Mein Compi spinnt und ich kenn mich nicht aus :(

aharonov · 02.06.2013, 19:55

Deinstalliere mal den Firefox über die Systemsteuerung und installiere ihn danach neu von hier.
Klappt der OTL-Scan danach wieder? (Auch wenn er an einem Ort hängen bleibt, lass ihn trotzdem noch 20 Minuten laufen, manchmal geht's dann doch weiter.)

maxima1999 · 03.06.2013, 18:05

Hallo Leo

wir haben Firefox deinstalliert. Aber OTL will nicht. haben 45min gewartet. Dann abgesichert gestartet und da 45min gewartet.

aharonov · 03.06.2013, 18:45

Ja das kommt schon mal vor. Dann nehmen wir halt ein anderes:

Downloade dir bitte Farbar Recovery Scan Tool 32-Bit und speichere es auf den Desktop.

Starte die FRST.exe.
Ändere keine der Voreinstellungen und drücke auf Scan.
Wenn der Scan abgeschlossen ist, werden zwei Logfiles FRST.txt und Addition.txt erstellt und auf dem Desktop gespeichert.
Poste den Inhalt dieser beiden Logfiles bitte hier in deinen Thread.

maxima1999 · 03.06.2013, 19:04

das hat geklappt

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-06-2013 03
Ran by maxi (administrator) on 03-06-2013 19:54:10
Running from C:\Users\maxi\Downloads
Windows Vista (TM) Business Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 7
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
() C:\Windows\System32\WLTRYSVC.EXE
(Dell Inc.) C:\Windows\System32\bcmwltry.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\ConversionService.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
(Dell Inc.) C:\Windows\System32\WLTRAY.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynToshiba.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe [3563520 2009-01-20] (Dell Inc.)
HKLM\...\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4858456 2013-05-02] (AVAST Software)
HKLM\...\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1451304 2009-03-20] (Synaptics Incorporated)
HKCU\...\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [1233920 2008-01-21] (Microsoft Corporation)
HKCU\...\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter [x]

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\maxi\AppData\Roaming\Mozilla\Firefox\Profiles\4anzkmau.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Extension: No Name - C:\Users\maxi\AppData\Roaming\Mozilla\Firefox\Profiles\4anzkmau.default\Extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com
FF Extension: Iminent Minibar - C:\Users\maxi\AppData\Roaming\Mozilla\Firefox\Profiles\4anzkmau.default\Extensions\webbooster@iminent.com
FF Extension: No Name - C:\Users\maxi\AppData\Roaming\Mozilla\Firefox\Profiles\4anzkmau.default\Extensions\{85666217-0676-4273-8b0d-7b6fbc4c6e30}
FF Extension: Value Apps - C:\Users\maxi\AppData\Roaming\Mozilla\Firefox\Profiles\4anzkmau.default\Extensions\{94cd2cc3-083f-49ba-a218-4cda4b4829fd}
FF Extension: No Name - C:\Users\maxi\AppData\Roaming\Mozilla\Firefox\Profiles\4anzkmau.default\Extensions\{C4A4F5A0-4B89-4392-AFAC-D58010E349AF}.xpi

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-02] (AVAST Software)
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [1723744 2012-11-29] (TuneUp Software)
R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [2654208 2009-01-20] (Dell Inc.)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-05-02] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66336 2013-05-02] (AVAST Software)
R1 AswRdr; C:\Windows\System32\Drivers\AswRdr.sys [49760 2013-05-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-05-02] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [765736 2013-05-02] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [368944 2013-05-02] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-05-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [174664 2013-05-02] ()
R3 BCM42RLY; C:\Windows\System32\drivers\BCM42RLY.sys [18424 2009-01-20] (Broadcom Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [10088 2012-11-16] (TuneUp Software)
S3 catchme; \??\C:\Users\maxi\AppData\Local\Temp\catchme.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-22 23:46 - 2011-06-26 08:45 - 00256000 ____A C:\Windows\PEV.exe
2013-09-22 23:46 - 2010-11-07 19:20 - 00208896 ____A C:\Windows\MBR.exe
2013-09-22 23:46 - 2009-04-20 06:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2013-09-22 23:46 - 2000-08-31 02:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2013-09-22 23:46 - 2000-08-31 02:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2013-09-22 23:46 - 2000-08-31 02:00 - 00098816 ____A C:\Windows\sed.exe
2013-09-22 23:46 - 2000-08-31 02:00 - 00080412 ____A C:\Windows\grep.exe
2013-09-22 23:46 - 2000-08-31 02:00 - 00068096 ____A C:\Windows\zip.exe
2013-09-22 23:03 - 2013-09-23 00:26 - 00000000 ____D C:\Windows\erdnt
2013-09-22 23:00 - 2013-09-22 23:01 - 05076415 ___RA (Swearware) C:\Users\maxi\Desktop\ComboFix.exe
2013-09-22 22:46 - 2013-09-22 22:48 - 00078386 ____A C:\AdwCleaner[S1].txt
2013-09-22 22:46 - 2013-09-22 22:48 - 00000093 ____A C:\Windows\DeleteOnReboot.bat
2013-09-22 22:35 - 2013-09-22 22:35 - 00632031 ____A C:\Users\maxi\Desktop\adwcleaner.exe
2013-09-21 20:41 - 2013-09-21 20:41 - 00602112 ____A (OldTimer Tools) C:\Users\maxi\Desktop\OTL.exe
2013-09-21 20:32 - 2013-09-21 20:32 - 00000000 ____D C:\Users\installit\AppData\Roaming\TuneUp Software
2013-09-21 11:21 - 2013-09-21 11:21 - 00000000 ____D C:\Users\installit\AppData\Roaming\Adobe
2013-06-03 19:54 - 2013-06-03 19:54 - 00000000 ____D C:\FRST
2013-06-03 19:53 - 2013-06-03 19:53 - 01356197 ____A (Farbar) C:\Users\maxi\Downloads\FRST.exe
2013-06-03 19:32 - 2013-06-03 19:32 - 00000848 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-06-03 19:32 - 2013-06-03 19:32 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-06-02 20:25 - 2013-06-02 20:25 - 00000000 ____A C:\Users\maxi\Desktop\Neues Textdokument.txt
2013-06-02 20:13 - 2013-06-02 20:13 - 00000000 ____D C:\_OTL
2013-06-02 17:10 - 2013-06-02 17:30 - 00011426 ____A C:\Users\maxi\Downloads\SystemLook.txt
2013-06-02 17:10 - 2013-06-02 17:10 - 00139264 ____A C:\Users\maxi\Downloads\SystemLook.exe
2013-06-02 16:21 - 2013-06-02 16:21 - 00015085 ____A C:\ComboFix.txt
2013-06-02 16:03 - 2013-06-02 16:21 - 00000000 ____D C:\ComboFix
2013-06-01 00:16 - 2013-06-01 00:16 - 00000804 ____A C:\Users\maxi\Desktop\PDF Architect.lnk
2013-06-01 00:16 - 2013-06-01 00:16 - 00000000 ____D C:\Users\maxi\Documents\PDF Architect Files
2013-06-01 00:15 - 2013-06-01 00:16 - 00000000 ____D C:\Program Files\PDF Architect
2013-06-01 00:14 - 2013-06-01 00:19 - 00000000 ____D C:\Program Files\PDFCreator
2013-06-01 00:14 - 2013-06-01 00:14 - 00000830 ____A C:\Users\Public\Desktop\PDFCreator.lnk
2013-06-01 00:14 - 2013-04-09 15:13 - 00095416 ____A (pdfforge GmbH) C:\Windows\System32\pdfcmon.dll
2013-06-01 00:14 - 2013-01-09 15:52 - 01070152 ____A (Microsoft Corporation) C:\Windows\System32\MSCOMCTL.OCX
2013-06-01 00:14 - 2012-05-05 11:54 - 00662288 ____A (Microsoft Corporation) C:\Windows\System32\MSCOMCT2.OCX
2013-06-01 00:14 - 2012-05-05 11:54 - 00137000 ____A (Microsoft Corporation) C:\Windows\System32\MSMAPI32.OCX
2013-06-01 00:14 - 2012-05-05 11:54 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\MSMPIDE.DLL
2013-06-01 00:14 - 1998-07-06 18:56 - 00125712 ____A (Microsoft Corporation) C:\Windows\System32\VB6DE.DLL
2013-06-01 00:14 - 1998-07-06 18:55 - 00158208 ____A (Microsoft Corporation) C:\Windows\System32\MSCMCDE.DLL
2013-06-01 00:14 - 1998-07-06 18:55 - 00064512 ____A (Microsoft Corporation) C:\Windows\System32\MSCC2DE.DLL
2013-05-31 23:52 - 2013-09-22 23:38 - 00000000 ____D C:\Program Files\SaferSurf
2013-05-31 23:52 - 2013-05-31 23:52 - 00000000 ____D C:\ProgramData\Nutzwerk
2013-05-31 23:24 - 2013-05-31 23:24 - 03715248 ____A (Speedchecker Limited                                        ) C:\Users\maxi\Documents\PCSUUpdate.exe
2013-05-31 23:23 - 2013-05-31 23:23 - 00055088 ____A C:\Users\maxi\Documents\PCSU_Update.exe
2013-05-31 23:21 - 2013-05-31 23:21 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-05-31 23:18 - 2013-05-31 23:18 - 00001871 ____A C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2013-05-31 23:18 - 2013-05-31 23:18 - 00001867 ____A C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk
2013-05-31 23:18 - 2013-05-31 23:18 - 00000000 ____D C:\Users\maxi\AppData\Roaming\TuneUp Software
2013-05-31 23:18 - 2013-05-31 23:18 - 00000000 ____D C:\Program Files\TuneUp Utilities 2013
2013-05-31 23:18 - 2012-11-29 16:06 - 00031584 ____A (TuneUp Software) C:\Windows\System32\TURegOpt.exe
2013-05-31 23:18 - 2012-11-29 16:06 - 00021344 ____A (TuneUp Software) C:\Windows\System32\authuitu.dll
2013-05-31 23:17 - 2013-05-31 23:18 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-05-31 23:17 - 2013-05-31 23:17 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-05-31 23:08 - 2013-05-31 23:09 - 00977816 ____A (Conduit) C:\Users\maxi\Downloads\FileConverter_1.3.exe
2013-05-31 22:29 - 2013-05-31 22:29 - 00000000 ____D C:\Users\maxi\AppData\Roaming\player
2013-05-31 22:29 - 2013-05-31 22:29 - 00000000 ____D C:\Program Files\Tuguu SL
2013-05-31 22:28 - 2013-09-22 22:46 - 00000000 ____D C:\Program Files\Desk 365
2013-05-31 22:07 - 2013-09-22 22:40 - 00000000 ____D C:\Users\maxi\AppData\Roaming\Ysirh
2013-05-31 22:07 - 2013-09-21 10:50 - 00000000 ____D C:\Users\maxi\AppData\Roaming\Nora
2013-05-31 22:06 - 2013-05-31 22:06 - 00000611 ____A C:\Windows\System32\InstallUtil.InstallLog
2013-05-31 22:00 - 2013-06-03 19:24 - 00001182 ____A C:\Windows\Tasks\Plus-HD-2.6-updater.job
2013-05-31 21:59 - 2013-06-03 19:24 - 00001806 ____A C:\Windows\Tasks\Plus-HD-2.6-firefoxinstaller.job
2013-05-31 21:59 - 2013-06-03 19:24 - 00001186 ____A C:\Windows\Tasks\Plus-HD-2.6-codedownloader.job
2013-05-31 21:59 - 2013-06-03 19:24 - 00001086 ____A C:\Windows\Tasks\Plus-HD-2.6-enabler.job
2013-05-31 21:59 - 2013-05-31 22:00 - 00000000 ____D C:\Program Files\Plus-HD-2.6
2013-05-31 21:57 - 2013-05-31 21:59 - 04808816 ____A (Bflyya) C:\Users\maxi\Desktop\plus-hd-2-6.exe
2013-05-31 21:42 - 2013-05-31 21:42 - 00000000 ____D C:\Users\maxi\AppData\Roaming\FL_SIM_P4_DEMO_D
2013-05-31 21:38 - 2013-05-31 21:41 - 00000000 ____D C:\Program Files\Didactic
2013-05-31 21:36 - 2013-05-31 21:37 - 08050019 ____A C:\Users\maxi\Downloads\fluidsim-4-2-es-win.exe
2013-05-31 21:36 - 2013-05-31 21:36 - 00601144 ____A C:\Users\maxi\Downloads\fluidsim-4-2-es-en-fr-de-win-setup.exe
2013-05-31 21:34 - 2013-05-31 21:35 - 07844767 ____A C:\Users\maxi\Downloads\demo049p4.exe
2013-05-31 21:20 - 2013-05-31 21:20 - 00028797 ____A C:\installer_debug.txt
2013-05-31 21:19 - 2013-05-31 21:42 - 00000000 ____D C:\Users\maxi\.LOGOComfort7.0
2013-05-31 21:19 - 2013-05-31 21:19 - 00000000 ___HD C:\Program Files\Zero G Registry
2013-05-31 21:19 - 2013-05-31 21:19 - 00000000 ____D C:\Program Files\Siemens
2013-05-31 21:18 - 2013-05-31 21:18 - 00000000 ___HD C:\Users\maxi\InstallAnywhere
2013-05-31 21:18 - 2013-05-31 21:18 - 00000000 ____D C:\tmp
2013-05-24 09:26 - 2013-06-03 19:32 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-05-24 00:37 - 2013-05-24 00:43 - 00000000 ____D C:\Users\maxi\Desktop\Movie2k
2013-05-19 21:04 - 2013-05-19 21:04 - 00377856 ____A C:\Users\maxi\Downloads\gmer_2.1.19163.exe
2013-05-19 20:30 - 2013-05-19 20:30 - 00026237 ____A C:\Users\maxi\test.txt
2013-05-19 20:30 - 2013-05-19 20:30 - 00026237 ____A C:\Users\maxi\test.tcx
2013-05-11 00:49 - 2010-09-20 11:25 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\msshsq.dll
2013-05-11 00:17 - 2013-05-11 00:17 - 00000000 ____D C:\Users\maxi\AppData\Roaming\Macromedia
2013-05-11 00:17 - 2013-05-11 00:17 - 00000000 ____D C:\Users\maxi\AppData\Roaming\Adobe
2013-05-11 00:17 - 2013-05-11 00:17 - 00000000 ____D C:\Users\maxi\AppData\Local\Macromedia
2013-05-11 00:16 - 2013-06-02 20:11 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-05-11 00:16 - 2013-05-31 22:15 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-05-11 00:16 - 2013-05-31 22:15 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-05-11 00:16 - 2013-05-11 00:16 - 00000000 ____D C:\Windows\System32\Macromed
2013-05-11 00:12 - 2013-05-11 00:17 - 00000000 ____D C:\ProgramData\Adobe
2013-05-09 23:16 - 2013-05-09 23:16 - 00000000 ____D C:\Windows\System32\WindowsPowerShell
2013-05-09 23:05 - 2013-05-09 23:05 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_SynTP_01007.Wdf
2013-05-09 23:05 - 2013-05-09 23:05 - 00000000 ____D C:\Program Files\Synaptics
2013-05-09 23:04 - 2013-05-09 23:04 - 00000000 ____D C:\Windows\System32\x64
2013-05-09 23:04 - 2008-02-11 20:13 - 00920088 ____A (Intel® Corporation) C:\Windows\System32\igxpun.exe
2013-05-09 23:04 - 2006-11-10 16:25 - 00319456 ____A (Microsoft Corporation) C:\Windows\System32\difxapi.dll
2013-05-09 23:02 - 2008-05-27 07:21 - 01582592 ____A (Microsoft Corporation) C:\Windows\System32\tquery.dll
2013-05-09 23:02 - 2008-05-27 07:21 - 01418240 ____A (Microsoft Corporation) C:\Windows\System32\mssrch.dll
2013-05-09 23:02 - 2008-05-27 07:18 - 00670208 ____A (Microsoft Corporation) C:\Windows\System32\mssvp.dll
2013-05-09 23:02 - 2008-05-27 07:18 - 00439808 ____A (Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
2013-05-09 23:02 - 2008-05-27 07:18 - 00350208 ____A (Microsoft Corporation) C:\Windows\System32\mssph.dll
2013-05-09 23:02 - 2008-05-27 07:18 - 00203776 ____A (Microsoft Corporation) C:\Windows\System32\mssphtb.dll
2013-05-09 23:02 - 2008-05-27 07:18 - 00184832 ____A (Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe
2013-05-09 23:02 - 2008-05-27 07:18 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\nlhtml.dll
2013-05-09 23:02 - 2008-05-27 07:18 - 00071680 ____A (Microsoft Corporation) C:\Windows\System32\propdefs.dll
2013-05-09 23:02 - 2008-05-27 07:18 - 00056320 ____A (Microsoft Corporation) C:\Windows\System32\xmlfilter.dll
2013-05-09 23:02 - 2008-05-27 07:18 - 00044032 ____A (Microsoft Corporation) C:\Windows\System32\msstrc.dll
2013-05-09 23:02 - 2008-05-27 07:18 - 00040448 ____A (Microsoft Corporation) C:\Windows\System32\mimefilt.dll
2013-05-09 23:02 - 2008-05-27 07:18 - 00038400 ____A (Microsoft Corporation) C:\Windows\System32\rtffilt.dll
2013-05-09 23:02 - 2008-05-27 07:18 - 00029184 ____A (Microsoft Corporation) C:\Windows\System32\wsepno.dll
2013-05-09 23:02 - 2008-05-27 07:17 - 06103040 ____A (Microsoft Corporation) C:\Windows\System32\chtbrkr.dll
2013-05-09 23:02 - 2008-05-27 07:17 - 01671680 ____A (Microsoft Corporation) C:\Windows\System32\chsbrkr.dll
2013-05-09 23:02 - 2008-05-27 07:17 - 00754176 ____A (Microsoft Corporation) C:\Windows\System32\propsys.dll
2013-05-09 23:02 - 2008-05-27 07:17 - 00313344 ____A (Microsoft Corporation) C:\Windows\System32\thawbrkr.dll
2013-05-09 23:02 - 2008-05-27 07:17 - 00301568 ____A (Microsoft Corporation) C:\Windows\System32\srchadmin.dll
2013-05-09 23:02 - 2008-05-27 07:17 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\offfilt.dll
2013-05-09 23:02 - 2008-05-27 07:17 - 00143872 ____A (Microsoft Corporation) C:\Windows\System32\korwbrkr.dll
2013-05-09 23:02 - 2008-05-27 07:17 - 00087552 ____A (Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe
2013-05-09 23:02 - 2008-05-27 07:17 - 00087552 ____A (Microsoft Corporation) C:\Windows\System32\mssitlb.dll
2013-05-09 23:02 - 2008-05-27 07:17 - 00060416 ____A (Microsoft Corporation) C:\Windows\System32\msscntrs.dll
2013-05-09 23:02 - 2008-05-27 07:17 - 00034816 ____A (Microsoft Corporation) C:\Windows\System32\msscb.dll
2013-05-09 23:02 - 2008-05-27 07:17 - 00032768 ____A (Microsoft Corporation) C:\Windows\System32\mssprxy.dll
2013-05-09 23:02 - 2008-05-27 07:17 - 00011776 ____A (Microsoft Corporation) C:\Windows\System32\msshooks.dll
2013-05-09 23:02 - 2008-05-27 06:59 - 00106605 ____A C:\Windows\System32\StructuredQuerySchema.bin
2013-05-09 23:02 - 2008-05-27 06:59 - 00018904 ____A C:\Windows\System32\StructuredQuerySchemaTrivial.bin
2013-05-09 23:02 - 2007-11-08 11:04 - 11967524 ____A C:\Windows\System32\korwbrkr.lex
2013-05-09 23:00 - 2009-06-04 01:56 - 00675152 ____A (Microsoft Corporation) C:\Windows\System32\gpprefcl.dll
2013-05-09 22:56 - 2009-10-09 23:56 - 01181696 ____A (Microsoft Corporation) C:\Windows\System32\WsmSvc.dll
2013-05-09 22:56 - 2009-10-09 23:56 - 00246272 ____A (Microsoft Corporation) C:\Windows\System32\WSManHTTPConfig.exe
2013-05-09 22:56 - 2009-10-09 23:56 - 00241152 ____A (Microsoft Corporation) C:\Windows\System32\winrscmd.dll
2013-05-09 22:56 - 2009-10-09 23:56 - 00214016 ____A (Microsoft Corporation) C:\Windows\System32\WsmWmiPl.dll
2013-05-09 22:56 - 2009-10-09 23:56 - 00145408 ____A (Microsoft Corporation) C:\Windows\System32\WsmAuto.dll
2013-05-09 22:56 - 2009-10-09 23:56 - 00041472 ____A (Microsoft Corporation) C:\Windows\System32\pwrshplugin.dll
2013-05-09 22:56 - 2009-10-09 23:56 - 00040448 ____A (Microsoft Corporation) C:\Windows\System32\winrs.exe
2013-05-09 22:56 - 2009-10-09 23:56 - 00020480 ____A (Microsoft Corporation) C:\Windows\System32\winrshost.exe
2013-05-09 22:56 - 2009-10-09 23:56 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\wsmprovhost.exe
2013-05-09 22:56 - 2009-10-09 23:56 - 00010240 ____A (Microsoft Corporation) C:\Windows\System32\wsmplpxy.dll
2013-05-09 22:56 - 2009-10-09 23:56 - 00010240 ____A (Microsoft Corporation) C:\Windows\System32\winrssrv.dll
2013-05-09 22:56 - 2009-10-09 23:56 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\winrsmgr.dll
2013-05-09 22:56 - 2009-10-09 23:55 - 00252416 ____A (Microsoft Corporation) C:\Windows\System32\WSManMigrationPlugin.dll
2013-05-09 22:56 - 2009-10-09 23:55 - 00146944 ____A (Microsoft Corporation) C:\Windows\System32\wecsvc.dll
2013-05-09 22:56 - 2009-10-09 23:55 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\wevtfwd.dll
2013-05-09 22:56 - 2009-10-09 23:55 - 00079872 ____A (Microsoft Corporation) C:\Windows\System32\wecutil.exe
2013-05-09 22:56 - 2009-10-09 23:55 - 00056320 ____A (Microsoft Corporation) C:\Windows\System32\wecapi.dll
2013-05-09 22:56 - 2009-10-09 23:55 - 00054272 ____A (Microsoft Corporation) C:\Windows\System32\WsmRes.dll
2013-05-09 22:56 - 2009-08-01 08:27 - 00201184 ____A C:\Windows\System32\winrm.vbs
2013-05-09 22:56 - 2009-07-16 19:30 - 00004675 ____A C:\Windows\System32\wsmanconfig_schema.xml
2013-05-09 22:56 - 2009-07-16 19:30 - 00002426 ____A C:\Windows\System32\WsmTxt.xsl
2013-05-09 22:52 - 2013-05-09 22:52 - 00000908 ____A C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-05-09 22:52 - 2013-05-09 22:52 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-05-09 22:52 - 2013-05-09 22:52 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-05-09 22:52 - 2013-04-04 14:50 - 00022856 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-05-09 22:44 - 2011-03-03 16:56 - 00028672 ____A (Microsoft Corporation) C:\Windows\System32\Apphlpdm.dll
2013-05-09 22:44 - 2011-03-03 15:01 - 04240384 ____A (Microsoft) C:\Windows\System32\GameUXLegacyGDFs.dll
2013-05-09 22:44 - 2010-01-25 14:48 - 00472576 ____A (Microsoft Corporation) C:\Windows\System32\secproc_isv.dll
2013-05-09 22:44 - 2010-01-25 14:48 - 00472064 ____A (Microsoft Corporation) C:\Windows\System32\secproc.dll
2013-05-09 22:44 - 2010-01-25 14:48 - 00151040 ____A (Microsoft Corporation) C:\Windows\System32\secproc_ssp_isv.dll
2013-05-09 22:44 - 2010-01-25 14:48 - 00151040 ____A (Microsoft Corporation) C:\Windows\System32\secproc_ssp.dll
2013-05-09 22:44 - 2010-01-25 14:45 - 00329216 ____A (Microsoft Corporation) C:\Windows\System32\msdrm.dll
2013-05-09 22:44 - 2010-01-25 10:35 - 00523776 ____A (Microsoft Corporation) C:\Windows\System32\RMActivate_isv.exe
2013-05-09 22:44 - 2010-01-25 10:35 - 00346624 ____A (Microsoft Corporation) C:\Windows\System32\RMActivate_ssp_isv.exe
2013-05-09 22:44 - 2010-01-25 10:34 - 00511488 ____A (Microsoft Corporation) C:\Windows\System32\RMActivate.exe
2013-05-09 22:44 - 2010-01-25 10:34 - 00347136 ____A (Microsoft Corporation) C:\Windows\System32\RMActivate_ssp.exe
2013-05-09 22:44 - 2008-03-08 06:21 - 01695744 ____A (Microsoft Corporation) C:\Windows\System32\gameux.dll
2013-05-09 22:43 - 2009-10-23 19:42 - 00714240 ____A (Microsoft Corporation) C:\Windows\System32\timedate.cpl
2013-05-09 22:43 - 2008-10-22 05:57 - 00241152 ____A (Microsoft Corporation) C:\Windows\System32\PortableDeviceApi.dll
2013-05-09 22:43 - 2008-09-18 06:56 - 00147456 ____A (Microsoft Corporation) C:\Windows\System32\Faultrep.dll
2013-05-09 22:43 - 2008-09-18 06:56 - 00125952 ____A (Microsoft Corporation) C:\Windows\System32\wersvc.dll
2013-05-09 22:43 - 2008-08-28 05:40 - 00712704 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-05-09 22:43 - 2008-08-28 05:40 - 00425472 ____A (Microsoft Corporation) C:\Windows\System32\PhotoMetadataHandler.dll
2013-05-09 22:43 - 2008-08-28 05:40 - 00347136 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-05-09 22:42 - 2011-04-12 16:53 - 00890368 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2013-05-09 22:42 - 2009-09-10 17:21 - 00310784 ____A (Microsoft Corporation) C:\Windows\System32\unregmp2.exe
2013-05-09 22:41 - 2013-05-09 22:48 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\installit\Downloads\mbam-setup-1.75.0.1300.exe
2013-05-09 22:39 - 2008-10-21 07:25 - 01645568 ____A (Microsoft Corporation) C:\Windows\System32\connect.dll
2013-05-09 22:34 - 2013-05-09 22:34 - 00000000 ____D C:\Users\installit\AppData\Roaming\Mozilla
2013-05-09 22:34 - 2013-05-09 22:34 - 00000000 ____D C:\Users\installit\AppData\Local\Mozilla
2013-05-09 22:29 - 2013-09-21 11:21 - 00049168 ____A C:\Users\installit\AppData\Local\GDIPFONTCACHEV1.DAT
2013-05-09 22:29 - 2013-05-09 22:29 - 00000680 ____A C:\Users\installit\AppData\Local\d3d9caps.dat
2013-05-09 22:29 - 2013-05-09 22:29 - 00000000 ____D C:\Users\installit\AppData\Local\VirtualStore
2013-05-09 22:28 - 2013-05-09 22:28 - 00002010 ____A C:\Windows\IE9_main.log
2013-05-09 22:15 - 2013-05-09 22:18 - 18733360 ____A (Microsoft Corporation) C:\Users\maxi\Downloads\1_E_9_1E9DE3C7-0C84-41C8-BBED-997EB0C98CCA_IE9-WindowsVista-x86-deu.exe
2013-05-05 20:38 - 2013-05-05 20:38 - 00000000 ____D C:\Users\maxi\AppData\Roaming\Mozilla
2013-05-05 20:38 - 2013-05-05 20:38 - 00000000 ____D C:\Users\maxi\AppData\Local\Mozilla
2013-05-05 20:38 - 2013-05-05 20:38 - 00000000 ____D C:\ProgramData\Mozilla
2013-05-05 20:37 - 2013-05-05 20:38 - 20900984 ____A (Mozilla) C:\Users\maxi\Downloads\Firefox Setup 20.0.1.exe
2013-05-05 20:31 - 2013-05-05 20:32 - 01226888 ____A C:\Users\maxi\Downloads\Firefox_Setup_20.0.exe

