Zurück   Trojaner-Board > Malware entfernen > Antiviren-, Firewall- und andere Schutzprogramme

Antiviren-, Firewall- und andere Schutzprogramme: Microsoft Security Essentials scannt nicht mehr

Windows 7 Sämtliche Fragen zur Bedienung von Firewalls, Anti-Viren Programmen, Anti Malware und Anti Trojaner Software sind hier richtig. Dies ist ein Diskussionsforum für Sicherheitslösungen für Windows Rechner. Benötigst du Hilfe beim Trojaner entfernen oder weil du dir einen Virus eingefangen hast, erstelle ein Thema in den oberen Bereinigungsforen.

Antwort
Alt 04.05.2013, 16:16   #16
blawa
 
Microsoft Security Essentials scannt nicht mehr - Standard

Microsoft Security Essentials scannt nicht mehr



Soo:

JRT
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.3 (04.29.2013:2)
OS: Windows 7 Home Premium x64
Ran by blawa on 04.05.2013 at 16:25:45,50
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\apnupdater
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} 
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} 



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\genericasktoolbar.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\conduit.engine
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dttoolbar.toolbandobj
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dttoolbar.toolbandobj.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\features\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\products\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\sweetim_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\sweetim_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\sweetpacksupdatemanager_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\sweetpacksupdatemanager_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\Toolbar.CT2851647
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{D9D5C728-36EA-40FF-BD8A-DB0A2767DDED}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} 
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} 
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} 
Successfully deleted: [Registry Key] "hkey_current_user\software\apn" 
Successfully deleted: [Registry Key] "hkey_current_user\software\appdatalow\software\asktoolbar" 
Successfully deleted: [Registry Key] "hkey_current_user\software\ask.com" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\apn" 
Successfully deleted: [Registry Key] "hkey_local_machine\software\asktoolbar" 



~~~ Files

Successfully deleted: [File] "C:\end"
Successfully deleted: [File] "C:\Windows\syswow64\conduitengine.tmp"



~~~ Folders

Successfully deleted: [Folder] "C:\Users\blawa\AppData\Roaming\toolplugin"
Successfully deleted: [Folder] "C:\Users\blawa\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\blawa\appdata\locallow\boost_interprocess"
Successfully deleted: [Folder] "C:\Users\blawa\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\daemon tools toolbar"
Successfully deleted: [Folder] "C:\ProgramData\ask" 
Successfully deleted: [Folder] "C:\Users\blawa\appdata\locallow\asktoolbar" 
Successfully deleted: [Folder] "C:\Program Files (x86)\ask.com" 
Successfully deleted: [Folder] "C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}" 



~~~ FireFox

Successfully deleted: [File] C:\Users\blawa\AppData\Roaming\mozilla\firefox\profiles\n18ln615.default\user.js
Successfully deleted: [File] C:\Users\blawa\AppData\Roaming\mozilla\firefox\profiles\n18ln615.default\extensions\{eee6c361-6118-11dc-9c72-001320c79847}.xpi
Successfully deleted: [File] C:\Users\blawa\AppData\Roaming\mozilla\firefox\profiles\n18ln615.default\searchplugins\askcom.xml
Successfully deleted: [File] C:\Users\blawa\AppData\Roaming\mozilla\firefox\profiles\n18ln615.default\searchplugins\sweetim.xml
Successfully deleted: [Folder] C:\Users\blawa\AppData\Roaming\mozilla\firefox\profiles\n18ln615.default\extensions\toolbar@ask.com
Successfully deleted the following from C:\Users\blawa\AppData\Roaming\mozilla\firefox\profiles\n18ln615.default\prefs.js

user_pref("browser.search.defaultengine", "Ask.com");
user_pref("browser.search.order.1", "Ask.com");
user_pref("extensions.asktb.ff-original-keyword-url", "");
Emptied folder: C:\Users\blawa\AppData\Roaming\mozilla\firefox\profiles\n18ln615.default\minidumps [111 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04.05.2013 at 16:48:54,17
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
adw
Code:
ATTFilter
# AdwCleaner v2.300 - Datei am 04/05/2013 um 17:03:33 erstellt
# Aktualisiert am 28/04/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : blawa - BLAWA-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\blawa\Downloads\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Program Files (x86)\mozilla firefox\searchplugins\Search the web.src
Datei Gelöscht : C:\Users\blawa\AppData\Roaming\Mozilla\Firefox\Profiles\n18ln615.default\searchplugins\daemon-search.xml
Ordner Gelöscht : C:\Program Files (x86)\uTorrentBar_DE
Ordner Gelöscht : C:\Users\blawa\AppData\Local\APN
Ordner Gelöscht : C:\Users\blawa\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\blawa\AppData\LocalLow\uTorrentBar_DE

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\uTorrentBar_DE
