:\Windows\System32\atig6txx.dll
2012-02-15 02:13:20 33280 ----a-w- C:\Windows\SysWow64\atigktxx.dll
2012-02-15 02:13:12 327680 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
2012-02-15 02:12:22 43008 ----a-w- C:\Windows\System32\atiuxp64.dll
2012-02-15 02:12:14 33280 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
2012-02-15 02:12:08 39936 ----a-w- C:\Windows\System32\atiu9p64.dll
2012-02-15 02:12:00 30208 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
2012-02-15 02:11:22 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
2012-02-15 02:11:16 54784 ----a-w- C:\Windows\System32\atimpc64.dll
2012-02-15 02:11:16 54784 ----a-w- C:\Windows\System32\amdpcom64.dll
2012-02-15 02:11:10 53760 ----a-w- C:\Windows\SysWow64\atimpc32.dll
2012-02-15 02:11:10 53760 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
2012-02-14 21:05:32 69632 ----a-w- C:\Windows\System32\OpenVideo64.dll
2012-02-14 21:05:26 59904 ----a-w- C:\Windows\SysWow64\OpenVideo.dll
2012-02-14 21:05:20 61952 ----a-w- C:\Windows\System32\OVDecode64.dll
2012-02-14 21:05:16 54784 ----a-w- C:\Windows\SysWow64\OVDecode.dll
2012-02-14 21:05:08 16507904 ----a-w- C:\Windows\System32\amdocl64.dll
2012-02-14 21:04:26 13238272 ----a-w- C:\Windows\SysWow64\amdocl.dll
2012-02-14 21:03:44 54272 ----a-w- C:\Windows\System32\OpenCL.dll
2012-02-14 21:03:38 48128 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2012-01-31 12:44:20 279656 ------w- C:\Windows\System32\MpSigStub.exe
2012-01-31 05:02:26 21504 ----a-w- C:\Windows\System32\kdbsdk64.dll
2012-01-31 05:00:24 16896 ----a-w- C:\Windows\SysWow64\kdbsdk32.dll
2012-01-05 01:40:23 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2012-01-04 10:44:20 509952 ----a-w- C:\Windows\System32\ntshrui.dll
2012-01-04 08:58:41 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
2011-12-30 06:26:08 515584 ----a-w- C:\Windows\System32\timedate.cpl
2011-12-30 05:27:56 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl
2006-05-03 09:06:54 163328 --sha-r- C:\Windows\SysWOW64\flvDX.dll
2007-02-21 10:47:16 31232 --sha-r- C:\Windows\SysWOW64\msfDX.dll
2008-03-16 12:30:52 216064 --sha-r- C:\Windows\SysWOW64\nbDX.dll
.
============= FINISH: 0:02:19,55 ===============
|
| Themen zu Firefox und Opera fragen sporadisch nach Zertifikaten. |
| acrobat update, adobe, antivir, antivir guard, avira, bluestacks, bonjour, browser, cyberghost, defender, desktop, device driver, document, downloader, explorer, firefox, frage, google earth, home, hotspot, hotspot shield, microsoft security, microsoft security essentials, mozilla, opera, pdf, plug-in, problem, realtek, security, software, svchost.exe, system, trojaner, usb, usb 3.0, windows, zertifikate |
Baum-Darstellung