==================== One Month Modified Files and Folders ========

2013-09-23 00:28 - 2006-11-02 13:18 - 00000000 __RHD C:\users\Default
2013-09-23 00:28 - 2006-11-02 13:18 - 00000000 ___RD C:\users\Public
2013-09-23 00:26 - 2013-09-22 23:03 - 00000000 ____D C:\Windows\erdnt
2013-09-22 23:38 - 2013-05-31 23:52 - 00000000 ____D C:\Program Files\SaferSurf
2013-09-22 23:01 - 2013-09-22 23:00 - 05076415 ___RA (Swearware) C:\Users\maxi\Desktop\ComboFix.exe
2013-09-22 22:48 - 2013-09-22 22:46 - 00078386 ____A C:\AdwCleaner[S1].txt
2013-09-22 22:48 - 2013-09-22 22:46 - 00000093 ____A C:\Windows\DeleteOnReboot.bat
2013-09-22 22:46 - 2013-05-31 22:28 - 00000000 ____D C:\Program Files\Desk 365
2013-09-22 22:40 - 2013-05-31 22:07 - 00000000 ____D C:\Users\maxi\AppData\Roaming\Ysirh
2013-09-22 22:38 - 2013-03-10 01:08 - 00000418 ___AH C:\Windows\Tasks\User_Feed_Synchronization-{DF2D5CE6-4659-4400-AE0D-E5B0C25B24E6}.job
2013-09-22 22:35 - 2013-09-22 22:35 - 00632031 ____A C:\Users\maxi\Desktop\adwcleaner.exe
2013-09-21 20:41 - 2013-09-21 20:41 - 00602112 ____A (OldTimer Tools) C:\Users\maxi\Desktop\OTL.exe
2013-09-21 20:32 - 2013-09-21 20:32 - 00000000 ____D C:\Users\installit\AppData\Roaming\TuneUp Software
2013-09-21 11:21 - 2013-09-21 11:21 - 00000000 ____D C:\Users\installit\AppData\Roaming\Adobe
2013-09-21 11:21 - 2013-05-09 22:29 - 00049168 ____A C:\Users\installit\AppData\Local\GDIPFONTCACHEV1.DAT
2013-09-21 10:50 - 2013-05-31 22:07 - 00000000 ____D C:\Users\maxi\AppData\Roaming\Nora
2013-06-03 19:54 - 2013-06-03 19:54 - 00000000 ____D C:\FRST
2013-06-03 19:53 - 2013-06-03 19:53 - 01356197 ____A (Farbar) C:\Users\maxi\Downloads\FRST.exe
2013-06-03 19:32 - 2013-06-03 19:32 - 00000848 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-06-03 19:32 - 2013-06-03 19:32 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-06-03 19:32 - 2013-05-24 09:26 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-06-03 19:26 - 2008-01-21 03:39 - 01385857 ____A C:\Windows\WindowsUpdate.log
2013-06-03 19:24 - 2013-05-31 22:00 - 00001182 ____A C:\Windows\Tasks\Plus-HD-2.6-updater.job
2013-06-03 19:24 - 2013-05-31 21:59 - 00001806 ____A C:\Windows\Tasks\Plus-HD-2.6-firefoxinstaller.job
2013-06-03 19:24 - 2013-05-31 21:59 - 00001186 ____A C:\Windows\Tasks\Plus-HD-2.6-codedownloader.job
2013-06-03 19:24 - 2013-05-31 21:59 - 00001086 ____A C:\Windows\Tasks\Plus-HD-2.6-enabler.job
2013-06-03 19:23 - 2006-11-02 15:01 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-03 19:23 - 2006-11-02 14:47 - 00003616 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-03 19:23 - 2006-11-02 14:47 - 00003616 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-03 18:51 - 2006-11-02 15:00 - 00015240 ____A C:\Windows\PFRO.log
2013-06-03 18:50 - 2006-11-02 15:01 - 00015022 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-06-02 20:25 - 2013-06-02 20:25 - 00000000 ____A C:\Users\maxi\Desktop\Neues Textdokument.txt
2013-06-02 20:13 - 2013-06-02 20:13 - 00000000 ____D C:\_OTL
2013-06-02 20:11 - 2013-05-11 00:16 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-02 18:40 - 2013-03-31 22:33 - 00000000 ____D C:\Users\maxi\AppData\Local\Apps\2.0
2013-06-02 17:30 - 2013-06-02 17:10 - 00011426 ____A C:\Users\maxi\Downloads\SystemLook.txt
2013-06-02 17:10 - 2013-06-02 17:10 - 00139264 ____A C:\Users\maxi\Downloads\SystemLook.exe
2013-06-02 16:21 - 2013-06-02 16:21 - 00015085 ____A C:\ComboFix.txt
2013-06-02 16:21 - 2013-06-02 16:03 - 00000000 ____D C:\ComboFix
2013-06-02 16:21 - 2013-02-24 18:48 - 00000000 ____D C:\Qoobox
2013-06-02 16:18 - 2006-11-02 12:23 - 00000215 ____A C:\Windows\system.ini
2013-06-01 00:19 - 2013-06-01 00:14 - 00000000 ____D C:\Program Files\PDFCreator
2013-06-01 00:16 - 2013-06-01 00:16 - 00000804 ____A C:\Users\maxi\Desktop\PDF Architect.lnk
2013-06-01 00:16 - 2013-06-01 00:16 - 00000000 ____D C:\Users\maxi\Documents\PDF Architect Files
2013-06-01 00:16 - 2013-06-01 00:15 - 00000000 ____D C:\Program Files\PDF Architect
2013-06-01 00:14 - 2013-06-01 00:14 - 00000830 ____A C:\Users\Public\Desktop\PDFCreator.lnk
2013-05-31 23:52 - 2013-05-31 23:52 - 00000000 ____D C:\ProgramData\Nutzwerk
2013-05-31 23:24 - 2013-05-31 23:24 - 03715248 ____A (Speedchecker Limited                                        ) C:\Users\maxi\Documents\PCSUUpdate.exe
2013-05-31 23:23 - 2013-05-31 23:23 - 00055088 ____A C:\Users\maxi\Documents\PCSU_Update.exe
2013-05-31 23:21 - 2013-05-31 23:21 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-05-31 23:18 - 2013-05-31 23:18 - 00001871 ____A C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2013-05-31 23:18 - 2013-05-31 23:18 - 00001867 ____A C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk
2013-05-31 23:18 - 2013-05-31 23:18 - 00000000 ____D C:\Users\maxi\AppData\Roaming\TuneUp Software
2013-05-31 23:18 - 2013-05-31 23:18 - 00000000 ____D C:\Program Files\TuneUp Utilities 2013
2013-05-31 23:18 - 2013-05-31 23:17 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-05-31 23:17 - 2013-05-31 23:17 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-05-31 23:09 - 2013-05-31 23:08 - 00977816 ____A (Conduit) C:\Users\maxi\Downloads\FileConverter_1.3.exe
2013-05-31 22:29 - 2013-05-31 22:29 - 00000000 ____D C:\Users\maxi\AppData\Roaming\player
2013-05-31 22:29 - 2013-05-31 22:29 - 00000000 ____D C:\Program Files\Tuguu SL
2013-05-31 22:28 - 2011-02-19 23:03 - 00420944 ____A (Microsoft Corporation) C:\Windows\System32\msvcp100.dll
2013-05-31 22:15 - 2013-05-11 00:16 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-05-31 22:15 - 2013-05-11 00:16 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-05-31 22:06 - 2013-05-31 22:06 - 00000611 ____A C:\Windows\System32\InstallUtil.InstallLog
2013-05-31 22:00 - 2013-05-31 21:59 - 00000000 ____D C:\Program Files\Plus-HD-2.6
2013-05-31 21:59 - 2013-05-31 21:57 - 04808816 ____A (Bflyya) C:\Users\maxi\Desktop\plus-hd-2-6.exe
2013-05-31 21:47 - 2013-02-26 18:10 - 00000000 ____D C:\Users\maxi\AppData\Local\VirtualStore
2013-05-31 21:42 - 2013-05-31 21:42 - 00000000 ____D C:\Users\maxi\AppData\Roaming\FL_SIM_P4_DEMO_D
2013-05-31 21:42 - 2013-05-31 21:19 - 00000000 ____D C:\Users\maxi\.LOGOComfort7.0
2013-05-31 21:41 - 2013-05-31 21:38 - 00000000 ____D C:\Program Files\Didactic
2013-05-31 21:37 - 2013-05-31 21:36 - 08050019 ____A C:\Users\maxi\Downloads\fluidsim-4-2-es-win.exe
2013-05-31 21:36 - 2013-05-31 21:36 - 00601144 ____A C:\Users\maxi\Downloads\fluidsim-4-2-es-en-fr-de-win-setup.exe
2013-05-31 21:35 - 2013-05-31 21:34 - 07844767 ____A C:\Users\maxi\Downloads\demo049p4.exe
2013-05-31 21:20 - 2013-05-31 21:20 - 00028797 ____A C:\installer_debug.txt
2013-05-31 21:19 - 2013-05-31 21:19 - 00000000 ___HD C:\Program Files\Zero G Registry
2013-05-31 21:19 - 2013-05-31 21:19 - 00000000 ____D C:\Program Files\Siemens
2013-05-31 21:19 - 2013-02-26 18:10 - 00000000 ____D C:\users\maxi
2013-05-31 21:18 - 2013-05-31 21:18 - 00000000 ___HD C:\Users\maxi\InstallAnywhere
2013-05-31 21:18 - 2013-05-31 21:18 - 00000000 ____D C:\tmp
2013-05-24 00:43 - 2013-05-24 00:37 - 00000000 ____D C:\Users\maxi\Desktop\Movie2k
2013-05-22 22:26 - 2006-11-02 12:33 - 01590904 ____A C:\Windows\System32\PerfStringBackup.INI
2013-05-19 21:04 - 2013-05-19 21:04 - 00377856 ____A C:\Users\maxi\Downloads\gmer_2.1.19163.exe
2013-05-19 21:04 - 2006-11-02 14:52 - 00073273 ____A C:\Windows\setupact.log
2013-05-19 20:30 - 2013-05-19 20:30 - 00026237 ____A C:\Users\maxi\test.txt
2013-05-19 20:30 - 2013-05-19 20:30 - 00026237 ____A C:\Users\maxi\test.tcx
2013-05-19 20:00 - 2006-11-02 12:24 - 72607752 ____A (Microsoft Corporation) C:\Windows\System32\mrt.exe
2013-05-11 00:17 - 2013-05-11 00:17 - 00000000 ____D C:\Users\maxi\AppData\Roaming\Macromedia
2013-05-11 00:17 - 2013-05-11 00:17 - 00000000 ____D C:\Users\maxi\AppData\Roaming\Adobe
2013-05-11 00:17 - 2013-05-11 00:17 - 00000000 ____D C:\Users\maxi\AppData\Local\Macromedia
2013-05-11 00:17 - 2013-05-11 00:12 - 00000000 ____D C:\ProgramData\Adobe
2013-05-11 00:16 - 2013-05-11 00:16 - 00000000 ____D C:\Windows\System32\Macromed
2013-05-10 23:55 - 2013-02-26 18:10 - 00049168 ____A C:\Users\maxi\AppData\Local\GDIPFONTCACHEV1.DAT
2013-05-10 16:21 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2013-05-10 16:10 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-05-10 16:05 - 2006-11-02 14:47 - 00228296 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-09 23:16 - 2013-05-09 23:16 - 00000000 ____D C:\Windows\System32\WindowsPowerShell
2013-05-09 23:16 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\System32\de-DE
2013-05-09 23:05 - 2013-05-09 23:05 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_SynTP_01007.Wdf
2013-05-09 23:05 - 2013-05-09 23:05 - 00000000 ____D C:\Program Files\Synaptics
2013-05-09 23:05 - 2013-03-31 21:06 - 00000000 ____D C:\users\installit
2013-05-09 23:04 - 2013-05-09 23:04 - 00000000 ____D C:\Windows\System32\x64
2013-05-09 22:52 - 2013-05-09 22:52 - 00000908 ____A C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-05-09 22:52 - 2013-05-09 22:52 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-05-09 22:52 - 2013-05-09 22:52 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-05-09 22:48 - 2013-05-09 22:41 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\installit\Downloads\mbam-setup-1.75.0.1300.exe
2013-05-09 22:34 - 2013-05-09 22:34 - 00000000 ____D C:\Users\installit\AppData\Roaming\Mozilla
2013-05-09 22:34 - 2013-05-09 22:34 - 00000000 ____D C:\Users\installit\AppData\Local\Mozilla
2013-05-09 22:29 - 2013-05-09 22:29 - 00000680 ____A C:\Users\installit\AppData\Local\d3d9caps.dat
2013-05-09 22:29 - 2013-05-09 22:29 - 00000000 ____D C:\Users\installit\AppData\Local\VirtualStore
2013-05-09 22:28 - 2013-05-09 22:28 - 00002010 ____A C:\Windows\IE9_main.log
2013-05-09 22:18 - 2013-05-09 22:15 - 18733360 ____A (Microsoft Corporation) C:\Users\maxi\Downloads\1_E_9_1E9DE3C7-0C84-41C8-BBED-997EB0C98CCA_IE9-WindowsVista-x86-deu.exe
2013-05-09 22:03 - 2013-02-26 18:10 - 00000680 ____A C:\Users\maxi\AppData\Local\d3d9caps.dat
2013-05-05 20:38 - 2013-05-05 20:38 - 00000000 ____D C:\Users\maxi\AppData\Roaming\Mozilla
2013-05-05 20:38 - 2013-05-05 20:38 - 00000000 ____D C:\Users\maxi\AppData\Local\Mozilla
2013-05-05 20:38 - 2013-05-05 20:38 - 00000000 ____D C:\ProgramData\Mozilla
2013-05-05 20:38 - 2013-05-05 20:37 - 20900984 ____A (Mozilla) C:\Users\maxi\Downloads\Firefox Setup 20.0.1.exe
2013-05-05 20:32 - 2013-05-05 20:31 - 01226888 ____A C:\Users\maxi\Downloads\Firefox_Setup_20.0.exe
2013-05-05 20:23 - 2006-11-02 12:23 - 00002577 ____A C:\Windows\System32\config.nt
2013-05-05 19:46 - 2013-02-27 02:51 - 00000000 ____D C:\Windows\System32\Drivers\de-DE

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


Last Boot: 2013-06-03 19:29

==================== End Of Log ============================

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 02-06-2013 03
Ran by maxi at 2013-06-03 19:55:22 Run:
Running from C:\Users\maxi\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