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2E61BEA4-D5C3-443E-92B7-672B0E36D5FE}
Schlüssel Gelöscht : HKLM\Software\uTorrentBar_DE
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2E61BEA4-D5C3-443E-92B7-672B0E36D5FE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{87386E38-57AD-4625-891E-22C4C0BAD7C3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A1D675A5-F64A-490F-A8EA-B8FE867E738E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\toolplugin
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar_DE Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2}]
Wert Gelöscht : HKLM\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist [1]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16476

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v20.0.1 (de)

Datei : C:\Users\blawa\AppData\Roaming\Mozilla\Firefox\Profiles\n18ln615.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v [Version kann nicht ermittelt werden]

Datei : C:\Users\blawa\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S1].txt - [5135 octets] - [04/05/2013 17:03:33]

########## EOF - C:\AdwCleaner[S1].txt - [5195 octets] ##########
         

OTL hängt sich leider auf ...

Alt 04.05.2013, 16:28   #17
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Microsoft Security Essentials scannt nicht mehr - Standard

Microsoft Security Essentials scannt nicht mehr



Rechner neu starten, OTL nochmal probieren
__________________

__________________

Alt 04.05.2013, 17:01   #18
blawa
 
Microsoft Security Essentials scannt nicht mehr - Standard

Microsoft Security Essentials scannt nicht mehr



Ok ich hab jetzt den QuickScan gemacht - hoffe das reicht:

Code:
ATTFilter
OTL logfile created on: 04.05.2013 17:29:39 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\blawa\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
5,99 Gb Total Physical Memory | 3,37 Gb Available Physical Memory | 56,25% Memory free
11,98 Gb Paging File | 8,62 Gb Available in Paging File | 71,97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1387,39 Gb Total Space | 721,63 Gb Free Space | 52,01% Space Free | Partition Type: NTFS
Drive F: | 621,85 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 299,62 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: BLAWA-PC | User Name: blawa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\blawa\Downloads\OTL(2).exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe ()
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files (x86)\AlienRespawn\Components\DSUpdate\DSUpd.exe (SoftThinks - Dell)
PRC - C:\Program Files (x86)\AlienRespawn\COMPONENTS\SCHEDULER\STSERVICE.EXE ()
PRC - C:\Program Files (x86)\AlienRespawn\sftservice.EXE (SoftThinks SAS)
PRC - C:\Programme\Alienware\Command Center\AWCCApplicationWatcher32.exe (Alienware)
PRC - C:\Programme\Alienware\Command Center\AlienwareAlienFXController.exe (Alienware Corporation)
PRC - C:\Programme\Alienware\Command Center\AlienFusionController.exe ()
PRC - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - c:\Programme\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe (Broadcom Corporation.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\2024a7339aa5ad2712d239d454d3c355\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\cbb7db665b3ba25a931258eb702527f5\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\9fe8c27f7d33440089db00fa170f95f9\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\e99728014e52a3a04bf7933c64be8d6a\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\f28a346ae10e2eec581608f591cf7116\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\8983c040161b34c64474f195bff5e2de\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\8167f7d08668a5859e76aa9a1124a42f\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\806c4ba7d696ab586ffd774a31f1a66b\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\08bebcf66ad666dfdf2a4a934d79c0f9\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d884c684ee3f738a60e3c50dd5d88caa\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\5dbabea688adfc665e3453561736699a\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\cb72ac8478a5ea7e2d570bb710ecb1c1\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b83993cc955262507c8ead67567c8060\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\df418085cedae9fa2efee87e20a419a4\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\c41a7a0a68540e43d10389646e84e3d1\System.Numerics.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\60c214b6ad5691e368a16ec65d127c27\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\SplitMediaLabs\XSplit\swresample-0.dll ()
MOD - C:\Program Files (x86)\SplitMediaLabs\XSplit\avcodec-54.dll ()
MOD - C:\Program Files (x86)\SplitMediaLabs\XSplit\avformat-54.dll ()
MOD - C:\Program Files (x86)\SplitMediaLabs\XSplit\swscale-2.dll ()
MOD - C:\Program Files (x86)\SplitMediaLabs\XSplit\avutil-51.dll ()
MOD - C:\Programme\TortoiseSVN\bin\libsasl32.dll ()
MOD - C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe ()
MOD - C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Program Files (x86)\AlienRespawn\COMPONENTS\SCHEDULER\STSERVICE.EXE ()
MOD - C:\Programme\Alienware\Command Center\AlienFusionController.exe ()
MOD - c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()
MOD - C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (BEService) -- C:\Program Files (x86)\Common Files\BattlEye\BEService.exe ()
SRV - (HiPatchService) -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe (Hi-Rez Studios)
SRV - (NisSrv) -- c:\Programme\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- c:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (FLEXnet Licensing Service 64) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.)
SRV - (Guard.Mail.ru) -- C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe ()
SRV - (MSSQL$SQLEXPRESS) -- c:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (SQLWriter) -- c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
SRV - (SQLAgent$SQLEXPRESS) -- c:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE (Microsoft Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (SftService) -- C:\Program Files (x86)\AlienRespawn\sftservice.EXE (SoftThinks SAS)
SRV - (AlienFusionService) -- C:\Programme\Alienware\Command Center\AlienFusionService.exe (Alienware)
SRV - (RoxWatch12) -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe (Sonic Solutions)
SRV - (RoxMediaDB12OEM) -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe (Sonic Solutions)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (BPowMon) -- C:\Programme\Broadcom\BPowMon\BPowMon.exe (Broadcom Corp.)
SRV - (wlidsvc) -- c:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (MSSQLServerADHelper100) -- c:\Programme\Microsoft SQL Server\100\Shared\sqladhlp.exe (Microsoft Corporation)
SRV - (btwdins) -- c:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (vmm) -- C:\Windows\SysNative\Treiber\VMM.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (RsFx0105) -- C:\Windows\SysNative\drivers\RsFx0105.sys (Microsoft Corporation)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (AWOPFilterDriver) -- C:\Windows\SysNative\drivers\AWOPFilterDriver.sys ()
DRV:64bit: - (JRAID) -- C:\Windows\SysNative\drivers\jraid.sys (JMicron Technology Corp.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (mio) -- C:\Windows\SysNative\drivers\mio.sys (Dell/Alienware)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (k57nd60a) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV:64bit: - (SI3132) -- C:\Windows\SysNative\drivers\SI3132.sys (Silicon Image, Inc)
DRV:64bit: - (SiFilter) -- C:\Windows\SysNative\drivers\SiWinAcc.sys (Silicon Image, Inc)
DRV:64bit: - (SiRemFil) -- C:\Windows\SysNative\drivers\SiRemFil.sys (Silicon Image, Inc)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (VPCNetS2) -- C:\Windows\SysNative\drivers\VMNetSrv.sys (Microsoft Corporation)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-2209728477-714789964-3075794624-1000\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-2209728477-714789964-3075794624-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "google.at"
FF - prefs.js..extensions.enabledAddons: %7B23fcfd51-4958-4f00-80a3-ae97e717ed8b%7D:2.1.2.145
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.102.0: C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.02.25 18:40:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.12 01:30:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.04.12 01:29:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.12 01:30:08 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.04.12 01:29:51 | 000,000,000 | ---D | M]
 
[2011.07.07 19:04:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\blawa\AppData\Roaming\mozilla\Extensions
[2013.05.04 16:28:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\blawa\AppData\Roaming\mozilla\Firefox\Profiles\n18ln615.default\extensions
[2013.03.17 22:05:45 | 000,021,579 | ---- | M] () (No name found) -- C:\Users\blawa\AppData\Roaming\mozilla\firefox\profiles\n18ln615.default\extensions\leethax@leethax.net.xpi
[2013.02.17 16:36:19 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\blawa\AppData\Roaming\mozilla\firefox\profiles\n18ln615.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.04.12 01:29:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.04.12 01:29:51 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.02.25 18:40:35 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2013.04.12 01:30:08 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.09.13 15:06:46 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.13 15:06:46 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.09.13 15:06:46 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.09.13 15:06:46 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.09.13 15:06:46 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.09.13 15:06:46 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
 
O1 HOSTS File: ([2013.05.04 15:45:05 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [Command Center Controllers] C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe (Microsoft)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RunDLLEntry_EptMon] C:\Windows\SysNative\EptMon64.DLL (Creative Technology Ltd.)