Adobe Flash Player 11 ActiveX (Version: 11.7.700.202)
Adobe Flash Player 11 Plugin (Version: 11.7.700.202)
avast! Free Antivirus (Version: 8.0.1488.0)
Cisco EAP-FAST Module (Version: 2.1.3)
Cisco LEAP Module (Version: 1.0.12)
Cisco PEAP Module (Version: 1.0.13)
Dell System Detect (Version: 4.0.5.6)
Dienstprogramm für Dell Wireless WLAN Karte (Version: 4.170.77.18)
FluidSIM 4.2n Pneumatik Demoversion
Iminent (Version: 6.21.22.0)
Intel(R) Graphics Media Accelerator Driver
LOGO!Soft Comfort V7.0 (Demo) (Version: 7.0.0.0)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Silverlight (Version: 4.0.60310.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox 21.0 (x86 de) (Version: 21.0)
Mozilla Maintenance Service (Version: 21.0)
PDF Architect (Version: 1.1.83.9982)
PDFCreator (Version: 1.7.0)
Plus-HD-2.6 (Version: 1.27.153.5)
QuickShare (Version: 1.6.1.934)
Synaptics Pointing Device Driver (Version: 12.2.11.0)
TuneUp Utilities 2013 (Version: 13.0.3000.132)
TuneUp Utilities Language Pack (de-DE) (Version: 13.0.3000.132)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)

==================== Restore Points  =========================

31-03-2013 20:23:45 avast! Free Antivirus Setup
31-03-2013 20:48:19 Windows Update
31-03-2013 21:18:08 Windows Update
31-03-2013 21:26:12 Sprachpaketdeinstallation
26-04-2013 20:00:45 Windows Update
26-04-2013 20:51:22 Windows Update
05-05-2013 17:37:00 Windows Update
05-05-2013 17:57:48 Windows Update
06-05-2013 08:38:18 Windows Update
09-05-2013 20:05:57 Windows Update
09-05-2013 20:13:36 Windows Update
09-05-2013 20:30:42 Windows Update
09-05-2013 20:54:27 Windows Update
10-05-2013 16:22:30 Geplanter Prüfpunkt
10-05-2013 21:56:52 Windows Update
10-05-2013 22:49:18 Windows Update
19-05-2013 14:57:23 Windows Update
19-05-2013 17:59:44 Windows Update
22-05-2013 20:27:27 Windows Update
26-05-2013 17:33:16 Windows Update
28-05-2013 17:18:14 Windows Update
31-05-2013 19:27:24 Windows Update
22-09-2013 21:37:47 Removed SaferSurf

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/03/2013 07:51:42 PM) (Source: Application Hang) (User: )
Description: Programm OTL.exe, Version 3.2.69.0 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: 150c
Anfangszeit: 01ce608083cb5bae
Zeitpunkt der Beendigung: 15

Error: (06/03/2013 07:24:49 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/03/2013 06:53:26 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/03/2013 06:52:55 PM) (Source: EventSystem) (User: )
Description: d:\vistasp1_gdr\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (06/03/2013 06:49:27 PM) (Source: Application Hang) (User: )
Description: Programm OTL.exe, Version 3.2.69.0 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: dc0
Anfangszeit: 01ce6078681b03d0
Zeitpunkt der Beendigung: 0

Error: (06/02/2013 08:43:26 PM) (Source: Application Hang) (User: )
Description: Programm OTL.exe, Version 3.2.69.0 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: da8
Anfangszeit: 01ce5fbea35f7aae
Zeitpunkt der Beendigung: 7

Error: (06/02/2013 08:23:34 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/02/2013 08:10:11 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/02/2013 06:41:24 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/02/2013 06:40:47 PM) (Source: EventSystem) (User: )
Description: d:\vistasp1_gdr\com\complus\src\events\tier1\eventsystemobj.cpp458007043c


System errors:
=============
Error: (06/03/2013 07:24:50 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (06/03/2013 07:23:53 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: 0x80070032

Error: (06/03/2013 07:23:22 PM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueueKerberos

Error: (06/03/2013 07:23:15 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 03.06.2013 um 19:20:44 unerwartet heruntergefahren.

Error: (06/03/2013 06:53:26 PM) (Source: Service Control Manager) (User: )
Description: aswRvrt
aswSnx
aswSP
aswTdi
aswVmm
spldr
Wanarpv6

Error: (06/03/2013 06:53:26 PM) (Source: Service Control Manager) (User: )
Description: ComputerbrowserServer%%1068

Error: (06/03/2013 06:53:00 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (06/03/2013 06:53:00 PM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (06/03/2013 06:52:55 PM) (Source: DCOM) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (06/03/2013 06:52:47 PM) (Source: DCOM) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}


Microsoft Office Sessions:
=========================
Error: (06/03/2013 07:51:42 PM) (Source: Application Hang)(User: )
Description: OTL.exe3.2.69.0150c01ce608083cb5bae15

Error: (06/03/2013 07:24:49 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/03/2013 06:53:26 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/03/2013 06:52:55 PM) (Source: EventSystem)(User: )
Description: d:\vistasp1_gdr\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (06/03/2013 06:49:27 PM) (Source: Application Hang)(User: )
Description: OTL.exe3.2.69.0dc001ce6078681b03d00

Error: (06/02/2013 08:43:26 PM) (Source: Application Hang)(User: )
Description: OTL.exe3.2.69.0da801ce5fbea35f7aae7

Error: (06/02/2013 08:23:34 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/02/2013 08:10:11 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/02/2013 06:41:24 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/02/2013 06:40:47 PM) (Source: EventSystem)(User: )
Description: d:\vistasp1_gdr\com\complus\src\events\tier1\eventsystemobj.cpp458007043c


CodeIntegrity Errors:
===================================
  Date: 2013-06-03 19:54:44.605
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-03 19:54:44.403
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-03 19:54:44.200
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-03 19:54:43.997
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-03 19:54:43.783
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-03 19:54:43.584
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-03 19:54:43.384
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-03 19:54:43.180
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-03 19:36:43.642
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-03 19:36:43.455
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 54%
Total physical RAM: 2037.69 MB
Available physical RAM: 936.08 MB
Total Pagefile: 4314.64 MB
Available Pagefile: 3167.2 MB
Total Virtual: 2047.88 MB
Available Virtual: 1908.61 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:148.95 GB) (Free:84 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: () (Removable) (Total:7.39 GB) (Free:4.62 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 149 GB) (Disk ID: 98DEB064)
Partition 1: (Not Active) - (Size=102 MB) - (Type=DE)
Partition 2: (Active) - (Size=149 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 7 GB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=7 GB) - (Type=0B)

==================== End Of Log ============================

aharonov · 03.06.2013, 19:23

Wie läuft der Rechner jetzt? Läuft er wieder normal oder passt noch etwas nicht?

Schritt 1

Gehe zu Start --> Systemsteuerung und öffne Programme und Funktionen.
Suche und deinstalliere dort fogenden Eintrag:
- Iminent (Version: 6.21.22.0)
Schliesse das Fenster wieder und führe einen Neustart durch, wenn das gefordert wurde.

Schritt 2

Drücke die

+ R Taste und schreibe "notepad" in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument:

Code:

ATTFilter

2013-09-22 22:40 - 2013-05-31 22:07 - 00000000 ____D C:\Users\maxi\AppData\Roaming\Ysirh
2013-05-31 22:07 - 2013-09-21 10:50 - 00000000 ____D C:\Users\maxi\AppData\Roaming\Nora
2013-09-22 23:38 - 2013-05-31 23:52 - 00000000 ____D C:\Program Files\SaferSurf
2013-05-31 22:28 - 2013-09-22 22:46 - 00000000 ____D C:\Program Files\Desk 365
C:\Users\maxi\AppData\Roaming\Mozilla\Firefox\Profiles\4anzkmau.default\Extensions\webbooster@iminent.com

Speichere dieses dann bitte unter dem Dateinamen Fixlist.txt ebenfalls auf deinen Desktop neben FRST.

Starte nun FRST.exe und klicke den Fix Button.
Das Tool erstellt eine Fixlog.txt. Poste mir deren Inhalt.
Starte danach den Rechner neu auf.

Schritt 3

Öffne das Programm Malwarebytes Anti-Malware.
Vista und Win7 User mit Rechtsklick "als Administrator starten".
Klicke auf Aktualisierung --> Suche nach Aktualisierung.
Wenn das Update beendet wurde, aktiviere im Reiter Suchlauf die Option Quick-Scan durchführen und drücke auf Scannen.
Wenn der Scan fertig ist, klicke auf Ergebnisse anzeigen.
Versichere dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
Poste das Logfile, welches sich in Notepad öffnet, hier in den Thread.
Nachträglich kannst du den Bericht unter dem Reiter Logdateien finden.

Schritt 4

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 5

Starte noch einmal die FRST.exe.

Ändere keine der Voreinstellungen und drücke auf Scan.
Wenn der Scan abgeschlossen ist, werden ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.

Bitte poste in deiner nächsten Antwort:

Fixlog von FRST
Log von MBAM
Log von ESET
Log von FRST

maxima1999 · 03.06.2013, 19:48

Hallo Leo

soweit läuft alles. Wir haben noch ein Paar Programme auf dem Rechner dei vorher nicht da waren. Z.B. dieses plus-hd-2-6.exe oder tuneup.

Dieses FlashPlayerPlugin_11_7_700_202.exe haben wir auch nicht installiert.

Das Programm das wir deinstallieren sollen gibt es nicht in der <liste

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 02-06-2013 03
Ran by maxi at 2013-06-03 20:30:05 Run:1
Running from C:\Users\maxi\Desktop
Boot Mode: Normal

==============================================

C:\Users\maxi\AppData\Roaming\Ysirh => Moved successfully.
C:\Users\maxi\AppData\Roaming\Nora => Moved successfully.
C:\Program Files\SaferSurf => Moved successfully.
C:\Program Files\Desk 365 => Moved successfully.
C:\Users\maxi\AppData\Roaming\Mozilla\Firefox\Profiles\4anzkmau.default\Extensions\webbooster@iminent.com => Moved successfully.

==== End of Fixlog ====

Code:

ATTFilter

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.06.03.07

Windows Vista Service Pack 1 x86 NTFS
Internet Explorer 7.0.6001.18000
maxi :: maxi-PC [administrator]

03.06.2013 20:33:19
mbam-log-2013-06-03 (20-33-19).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 222413
Time elapsed: 8 minute(s), 40 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Wo kann man das hier alles lernen? Würde mich interesseiren

aharonov · 03.06.2013, 20:04

Hi,

Zitat:

Wir haben noch ein Paar Programme auf dem Rechner dei vorher nicht da waren. Z.B. dieses plus-hd-2-6.exe oder tuneup.

Dann deinstalliere zusätzlich noch folgende Einträge:

Plus-HD-2.6
TuneUp Utilities 2013
TuneUp Utilities Language Pack

Zitat:

Dieses FlashPlayerPlugin_11_7_700_202.exe haben wir auch nicht installiert.

Das ist nur der Flashplayer von Adobe (und wird normalerweise gebraucht).

Zitat:

Wo kann man das hier alles lernen? Würde mich interesseiren

Zum Beispiel hier: http://www.trojaner-board.de/88896-a...ner-board.html
Im Moment werden keine neuen Bewerbungen angenommen, da grad alle Ausbildungsplätze besetzt sind. Aber es werden immer mal wieder welche frei.

maxima1999 · 05.06.2013, 17:56

Eset hat nichts gefunden, aber ich finde das Logfile nicht.

Der Computer läuft irgendwie noch nicht sauber, teilweise lange wartezeiten bei Programmen oder wenn wir ins internet wollen

aharonov · 05.06.2013, 18:00

Wenn ESET nichts gefunden hat, brauchen wir auch das Log nicht unbedingt.

Dann mach noch Schritt 5 (frisches FRST-Log).

maxima1999 · 05.06.2013, 18:18

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-06-2013 01
Ran by maxi (administrator) on 05-06-2013 19:07:49
Running from C:\Users\maxi\Desktop
Windows Vista (TM) Business Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 7
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
() C:\Windows\System32\WLTRYSVC.EXE
(Dell Inc.) C:\Windows\System32\bcmwltry.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Dell Inc.) C:\Windows\System32\WLTRAY.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynToshiba.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe [3563520 2009-01-20] (Dell Inc.)
HKLM\...\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4858456 2013-05-02] (AVAST Software)
HKLM\...\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1451304 2009-03-20] (Synaptics Incorporated)
HKCU\...\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [1233920 2008-01-21] (Microsoft Corporation)
HKCU\...\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter [x]

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\maxi\AppData\Roaming\Mozilla\Firefox\Profiles\4anzkmau.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Extension: No Name - C:\Users\maxi\AppData\Roaming\Mozilla\Firefox\Profiles\4anzkmau.default\Extensions\{85666217-0676-4273-8b0d-7b6fbc4c6e30}
FF Extension: Value Apps - C:\Users\maxi\AppData\Roaming\Mozilla\Firefox\Profiles\4anzkmau.default\Extensions\{94cd2cc3-083f-49ba-a218-4cda4b4829fd}
FF Extension: No Name - C:\Users\maxi\AppData\Roaming\Mozilla\Firefox\Profiles\4anzkmau.default\Extensions\{C4A4F5A0-4B89-4392-AFAC-D58010E349AF}.xpi