O4:64bit: - HKLM..\Run: [RunDLLEntry_THXCfg] C:\Windows\SysNative\THXCfg64.DLL (Creative Technology Ltd.)
O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Guard.Mail.ru.gui] C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
O4 - HKLM..\Run: [THX Audio Control Panel] C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKU\S-1-5-21-2209728477-714789964-3075794624-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-2209728477-714789964-3075794624-1000..\Run: [EAUpdater] C:\Users\blawa\AppData\Roaming\EA\ea_updater.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2209728477-714789964-3075794624-1000..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - Startup: C:\Users\blawa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2209728477-714789964-3075794624-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2209728477-714789964-3075794624-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - c:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - c:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{90456561-14A2-458A-9C08-2EE9CD27CE06}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ADC455F9-F27A-46AA-9B8E-26D4D7BEACF8}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.03.06 13:14:23 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2001.09.27 05:31:38 | 000,045,056 | R--- | M] () - F:\AUTORUN.EXE -- [ CDFS ]
O32 - AutoRun File - [2001.09.27 05:31:38 | 000,007,358 | R--- | M] () - F:\AUTORUN.ICO -- [ CDFS ]
O32 - AutoRun File - [2001.09.27 06:07:36 | 000,000,047 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2002.06.04 02:57:28 | 000,000,057 | R--- | M] () - G:\AutoRun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.05.04 16:27:24 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.05.04 16:25:44 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.05.04 16:25:38 | 000,000,000 | ---D | C] -- C:\JRT
[2013.05.04 15:47:21 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.05.03 16:01:01 | 000,000,000 | ---D | C] -- C:\Users\blawa\Desktop\mbar
[2013.04.29 22:51:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.04.29 22:51:54 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.04.29 22:51:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.04.29 02:48:33 | 000,000,000 | ---D | C] -- C:\Users\blawa\AppData\Local\SplitMediaLabs
[2013.04.29 02:48:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
[2013.04.29 02:48:06 | 000,000,000 | ---D | C] -- C:\ProgramData\SplitMediaLabs
[2013.04.29 02:48:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SplitMediaLabs
[2013.04.29 02:47:32 | 000,000,000 | ---D | C] -- C:\Users\blawa\AppData\Roaming\SplitMediaLabs
[2013.04.26 10:55:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013.04.21 15:10:15 | 000,000,000 | ---D | C] -- C:\Users\blawa\Desktop\Dino
[2013.04.18 16:17:18 | 000,000,000 | ---D | C] -- C:\Users\blawa\Documents\My Kindle Content
[2013.04.18 16:17:12 | 000,000,000 | ---D | C] -- C:\Users\blawa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
[2013.04.18 16:17:06 | 000,000,000 | ---D | C] -- C:\Users\blawa\AppData\Local\Amazon
[2013.04.16 12:59:03 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2
[2013.04.16 12:58:52 | 000,000,000 | ---D | C] -- C:\Users\blawa\AppData\Local\Programs
[2013.04.15 21:27:56 | 000,000,000 | ---D | C] -- C:\Users\blawa\Desktop\FTB
[2013.04.15 21:27:39 | 000,000,000 | ---D | C] -- C:\Users\blawa\AppData\Roaming\ftblauncher
[2013.04.15 20:57:13 | 000,000,000 | ---D | C] -- C:\Users\blawa\Desktop\Neuer Ordner
[2013.04.15 20:56:29 | 000,000,000 | ---D | C] -- C:\Users\blawa\Desktop\backup
[2013.04.12 01:29:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.04.07 18:37:05 | 000,000,000 | ---D | C] -- C:\Users\blawa\Desktop\Archive
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.05.04 17:40:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.05.04 17:29:39 | 000,000,394 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2013.05.04 17:14:05 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.05.04 17:14:05 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.05.04 17:11:13 | 001,800,066 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.05.04 17:11:13 | 000,764,706 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.05.04 17:11:13 | 000,719,022 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.05.04 17:11:13 | 000,174,132 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.05.04 17:11:13 | 000,147,044 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.05.04 17:06:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.05.04 17:06:39 | 529,711,103 | -HS- | M] () -- C:\hiberfil.sys
[2013.05.04 15:45:05 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013.05.04 02:38:59 | 000,000,512 | ---- | M] () -- C:\Users\blawa\Desktop\MBR.dat
[2013.05.01 11:04:11 | 000,370,816 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.04.29 22:51:59 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.04.26 10:52:52 | 000,000,536 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2013.04.18 17:20:33 | 000,028,462 | ---- | M] () -- C:\Users\blawa\D3.jpg
[2013.04.18 16:17:12 | 000,002,231 | ---- | M] () -- C:\Users\blawa\Desktop\Kindle.lnk
[2013.04.14 03:42:42 | 000,009,729 | ---- | M] () -- C:\Users\blawa\Desktop\Mats.ods
[2013.04.07 18:35:56 | 002,110,466 | ---- | M] () -- C:\Users\blawa\Desktop\Archive.zip
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.05.04 02:38:59 | 000,000,512 | ---- | C] () -- C:\Users\blawa\Desktop\MBR.dat
[2013.04.29 22:51:59 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.04.18 17:20:33 | 000,028,462 | ---- | C] () -- C:\Users\blawa\D3.jpg
[2013.04.18 16:17:12 | 000,002,231 | ---- | C] () -- C:\Users\blawa\Desktop\Kindle.lnk
[2013.04.16 12:59:36 | 000,000,894 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
[2013.04.12 15:25:00 | 000,009,729 | ---- | C] () -- C:\Users\blawa\Desktop\Mats.ods
[2013.04.01 01:48:23 | 000,002,343 | ---- | C] () -- C:\Users\blawa\test.jpeg
[2013.04.01 01:46:56 | 000,248,543 | ---- | C] () -- C:\Users\blawa\strange.jpg
[2013.02.08 22:47:33 | 000,217,088 | ---- | C] () -- C:\Windows\SysWow64\libmySQL.dll
[2013.02.08 22:47:33 | 000,102,400 | ---- | C] () -- C:\Windows\SysWow64\TrackerNET.dll
[2013.02.08 22:46:37 | 000,000,080 | ---- | C] () -- C:\Windows\sierra.ini
[2012.06.24 17:36:51 | 000,016,559 | ---- | C] () -- C:\Users\blawa\Sims_Abgabe.rar
[2012.06.24 01:12:19 | 000,000,769 | ---- | C] () -- C:\Users\blawa\SciTE.session
[2012.06.19 14:02:17 | 003,123,272 | R--- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012.05.13 21:38:35 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.05.13 21:38:35 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.05.13 21:38:35 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.05.13 21:38:35 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.05.13 21:38:35 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.03.13 13:28:14 | 000,002,161 | ---- | C] () -- C:\Users\blawa\Vector3.java