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-02] (AVAST Software)
R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [2654208 2009-01-20] (Dell Inc.)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-05-02] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66336 2013-05-02] (AVAST Software)
R1 AswRdr; C:\Windows\System32\Drivers\AswRdr.sys [49760 2013-05-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-05-02] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [765736 2013-05-02] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [368944 2013-05-02] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-05-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [174664 2013-05-02] ()
R3 BCM42RLY; C:\Windows\System32\drivers\BCM42RLY.sys [18424 2009-01-20] (Broadcom Corporation)
S3 catchme; \??\C:\Users\maxi\AppData\Local\Temp\catchme.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-22 23:46 - 2011-06-26 08:45 - 00256000 ____A C:\Windows\PEV.exe
2013-09-22 23:46 - 2010-11-07 19:20 - 00208896 ____A C:\Windows\MBR.exe
2013-09-22 23:46 - 2009-04-20 06:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2013-09-22 23:46 - 2000-08-31 02:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2013-09-22 23:46 - 2000-08-31 02:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2013-09-22 23:46 - 2000-08-31 02:00 - 00098816 ____A C:\Windows\sed.exe
2013-09-22 23:46 - 2000-08-31 02:00 - 00080412 ____A C:\Windows\grep.exe
2013-09-22 23:46 - 2000-08-31 02:00 - 00068096 ____A C:\Windows\zip.exe
2013-09-22 23:03 - 2013-09-23 00:26 - 00000000 ____D C:\Windows\erdnt
2013-09-22 23:00 - 2013-09-22 23:01 - 05076415 ___RA (Swearware) C:\Users\maxi\Desktop\ComboFix.exe
2013-09-22 22:46 - 2013-09-22 22:48 - 00000093 ____A C:\Windows\DeleteOnReboot.bat
2013-09-22 22:35 - 2013-09-22 22:35 - 00632031 ____A C:\Users\maxi\Desktop\adwcleaner.exe
2013-09-21 20:41 - 2013-09-21 20:41 - 00602112 ____A (OldTimer Tools) C:\Users\maxi\Desktop\OTL.exe
2013-09-21 20:32 - 2013-09-21 20:32 - 00000000 ____D C:\Users\installit\AppData\Roaming\TuneUp Software
2013-09-21 11:21 - 2013-09-21 11:21 - 00000000 ____D C:\Users\installit\AppData\Roaming\Adobe
2013-06-05 19:07 - 2013-06-05 19:07 - 01357013 ____A (Farbar) C:\Users\maxi\Desktop\FRST.exe
2013-06-05 19:05 - 2013-06-05 19:05 - 01357013 ____A (Farbar) C:\Users\maxi\Downloads\FRST.exe
2013-06-03 22:44 - 2013-06-03 22:44 - 00240720 ____A C:\Users\maxi\Desktop\Iron.Man.3.R6.LD.German.XViD-AOE.CD1.exe
2013-06-03 21:15 - 2013-06-03 21:15 - 00000000 ____D C:\Program Files\ESET
2013-06-03 21:14 - 2013-06-03 21:14 - 02347384 ____A (ESET) C:\Users\maxi\Downloads\esetsmartinstaller_enu.exe
2013-06-03 21:12 - 2013-06-03 21:12 - 00000000 ____D C:\Windows\System32\appmgmt
2013-06-03 21:11 - 2013-06-03 21:11 - 00000000 ____D C:\Program Files\Common Files\PDF Architect
2013-06-03 21:10 - 2013-06-03 21:10 - 00000000 ____D C:\Users\maxi\AppData\Roaming\PDF Architect
2013-06-03 20:31 - 2013-06-03 20:31 - 00000000 ____D C:\Users\maxi\AppData\Roaming\Malwarebytes
2013-06-03 19:55 - 2013-06-03 19:57 - 00013059 ____A C:\Users\maxi\Downloads\Addition.txt
2013-06-03 19:54 - 2013-06-03 19:54 - 00000000 ____D C:\FRST
2013-06-03 19:32 - 2013-06-03 19:32 - 00000848 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-06-03 19:32 - 2013-06-03 19:32 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-06-02 20:13 - 2013-06-02 20:13 - 00000000 ____D C:\_OTL
2013-06-02 17:10 - 2013-06-02 17:10 - 00139264 ____A C:\Users\maxi\Downloads\SystemLook.exe
2013-06-02 16:21 - 2013-06-02 16:21 - 00015085 ____A C:\ComboFix.txt
2013-06-02 16:03 - 2013-06-02 16:21 - 00000000 ____D C:\ComboFix
2013-05-31 23:52 - 2013-05-31 23:52 - 00000000 ____D C:\ProgramData\Nutzwerk
2013-05-31 23:24 - 2013-05-31 23:24 - 03715248 ____A (Speedchecker Limited                                        ) C:\Users\maxi\Documents\PCSUUpdate.exe
2013-05-31 23:23 - 2013-05-31 23:23 - 00055088 ____A C:\Users\maxi\Documents\PCSU_Update.exe
2013-05-31 23:21 - 2013-05-31 23:21 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-05-31 23:18 - 2013-05-31 23:18 - 00000000 ____D C:\Users\maxi\AppData\Roaming\TuneUp Software
2013-05-31 23:17 - 2013-05-31 23:18 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-05-31 23:17 - 2013-05-31 23:17 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-05-31 23:08 - 2013-05-31 23:09 - 00977816 ____A (Conduit) C:\Users\maxi\Downloads\FileConverter_1.3.exe
2013-05-31 22:29 - 2013-05-31 22:29 - 00000000 ____D C:\Users\maxi\AppData\Roaming\player
2013-05-31 22:29 - 2013-05-31 22:29 - 00000000 ____D C:\Program Files\Tuguu SL
2013-05-31 22:06 - 2013-05-31 22:06 - 00000611 ____A C:\Windows\System32\InstallUtil.InstallLog
2013-05-31 21:42 - 2013-05-31 21:42 - 00000000 ____D C:\Users\maxi\AppData\Roaming\FL_SIM_P4_DEMO_D
2013-05-31 21:38 - 2013-05-31 21:41 - 00000000 ____D C:\Program Files\Didactic
2013-05-31 21:36 - 2013-05-31 21:37 - 08050019 ____A C:\Users\maxi\Downloads\fluidsim-4-2-es-win.exe
2013-05-31 21:36 - 2013-05-31 21:36 - 00601144 ____A C:\Users\maxi\Downloads\fluidsim-4-2-es-en-fr-de-win-setup.exe
2013-05-31 21:34 - 2013-05-31 21:35 - 07844767 ____A C:\Users\maxi\Downloads\demo049p4.exe
2013-05-31 21:20 - 2013-05-31 21:20 - 00028797 ____A C:\installer_debug.txt
2013-05-31 21:19 - 2013-05-31 21:42 - 00000000 ____D C:\Users\maxi\.LOGOComfort7.0
2013-05-31 21:19 - 2013-05-31 21:19 - 00000000 ___HD C:\Program Files\Zero G Registry
2013-05-31 21:19 - 2013-05-31 21:19 - 00000000 ____D C:\Program Files\Siemens
2013-05-31 21:18 - 2013-05-31 21:18 - 00000000 ___HD C:\Users\maxi\InstallAnywhere
2013-05-31 21:18 - 2013-05-31 21:18 - 00000000 ____D C:\tmp
2013-05-24 09:26 - 2013-06-03 19:32 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-05-19 21:04 - 2013-05-19 21:04 - 00377856 ____A C:\Users\maxi\Downloads\gmer_2.1.19163.exe
2013-05-19 20:30 - 2013-05-19 20:30 - 00026237 ____A C:\Users\maxi\test.txt
2013-05-19 20:30 - 2013-05-19 20:30 - 00026237 ____A C:\Users\maxi\test.tcx
2013-05-11 00:49 - 2010-09-20 11:25 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\msshsq.dll
2013-05-11 00:17 - 2013-05-11 00:17 - 00000000 ____D C:\Users\maxi\AppData\Roaming\Macromedia
2013-05-11 00:17 - 2013-05-11 00:17 - 00000000 ____D C:\Users\maxi\AppData\Roaming\Adobe
2013-05-11 00:17 - 2013-05-11 00:17 - 00000000 ____D C:\Users\maxi\AppData\Local\Macromedia
2013-05-11 00:16 - 2013-06-04 00:11 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-05-11 00:16 - 2013-05-31 22:15 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-05-11 00:16 - 2013-05-31 22:15 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-05-11 00:16 - 2013-05-11 00:16 - 00000000 ____D C:\Windows\System32\Macromed
2013-05-11 00:12 - 2013-05-11 00:17 - 00000000 ____D C:\ProgramData\Adobe
2013-05-09 23:16 - 2013-05-09 23:16 - 00000000 ____D C:\Windows\System32\WindowsPowerShell
2013-05-09 23:05 - 2013-05-09 23:05 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_SynTP_01007.Wdf
2013-05-09 23:05 - 2013-05-09 23:05 - 00000000 ____D C:\Program Files\Synaptics
2013-05-09 23:04 - 2013-05-09 23:04 - 00000000 ____D C:\Windows\System32\x64
2013-05-09 23:04 - 2008-02-11 20:13 - 00920088 ____A (Intel® Corporation) C:\Windows\System32\igxpun.exe
2013-05-09 23:04 - 2006-11-10 16:25 - 00319456 ____A (Microsoft Corporation) C:\Windows\System32\difxapi.dll
2013-05-09 23:02 - 2008-05-27 07:21 - 01582592 ____A (Microsoft Corporation) C:\Windows\System32\tquery.dll
2013-05-09 23:02 - 2008-05-27 07:21 - 01418240 ____A (Microsoft Corporation) C:\Windows\System32\mssrch.dll
2013-05-09 23:02 - 2008-05-27 07:18 - 00670208 ____A (Microsoft Corporation) C:\Windows\System32\mssvp.dll
2013-05-09 23:02 - 2008-05-27 07:18 - 00439808 ____A (Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
2013-05-09 23:02 - 2008-05-27 07:18 - 00350208 ____A (Microsoft Corporation) C:\Windows\System32\mssph.dll
2013-05-09 23:02 - 2008-05-27 07:18 - 00203776 ____A (Microsoft Corporation) C:\Windows\System32\mssphtb.dll
2013-05-09 23:02 - 2008-05-27 07:18 - 00184832 ____A (Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe
2013-05-09 23:02 - 2008-05-27 07:18 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\nlhtml.dll
2013-05-09 23:02 - 2008-05-27 07:18 - 00071680 ____A (Microsoft Corporation) C:\Windows\System32\propdefs.dll
2013-05-09 23:02 - 2008-05-27 07:18 - 00056320 ____A (Microsoft Corporation) C:\Windows\System32\xmlfilter.dll
2013-05-09 23:02 - 2008-05-27 07:18 - 00044032 ____A (Microsoft Corporation) C:\Windows\System32\msstrc.dll
2013-05-09 23:02 - 2008-05-27 07:18 - 00040448 ____A (Microsoft Corporation) C:\Windows\System32\mimefilt.dll
2013-05-09 23:02 - 2008-05-27 07:18 - 00038400 ____A (Microsoft Corporation) C:\Windows\System32\rtffilt.dll
2013-05-09 23:02 - 2008-05-27 07:18 - 00029184 ____A (Microsoft Corporation) C:\Windows\System32\wsepno.dll
2013-05-09 23:02 - 2008-05-27 07:17 - 06103040 ____A (Microsoft Corporation) C:\Windows\System32\chtbrkr.dll
2013-05-09 23:02 - 2008-05-27 07:17 - 01671680 ____A (Microsoft Corporation) C:\Windows\System32\chsbrkr.dll
2013-05-09 23:02 - 2008-05-27 07:17 - 00754176 ____A (Microsoft Corporation) C:\Windows\System32\propsys.dll
2013-05-09 23:02 - 2008-05-27 07:17 - 00313344 ____A (Microsoft Corporation) C:\Windows\System32\thawbrkr.dll
2013-05-09 23:02 - 2008-05-27 07:17 - 00301568 ____A (Microsoft Corporation) C:\Windows\System32\srchadmin.dll
2013-05-09 23:02 - 2008-05-27 07:17 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\offfilt.dll
2013-05-09 23:02 - 2008-05-27 07:17 - 00143872 ____A (Microsoft Corporation) C:\Windows\System32\korwbrkr.dll
2013-05-09 23:02 - 2008-05-27 07:17 - 00087552 ____A (Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe
2013-05-09 23:02 - 2008-05-27 07:17 - 00087552 ____A (Microsoft Corporation) C:\Windows\System32\mssitlb.dll
2013-05-09 23:02 - 2008-05-27 07:17 - 00060416 ____A (Microsoft Corporation) C:\Windows\System32\msscntrs.dll
2013-05-09 23:02 - 2008-05-27 07:17 - 00034816 ____A (Microsoft Corporation) C:\Windows\System32\msscb.dll
2013-05-09 23:02 - 2008-05-27 07:17 - 00032768 ____A (Microsoft Corporation) C:\Windows\System32\mssprxy.dll
2013-05-09 23:02 - 2008-05-27 07:17 - 00011776 ____A (Microsoft Corporation) C:\Windows\System32\msshooks.dll
2013-05-09 23:02 - 2008-05-27 06:59 - 00106605 ____A C:\Windows\System32\StructuredQuerySchema.bin
2013-05-09 23:02 - 2008-05-27 06:59 - 00018904 ____A C:\Windows\System32\StructuredQuerySchemaTrivial.bin
2013-05-09 23:02 - 2007-11-08 11:04 - 11967524 ____A C:\Windows\System32\korwbrkr.lex
2013-05-09 23:00 - 2009-06-04 01:56 - 00675152 ____A (Microsoft Corporation) C:\Windows\System32\gpprefcl.dll
2013-05-09 22:56 - 2009-10-09 23:56 - 01181696 ____A (Microsoft Corporation) C:\Windows\System32\WsmSvc.dll
2013-05-09 22:56 - 2009-10-09 23:56 - 00246272 ____A (Microsoft Corporation) C:\Windows\System32\WSManHTTPConfig.exe
2013-05-09 22:56 - 2009-10-09 23:56 - 00241152 ____A (Microsoft Corporation) C:\Windows\System32\winrscmd.dll
2013-05-09 22:56 - 2009-10-09 23:56 - 00214016 ____A (Microsoft Corporation) C:\Windows\System32\WsmWmiPl.dll
2013-05-09 22:56 - 2009-10-09 23:56 - 00145408 ____A (Microsoft Corporation) C:\Windows\System32\WsmAuto.dll
2013-05-09 22:56 - 2009-10-09 23:56 - 00041472 ____A (Microsoft Corporation) C:\Windows\System32\pwrshplugin.dll
2013-05-09 22:56 - 2009-10-09 23:56 - 00040448 ____A (Microsoft Corporation) C:\Windows\System32\winrs.exe
2013-05-09 22:56 - 2009-10-09 23:56 - 00020480 ____A (Microsoft Corporation) C:\Windows\System32\winrshost.exe
2013-05-09 22:56 - 2009-10-09 23:56 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\wsmprovhost.exe
2013-05-09 22:56 - 2009-10-09 23:56 - 00010240 ____A (Microsoft Corporation) C:\Windows\System32\wsmplpxy.dll
2013-05-09 22:56 - 2009-10-09 23:56 - 00010240 ____A (Microsoft Corporation) C:\Windows\System32\winrssrv.dll
2013-05-09 22:56 - 2009-10-09 23:56 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\winrsmgr.dll
2013-05-09 22:56 - 2009-10-09 23:55 - 00252416 ____A (Microsoft Corporation) C:\Windows\System32\WSManMigrationPlugin.dll
2013-05-09 22:56 - 2009-10-09 23:55 - 00146944 ____A (Microsoft Corporation) C:\Windows\System32\wecsvc.dll
2013-05-09 22:56 - 2009-10-09 23:55 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\wevtfwd.dll
2013-05-09 22:56 - 2009-10-09 23:55 - 00079872 ____A (Microsoft Corporation) C:\Windows\System32\wecutil.exe
2013-05-09 22:56 - 2009-10-09 23:55 - 00056320 ____A (Microsoft Corporation) C:\Windows\System32\wecapi.dll
2013-05-09 22:56 - 2009-10-09 23:55 - 00054272 ____A (Microsoft Corporation) C:\Windows\System32\WsmRes.dll
2013-05-09 22:56 - 2009-08-01 08:27 - 00201184 ____A C:\Windows\System32\winrm.vbs
2013-05-09 22:56 - 2009-07-16 19:30 - 00004675 ____A C:\Windows\System32\wsmanconfig_schema.xml
2013-05-09 22:56 - 2009-07-16 19:30 - 00002426 ____A C:\Windows\System32\WsmTxt.xsl
2013-05-09 22:52 - 2013-05-09 22:52 - 00000908 ____A C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-05-09 22:52 - 2013-05-09 22:52 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-05-09 22:52 - 2013-05-09 22:52 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-05-09 22:52 - 2013-04-04 14:50 - 00022856 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-05-09 22:44 - 2011-03-03 16:56 - 00028672 ____A (Microsoft Corporation) C:\Windows\System32\Apphlpdm.dll
2013-05-09 22:44 - 2011-03-03 15:01 - 04240384 ____A (Microsoft) C:\Windows\System32\GameUXLegacyGDFs.dll
2013-05-09 22:44 - 2010-01-25 14:48 - 00472576 ____A (Microsoft Corporation) C:\Windows\System32\secproc_isv.dll
2013-05-09 22:44 - 2010-01-25 14:48 - 00472064 ____A (Microsoft Corporation) C:\Windows\System32\secproc.dll
2013-05-09 22:44 - 2010-01-25 14:48 - 00151040 ____A (Microsoft Corporation) C:\Windows\System32\secproc_ssp_isv.dll
2013-05-09 22:44 - 2010-01-25 14:48 - 00151040 ____A (Microsoft Corporation) C:\Windows\System32\secproc_ssp.dll
2013-05-09 22:44 - 2010-01-25 14:45 - 00329216 ____A (Microsoft Corporation) C:\Windows\System32\msdrm.dll
2013-05-09 22:44 - 2010-01-25 10:35 - 00523776 ____A (Microsoft Corporation) C:\Windows\System32\RMActivate_isv.exe
2013-05-09 22:44 - 2010-01-25 10:35 - 00346624 ____A (Microsoft Corporation) C:\Windows\System32\RMActivate_ssp_isv.exe
2013-05-09 22:44 - 2010-01-25 10:34 - 00511488 ____A (Microsoft Corporation) C:\Windows\System32\RMActivate.exe
2013-05-09 22:44 - 2010-01-25 10:34 - 00347136 ____A (Microsoft Corporation) C:\Windows\System32\RMActivate_ssp.exe
2013-05-09 22:44 - 2008-03-08 06:21 - 01695744 ____A (Microsoft Corporation) C:\Windows\System32\gameux.dll
2013-05-09 22:43 - 2009-10-23 19:42 - 00714240 ____A (Microsoft Corporation) C:\Windows\System32\timedate.cpl
2013-05-09 22:43 - 2008-10-22 05:57 - 00241152 ____A (Microsoft Corporation) C:\Windows\System32\PortableDeviceApi.dll
2013-05-09 22:43 - 2008-09-18 06:56 - 00147456 ____A (Microsoft Corporation) C:\Windows\System32\Faultrep.dll
2013-05-09 22:43 - 2008-09-18 06:56 - 00125952 ____A (Microsoft Corporation) C:\Windows\System32\wersvc.dll
2013-05-09 22:43 - 2008-08-28 05:40 - 00712704 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-05-09 22:43 - 2008-08-28 05:40 - 00425472 ____A (Microsoft Corporation) C:\Windows\System32\PhotoMetadataHandler.dll
2013-05-09 22:43 - 2008-08-28 05:40 - 00347136 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-05-09 22:42 - 2011-04-12 16:53 - 00890368 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2013-05-09 22:42 - 2009-09-10 17:21 - 00310784 ____A (Microsoft Corporation) C:\Windows\System32\unregmp2.exe
2013-05-09 22:41 - 2013-05-09 22:48 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\installit\Downloads\mbam-setup-1.75.0.1300.exe
2013-05-09 22:39 - 2008-10-21 07:25 - 01645568 ____A (Microsoft Corporation) C:\Windows\System32\connect.dll
2013-05-09 22:34 - 2013-05-09 22:34 - 00000000 ____D C:\Users\installit\AppData\Roaming\Mozilla
2013-05-09 22:34 - 2013-05-09 22:34 - 00000000 ____D C:\Users\installit\AppData\Local\Mozilla
2013-05-09 22:29 - 2013-09-21 11:21 - 00049168 ____A C:\Users\installit\AppData\Local\GDIPFONTCACHEV1.DAT
2013-05-09 22:29 - 2013-05-09 22:29 - 00000680 ____A C:\Users\installit\AppData\Local\d3d9caps.dat
2013-05-09 22:29 - 2013-05-09 22:29 - 00000000 ____D C:\Users\installit\AppData\Local\VirtualStore
2013-05-09 22:28 - 2013-05-09 22:28 - 00002010 ____A C:\Windows\IE9_main.log
2013-05-09 22:15 - 2013-05-09 22:18 - 18733360 ____A (Microsoft Corporation) C:\Users\maxi\Downloads\1_E_9_1E9DE3C7-0C84-41C8-BBED-997EB0C98CCA_IE9-WindowsVista-x86-deu.exe

==================== One Month Modified Files and Folders ========

2013-09-23 00:28 - 2006-11-02 13:18 - 00000000 __RHD C:\users\Default
2013-09-23 00:28 - 2006-11-02 13:18 - 00000000 ___RD C:\users\Public
2013-09-23 00:26 - 2013-09-22 23:03 - 00000000 ____D C:\Windows\erdnt
2013-09-22 23:01 - 2013-09-22 23:00 - 05076415 ___RA (Swearware) C:\Users\maxi\Desktop\ComboFix.exe
2013-09-22 22:48 - 2013-09-22 22:46 - 00000093 ____A C:\Windows\DeleteOnReboot.bat
2013-09-22 22:38 - 2013-03-10 01:08 - 00000418 ___AH C:\Windows\Tasks\User_Feed_Synchronization-{DF2D5CE6-4659-4400-AE0D-E5B0C25B24E6}.job
2013-09-22 22:35 - 2013-09-22 22:35 - 00632031 ____A C:\Users\maxi\Desktop\adwcleaner.exe
2013-09-21 20:41 - 2013-09-21 20:41 - 00602112 ____A (OldTimer Tools) C:\Users\maxi\Desktop\OTL.exe
2013-09-21 20:32 - 2013-09-21 20:32 - 00000000 ____D C:\Users\installit\AppData\Roaming\TuneUp Software
2013-09-21 11:21 - 2013-09-21 11:21 - 00000000 ____D C:\Users\installit\AppData\Roaming\Adobe
2013-09-21 11:21 - 2013-05-09 22:29 - 00049168 ____A C:\Users\installit\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-05 19:07 - 2013-06-05 19:07 - 01357013 ____A (Farbar) C:\Users\maxi\Desktop\FRST.exe
2013-06-05 19:05 - 2013-06-05 19:05 - 01357013 ____A (Farbar) C:\Users\maxi\Downloads\FRST.exe
2013-06-05 18:51 - 2008-01-21 03:39 - 01407787 ____A C:\Windows\WindowsUpdate.log
2013-06-04 08:12 - 2006-11-02 14:47 - 00003616 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-04 08:12 - 2006-11-02 14:47 - 00003616 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-04 00:11 - 2013-05-11 00:16 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-03 22:44 - 2013-06-03 22:44 - 00240720 ____A C:\Users\maxi\Desktop\Iron.Man.3.R6.LD.German.XViD-AOE.CD1.exe
2013-06-03 21:15 - 2013-06-03 21:15 - 00000000 ____D C:\Program Files\ESET
2013-06-03 21:14 - 2013-06-03 21:14 - 02347384 ____A (ESET) C:\Users\maxi\Downloads\esetsmartinstaller_enu.exe
2013-06-03 21:12 - 2013-06-03 21:12 - 00000000 ____D C:\Windows\System32\appmgmt
2013-06-03 21:11 - 2013-06-03 21:11 - 00000000 ____D C:\Program Files\Common Files\PDF Architect
2013-06-03 21:10 - 2013-06-03 21:10 - 00000000 ____D C:\Users\maxi\AppData\Roaming\PDF Architect
2013-06-03 20:31 - 2013-06-03 20:31 - 00000000 ____D C:\Users\maxi\AppData\Roaming\Malwarebytes
2013-06-03 19:57 - 2013-06-03 19:55 - 00013059 ____A C:\Users\maxi\Downloads\Addition.txt
2013-06-03 19:54 - 2013-06-03 19:54 - 00000000 ____D C:\FRST
2013-06-03 19:32 - 2013-06-03 19:32 - 00000848 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-06-03 19:32 - 2013-06-03 19:32 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-06-03 19:32 - 2013-05-24 09:26 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-06-03 19:23 - 2006-11-02 15:01 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-03 18:51 - 2006-11-02 15:00 - 00015240 ____A C:\Windows\PFRO.log
2013-06-03 18:50 - 2006-11-02 15:01 - 00015022 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-06-02 20:13 - 2013-06-02 20:13 - 00000000 ____D C:\_OTL
2013-06-02 18:40 - 2013-03-31 22:33 - 00000000 ____D C:\Users\maxi\AppData\Local\Apps\2.0
2013-06-02 17:10 - 2013-06-02 17:10 - 00139264 ____A C:\Users\maxi\Downloads\SystemLook.exe
2013-06-02 16:21 - 2013-06-02 16:21 - 00015085 ____A C:\ComboFix.txt
2013-06-02 16:21 - 2013-06-02 16:03 - 00000000 ____D C:\ComboFix
2013-06-02 16:21 - 2013-02-24 18:48 - 00000000 ____D C:\Qoobox
2013-06-02 16:18 - 2006-11-02 12:23 - 00000215 ____A C:\Windows\system.ini
2013-05-31 23:52 - 2013-05-31 23:52 - 00000000 ____D C:\ProgramData\Nutzwerk
2013-05-31 23:24 - 2013-05-31 23:24 - 03715248 ____A (Speedchecker Limited                                        ) C:\Users\maxi\Documents\PCSUUpdate.exe
2013-05-31 23:23 - 2013-05-31 23:23 - 00055088 ____A C:\Users\maxi\Documents\PCSU_Update.exe
2013-05-31 23:21 - 2013-05-31 23:21 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-05-31 23:18 - 2013-05-31 23:18 - 00000000 ____D C:\Users\maxi\AppData\Roaming\TuneUp Software
2013-05-31 23:18 - 2013-05-31 23:17 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-05-31 23:17 - 2013-05-31 23:17 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-05-31 23:09 - 2013-05-31 23:08 - 00977816 ____A (Conduit) C:\Users\maxi\Downloads\FileConverter_1.3.exe
2013-05-31 22:29 - 2013-05-31 22:29 - 00000000 ____D C:\Users\maxi\AppData\Roaming\player
2013-05-31 22:29 - 2013-05-31 22:29 - 00000000 ____D C:\Program Files\Tuguu SL
2013-05-31 22:28 - 2011-02-19 23:03 - 00420944 ____A (Microsoft Corporation) C:\Windows\System32\msvcp100.dll
2013-05-31 22:15 - 2013-05-11 00:16 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-05-31 22:15 - 2013-05-11 00:16 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-05-31 22:06 - 2013-05-31 22:06 - 00000611 ____A C:\Windows\System32\InstallUtil.InstallLog
2013-05-31 21:47 - 2013-02-26 18:10 - 00000000 ____D C:\Users\maxi\AppData\Local\VirtualStore
2013-05-31 21:42 - 2013-05-31 21:42 - 00000000 ____D C:\Users\maxi\AppData\Roaming\FL_SIM_P4_DEMO_D
2013-05-31 21:42 - 2013-05-31 21:19 - 00000000 ____D C:\Users\maxi\.LOGOComfort7.0
2013-05-31 21:41 - 2013-05-31 21:38 - 00000000 ____D C:\Program Files\Didactic
2013-05-31 21:37 - 2013-05-31 21:36 - 08050019 ____A C:\Users\maxi\Downloads\fluidsim-4-2-es-win.exe
2013-05-31 21:36 - 2013-05-31 21:36 - 00601144 ____A C:\Users\maxi\Downloads\fluidsim-4-2-es-en-fr-de-win-setup.exe
2013-05-31 21:35 - 2013-05-31 21:34 - 07844767 ____A C:\Users\maxi\Downloads\demo049p4.exe
2013-05-31 21:20 - 2013-05-31 21:20 - 00028797 ____A C:\installer_debug.txt
2013-05-31 21:19 - 2013-05-31 21:19 - 00000000 ___HD C:\Program Files\Zero G Registry
2013-05-31 21:19 - 2013-05-31 21:19 - 00000000 ____D C:\Program Files\Siemens
2013-05-31 21:19 - 2013-02-26 18:10 - 00000000 ____D C:\users\maxi
2013-05-31 21:18 - 2013-05-31 21:18 - 00000000 ___HD C:\Users\maxi\InstallAnywhere
2013-05-31 21:18 - 2013-05-31 21:18 - 00000000 ____D C:\tmp
2013-05-22 22:26 - 2006-11-02 12:33 - 01590904 ____A C:\Windows\System32\PerfStringBackup.INI
2013-05-19 21:04 - 2013-05-19 21:04 - 00377856 ____A C:\Users\maxi\Downloads\gmer_2.1.19163.exe
2013-05-19 21:04 - 2006-11-02 14:52 - 00073273 ____A C:\Windows\setupact.log
2013-05-19 20:30 - 2013-05-19 20:30 - 00026237 ____A C:\Users\maxi\test.txt
2013-05-19 20:30 - 2013-05-19 20:30 - 00026237 ____A C:\Users\maxi\test.tcx
2013-05-19 20:00 - 2006-11-02 12:24 - 72607752 ____A (Microsoft Corporation) C:\Windows\System32\mrt.exe
2013-05-11 00:17 - 2013-05-11 00:17 - 00000000 ____D C:\Users\maxi\AppData\Roaming\Macromedia
2013-05-11 00:17 - 2013-05-11 00:17 - 00000000 ____D C:\Users\maxi\AppData\Roaming\Adobe
2013-05-11 00:17 - 2013-05-11 00:17 - 00000000 ____D C:\Users\maxi\AppData\Local\Macromedia
2013-05-11 00:17 - 2013-05-11 00:12 - 00000000 ____D C:\ProgramData\Adobe
2013-05-11 00:16 - 2013-05-11 00:16 - 00000000 ____D C:\Windows\System32\Macromed
2013-05-10 23:55 - 2013-02-26 18:10 - 00049168 ____A C:\Users\maxi\AppData\Local\GDIPFONTCACHEV1.DAT
2013-05-10 16:21 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2013-05-10 16:10 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-05-10 16:05 - 2006-11-02 14:47 - 00228296 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-09 23:16 - 2013-05-09 23:16 - 00000000 ____D C:\Windows\System32\WindowsPowerShell
2013-05-09 23:16 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\System32\de-DE
2013-05-09 23:05 - 2013-05-09 23:05 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_SynTP_01007.Wdf
2013-05-09 23:05 - 2013-05-09 23:05 - 00000000 ____D C:\Program Files\Synaptics
2013-05-09 23:05 - 2013-03-31 21:06 - 00000000 ____D C:\users\installit
2013-05-09 23:04 - 2013-05-09 23:04 - 00000000 ____D C:\Windows\System32\x64
2013-05-09 22:52 - 2013-05-09 22:52 - 00000908 ____A C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-05-09 22:52 - 2013-05-09 22:52 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-05-09 22:52 - 2013-05-09 22:52 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-05-09 22:48 - 2013-05-09 22:41 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\installit\Downloads\mbam-setup-1.75.0.1300.exe
2013-05-09 22:34 - 2013-05-09 22:34 - 00000000 ____D C:\Users\installit\AppData\Roaming\Mozilla
2013-05-09 22:34 - 2013-05-09 22:34 - 00000000 ____D C:\Users\installit\AppData\Local\Mozilla
2013-05-09 22:29 - 2013-05-09 22:29 - 00000680 ____A C:\Users\installit\AppData\Local\d3d9caps.dat
2013-05-09 22:29 - 2013-05-09 22:29 - 00000000 ____D C:\Users\installit\AppData\Local\VirtualStore
2013-05-09 22:28 - 2013-05-09 22:28 - 00002010 ____A C:\Windows\IE9_main.log
2013-05-09 22:18 - 2013-05-09 22:15 - 18733360 ____A (Microsoft Corporation) C:\Users\maxi\Downloads\1_E_9_1E9DE3C7-0C84-41C8-BBED-997EB0C98CCA_IE9-WindowsVista-x86-deu.exe
2013-05-09 22:03 - 2013-02-26 18:10 - 00000680 ____A C:\Users\maxi\AppData\Local\d3d9caps.dat