[2012.02.21 13:10:15 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2012.02.21 13:10:15 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2012.02.21 13:10:15 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2012.02.21 13:01:02 | 000,039,237 | ---- | C] () -- C:\Windows\DIIUnin.dat
[2012.02.18 19:10:19 | 000,000,889 | ---- | C] () -- C:\Windows\eReg.dat
[2011.11.30 17:32:36 | 000,002,180 | ---- | C] () -- C:\Users\blawa\UE2_2.m
[2011.11.30 17:19:08 | 000,000,394 | ---- | C] () -- C:\Users\blawa\euler_rot.m
[2011.11.29 17:46:00 | 000,000,181 | ---- | C] () -- C:\Users\blawa\kreis_z.m
[2011.11.29 17:45:33 | 000,000,183 | ---- | C] () -- C:\Users\blawa\kreis_y.m
[2011.11.29 17:43:45 | 000,000,338 | ---- | C] () -- C:\Users\blawa\UE2_5.m
[2011.11.29 17:39:32 | 000,000,185 | ---- | C] () -- C:\Users\blawa\kreis_x.m
[2011.11.20 18:13:11 | 000,000,218 | ---- | C] () -- C:\Users\blawa\.recently-used.xbel
[2011.11.17 14:10:13 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.11.17 14:10:12 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.09.11 18:48:24 | 000,000,000 | ---- | C] () -- C:\Users\blawa\jagex_runescape_preferences.dat
[2011.08.06 02:12:08 | 000,000,040 | ---- | C] () -- C:\ProgramData\ra3.ini
[2011.07.08 15:40:44 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2011.07.08 14:34:05 | 000,032,829 | ---- | C] () -- C:\Windows\scunin.dat
[2011.07.02 13:33:53 | 000,001,264 | ---- | C] () -- C:\Windows\THXCfg_SP_APOIM.ini
[2011.07.02 13:33:53 | 000,001,247 | ---- | C] () -- C:\Windows\THXCfg_HP_APOIM.ini
[2011.07.02 13:33:53 | 000,001,247 | ---- | C] () -- C:\Windows\THXCfg_APOIM.ini
[2011.07.02 13:33:52 | 000,177,664 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2011.07.02 13:33:52 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013.04.01 02:12:33 | 000,000,000 | ---D | M] -- C:\Users\blawa\AppData\Roaming\.minecraft
[2013.04.15 20:58:07 | 000,000,000 | ---D | M] -- C:\Users\blawa\AppData\Roaming\.technic
[2012.05.13 18:59:41 | 000,000,000 | ---D | M] -- C:\Users\blawa\AppData\Roaming\Audacity
[2012.03.06 13:48:06 | 000,000,000 | ---D | M] -- C:\Users\blawa\AppData\Roaming\Autodesk
[2011.07.24 00:13:18 | 000,000,000 | ---D | M] -- C:\Users\blawa\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2011.07.08 14:33:10 | 000,000,000 | ---D | M] -- C:\Users\blawa\AppData\Roaming\DAEMON Tools Lite
[2012.03.30 18:22:26 | 000,000,000 | ---D | M] -- C:\Users\blawa\AppData\Roaming\e-academy Inc
[2011.12.24 00:20:17 | 000,000,000 | ---D | M] -- C:\Users\blawa\AppData\Roaming\EA
[2013.03.02 17:41:56 | 000,000,000 | ---D | M] -- C:\Users\blawa\AppData\Roaming\Fatshark
[2012.01.21 20:29:05 | 000,000,000 | ---D | M] -- C:\Users\blawa\AppData\Roaming\FileZilla
[2011.09.15 21:38:23 | 000,000,000 | ---D | M] -- C:\Users\blawa\AppData\Roaming\FOG Downloader
[2013.04.15 21:28:14 | 000,000,000 | ---D | M] -- C:\Users\blawa\AppData\Roaming\ftblauncher
[2011.11.20 18:12:18 | 000,000,000 | ---D | M] -- C:\Users\blawa\AppData\Roaming\gtk-2.0
[2013.01.20 15:30:29 | 000,000,000 | ---D | M] -- C:\Users\blawa\AppData\Roaming\HandBrake
[2012.10.31 21:55:54 | 000,000,000 | ---D | M] -- C:\Users\blawa\AppData\Roaming\HLSW
[2012.06.14 17:45:55 | 000,000,000 | ---D | M] -- C:\Users\blawa\AppData\Roaming\ICQ
[2011.08.02 17:28:14 | 000,000,000 | ---D | M] -- C:\Users\blawa\AppData\Roaming\Meine Der Herr der Ringe™, Aufstieg des Hexenkönigs™-Dateien
[2011.08.02 17:44:23 | 000,000,000 | ---D | M] -- C:\Users\blawa\AppData\Roaming\Meine Die Schlacht um Mittelerde™ II-Dateien
[2012.11.23 13:58:12 | 000,000,000 | ---D | M] -- C:\Users\blawa\AppData\Roaming\Mumble
[2013.01.19 11:45:08 | 000,000,000 | ---D | M] -- C:\Users\blawa\AppData\Roaming\Notepad++
[2011.10.23 14:13:11 | 000,000,000 | ---D | M] -- C:\Users\blawa\AppData\Roaming\OpenOffice.org
[2013.02.21 23:45:17 | 000,000,000 | ---D | M] -- C:\Users\blawa\AppData\Roaming\Origin
[2013.01.04 23:55:03 | 000,000,000 | ---D | M] -- C:\Users\blawa\AppData\Roaming\Play withSIX
[2011.08.06 02:27:24 | 000,000,000 | ---D | M] -- C:\Users\blawa\AppData\Roaming\Red Alert 3
[2012.08.16 11:51:40 | 000,000,000 | ---D | M] -- C:\Users\blawa\AppData\Roaming\six-zsync
[2013.04.29 02:47:32 | 000,000,000 | ---D | M] -- C:\Users\blawa\AppData\Roaming\SplitMediaLabs
[2012.05.05 15:30:59 | 000,000,000 | ---D | M] -- C:\Users\blawa\AppData\Roaming\Subversion
[2012.03.10 13:28:41 | 000,000,000 | ---D | M] -- C:\Users\blawa\AppData\Roaming\TestApp
[2012.11.23 14:44:09 | 000,000,000 | ---D | M] -- C:\Users\blawa\AppData\Roaming\Theta
[2013.05.03 19:14:15 | 000,000,000 | ---D | M] -- C:\Users\blawa\AppData\Roaming\TS3Client
[2012.11.09 19:16:14 | 000,000,000 | ---D | M] -- C:\Users\blawa\AppData\Roaming\Ubisoft
[2013.04.27 20:58:56 | 000,000,000 | ---D | M] -- C:\Users\blawa\AppData\Roaming\uTorrent
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:DFC5A2B2

< End of report >
         
__________________

Alt 04.05.2013, 22:08   #19
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Microsoft Security Essentials scannt nicht mehr - Standard

Microsoft Security Essentials scannt nicht mehr



Fixen mit OTL

  • Starte bitte die OTL.exe.
  • Kopiere nun den Inhalt aus der Codebox in die Textbox.
Code:
ATTFilter
:OTL
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:DFC5A2B2
:Files
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[resethosts]
         
  • Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
  • Schließe bitte nun alle Programme.
  • Klicke nun bitte auf den Fix Button.
  • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
  • Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
    ( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
    Kopiere nun den Inhalt hier in Deinen Thread
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 05.05.2013, 12:15   #20
blawa
 
Microsoft Security Essentials scannt nicht mehr - Standard

Microsoft Security Essentials scannt nicht mehr



Hallo,

hier der Log:
Code:
ATTFilter
All processes killed
========== OTL ==========
ADS C:\ProgramData\TEMP:430C6D84 deleted successfully.
ADS C:\ProgramData\TEMP:DFC5A2B2 deleted successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\blawa\Downloads\cmd.bat deleted successfully.
C:\Users\blawa\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: blawa
->Temp folder emptied: 1093635 bytes
->Temporary Internet Files folder emptied: 24714373 bytes
->Java cache emptied: 13179 bytes
->FireFox cache emptied: 83925898 bytes
->Flash cache emptied: 122317 bytes
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Public
->Temp folder emptied: 0 bytes
 
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 155648 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 26498 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50434 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 751 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 105,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.69.0 log created on 05052013_131104

Files\Folders moved on Reboot...
C:\Users\blawa\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
         
Könntest du mir evtl noch sagen was da genau los war?