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


Last Boot: 2013-06-03 19:29

==================== End Of Log ============================

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 05-06-2013 01
Ran by maxi at 2013-06-05 19:09:15 Run:
Running from C:\Users\maxi\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

Adobe Flash Player 11 ActiveX (Version: 11.7.700.202)
Adobe Flash Player 11 Plugin (Version: 11.7.700.202)
avast! Free Antivirus (Version: 8.0.1488.0)
Cisco EAP-FAST Module (Version: 2.1.3)
Cisco LEAP Module (Version: 1.0.12)
Cisco PEAP Module (Version: 1.0.13)
Dell System Detect (Version: 4.0.5.6)
Dienstprogramm für Dell Wireless WLAN Karte (Version: 4.170.77.18)
FluidSIM 4.2n Pneumatik Demoversion
Iminent (Version: 6.21.22.0)
Intel(R) Graphics Media Accelerator Driver
LOGO!Soft Comfort V7.0 (Demo) (Version: 7.0.0.0)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Silverlight (Version: 4.0.60310.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox 21.0 (x86 de) (Version: 21.0)
Mozilla Maintenance Service (Version: 21.0)
QuickShare (Version: 1.6.1.934)
Synaptics Pointing Device Driver (Version: 12.2.11.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)

==================== Restore Points  =========================

26-04-2013 20:51:22 Windows Update
05-05-2013 17:37:00 Windows Update
05-05-2013 17:57:48 Windows Update
06-05-2013 08:38:18 Windows Update
09-05-2013 20:05:57 Windows Update
09-05-2013 20:13:36 Windows Update
09-05-2013 20:30:42 Windows Update
09-05-2013 20:54:27 Windows Update
10-05-2013 16:22:30 Geplanter Prüfpunkt
10-05-2013 21:56:52 Windows Update
10-05-2013 22:49:18 Windows Update
19-05-2013 14:57:23 Windows Update
19-05-2013 17:59:44 Windows Update
22-05-2013 20:27:27 Windows Update
26-05-2013 17:33:16 Windows Update
28-05-2013 17:18:14 Windows Update
31-05-2013 19:27:24 Windows Update
03-06-2013 19:06:22 TuneUp Utilities 2013 wird entfernt
03-06-2013 19:08:09 TuneUp Utilities Language Pack (de-DE) wird entfernt
03-06-2013 19:09:52 Removed PDF Architect
05-06-2013 16:43:44 Windows Update
22-09-2013 21:37:47 Removed SaferSurf

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/05/2013 06:45:50 PM) (Source: Application Hang) (User: )
Description: Programm firefox.exe, Version 21.0.0.4879 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: 11f8
Anfangszeit: 01ce620b71f096b0
Zeitpunkt der Beendigung: 204

Error: (06/03/2013 07:51:42 PM) (Source: Application Hang) (User: )
Description: Programm OTL.exe, Version 3.2.69.0 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: 150c
Anfangszeit: 01ce608083cb5bae
Zeitpunkt der Beendigung: 15

Error: (06/03/2013 07:24:49 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/03/2013 06:53:26 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/03/2013 06:52:55 PM) (Source: EventSystem) (User: )
Description: d:\vistasp1_gdr\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (06/03/2013 06:49:27 PM) (Source: Application Hang) (User: )
Description: Programm OTL.exe, Version 3.2.69.0 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: dc0
Anfangszeit: 01ce6078681b03d0
Zeitpunkt der Beendigung: 0

Error: (06/02/2013 08:43:26 PM) (Source: Application Hang) (User: )
Description: Programm OTL.exe, Version 3.2.69.0 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: da8
Anfangszeit: 01ce5fbea35f7aae
Zeitpunkt der Beendigung: 7

Error: (06/02/2013 08:23:34 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/02/2013 08:10:11 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/02/2013 06:41:24 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (06/05/2013 02:15:23 AM) (Source: Service Control Manager) (User: )
Description: 30000ShellHWDetection

Error: (06/03/2013 07:24:50 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (06/03/2013 07:23:53 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: 0x80070032

Error: (06/03/2013 07:23:22 PM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueueKerberos

Error: (06/03/2013 07:23:15 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 03.06.2013 um 19:20:44 unerwartet heruntergefahren.

Error: (06/03/2013 06:53:26 PM) (Source: Service Control Manager) (User: )
Description: aswRvrt
aswSnx
aswSP
aswTdi
aswVmm
spldr
Wanarpv6

Error: (06/03/2013 06:53:26 PM) (Source: Service Control Manager) (User: )
Description: ComputerbrowserServer%%1068

Error: (06/03/2013 06:53:00 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (06/03/2013 06:53:00 PM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (06/03/2013 06:52:55 PM) (Source: DCOM) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}


Microsoft Office Sessions:
=========================
Error: (06/05/2013 06:45:50 PM) (Source: Application Hang)(User: )
Description: firefox.exe21.0.0.487911f801ce620b71f096b0204

Error: (06/03/2013 07:51:42 PM) (Source: Application Hang)(User: )
Description: OTL.exe3.2.69.0150c01ce608083cb5bae15

Error: (06/03/2013 07:24:49 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/03/2013 06:53:26 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/03/2013 06:52:55 PM) (Source: EventSystem)(User: )
Description: d:\vistasp1_gdr\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (06/03/2013 06:49:27 PM) (Source: Application Hang)(User: )
Description: OTL.exe3.2.69.0dc001ce6078681b03d00

Error: (06/02/2013 08:43:26 PM) (Source: Application Hang)(User: )
Description: OTL.exe3.2.69.0da801ce5fbea35f7aae7

Error: (06/02/2013 08:23:34 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/02/2013 08:10:11 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/02/2013 06:41:24 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2013-06-05 19:08:23.011
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-05 19:08:22.823
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-05 19:08:22.621
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-05 19:08:22.402
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-05 19:08:22.199
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-05 19:08:21.997
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-05 19:08:21.685
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-05 19:08:21.466
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-03 20:39:19.149
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-03 20:39:18.947
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 59%
Total physical RAM: 2037.69 MB
Available physical RAM: 830.2 MB
Total Pagefile: 4314.64 MB
Available Pagefile: 3003.75 MB
Total Virtual: 2047.88 MB
Available Virtual: 1923.73 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:148.95 GB) (Free:83.93 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: () (Removable) (Total:7.39 GB) (Free:4.62 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 149 GB) (Disk ID: 98DEB064)
Partition 1: (Not Active) - (Size=102 MB) - (Type=DE)
Partition 2: (Active) - (Size=149 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 7 GB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=7 GB) - (Type=0B)

==================== End Of Log ============================

aharonov · 06.06.2013, 11:24

Hallo,

Zitat:

Der Computer läuft irgendwie noch nicht sauber

Kannst du mir bitte genau schildern, was alles noch nicht passt?

maxima1999 · 06.06.2013, 18:13

Beim Start geht immer das Auswahlmenü auf in dem ich mein Betriebssystem wählen soll. ich hab aber nur vista drauf. dann ob ich abgesichert starte oder normal...

Dann ist die Systemsteuerung auf mit DELL rechtsoben im Bild.

Wenn ich drin bin ist immer 2x diese Datei von FlashPlugin geladen. Das System arbeitet nicht flüssig sondern stottert immer.

Ich war neugierig und hab OTL nochmal laufen lassen und rumgespielt. Jetzt hab ich Logfiles

Code:

ATTFilter

OTL logfile created on: 06.06.2013 19:14:41 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\maxi\Desktop
Windows Vista Business Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,99 Gb Total Physical Memory | 1,06 Gb Available Physical Memory | 53,24% Memory free
4,22 Gb Paging File | 3,24 Gb Available in Paging File | 76,81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 148,95 Gb Total Space | 84,57 Gb Free Space | 56,78% Space Free | Partition Type: NTFS
Drive E: | 7,39 Gb Total Space | 4,62 Gb Free Space | 62,42% Space Free | Partition Type: FAT32
 
Computer Name: maxi-PC | User Name: maxi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (All) ==========
 
PRC - C:\Users\maxi\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Windows\System32\taskeng.exe (Microsoft Corporation)
PRC - C:\Windows\System32\spoolsv.exe (Microsoft Corporation)
PRC - C:\Windows\System32\lsass.exe (Microsoft Corporation)
PRC - C:\Programme\Synaptics\SynTP\SynToshiba.exe (Synaptics Incorporated)
PRC - C:\Programme\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
PRC - C:\Programme\Synaptics\SynTP\SynTPHelper.exe (Synaptics Incorporated)
PRC - C:\Windows\System32\WLTRAY.EXE (Dell Inc.)
PRC - C:\Windows\System32\WLTRYSVC.EXE ()
PRC - C:\Windows\System32\BCMWLTRY.EXE (Dell Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\SearchIndexer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\igfxsrvc.exe (Intel Corporation)
PRC - C:\Windows\System32\igfxpers.exe (Intel Corporation)
PRC - C:\Windows\System32\hkcmd.exe (Intel Corporation)
PRC - C:\Windows\System32\wuauclt.exe (Microsoft Corporation)
PRC - C:\Windows\System32\SLsvc.exe (Microsoft Corporation)
PRC - C:\Windows\System32\WUDFHost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\csrss.exe (Microsoft Corporation)
PRC - C:\Windows\System32\winlogon.exe (Microsoft Corporation)
PRC - C:\Windows\System32\services.exe (Microsoft Corporation)
PRC - C:\Windows\System32\dwm.exe (Microsoft Corporation)
PRC - C:\Windows\System32\smss.exe (Microsoft Corporation)
PRC - C:\Windows\System32\lsm.exe (Microsoft Corporation)
PRC - C:\Windows\System32\svchost.exe  [comLaunch] (Microsoft Corporation)
PRC - C:\Windows\System32\svchost.exe  [comLaunch] (Microsoft Corporation)
PRC - C:\Windows\System32\svchost.exe  [comLaunch] (Microsoft Corporation)
PRC - C:\Windows\System32\svchost.exe  [comLaunch] (Microsoft Corporation)
PRC - C:\Windows\System32\svchost.exe  [comLaunch] (Microsoft Corporation)
PRC - C:\Windows\System32\svchost.exe  [comLaunch] (Microsoft Corporation)
PRC - C:\Windows\System32\svchost.exe  [comLaunch] (Microsoft Corporation)
PRC - C:\Windows\System32\svchost.exe  [comLaunch] (Microsoft Corporation)
PRC - C:\Windows\System32\svchost.exe  [comLaunch] (Microsoft Corporation)
PRC - C:\Windows\System32\svchost.exe  [comLaunch] (Microsoft Corporation)
PRC - C:\Windows\System32\svchost.exe  [comLaunch] (Microsoft Corporation)
PRC - C:\Windows\System32\svchost.exe  [comLaunch] (Microsoft Corporation)
PRC - C:\Windows\System32\svchost.exe  [comLaunch] (Microsoft Corporation)
PRC - C:\Windows\System32\wininit.exe (Microsoft Corporation)
PRC - C:\Windows\System32\wlanext.exe (Microsoft Corporation)
 