Alt 06.05.2013, 08:45   #21
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Microsoft Security Essentials scannt nicht mehr - Standard

Microsoft Security Essentials scannt nicht mehr



Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Vollscan mit Malwarebytes - denk bitte vorher daran, Malwarebytes über den Updatebutton zu aktualisieren

Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
--> Microsoft Security Essentials scannt nicht mehr

Alt 08.05.2013, 19:30   #22
blawa
 
Microsoft Security Essentials scannt nicht mehr - Standard

Microsoft Security Essentials scannt nicht mehr



So alles beendet, Eset hat nichts gefunden aber auch kein Logfile hinterlassen ...

Alt 08.05.2013, 22:47   #23
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Microsoft Security Essentials scannt nicht mehr - Standard

Microsoft Security Essentials scannt nicht mehr



Kann nicht sein. Das wurde in der bebilderten Anleitung beschrieben. Und das Log von MBAM fehlt auch
__________________
Logfiles bitte immer in CODE-Tags posten

Antwort

Themen zu Microsoft Security Essentials scannt nicht mehr
control, datei, desktop, einfach, essen, essentials, heute, lösung, microsoft, microsoft security essentials, nicht mehr, probleme, scan, scann, scannt, security, security essentials, wallpaper



Ähnliche Themen: Microsoft Security Essentials scannt nicht mehr


  1. Microsoft Security Essentials lässt sich nicht mehr aktivieren.
    Plagegeister aller Art und deren Bekämpfung - 15.11.2015 (43)
  2. Microsoft Security Essentials Einstellungen
    Antiviren-, Firewall- und andere Schutzprogramme - 07.04.2014 (12)
  3. Microsoft Security Essentials
    Antiviren-, Firewall- und andere Schutzprogramme - 06.01.2014 (4)
  4. Windows 7 : Sicherheitscenter bleibt deaktiviert , Microsoft Security Essentials kann nicht gestartet werden
    Log-Analyse und Auswertung - 04.09.2013 (21)
  5. Microsoft Security Essentials gesperrt/nicht mehr vorhanden
    Alles rund um Windows - 29.06.2013 (3)
  6. Google Weiterleitung auf unerwünschte Seiten, Microsoft Security Essentials und Windows Defender funktionieren nicht
    Plagegeister aller Art und deren Bekämpfung - 11.05.2013 (10)
  7. Google leitet mich auf falsche Webseiten + Microsoft Security Essentials lässt sich nicht mehr starten
    Plagegeister aller Art und deren Bekämpfung - 30.01.2013 (18)
  8. Microsoft Security Essentials kann nicht gestartet werden - Win7 64bit Pro
    Alles rund um Windows - 24.09.2012 (10)
  9. Firewall Fehlercode 0x80070424,Microsoft Security Essentials deaktiviert,kann nicht gestartet werden
    Plagegeister aller Art und deren Bekämpfung - 11.07.2012 (1)
  10. Microsoft Security Essentials
    Antiviren-, Firewall- und andere Schutzprogramme - 03.11.2011 (1)
  11. Microsoft Security Essentials + Threatfire
    Antiviren-, Firewall- und andere Schutzprogramme - 22.10.2011 (2)
  12. Microsoft Security Essentials Alert
    Plagegeister aller Art und deren Bekämpfung - 03.03.2011 (16)
  13. Microsoft Security Essentials
    Antiviren-, Firewall- und andere Schutzprogramme - 05.02.2011 (76)
  14. Microsoft Security Essentials Alert
    Plagegeister aller Art und deren Bekämpfung - 15.10.2010 (9)
  15. Microsoft Security Essentials Alert - rkill lässt sich nicht starten
    Plagegeister aller Art und deren Bekämpfung - 25.09.2010 (1)
  16. Microsoft Security Essentials Alert
    Plagegeister aller Art und deren Bekämpfung - 24.09.2010 (27)
  17. Betaversion von Microsoft Security Essentials 2
    Nachrichten - 24.07.2010 (0)

Zum Thema Microsoft Security Essentials scannt nicht mehr - Soo: JRT Code: Alles auswählen Aufklappen ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 4.9.3 (04.29.2013:2) OS: Windows 7 Home Premium x64 Ran by blawa on 04.05.2013 at 16:25:45,50 - Microsoft Security Essentials scannt nicht mehr...
Archiv
Du betrachtest: Microsoft Security Essentials scannt nicht mehr auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.