 
========== Modules (All) ==========
 
MOD - C:\Users\maxi\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\Mozilla Firefox\browser\components\browsercomps.dll (Mozilla Foundation)
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\1ba19f8efcff8ad7f972aa38ab9a15f5\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\0a1195c6b5fab213527364c9e8b26ef0\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dff86a62a525ec8dc827fe9f50298b7\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll ()
MOD - C:\Program Files\AVAST Software\Avast\avastIP.dll (AVAST Software)
MOD - C:\PROGRA~2\AVASTS~1\Avast\avastIP.dll (AVAST Software)
MOD - C:\Program Files\AVAST Software\Avast\defs\13060600\uiExt.dll (AVAST Software)
MOD - C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll (Malwarebytes Corporation)
MOD - C:\Program Files\AVAST Software\Avast\LIBEAY32.dll (The OpenSSL Project, hxxp://www.openssl.org/)
MOD - C:\Program Files\AVAST Software\Avast\SSLEAY32.dll (The OpenSSL Project, hxxp://www.openssl.org/)
MOD - C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90DEU.DLL (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131\mfc80DEU.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\mfc80.dll (Microsoft Corporation)
MOD - C:\Programme\Mozilla Firefox\xul.dll (Mozilla Foundation)
MOD - C:\Programme\Mozilla Firefox\ssl3.dll (Mozilla Foundation)
MOD - C:\Programme\Mozilla Firefox\softokn3.dll (Mozilla Foundation)
MOD - C:\Programme\Mozilla Firefox\xpcom.dll (Mozilla Foundation)
MOD - C:\Programme\Mozilla Firefox\nss3.dll (Mozilla Foundation)
MOD - C:\Programme\Mozilla Firefox\nssckbi.dll (Mozilla Foundation)
MOD - C:\Programme\Mozilla Firefox\nssutil3.dll (Mozilla Foundation)
MOD - C:\Programme\Mozilla Firefox\smime3.dll (Mozilla Foundation)
MOD - C:\Programme\Mozilla Firefox\nssdbm3.dll (Mozilla Foundation)
MOD - C:\Programme\Mozilla Firefox\plc4.dll (Mozilla Foundation)
MOD - C:\Programme\Mozilla Firefox\plds4.dll (Mozilla Foundation)
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\Programme\Mozilla Firefox\mozsqlite3.dll (sqlite.org)
MOD - C:\Programme\Mozilla Firefox\nspr4.dll (Mozilla Foundation)
MOD - C:\Programme\Mozilla Firefox\mozglue.dll (Mozilla Foundation)
MOD - C:\Programme\Mozilla Firefox\mozalloc.dll (Mozilla Foundation)
MOD - C:\Programme\Mozilla Firefox\gkmedias.dll (Mozilla Foundation)
MOD - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
MOD - C:\Programme\Mozilla Firefox\freebl3.dll (Mozilla Foundation)
MOD - C:\Programme\Mozilla Firefox\msvcr100.dll (Microsoft Corporation)
MOD - C:\Programme\Mozilla Firefox\msvcp100.dll (Microsoft Corporation)
MOD - C:\Programme\AVAST Software\Avast\1031\uiLangRes.dll (AVAST Software)
MOD - C:\Programme\AVAST Software\Avast\1031\Base.dll (AVAST Software)
MOD - C:\Programme\AVAST Software\Avast\AvastUI.exe (AVAST Software)
MOD - C:\Programme\AVAST Software\Avast\snxhk.dll (AVAST Software)
MOD - C:\Programme\AVAST Software\Avast\CommonRes.dll (AVAST Software)
MOD - C:\Programme\AVAST Software\Avast\aswSqLt.dll (AVAST Software)
MOD - C:\Programme\AVAST Software\Avast\aswUtil.dll (AVAST Software)
MOD - C:\Programme\AVAST Software\Avast\aswLog.dll (AVAST Software)
MOD - C:\Programme\AVAST Software\Avast\aswProperty.dll (AVAST Software)
MOD - C:\Programme\AVAST Software\Avast\aswJsFlt.dll (AVAST Software)
MOD - C:\Programme\AVAST Software\Avast\aswEngLdr.dll (AVAST Software)
MOD - C:\Programme\AVAST Software\Avast\aswAra.dll (AVAST Software)
MOD - C:\Programme\AVAST Software\Avast\aswAux.dll (AVAST Software)
MOD - C:\Programme\AVAST Software\Avast\aswCmnBS.dll (AVAST Software)
MOD - C:\Programme\AVAST Software\Avast\aswCmnIS.dll (AVAST Software)
MOD - C:\Programme\AVAST Software\Avast\aswData.dll (AVAST Software)
MOD - C:\Programme\AVAST Software\Avast\aswCmnOS.dll (AVAST Software)
MOD - C:\Programme\AVAST Software\Avast\ashTask.dll (AVAST Software)
MOD - C:\Programme\AVAST Software\Avast\ashShell.dll (AVAST Software)
MOD - C:\Programme\AVAST Software\Avast\ashTaskEx.dll (AVAST Software)
MOD - C:\Programme\AVAST Software\Avast\ashBase.dll (AVAST Software)
MOD - C:\Programme\AVAST Software\Avast\Aavm4h.dll (AVAST Software)
MOD - C:\Programme\AVAST Software\Avast\AavmRpch.dll (AVAST Software)
MOD - C:\Windows\System32\schannel.dll (Microsoft Corporation)
MOD - C:\Windows\System32\wininet.dll (Microsoft Corporation)
MOD - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
MOD - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
MOD - C:\Windows\System32\iertutil.dll (Microsoft Corporation)
MOD - C:\Windows\System32\kernel32.dll (Microsoft Corporation)
MOD - C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll (Microsoft Corporation)
MOD - C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll (Microsoft Corporation)
MOD - C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll (Microsoft Corporation)
MOD - C:\Windows\System32\dnsapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\shlwapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\shell32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\oleaut32.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\GdiPlus.dll (Microsoft Corporation)
MOD - C:\Windows\System32\taskeng.exe (Microsoft Corporation)
MOD - C:\Windows\System32\ntdll.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msshsq.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18523_none_886c608850a2f36f\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\t2embed.dll (Microsoft Corporation)
MOD - C:\Windows\System32\ole32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\rtutils.dll (Microsoft Corporation)
MOD - C:\Windows\System32\usp10.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msvcr100_clr0400.dll (Microsoft Corporation)
MOD - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll (Microsoft Corporation)
MOD - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
MOD - C:\Windows\System32\wintrust.dll (Microsoft Corporation)
MOD - C:\Windows\System32\dfshim.dll (Microsoft Corporation)
MOD - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
MOD - C:\Windows\System32\timedate.cpl (Microsoft Corporation)
MOD - C:\Windows\System32\msasn1.dll (Microsoft Corporation)
MOD - C:\Windows\System32\winhttp.dll (Microsoft Corporation)
MOD - C:\Windows\System32\atl.dll (Microsoft Corporation)
MOD - C:\Windows\System32\secur32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\rpcrt4.dll (Microsoft Corporation)
MOD - C:\Windows\System32\SynTPAPI.dll (Synaptics Incorporated)
MOD - C:\Windows\System32\SynCOM.dll (Synaptics Incorporated)
MOD - C:\Programme\Synaptics\SynTP\SynToshiba.exe (Synaptics Incorporated)
MOD - C:\Programme\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
MOD - C:\Programme\Synaptics\SynTP\SynTPHelper.exe (Synaptics Incorporated)
MOD - C:\Program Files\AVAST Software\Avast\dbghelp.dll (Microsoft Corporation)
MOD - C:\Windows\System32\WLTRAY.EXE (Dell Inc.)
MOD - C:\Windows\System32\bcmwlrmt.dll ()
MOD - C:\Windows\explorer.exe (Microsoft Corporation)
MOD - C:\Windows\System32\PortableDeviceApi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\gdi32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\netapi32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\WindowsCodecs.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\msvcr80.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\msvcp80.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\msvcm80.dll (Microsoft Corporation)
MOD - C:\Windows\System32\NaturalLanguage6.dll (Microsoft Corporation)
MOD - C:\Windows\System32\NlsLexicons0007.dll (Microsoft Corporation)
MOD - C:\Windows\System32\propsys.dll (Microsoft Corporation)
MOD - C:\Windows\System32\srchadmin.dll (Microsoft Corporation)
MOD - C:\Windows\System32\mssprxy.dll (Microsoft Corporation)
MOD - C:\Windows\System32\es.dll (Microsoft Corporation)
MOD - C:\Windows\System32\srclient.dll (Microsoft Corporation)
MOD - C:\Windows\System32\igfxsrvc.exe (Intel Corporation)
MOD - C:\Windows\System32\igfxpers.exe (Intel Corporation)
MOD - C:\Windows\System32\hkcmd.exe (Intel Corporation)
MOD - C:\Windows\System32\igfxrdeu.lrc (Intel Corporation)
MOD - C:\Windows\System32\igfxTMM.dll (Intel Corporation)
MOD - C:\Windows\System32\igfxpph.dll (Intel Corporation)
MOD - C:\Windows\System32\igfxsrvc.dll (Intel Corporation)
MOD - C:\Windows\System32\hccutils.dll (Intel Corporation)
MOD - C:\Windows\System32\igfxdev.dll (Intel Corporation)
MOD - C:\Windows\System32\igfxress.dll (Intel Corporation)
MOD - C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll (Microsoft Corporation)
MOD - C:\Windows\System32\twext.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cscui.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cscobj.dll (Microsoft Corporation)
MOD - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
MOD - C:\Windows\System32\HotStartUserAgent.dll (Microsoft Corporation)
MOD - C:\Windows\System32\PortableDeviceTypes.dll (Microsoft Corporation)
MOD - C:\Windows\System32\WPDShServiceObj.dll (Microsoft Corporation)
MOD - C:\Windows\System32\wucltux.dll (Microsoft Corporation)
MOD - C:\Windows\System32\wuauclt.exe (Microsoft Corporation)
MOD - C:\Windows\System32\wups2.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msdmo.dll (Microsoft Corporation)
MOD - C:\Windows\System32\ntshrui.dll (Microsoft Corporation)
MOD - C:\Windows\System32\duser.dll (Microsoft Corporation)
MOD - C:\Windows\System32\powrprof.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cscapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cscdll.dll (Microsoft Corporation)
MOD - C:\Windows\System32\slwga.dll (Microsoft Corporation)
MOD - C:\Windows\System32\authui.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msctf.dll (Microsoft Corporation)
MOD - C:\Windows\System32\bcrypt.dll (Microsoft Corporation)
MOD - C:\Windows\System32\ncrypt.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msutb.dll (Microsoft Corporation)
MOD - C:\Windows\System32\ntdsapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\actxprxy.dll (Microsoft Corporation)
MOD - C:\Windows\System32\QAGENT.DLL (Microsoft Corporation)
MOD - C:\Windows\System32\browseui.dll (Microsoft Corporation)
MOD - C:\Windows\System32\AudioEng.dll (Microsoft Corporation)
MOD - C:\Windows\System32\mlang.dll (Microsoft Corporation)
MOD - C:\Windows\System32\wdmaud.drv (Microsoft Corporation)
MOD - C:\Windows\System32\AudioSes.dll (Microsoft Corporation)
MOD - C:\Windows\System32\gpapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\avrt.dll (Microsoft Corporation)
MOD - C:\Windows\System32\crypt32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msacm32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cabinet.dll (Microsoft Corporation)
MOD - C:\Windows\System32\ntlanman.dll (Microsoft Corporation)
MOD - C:\Windows\System32\bthprops.cpl (Microsoft Corporation)
MOD - C:\Windows\System32\ws2_32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\winsta.dll (Microsoft Corporation)
MOD - C:\Windows\System32\winnsi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\nsi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\setupapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\eappcfg.dll (Microsoft Corporation)
MOD - C:\Windows\System32\eappprxy.dll (Microsoft Corporation)
MOD - C:\Windows\System32\wtsapi32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\MMDevAPI.dll (Microsoft Corporation)
MOD - C:\Windows\System32\dwmredir.dll (Microsoft Corporation)
MOD - C:\Windows\System32\dwm.exe (Microsoft Corporation)
MOD - C:\Windows\System32\msi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\rsaenh.dll (Microsoft Corporation)
MOD - C:\Windows\System32\comdlg32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\SLC.dll (Microsoft Corporation)
MOD - C:\Windows\System32\xmllite.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\System32\samlib.dll (Microsoft Corporation)
MOD - C:\Windows\System32\credssp.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msvcrt.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cryptui.dll (Microsoft Corporation)
MOD - C:\Windows\System32\IPHLPAPI.DLL (Microsoft Corporation)
MOD - C:\Windows\System32\CertEnroll.dll (Microsoft Corporation)
MOD - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
MOD - C:\Windows\System32\PlaySndSrv.dll (Microsoft Corporation)
MOD - C:\Windows\System32\advapi32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\mscms.dll (Microsoft Corporation)
MOD - C:\Windows\System32\icm32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\riched20.dll (Microsoft Corporation)
MOD - C:\Windows\System32\vsstrace.dll (Microsoft Corporation)
MOD - C:\Windows\System32\riched32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\vssapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\QUTIL.DLL (Microsoft Corporation)
MOD - C:\Windows\System32\WinSCard.dll (Microsoft Corporation)
MOD - C:\Windows\System32\imm32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\clbcatq.dll (Microsoft Corporation)
MOD - C:\Windows\System32\ntmarta.dll (Microsoft Corporation)
MOD - C:\Windows\System32\authz.dll (Microsoft Corporation)
MOD - C:\Windows\System32\ExplorerFrame.dll (Microsoft Corporation)
MOD - C:\Windows\System32\user32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\wevtapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\d3d9.dll (Microsoft Corporation)
MOD - C:\Windows\System32\lpk.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sxs.dll (Microsoft Corporation)
MOD - C:\Windows\System32\Wldap32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\mpr.dll (Microsoft Corporation)
MOD - C:\Windows\System32\feclient.dll (Microsoft Corporation)
MOD - C:\Windows\System32\stobject.dll (Microsoft Corporation)
MOD - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
MOD - C:\Windows\System32\winmm.dll (Microsoft Corporation)
MOD - C:\Windows\System32\version.dll (Microsoft Corporation)
MOD - C:\Windows\System32\rasapi32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\rasman.dll (Microsoft Corporation)
MOD - C:\Windows\System32\apphelp.dll (Microsoft Corporation)
MOD - C:\Windows\System32\userenv.dll (Microsoft Corporation)
MOD - C:\Windows\System32\networkexplorer.dll (Microsoft Corporation)
MOD - C:\Windows\System32\MsCtfMonitor.dll (Microsoft Corporation)
MOD - C:\Windows\System32\dsound.dll (Microsoft Corporation)
MOD - C:\Windows\System32\milcore.dll (Microsoft Corporation)
MOD - C:\Windows\System32\imagehlp.dll (Microsoft Corporation)
MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\certcli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\zipfldr.dll (Microsoft Corporation)
MOD - C:\Windows\System32\WSHTCPIP.DLL (Microsoft Corporation)
MOD - C:\Windows\System32\wship6.dll (Microsoft Corporation)
MOD - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
MOD - C:\Windows\System32\dhcpcsvc.dll (Microsoft Corporation)
MOD - C:\Windows\System32\dhcpcsvc6.dll (Microsoft Corporation)
MOD - C:\Windows\System32\NlsData0007.dll (Microsoft Corporation)
MOD - C:\Windows\System32\FWPUCLNT.DLL (Microsoft Corporation)
MOD - C:\Windows\System32\dbghelp.dll (Microsoft Corporation)
MOD - C:\Windows\System32\oleacc.dll (Microsoft Corporation)
MOD - C:\Windows\System32\shacct.dll (Microsoft Corporation)
MOD - C:\Windows\System32\onex.dll (Microsoft Corporation)
MOD - C:\Windows\System32\winspool.drv (Microsoft Corporation)
MOD - C:\Windows\System32\thumbcache.dll (Microsoft Corporation)
MOD - C:\Windows\System32\dimsjob.dll (Microsoft Corporation)
MOD - C:\Windows\System32\imapi2.dll (Microsoft Corporation)
MOD - C:\Windows\System32\netshell.dll (Microsoft Corporation)
MOD - C:\Windows\System32\pnidui.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msacm32.drv (Microsoft Corporation)
MOD - C:\Windows\System32\midimap.dll (Microsoft Corporation)
MOD - C:\Windows\System32\wsock32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\shdocvw.dll (Microsoft Corporation)
MOD - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\uxtheme.dll (Microsoft Corporation)
MOD - C:\Windows\System32\FXSST.dll (Microsoft Corporation)
MOD - C:\Windows\System32\olepro32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\FXSRESM.dll (Microsoft Corporation)
MOD - C:\Windows\System32\FXSAPI.dll (Microsoft Corporation)
MOD - C:\Windows\System32\WinSATAPI.dll (Microsoft Corporation)
MOD - C:\Windows\System32\wscntfy.dll (Microsoft Corporation)
MOD - C:\Windows\System32\syncui.dll (Microsoft Corporation)
MOD - C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
MOD - C:\Windows\System32\TMM.dll (Microsoft Corporation)
MOD - C:\Windows\System32\wscapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\SyncCenter.dll (Microsoft Corporation)
MOD - C:\Windows\System32\synceng.dll (Microsoft Corporation)
MOD - C:\Windows\System32\wlanapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\spp.dll (Microsoft Corporation)
MOD - C:\Windows\System32\AltTab.dll (Microsoft Corporation)
MOD - C:\Windows\System32\linkinfo.dll (Microsoft Corporation)
MOD - C:\Windows\System32\IconCodecService.dll (Microsoft Corporation)
MOD - C:\Windows\System32\davclnt.dll (Microsoft Corporation)
MOD - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
MOD - C:\Windows\System32\wlanutil.dll (Microsoft Corporation)
MOD - C:\Windows\System32\winbrand.dll (Microsoft Corporation)
MOD - C:\Windows\System32\tapi32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\SndVolSSO.dll (Microsoft Corporation)
MOD - C:\Windows\System32\TSChannel.dll (Microsoft Corporation)
MOD - C:\Windows\System32\pautoenr.dll (Microsoft Corporation)
MOD - C:\Windows\System32\npmproxy.dll (Microsoft Corporation)
MOD - C:\Windows\System32\psapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\rasadhlp.dll (Microsoft Corporation)
MOD - C:\Windows\System32\SensApi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msiltcfg.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msimg32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\ksuser.dll (Microsoft Corporation)
MOD - C:\Windows\System32\drprov.dll (Microsoft Corporation)
MOD - C:\Windows\System32\d3d8thk.dll (Microsoft Corporation)
MOD - C:\Windows\System32\batmeter.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msgsm32.acm (Microsoft Corporation)
MOD - C:\Windows\System32\msadp32.acm (Microsoft Corporation)
MOD - C:\Windows\System32\imaadp32.acm (Microsoft Corporation)
MOD - C:\Windows\System32\msg711.acm (Microsoft Corporation)
MOD - C:\Windows\System32\normaliz.dll (Microsoft Corporation)
 
 
========== Services (All) ==========
 
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (avast! Antivirus) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (Dnscache) -- C:\Windows\System32\dnsrslvr.dll (Microsoft Corporation)
SRV - (Schedule) -- C:\Windows\System32\schedsvc.dll (Microsoft Corporation)
SRV - (LanmanServer) -- C:\Windows\System32\srvsvc.dll (Microsoft Corporation)
SRV - (Spooler) -- C:\Windows\System32\spoolsv.exe (Microsoft Corporation)
SRV - (aspnet_state) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe (Microsoft Corporation)
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (NetTcpPortSharing) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (NetTcpActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (NetPipeActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (NetMsmqActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (iphlpsvc) -- C:\Windows\System32\iphlpsvc.dll (Microsoft Corporation)
SRV - (WinRM) -- C:\Windows\System32\WsmSvc.dll (Microsoft Corporation)
SRV - (Wecsvc) -- C:\Windows\System32\wecsvc.dll (Microsoft Corporation)
SRV - (WinHttpAutoProxySvc) -- C:\Windows\System32\winhttp.dll (Microsoft Corporation)
SRV - (Wlansvc) -- C:\Windows\System32\wlansvc.dll (Microsoft Corporation)
SRV - (Themes) -- C:\Windows\System32\shsvcs.dll (Microsoft Corporation)
SRV - (ShellHWDetection) -- C:\Windows\System32\shsvcs.dll (Microsoft Corporation)
SRV - (SamSs) -- C:\Windows\System32\lsass.exe (Microsoft Corporation)
SRV - (ProtectedStorage) -- C:\Windows\System32\lsass.exe (Microsoft Corporation)
SRV - (Netlogon) -- C:\Windows\System32\lsass.exe (Microsoft Corporation)
SRV - (KeyIso) -- C:\Windows\System32\lsass.exe (Microsoft Corporation)
SRV - (LanmanWorkstation) -- C:\Windows\System32\wkssvc.dll (Microsoft Corporation)
SRV - (RpcSs) -- C:\Windows\System32\rpcss.dll (Microsoft Corporation)
SRV - (DcomLaunch) -- C:\Windows\System32\rpcss.dll (Microsoft Corporation)
SRV - (wltrysvc) -- C:\Windows\System32\WLTRYSVC.EXE ()
SRV - (WerSvc) -- C:\Windows\System32\wersvc.dll (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (EMDMgmt) -- C:\Windows\System32\emdmgmt.dll (Microsoft Corporation)
SRV - (FontCache3.0.0.0) -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (idsvc) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (PolicyAgent) -- C:\Windows\System32\IPSECSVC.DLL (Microsoft Corporation)
SRV - (WSearch) -- C:\Windows\System32\SearchIndexer.exe (Microsoft Corporation)
SRV - (EventSystem) -- C:\Windows\System32\es.dll (Microsoft Corporation)
SRV - (UmRdpService) -- C:\Windows\System32\umrdp.dll (Microsoft Corporation)
SRV - (PNRPsvc) -- C:\Windows\System32\p2psvc.dll (Microsoft Corporation)
SRV - (PNRPAutoReg) -- C:\Windows\System32\p2psvc.dll (Microsoft Corporation)
SRV - (p2psvc) -- C:\Windows\System32\p2psvc.dll (Microsoft Corporation)
SRV - (p2pimsvc) -- C:\Windows\System32\p2psvc.dll (Microsoft Corporation)
SRV - (CscService) -- C:\Windows\System32\cscsvc.dll (Microsoft Corporation)
SRV - (WPDBusEnum) -- C:\Windows\System32\wpdbusenum.dll (Microsoft Corporation)
SRV - (AppMgmt) -- C:\Windows\System32\appmgmts.dll (Microsoft Corporation)
SRV - (SstpSvc) -- C:\Windows\System32\sstpsvc.dll (Microsoft Corporation)
SRV - (wuauserv) -- C:\Windows\System32\wuaueng.dll (Microsoft Corporation)
SRV - (EapHost) -- C:\Windows\System32\eapsvc.dll (Microsoft Corporation)
SRV - (vds) -- C:\Windows\System32\vds.exe (Microsoft Corporation)
SRV - (slsvc) -- C:\Windows\System32\SLsvc.exe (Microsoft Corporation)
SRV - (BITS) -- C:\Windows\System32\qmgr.dll (Microsoft Corporation)
SRV - (lltdsvc) -- C:\Windows\System32\lltdsvc.dll (Microsoft Corporation)
SRV - (Winmgmt) -- C:\Windows\System32\wbem\WMIsvc.dll (Microsoft Corporation)
SRV - (wudfsvc) -- C:\Windows\System32\WUDFSvc.dll (Microsoft Corporation)
SRV - (napagent) -- C:\Windows\System32\QAGENTRT.DLL (Microsoft Corporation)
SRV - (SessionEnv) -- C:\Windows\System32\SessEnv.dll (Microsoft Corporation)
SRV - (gpsvc) -- C:\Windows\System32\gpsvc.dll (Microsoft Corporation)
SRV - (Audiosrv) -- C:\Windows\System32\audiosrv.dll (Microsoft Corporation)
SRV - (AudioEndpointBuilder) -- C:\Windows\System32\audiosrv.dll (Microsoft Corporation)
SRV - (TapiSrv) -- C:\Windows\System32\tapisrv.dll (Microsoft Corporation)
SRV - (THREADORDER) -- C:\Windows\System32\mmcss.dll (Microsoft Corporation)
SRV - (MMCSS) -- C:\Windows\System32\mmcss.dll (Microsoft Corporation)
SRV - (SysMain) -- C:\Windows\System32\sysmain.dll (Microsoft Corporation)
SRV - (SSDPSRV) -- C:\Windows\System32\ssdpsrv.dll (Microsoft Corporation)
SRV - (MpsSvc) -- C:\Windows\System32\MPSSVC.dll (Microsoft Corporation)
SRV - (nsi) -- C:\Windows\System32\nsisvc.dll (Microsoft Corporation)
SRV - (SENS) -- C:\Windows\System32\Sens.dll (Microsoft Corporation)
SRV - (UxSms) -- C:\Windows\System32\uxsms.dll (Microsoft Corporation)
SRV - (SLUINotify) -- C:\Windows\System32\SLUINotify.dll (Microsoft Corporation)
SRV - (RasMan) -- C:\Windows\System32\rasmans.dll (Microsoft Corporation)
SRV - (WdiSystemHost) -- C:\Windows\System32\wdi.dll (Microsoft Corporation)
SRV - (WdiServiceHost) -- C:\Windows\System32\wdi.dll (Microsoft Corporation)
SRV - (DPS) -- C:\Windows\System32\dps.dll (Microsoft Corporation)
SRV - (Browser) -- C:\Windows\System32\browser.dll (Microsoft Corporation)
SRV - (CryptSvc) -- C:\Windows\System32\cryptsvc.dll (Microsoft Corporation)
SRV - (seclogon) -- C:\Windows\System32\seclogon.dll (Microsoft Corporation)
SRV - (hkmsvc) -- C:\Windows\System32\KMSVC.DLL (Microsoft Corporation)
SRV - (TBS) -- C:\Windows\System32\tbssvc.dll (Microsoft Corporation)
SRV - (msiserver) -- C:\Windows\System32\msiexec.exe (Microsoft Corporation)
SRV - (RemoteRegistry) -- C:\Windows\System32\regsvc.dll (Microsoft Corporation)
SRV - (netprofm) -- C:\Windows\System32\netprofm.dll (Microsoft Corporation)
SRV - (swprv) -- C:\Windows\System32\swprv.dll (Microsoft Corporation)
SRV - (dot3svc) -- C:\Windows\System32\dot3svc.dll (Microsoft Corporation)
SRV - (W32Time) -- C:\Windows\System32\w32time.dll (Microsoft Corporation)
SRV - (fdPHost) -- C:\Windows\System32\fdPHost.dll (Microsoft Corporation)
SRV - (SCardSvr) -- C:\Windows\System32\SCardSvr.dll (Microsoft Corporation)
SRV - (SCPolicySvc) -- C:\Windows\System32\certprop.dll (Microsoft Corporation)
SRV - (CertPropSvc) -- C:\Windows\System32\certprop.dll (Microsoft Corporation)
SRV - (RasAuto) -- C:\Windows\System32\rasauto.dll (Microsoft Corporation)
SRV - (RemoteAccess) -- C:\Windows\System32\mprdim.dll (Microsoft Corporation)
SRV - (IPBusEnum) -- C:\Windows\System32\IPBusEnum.dll (Microsoft Corporation)
SRV - (KtmRm) -- C:\Windows\System32\msdtckrm.dll (Microsoft Corporation)
SRV - (MSDTC) -- C:\Windows\System32\msdtc.exe (Microsoft Corporation)
SRV - (Appinfo) -- C:\Windows\System32\appinfo.dll (Microsoft Corporation)
SRV - (ALG) -- C:\Windows\System32\alg.exe (Microsoft Corporation)
SRV - (TermService) -- C:\Windows\System32\termsrv.dll (Microsoft Corporation)
SRV - (Netman) -- C:\Windows\System32\netman.dll (Microsoft Corporation)
SRV - (TrustedInstaller) -- C:\Windows\servicing\TrustedInstaller.exe (Microsoft Corporation)
SRV - (SharedAccess) -- C:\Windows\System32\ipnathlp.dll (Microsoft Corporation)
SRV - (UI0Detect) -- C:\Windows\System32\UI0Detect.exe (Microsoft Corporation)
SRV - (TrkWks) -- C:\Windows\System32\trkwks.dll (Microsoft Corporation)
SRV - (upnphost) -- C:\Windows\System32\upnphost.dll (Microsoft Corporation)
SRV - (ProfSvc) -- C:\Windows\System32\profsvc.dll (Microsoft Corporation)
SRV - (pla) -- C:\Windows\System32\pla.dll (Microsoft Corporation)
SRV - (PlugPlay) -- C:\Windows\System32\umpnpmgr.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\System32\dhcpcsvc.dll (Microsoft Corporation)
SRV - (IKEEXT) -- C:\Windows\System32\IKEEXT.DLL (Microsoft Corporation)
SRV - (BFE) -- C:\Windows\System32\BFE.DLL (Microsoft Corporation)
SRV - (wercplsupport) -- C:\Windows\System32\wercplsupport.dll (Microsoft Corporation)
SRV - (wmiApSrv) -- C:\Windows\System32\wbem\WmiApSrv.exe (Microsoft Corporation)
SRV - (VSS) -- C:\Windows\System32\VSSVC.exe (Microsoft Corporation)
SRV - (Eventlog) -- C:\Windows\System32\wevtsvc.dll (Microsoft Corporation)
SRV - (MSiSCSI) -- C:\Windows\System32\iscsiexe.dll (Microsoft Corporation)
SRV - (NlaSvc) -- C:\Windows\System32\nlasvc.dll (Microsoft Corporation)
SRV - (DFSR) -- C:\Windows\System32\dfsr.exe (Microsoft Corporation)
SRV - (Fax) -- C:\Windows\System32\FXSSVC.exe (Microsoft Corporation)
SRV - (wcncsvc) -- C:\Windows\System32\wcncsvc.dll (Microsoft Corporation)
SRV - (stisvc) -- C:\Windows\System32\wiaservc.dll (Microsoft Corporation)
SRV - (WebClient) -- C:\Windows\System32\WebClnt.dll (Microsoft Corporation)
SRV - (wscsvc) -- C:\Windows\System32\wscsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (QWAVE) -- C:\Windows\System32\qwave.dll (Microsoft Corporation)
SRV - (PcaSvc) -- C:\Windows\System32\pcasvc.dll (Microsoft Corporation)
SRV - (wbengine) -- C:\Windows\System32\wbengine.exe (Microsoft Corporation)
SRV - (SDRSVC) -- C:\Windows\System32\sdrsvc.dll (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (TabletInputService) -- C:\Windows\System32\TabSvc.dll (Microsoft Corporation)
SRV - (WcsPlugInService) -- C:\Windows\System32\WcsPlugInService.dll (Microsoft Corporation)
SRV - (hidserv) -- C:\Windows\System32\hidserv.dll (Microsoft Corporation)
SRV - (lmhosts) -- C:\Windows\System32\lmhsvc.dll (Microsoft Corporation)
SRV - (FDResPub) -- C:\Windows\System32\FDResPub.dll (Microsoft Corporation)
SRV - (AeLookupSvc) -- C:\Windows\System32\aelupsvc.dll (Microsoft Corporation)
SRV - (SNMPTRAP) -- C:\Windows\System32\snmptrap.exe (Microsoft Corporation)
SRV - (RpcLocator) -- C:\Windows\System32\Locator.exe (Microsoft Corporation)
SRV - (COMSysApp) -- C:\Windows\System32\dllhost.exe (Microsoft Corporation)
 
 
========== Driver Services (All) ==========
 
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (catchme) -- C:\Users\maxi\AppData\Local\Temp\catchme.sys File not found
DRV - (aswVmm) -- C:\Windows\System32\drivers\aswVmm.sys ()
DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswRvrt) -- C:\Windows\System32\drivers\aswRvrt.sys ()
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (AswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (mrxsmb10) -- C:\Windows\System32\drivers\mrxsmb10.sys (Microsoft Corporation)
DRV - (srv2) -- C:\Windows\System32\drivers\srv2.sys (Microsoft Corporation)
DRV - (srvnet) -- C:\Windows\System32\drivers\srvnet.sys (Microsoft Corporation)
DRV - (mrxsmb20) -- C:\Windows\System32\drivers\mrxsmb20.sys (Microsoft Corporation)
DRV - (mrxsmb) -- C:\Windows\System32\drivers\mrxsmb.sys (Microsoft Corporation)
DRV - (AFD) -- C:\Windows\System32\drivers\afd.sys (Microsoft Corporation)
DRV - (DfsC) -- C:\Windows\System32\drivers\dfsc.sys (Microsoft Corporation)
DRV - (bowser) -- C:\Windows\System32\drivers\bowser.sys (Microsoft Corporation)
DRV - (srv) -- C:\Windows\System32\drivers\srv.sys (Microsoft Corporation)
DRV - (Tcpip6) -- C:\Windows\System32\drivers\tcpip.sys (Microsoft Corporation)
DRV - (Tcpip) -- C:\Windows\System32\drivers\tcpip.sys (Microsoft Corporation)
DRV - (HTTP) -- C:\Windows\System32\drivers\http.sys (Microsoft Corporation)
DRV - (tunnel) -- C:\Windows\System32\drivers\tunnel.sys (Microsoft Corporation)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek                                            )
DRV - (KSecDD) -- C:\Windows\System32\drivers\ksecdd.sys (Microsoft Corporation)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics Incorporated)
DRV - (BCM43XX) -- C:\Windows\System32\drivers\BCMWL6.SYS (Broadcom Corporation)
DRV - (BCM43XV) -- C:\Windows\System32\drivers\BCMWL6.SYS (Broadcom Corporation)
DRV - (BCM42RLY) -- C:\Windows\System32\drivers\bcm42rly.sys (Broadcom Corporation)
DRV - (DXGKrnl) -- C:\Windows\System32\drivers\dxgkrnl.sys (Microsoft Corporation)
DRV - (NativeWifiP) -- C:\Windows\System32\drivers\nwifi.sys (Microsoft Corporation)
DRV - (PSched) -- C:\Windows\System32\drivers\pacer.sys (Microsoft Corporation)
DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (CSC) -- C:\Windows\System32\drivers\csc.sys (Microsoft Corporation)
DRV - (RasSstp) -- C:\Windows\System32\drivers\rassstp.sys (Microsoft Corporation)
DRV - (exfat) -- C:\Windows\System32\drivers\exfat.sys (Microsoft Corporation)
DRV - (netbt) -- C:\Windows\System32\drivers\netbt.sys (Microsoft Corporation)
DRV - (Smb) -- C:\Windows\System32\drivers\smb.sys (Microsoft Corporation)
DRV - (WUDFRd) -- C:\Windows\System32\drivers\WUDFRd.sys (Microsoft Corporation)
DRV - (tssecsrv) -- C:\Windows\System32\drivers\tssecsrv.sys (Microsoft Corporation)
DRV - (Modem) -- C:\Windows\System32\drivers\modem.sys (Microsoft Corporation)
DRV - (Rasl2tp) -- C:\Windows\System32\drivers\rasl2tp.sys (Microsoft Corporation)
DRV - (PptpMiniport) -- C:\Windows\System32\drivers\raspptp.sys (Microsoft Corporation)
DRV - (Ndisuio) -- C:\Windows\System32\drivers\ndisuio.sys (Microsoft Corporation)
DRV - (tdx) -- C:\Windows\System32\drivers\tdx.sys (Microsoft Corporation)
DRV - (VgaSave) -- C:\Windows\System32\drivers\vga.sys (Microsoft Corporation)
DRV - (MSKSSRV) -- C:\Windows\System32\drivers\mskssrv.sys (Microsoft Corporation)
DRV - (MSTEE) -- C:\Windows\System32\drivers\mstee.sys (Microsoft Corporation)
DRV - (MSPCLOCK) -- C:\Windows\System32\drivers\mspclock.sys (Microsoft Corporation)
DRV - (MSPQM) -- C:\Windows\System32\drivers\mspqm.sys (Microsoft Corporation)
DRV - (RDPWD) -- C:\Windows\System32\drivers\rdpwd.sys (Microsoft Corporation)
DRV - (RDPENCDD) -- C:\Windows\System32\drivers\RDPENCDD.sys (Microsoft Corporation)
DRV - (mpsdrv) -- C:\Windows\System32\drivers\mpsdrv.sys (Microsoft Corporation)
DRV - (nsiproxy) -- C:\Windows\System32\drivers\nsiproxy.sys (Microsoft Corporation)
DRV - (ws2ifsl) -- C:\Windows\System32\drivers\ws2ifsl.sys (Microsoft Corporation)
DRV - (IpFilterDriver) -- C:\Windows\System32\drivers\ipfltdrv.sys (Microsoft Corporation)
DRV - (partmgr) -- C:\Windows\System32\drivers\partmgr.sys (Microsoft Corporation)
DRV - (luafv) -- C:\Windows\System32\drivers\luafv.sys (Microsoft Corporation)
DRV - (rspndr) -- C:\Windows\System32\drivers\rspndr.sys (Microsoft Corporation)
DRV - (lltdio) -- C:\Windows\System32\drivers\lltdio.sys (Microsoft Corporation)
DRV - (RasPppoe) -- C:\Windows\System32\drivers\raspppoe.sys (Microsoft Corporation)
DRV - (volmgrx) -- C:\Windows\System32\drivers\volmgrx.sys (Microsoft Corporation)
DRV - (MsRPC) -- C:\Windows\System32\drivers\msrpc.sys (Microsoft Corporation)
DRV - (IPNAT) -- C:\Windows\System32\drivers\ipnat.sys (Microsoft Corporation)
DRV - (tunmp) -- C:\Windows\System32\drivers\TUNMP.SYS (Microsoft Corporation)
DRV - (Wanarpv6) -- C:\Windows\System32\drivers\wanarp.sys (Microsoft Corporation)
DRV - (Wanarp) -- C:\Windows\System32\drivers\wanarp.sys (Microsoft Corporation)
DRV - (NDProxy) -- C:\Windows\System32\drivers\ndproxy.sys (Microsoft Corporation)
DRV - (NdisTapi) -- C:\Windows\System32\drivers\ndistapi.sys (Microsoft Corporation)
DRV - (Filetrace) -- C:\Windows\System32\drivers\filetrace.sys (Microsoft Corporation)
DRV - (NetBIOS) -- C:\Windows\System32\drivers\netbios.sys (Microsoft Corporation)
DRV - (RasAcd) -- C:\Windows\System32\drivers\rasacd.sys (Microsoft Corporation)
DRV - (rdbss) -- C:\Windows\System32\drivers\rdbss.sys (Microsoft Corporation)
DRV - (fastfat) -- C:\Windows\System32\drivers\fastfat.sys (Microsoft Corporation)
DRV - (NdisWan) -- C:\Windows\System32\drivers\ndiswan.sys (Microsoft Corporation)
DRV - (Mup) -- C:\Windows\System32\drivers\mup.sys (Microsoft Corporation)
DRV - (spldr) -- C:\Windows\System32\drivers\spldr.sys (Microsoft Corporation)
DRV - (TDTCP) -- C:\Windows\System32\drivers\tdtcp.sys (Microsoft Corporation)
DRV - (TDPIPE) -- C:\Windows\System32\drivers\tdpipe.sys (Microsoft Corporation)
DRV - (Fs_Rec) -- C:\Windows\System32\drivers\fs_rec.sys (Microsoft Corporation)
DRV - (RDPCDD) -- C:\Windows\System32\drivers\RDPCDD.sys (Microsoft Corporation)
DRV - (AsyncMac) -- C:\Windows\System32\drivers\asyncmac.sys (Microsoft Corporation)
DRV - (FileInfo) -- C:\Windows\System32\drivers\fileinfo.sys (Microsoft Corporation)
DRV - (FltMgr) -- C:\Windows\System32\drivers\fltMgr.sys (Microsoft Corporation)
DRV - (CLFS) -- C:\Windows\System32\clfs.sys (Microsoft Corporation)
DRV - (IRENUM) -- C:\Windows\System32\drivers\irenum.sys (Microsoft Corporation)
DRV - (Ntfs) -- C:\Windows\System32\drivers\ntfs.sys (Microsoft Corporation)
DRV - (NDIS) -- C:\Windows\System32\drivers\ndis.sys (Microsoft Corporation)
DRV - (Wdf01000) -- C:\Windows\System32\drivers\Wdf01000.sys (Microsoft Corporation)
DRV - (udfs) -- C:\Windows\System32\drivers\udfs.sys (Microsoft Corporation)
DRV - (cdfs) -- C:\Windows\System32\drivers\cdfs.sys (Microsoft Corporation)
DRV - (Npfs) -- C:\Windows\System32\drivers\npfs.sys (Microsoft Corporation)
DRV - (Msfs) -- C:\Windows\System32\drivers\msfs.sys (Microsoft Corporation)
DRV - (Null) -- C:\Windows\System32\drivers\null.sys (Microsoft Corporation)
DRV - (MountMgr) -- C:\Windows\System32\drivers\mountmgr.sys (Microsoft Corporation)
DRV - (Beep) -- C:\Windows\System32\drivers\beep.sys (Microsoft Corporation)
DRV - (tcpipreg) -- C:\Windows\System32\drivers\tcpipreg.sys (Microsoft Corporation)
DRV - (MRxDAV) -- C:\Windows\System32\drivers\mrxdav.sys (Microsoft Corporation)
DRV - (Ecache) -- C:\Windows\System32\drivers\ecache.sys (Microsoft Corporation)
DRV - (QWAVEdrv) -- C:\Windows\System32\drivers\qwavedrv.sys (Microsoft Corporation)
DRV - (MegaSR) -- C:\Windows\System32\drivers\MegaSR.sys (LSI Corporation, Inc.)
DRV - (adpu320) -- C:\Windows\System32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\System32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\System32\drivers\HpCISSs.sys (Hewlett-Packard Company)
DRV - (megasas) -- C:\Windows\System32\drivers\megasas.sys (LSI Corporation)
DRV - (CmBatt) -- C:\Windows\System32\drivers\CmBatt.sys (Microsoft Corporation)
DRV - (HidUsb) -- C:\Windows\System32\drivers\hidusb.sys (Microsoft Corporation)
DRV - (adpahci) -- C:\Windows\System32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (adpu160m) -- C:\Windows\System32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\System32\drivers\lsi_sas.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\System32\drivers\sisraid2.sys (Microsoft Corporation)
DRV - (circlass) -- C:\Windows\System32\drivers\circlass.sys (Microsoft Corporation)
DRV - (ql2300) -- C:\Windows\System32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\System32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (USBSTOR) -- C:\Windows\System32\drivers\USBSTOR.SYS (Microsoft Corporation)
DRV - (Wd) -- C:\Windows\System32\drivers\wd.sys (Microsoft Corporation)
DRV - (vsmraid) -- C:\Windows\System32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (LSI_FC) -- C:\Windows\System32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\System32\drivers\arc.sys (Adaptec, Inc.)
DRV - (kbdclass) -- C:\Windows\System32\drivers\kbdclass.sys (Microsoft Corporation)
DRV - (kbdhid) -- C:\Windows\System32\drivers\kbdhid.sys (Microsoft Corporation)
DRV - (iaStorV) -- C:\Windows\System32\drivers\iaStorV.sys (Intel Corporation)
DRV - (ulsata2) -- C:\Windows\System32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\System32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (umbus) -- C:\Windows\System32\drivers\umbus.sys (Microsoft Corporation)
DRV - (sffdisk) -- C:\Windows\System32\drivers\sffdisk.sys (Microsoft Corporation)
DRV - (sffp_mmc) -- C:\Windows\System32\drivers\sffp_mmc.sys (Microsoft Corporation)
DRV - (sffp_sd) -- C:\Windows\System32\drivers\sffp_sd.sys (Microsoft Corporation)
DRV - (elxstor) -- C:\Windows\System32\drivers\elxstor.sys (Emulex)
DRV - (volsnap) -- C:\Windows\System32\drivers\volsnap.sys (Microsoft Corporation)
DRV - (IPMIDRV) -- C:\Windows\System32\drivers\IPMIDrv.sys (Microsoft Corporation)
DRV - (ohci1394) -- C:\Windows\System32\drivers\ohci1394.sys (Microsoft Corporation)
DRV - (gagp30kx) -- C:\Windows\System32\drivers\GAGP30KX.SYS (Microsoft Corporation)
DRV - (uagp35) -- C:\Windows\System32\drivers\UAGP35.SYS (Microsoft Corporation)
DRV - (HDAudBus) -- C:\Windows\System32\drivers\hdaudbus.sys (Microsoft Corporation)
DRV - (monitor) -- C:\Windows\System32\drivers\monitor.sys (Microsoft Corporation)
DRV - (crcdisk) -- C:\Windows\System32\drivers\crcdisk.sys (Microsoft Corporation)
DRV - (adp94xx) -- C:\Windows\System32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\System32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (mpio) -- C:\Windows\System32\drivers\mpio.sys (Microsoft Corporation)
DRV - (nvraid) -- C:\Windows\System32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (msdsm) -- C:\Windows\System32\drivers\msdsm.sys (Microsoft Corporation)
DRV - (sdbus) -- C:\Windows\System32\drivers\sdbus.sys (Microsoft Corporation)
DRV - (disk) -- C:\Windows\System32\drivers\disk.sys (Microsoft Corporation)
DRV - (nvstor) -- C:\Windows\System32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (drmkaud) -- C:\Windows\System32\drivers\drmkaud.sys (Microsoft Corporation)
DRV - (usbccgp) -- C:\Windows\System32\drivers\usbccgp.sys (Microsoft Corporation)
DRV - (i8042prt) -- C:\Windows\System32\drivers\i8042prt.sys (Microsoft Corporation)
DRV - (mouclass) -- C:\Windows\System32\drivers\mouclass.sys (Microsoft Corporation)
DRV - (fdc) -- C:\Windows\System32\drivers\fdc.sys (Microsoft Corporation)
DRV - (flpydisk) -- C:\Windows\System32\drivers\flpydisk.sys (Microsoft Corporation)
DRV - (sermouse) -- C:\Windows\System32\drivers\sermouse.sys (Microsoft Corporation)
DRV - (mouhid) -- C:\Windows\System32\drivers\mouhid.sys (Microsoft Corporation)
DRV - (usbhub) -- C:\Windows\System32\drivers\usbhub.sys (Microsoft Corporation)
DRV - (cdrom) -- C:\Windows\System32\drivers\cdrom.sys (Microsoft Corporation)
DRV - (usbehci) -- C:\Windows\System32\drivers\usbehci.sys (Microsoft Corporation)
DRV - (i2omp) -- C:\Windows\System32\drivers\i2omp.sys (Microsoft Corporation)
DRV - (vga) -- C:\Windows\System32\drivers\vgapnp.sys (Microsoft Corporation)
DRV - (usbuhci) -- C:\Windows\System32\drivers\usbuhci.sys (Microsoft Corporation)
DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys (Microsoft Corporation)
DRV - (ACPI) -- C:\Windows\System32\drivers\acpi.sys (Microsoft Corporation)
DRV - (rdpdr) -- C:\Windows\System32\drivers\rdpdr.sys (Microsoft Corporation)
DRV - (iScsiPrt) -- C:\Windows\System32\drivers\msiscsi.sys (Microsoft Corporation)
DRV - (pci) -- C:\Windows\System32\drivers\pci.sys (Microsoft Corporation)
DRV - (nv_agp) -- C:\Windows\System32\drivers\NV_AGP.SYS (Microsoft Corporation)
DRV - (uliagpkx) -- C:\Windows\System32\drivers\ULIAGPKX.SYS (Microsoft Corporation)
DRV - (amdagp) -- C:\Windows\System32\drivers\AMDAGP.SYS (Microsoft Corporation)
DRV - (viaagp) -- C:\Windows\System32\drivers\VIAAGP.SYS (Microsoft Corporation)
DRV - (agp440) -- C:\Windows\System32\drivers\AGP440.sys (Microsoft Corporation)
DRV - (sisagp) -- C:\Windows\System32\drivers\SISAGP.SYS (Microsoft Corporation)
DRV - (TermDD) -- C:\Windows\System32\drivers\termdd.sys (Microsoft Corporation)
DRV - (volmgr) -- C:\Windows\System32\drivers\volmgr.sys (Microsoft Corporation)
DRV - (isapnp) -- C:\Windows\System32\drivers\isapnp.sys (Microsoft Corporation)
DRV - (AmdK8) -- C:\Windows\System32\drivers\amdk8.sys (Microsoft Corporation)
DRV - (ViaC7) -- C:\Windows\System32\drivers\viac7.sys (Microsoft Corporation)
DRV - (intelppm) -- C:\Windows\System32\drivers\intelppm.sys (Microsoft Corporation)
DRV - (AmdK7) -- C:\Windows\System32\drivers\amdk7.sys (Microsoft Corporation)
DRV - (Processor) -- C:\Windows\System32\drivers\processr.sys (Microsoft Corporation)
DRV - (Crusoe) -- C:\Windows\System32\drivers\crusoe.sys (Microsoft Corporation)
DRV - (mssmbios) -- C:\Windows\System32\drivers\mssmbios.sys (Microsoft Corporation)
DRV - (msahci) -- C:\Windows\System32\drivers\msahci.sys (Microsoft Corporation)
DRV - (atapi) -- C:\Windows\System32\drivers\atapi.sys (Microsoft Corporation)
DRV - (Compbatt) -- C:\Windows\System32\drivers\compbatt.sys (Microsoft Corporation)
DRV - (viaide) -- C:\Windows\System32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\System32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (intelide) -- C:\Windows\System32\drivers\intelide.sys (Microsoft Corporation)
DRV - (amdide) -- C:\Windows\System32\drivers\amdide.sys (Microsoft Corporation)
DRV - (aliide) -- C:\Windows\System32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (pciide) -- C:\Windows\System32\drivers\pciide.sys (Microsoft Corporation)
DRV - (msisadrv) -- C:\Windows\System32\drivers\msisadrv.sys (Microsoft Corporation)
DRV - (swenum) -- C:\Windows\System32\drivers\swenum.sys (Microsoft Corporation)
DRV - (WmiAcpi) -- C:\Windows\System32\drivers\wmiacpi.sys (Microsoft Corporation)
DRV - (ErrDev) -- C:\Windows\System32\drivers\errdev.sys (Microsoft Corporation)
DRV - (pcmcia) -- C:\Windows\System32\drivers\pcmcia.sys (Microsoft Corporation)
DRV - (ql40xx) -- C:\Windows\System32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\System32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\System32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\System32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (sbp2port) -- C:\Windows\System32\drivers\sbp2port.sys (Microsoft Corporation)
DRV - (aic78xx) -- C:\Windows\System32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\System32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\System32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\System32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\System32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\System32\drivers\Mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\System32\drivers\sym_hi.sys (LSI Logic)
DRV - (usbprint) -- C:\Windows\System32\drivers\usbprint.sys (Microsoft Corporation)
DRV - (PEAUTH) -- C:\Windows\System32\drivers\PEAuth.sys (Microsoft Corporation)
DRV - (BTHMODEM) -- C:\Windows\System32\drivers\bthmodem.sys (Microsoft Corporation)
DRV - (HidBth) -- C:\Windows\System32\drivers\hidbth.sys (Microsoft Corporation)
DRV - (usbcir) -- C:\Windows\System32\drivers\usbcir.sys (Microsoft Corporation)
DRV - (usbohci) -- C:\Windows\System32\drivers\usbohci.sys (Microsoft Corporation)
DRV - (HidIr) -- C:\Windows\System32\drivers\hidir.sys (Microsoft Corporation)
DRV - (WacomPen) -- C:\Windows\System32\drivers\wacompen.sys (Microsoft Corporation)
DRV - (sfloppy) -- C:\Windows\System32\drivers\sfloppy.sys (Microsoft Corporation)
DRV - (Serial) -- C:\Windows\System32\drivers\serial.sys (Microsoft Corporation)
DRV - (Parport) -- C:\Windows\System32\drivers\parport.sys (Microsoft Corporation)
DRV - (Serenum) -- C:\Windows\System32\drivers\serenum.sys (Microsoft Corporation)
DRV - (Parvdm) -- C:\Windows\System32\drivers\parvdm.sys (Microsoft Corporation)
DRV - (Brserid) -- C:\Windows\System32\drivers\BrSerId.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\System32\drivers\BrUsbSer.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\System32\drivers\BrFiltUp.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\System32\drivers\BrFiltLo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\System32\drivers\BrSerWdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\System32\drivers\BrUsbMdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\System32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (HdAudAddService) -- C:\Windows\System32\drivers\HdAudio.sys (Microsoft Corporation)
DRV - (Winsock) -- C:\Windows\System32\WINSOCK.DLL (Microsoft Corporation)
DRV - (secdrv) -- C:\Windows\System32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (O2MDRDR) -- C:\Windows\System32\drivers\o2media.sys (O2Micro )
 
 
========== Standard Registry (All) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-4263255632-1306080363-699127737-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-4263255632-1306080363-699127737-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-21-4263255632-1306080363-699127737-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-4263255632-1306080363-699127737-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-4263255632-1306080363-699127737-1000\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-4263255632-1306080363-699127737-1000\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-4263255632-1306080363-699127737-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-4263255632-1306080363-699127737-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-4263255632-1306080363-699127737-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..extensions.enabledAddons: %7B94cd2cc3-083f-49ba-a218-4cda4b4829fd%7D:1.1.0.3
FF - prefs.js..extensions.enabledAddons: %7B85666217-0676-4273-8b0d-7b6fbc4c6e30%7D:1.1
FF - prefs.js..extensions.enabledAddons: %7BC4A4F5A0-4B89-4392-AFAC-D58010E349AF%7D:5.0.0.7384
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2013.05.06 10:41:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.02.05 22:38:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2013.05.05 20:38:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\maxi\AppData\Roaming\mozilla\Extensions
[2013.06.03 21:05:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\maxi\AppData\Roaming\mozilla\Firefox\Profiles\4anzkmau.default\extensions
[2013.05.31 23:26:32 | 000,000,000 | ---D | M] ("QuickShare Widget") -- C:\Users\maxi\AppData\Roaming\mozilla\Firefox\Profiles\4anzkmau.default\extensions\{85666217-0676-4273-8b0d-7b6fbc4c6e30}
[2013.05.31 22:23:25 | 000,000,000 | ---D | M] (Value Apps) -- C:\Users\maxi\AppData\Roaming\mozilla\Firefox\Profiles\4anzkmau.default\extensions\{94cd2cc3-083f-49ba-a218-4cda4b4829fd}
[2013.09.21 10:59:33 | 011,422,522 | ---- | M] () (No name found) -- C:\Users\maxi\AppData\Roaming\mozilla\firefox\profiles\4anzkmau.default\extensions\{C4A4F5A0-4B89-4392-AFAC-D58010E349AF}.xpi
[2013.05.24 09:26:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\browser\extensions
[2013.06.03 19:32:12 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
O1 HOSTS File: ([2013.06.02 16:17:57 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Windows\System32\WLTRAY.EXE (Dell Inc.)
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
O4 - HKU\S-1-5-21-4263255632-1306080363-699127737-1000..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4263255632-1306080363-699127737-1000..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4263255632-1306080363-699127737-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4263255632-1306080363-699127737-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O15 - HKU\S-1-5-21-4263255632-1306080363-699127737-1000\..Trusted Domains: dell.com ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CFEFFFFA-65FE-4AE1-9EEF-D4DB53178324}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\System32\browseui.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.09.22 23:46:25 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013.09.22 23:46:25 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013.09.22 23:46:25 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013.09.22 23:03:01 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.09.22 23:00:34 | 005,076,415 | R--- | C] (Swearware) -- C:\Users\maxi\Desktop\ComboFix.exe
[2013.09.21 20:41:51 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\maxi\Desktop\OTL.exe
[2013.06.05 19:07:17 | 001,357,013 | ---- | C] (Farbar) -- C:\Users\maxi\Desktop\FRST.exe
[2013.06.03 21:12:25 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2013.06.03 21:11:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PDF Architect
[2013.06.03 21:10:37 | 000,000,000 | ---D | C] -- C:\Users\maxi\AppData\Roaming\PDF Architect
[2013.06.03 20:31:19 | 000,000,000 | ---D | C] -- C:\Users\maxi\AppData\Roaming\Malwarebytes
[2013.06.03 19:54:00 | 000,000,000 | ---D | C] -- C:\FRST
[2013.06.03 19:32:14 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2013.06.02 20:13:17 | 000,000,000 | ---D | C] -- C:\_OTL
[2013.06.02 16:21:54 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.06.02 16:21:50 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.06.02 16:21:50 | 000,000,000 | ---D | C] -- C:\Users\maxi\AppData\Local\temp
[2013.06.02 16:03:41 | 000,000,000 | ---D | C] -- C:\ComboFix
[2013.05.31 23:52:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Nutzwerk
[2013.05.31 23:44:19 | 000,000,000 | ---D | C] -- C:\Users\maxi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jet
[2013.05.31 23:24:27 | 003,715,248 | ---- | C] (Speedchecker Limited                                        ) -- C:\Users\maxi\Documents\PCSUUpdate.exe
[2013.05.31 23:22:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013.05.31 23:21:11 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013.05.31 23:18:19 | 000,000,000 | ---D | C] -- C:\Users\maxi\AppData\Roaming\TuneUp Software
[2013.05.31 23:17:54 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2013.05.31 23:17:41 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2013.05.31 23:17:41 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013.05.31 22:30:05 | 000,000,000 | ---D | C] -- C:\Program Files\Uninstaller
[2013.05.31 22:29:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAFPlayer
[2013.05.31 22:29:32 | 000,000,000 | ---D | C] -- C:\Program Files\Tuguu SL
[2013.05.31 22:29:32 | 000,000,000 | ---D | C] -- C:\Users\maxi\AppData\Roaming\player
[2013.05.31 22:26:56 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2013.05.31 21:42:50 | 000,000,000 | ---D | C] -- C:\Users\maxi\AppData\Roaming\FL_SIM_P4_DEMO_D
[2013.05.31 21:41:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Festo Didactic
[2013.05.31 21:38:33 | 000,000,000 | ---D | C] -- C:\Program Files\Didactic
[2013.05.31 21:19:49 | 000,000,000 | ---D | C] -- C:\Users\maxi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Siemens LOGO!Soft
[2013.05.31 21:19:14 | 000,000,000 | -H-D | C] -- C:\Program Files\Zero G Registry
[2013.05.31 21:19:14 | 000,000,000 | ---D | C] -- C:\Program Files\Siemens
[2013.05.31 21:18:47 | 000,000,000 | -H-D | C] -- C:\Users\maxi\InstallAnywhere
[2013.05.31 21:18:19 | 000,000,000 | ---D | C] -- C:\tmp
[2013.05.24 09:26:03 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.05.11 00:17:44 | 000,000,000 | ---D | C] -- C:\Users\maxi\AppData\Roaming\Macromedia
[2013.05.11 00:17:44 | 000,000,000 | ---D | C] -- C:\Users\maxi\AppData\Local\Macromedia
[2013.05.11 00:17:44 | 000,000,000 | ---D | C] -- C:\Users\maxi\AppData\Roaming\Adobe
[2013.05.11 00:16:34 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2013.05.11 00:12:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2013.05.09 23:16:48 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2013.05.09 23:05:22 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2013.05.09 23:04:07 | 000,000,000 | ---D | C] -- C:\Windows\System32\x64
[2013.05.09 22:52:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.05.09 22:52:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.05.09 22:52:04 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013.05.09 22:52:04 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
 
========== Files - Modified Within 30 Days ==========
 
[2013.09.22 23:01:14 | 005,076,415 | R--- | M] (Swearware) -- C:\Users\maxi\Desktop\ComboFix.exe
[2013.09.22 22:48:48 | 000,000,093 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat
[2013.09.22 22:38:33 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{DF2D5CE6-4659-4400-AE0D-E5B0C25B24E6}.job
[2013.09.21 20:41:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\maxi\Desktop\OTL.exe
[2013.06.06 19:11:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.06.06 18:48:15 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.06.06 18:48:15 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.06.06 18:48:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.06.06 18:47:46 | 2137,448,448 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.05 19:07:18 | 001,357,013 | ---- | M] (Farbar) -- C:\Users\maxi\Desktop\FRST.exe
[2013.06.03 22:44:48 | 000,240,720 | ---- | M] () -- C:\Users\maxi\Desktop\Iron.Man.3.R6.LD.German.XViD-AOE.CD1.exe
[2013.06.03 19:32:17 | 000,000,848 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.06.02 16:17:57 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013.05.31 23:24:27 | 003,715,248 | ---- | M] (Speedchecker Limited                                        ) -- C:\Users\maxi\Documents\PCSUUpdate.exe
[2013.05.31 23:23:24 | 000,055,088 | ---- | M] () -- C:\Users\maxi\Documents\PCSU_Update.exe
[2013.05.31 22:06:27 | 000,000,611 | ---- | M] () -- C:\Windows\System32\InstallUtil.InstallLog
[2013.05.22 22:26:18 | 000,642,312 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.05.22 22:26:17 | 000,683,794 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.05.22 22:26:17 | 000,149,092 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.05.22 22:26:17 | 000,122,266 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.05.19 20:30:44 | 000,026,237 | ---- | M] () -- C:\Users\maxi\test.tcx
[2013.05.10 16:05:22 | 000,228,296 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.05.09 23:05:49 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01007.Wdf
[2013.05.09 22:52:07 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.05.09 22:03:31 | 000,000,680 | ---- | M] () -- C:\Users\maxi\AppData\Local\d3d9caps.dat
 
========== Files Created - No Company Name ==========
 
[2013.09.22 23:46:25 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.09.22 23:46:25 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.09.22 23:46:25 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.09.22 23:46:25 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.09.22 23:46:25 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.09.22 22:46:28 | 000,000,093 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat
[2013.06.03 22:44:47 | 000,240,720 | ---- | C] () -- C:\Users\maxi\Desktop\Iron.Man.3.R6.LD.German.XViD-AOE.CD1.exe
[2013.06.03 19:32:17 | 000,000,860 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013.06.03 19:32:17 | 000,000,848 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.06.03 19:23:12 | 2137,448,448 | -HS- | C] () -- C:\hiberfil.sys
[2013.05.31 23:23:24 | 000,055,088 | ---- | C] () -- C:\Users\maxi\Documents\PCSU_Update.exe
[2013.05.31 22:06:08 | 000,000,611 | ---- | C] () -- C:\Windows\System32\InstallUtil.InstallLog
[2013.05.19 20:30:44 | 000,026,237 | ---- | C] () -- C:\Users\maxi\test.tcx
[2013.05.11 00:16:50 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.05.09 23:05:49 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01007.Wdf
[2013.05.09 23:02:12 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2013.05.09 23:02:12 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2013.05.09 23:02:07 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
[2013.05.09 22:56:25 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2013.05.09 22:56:25 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2013.05.09 22:56:25 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2013.05.09 22:52:07 | 000,000,908 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.03.31 22:27:26 | 000,174,664 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013.03.31 22:27:25 | 000,049,376 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013.03.31 21:49:39 | 000,055,808 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2013.03.31 21:49:38 | 000,024,064 | ---- | C] () -- C:\Windows\System32\WLTRYSVC.EXE
[2013.02.27 02:51:43 | 000,683,794 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2013.02.27 02:51:43 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2013.02.27 02:51:43 | 000,149,092 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2013.02.27 02:51:43 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2013.02.26 18:10:18 | 000,000,680 | ---- | C] () -- C:\Users\maxi\AppData\Local\d3d9caps.dat
 
========== ZeroAccess Check ==========
 
[2006.11.02 14:54:18 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011.01.21 17:46:32 | 011,582,464 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.03.03 06:36:24 | 000,615,424 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.01.21 04:24:29 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >

Code:

ATTFilter

OTL Extras logfile created on: 06.06.2013 19:14:41 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\maxi\Desktop
Windows Vista Business Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,99 Gb Total Physical Memory | 1,06 Gb Available Physical Memory | 53,24% Memory free
4,22 Gb Paging File | 3,24 Gb Available in Paging File | 76,81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 148,95 Gb Total Space | 84,57 Gb Free Space | 56,78% Space Free | Partition Type: NTFS
Drive E: | 7,39 Gb Total Space | 4,62 Gb Free Space | 62,42% Space Free | Partition Type: FAT32
 
Computer Name: maxi-PC | User Name: maxi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (All) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = ComFile] -- "%1" %*
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
.js [@ = JSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-4263255632-1306080363-699127737-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
InternetShortcut [print] -- rundll32.exe C:\Windows\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{BA01DBB8-03F1-4D09-9319-E889D2AB139F}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{6822300D-F0F1-4E3E-ABB7-3E8C54D34052}" = dir=in | app=c:\program files\iminent\iminent.messengers.exe | 
"{AA19359E-17D4-409B-8200-1633783C71FA}" = dir=in | app=c:\program files\iminent\iminent.exe | 
"TCP Query User{9F042B15-26E4-4D8F-B1DF-5A69D79D2A7D}C:\windows\system32\taskeng.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskeng.exe | 
"TCP Query User{C15CE544-F52A-417D-9FEE-CACB8C4F225C}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe | 
"UDP Query User{433250BF-A97D-4F78-8153-28571F7CEC15}C:\windows\system32\taskeng.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskeng.exe | 
"UDP Query User{E2ADDEAA-0818-454E-A426-12ADA4B505BE}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{29C7E8BE-FBD9-4D91-BC4F-B470C718D554}" = Iminent
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{6D3963B0-E13B-4FC3-B0FF-506A304BB043}" = Cisco EAP-FAST Module
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D80C7D6E-EFFD-47E6-8CE1-BB3D5577B4FD}" = QuickShare
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"Broadcom 802.11b Network Adapter" = Dienstprogramm für Dell Wireless WLAN Karte
"FluidSIM 4.2n Pneumatik Demoversion" = FluidSIM 4.2n Pneumatik Demoversion
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"LOGO!Soft Comfort V7.0 (Demo)" = LOGO!Soft Comfort V7.0 (Demo)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-4263255632-1306080363-699127737-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"9204f5692a8faf3b" = Dell System Detect
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 02.06.2013 14:10:11 | Computer Name = maxi-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 02.06.2013 14:23:34 | Computer Name = maxi-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 02.06.2013 14:43:26 | Computer Name = maxi-PC | Source = Application Hang | ID = 1002
Description = Programm OTL.exe, Version 3.2.69.0 arbeitet nicht mehr mit Windows
 zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
 für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
 zu suchen.  Prozess-ID: da8  Anfangszeit: 01ce5fbea35f7aae  Zeitpunkt der Beendigung:
 7
 
Error - 03.06.2013 12:49:27 | Computer Name = maxi-PC | Source = Application Hang | ID = 1002
Description = Programm OTL.exe, Version 3.2.69.0 arbeitet nicht mehr mit Windows
 zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
 für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
 zu suchen.  Prozess-ID: dc0  Anfangszeit: 01ce6078681b03d0  Zeitpunkt der Beendigung:
 0
 
Error - 03.06.2013 12:52:55 | Computer Name = maxi-PC | Source = EventSystem | ID = 4609
Description = 
 
Error - 03.06.2013 12:53:26 | Computer Name = maxi-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 03.06.2013 13:24:49 | Computer Name = maxi-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 03.06.2013 13:51:42 | Computer Name = maxi-PC | Source = Application Hang | ID = 1002
Description = Programm OTL.exe, Version 3.2.69.0 arbeitet nicht mehr mit Windows
 zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
 für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
 zu suchen.  Prozess-ID: 150c  Anfangszeit: 01ce608083cb5bae  Zeitpunkt der Beendigung:
 15
 
Error - 05.06.2013 12:45:50 | Computer Name = maxi-PC | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 21.0.0.4879 arbeitet nicht mehr mit 
Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet 
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über
 das Problem zu suchen.  Prozess-ID: 11f8  Anfangszeit: 01ce620b71f096b0  Zeitpunkt der
 Beendigung: 204
 
Error - 06.06.2013 12:49:26 | Computer Name = maxi-PC | Source = WinMgmt | ID = 10
Description = 
 
[ Broadcom Wireless LAN Events ]
Error - 02.06.2013 12:37:58 | Computer Name = maxi-PC | Source = WLAN-Tray | ID = 0
Description = 18:37:57, Sun, Jun 02, 13 Error - Unable to gain access to user store

 
[ System Events ]
Error - 26.05.2013 13:28:22 | Computer Name = maxi-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 26.05.2013 13:30:35 | Computer Name = maxi-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description = 
 
Error - 26.05.2013 14:22:39 | Computer Name = maxi-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 26.05.2013 um 19:57:36 unerwartet heruntergefahren.
 
Error - 26.05.2013 14:22:49 | Computer Name = maxi-PC | Source = HTTP | ID = 15016
Description = 
 
Error - 26.05.2013 14:23:52 | Computer Name = maxi-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 26.05.2013 14:24:36 | Computer Name = maxi-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description = 
 
Error - 28.05.2013 13:12:37 | Computer Name = maxi-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 26.05.2013 um 23:31:04 unerwartet heruntergefahren.
 
Error - 28.05.2013 13:12:43 | Computer Name = maxi-PC | Source = HTTP | ID = 15016
Description = 
 
Error - 28.05.2013 13:14:02 | Computer Name = maxi-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 28.05.2013 13:14:40 | Computer Name = maxi-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description = 
 
 
< End of report >

aharonov · 07.06.2013, 20:45

Hallo,

von Malware ist hier nichts mehr zu sehen im Moment.
Aber es fehlt noch ein Service Pack..

Schritt 1

Gehe bitte zu Start --> Alle Programme --> Windows Update.
Klicke dann links auf Nach Updates suchen und warte, bis die Suche beendet ist.
Drücke dann auf Updates installieren.
Starte nach Beendigung der Installation den Rechner neu auf.
Wiederhole diese Schritte, bis keine neuen Updates mehr verfügbar sind.

Schritt 2

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

Bitte poste in deiner nächsten Antwort:

Log von SecurityCheck

maxima1999 · 08.06.2013, 10:08

Hi Leo, vielen vielen Dank von mir und Maxi

das System läuft wieder und die groben Probleme sind weg. Ich hab noch etwas die Liste der Software angeschaut und folgendes Gefunden:

Quickshare
VAF Player

Beides ist nicht Standardmäßig auf dem Rechner und lässt sich nicht deinstallieren

Die Updates laufen noch, nach dem ersten Durchgang mit diesem Security Prgramm hat er gemeckert, das Zeug hab ich dann auch aktualisiert.

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.64  
 Windows Vista Service Pack 2 x86 (UAC is enabled)  
 Internet Explorer 10  
``````````````Antivirus/Firewall Check:`````````````` 
avast! Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware Version 1.75.0.1300  
 Adobe Flash Player 	11.7.700.202  
 Mozilla Firefox (21.0) 
````````Process Check: objlist.exe by Laurent````````  
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast AvastUI.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````

aharonov · 08.06.2013, 11:05

Hallo,

ok, dann werfen wir auch noch die Resten der letzten Programme komplett runter, die sich nicht deintallieren lassen.

Schritt 1

Lade SystemLook (von jpshortstuff) herunter und speichere das Tool auf dem Desktop.

Doppelklicke auf die SystemLook.exe, um das Tool zu starten.
Vista und Win7 User: Rechtsklick und "als Administrator starten".

Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:

Code:

ATTFilter

:filefind
*quickshare*
*vaf*
*tuguu*

:folderfind
*quickshare*
*vaf*
*tuguu*

:regfind
quickshare
vaf
tuguu

Klicke nun auf den Button Look, um den Scan zu starten.
Wenn der Suchlauf beendet ist, wird sich dein Editor mit den Ergebnissen öffnen. Poste diese in deinen Thread.
Das Log-File wird auch auf dem Desktop als SystemLook.txt gespeichert.

Bitte poste in deiner nächsten Antwort:

Log von SystemLook

02.06.2013, 19:55	#16
aharonov /// TB-Ausbilder	Mein Compi spinnt und ich kenn mich nicht aus :( Deinstalliere mal den Firefox über die Systemsteuerung und installiere ihn danach neu von hier. Klappt der OTL-Scan danach wieder? (Auch wenn er an einem Ort hängen bleibt, lass ihn trotzdem noch 20 Minuten laufen, manchmal geht's dann doch weiter.) __________________ cheers, Leo

05.06.2013, 18:00	#24
aharonov /// TB-Ausbilder	Mein Compi spinnt und ich kenn mich nicht aus :( Wenn ESET nichts gefunden hat, brauchen wir auch das Log nicht unbedingt. Dann mach noch Schritt 5 (frisches FRST-Log). __________________ cheers, Leo

Mein Compi spinnt und ich kenn mich nicht aus :(

Plagegeister aller Art und deren Bekämpfung: Mein Compi spinnt und ich kenn mich nicht aus :(