Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows 7 findet "einige" Viren

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 03.01.2014, 18:07   #1
bluevinc
 
Windows 7 findet "einige" Viren - Standard

Windows 7 findet "einige" Viren



Hey,

habe gerade Avast Suchlauf gestartet, nichts gefunden.
Stattdessen dann MBAM (Defogger war disabled):
Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.01.03.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Vinc :: BLUE-VINC [Administrator]

03.01.2014 17:55:06
MBAM-log-2014-01-03 (17-59-29).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 301322
Laufzeit: 3 Minute(n), 40 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 7
HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1 (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> Keine Aktion durchgeführt.
HKCU\Software\DataMngr (PUP.Optional.DataMngr.A) -> Keine Aktion durchgeführt.
HKCU\Software\diamondata (PUP.Optional.diamondata.A) -> Keine Aktion durchgeführt.
HKCU\Software\BabSolution\Updater (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt.
HKCU\Software\Systweak\RegClean Pro (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 12
C:\Program Files (x86)\RegClean Pro (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt.
C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1 (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Gast1\AppData\Roaming\Systweak\RegClean Pro (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Gast1\AppData\Roaming\Systweak\RegClean Pro\Version 6.1 (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Vinc2\AppData\Roaming\Systweak\RegClean Pro (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Vinc2\AppData\Roaming\Systweak\RegClean Pro\Version 6.1 (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Vinc2\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1 (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.

Infizierte Dateien: 100
C:\Windows\Tasks\RegClean Pro_UPDATES.job (PUP.Optional.RegCleanerPro.J) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RegClean Pro\TraditionalCn_rcp_zh-tw.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RegClean Pro\Chinese_rcp.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RegClean Pro\CleanSchedule.exe (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RegClean Pro\Danish_rcp.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RegClean Pro\Dutch_rcp.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RegClean Pro\eng_rcp.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RegClean Pro\Finnish_rcp_fi.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RegClean Pro\French_rcp.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RegClean Pro\German_rcp.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RegClean Pro\greek_rcp_el.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RegClean Pro\install_left_image.bmp (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RegClean Pro\isxdl.dll (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RegClean Pro\Italian_rcp.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RegClean Pro\Japanese_rcp.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RegClean Pro\korean_rcp_ko.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RegClean Pro\Norwegian_rcp.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RegClean Pro\polish_rcp_pl.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RegClean Pro\portugese_rcp_pt.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RegClean Pro\Portuguese_rcp.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RegClean Pro\RCPUninstall.exe (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RegClean Pro\RegCleanPro.dll (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RegClean Pro\russian_rcp_ru.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RegClean Pro\Spanish_rcp.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RegClean Pro\Swedish_rcp.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RegClean Pro\systweakasp.exe (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RegClean Pro\turkish_rcp_tr.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RegClean Pro\unins000.dat (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RegClean Pro\unins000.exe (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RegClean Pro\unins000.msg (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\RegClean Pro\xmllite.dll (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt.
C:\Windows\Tasks\RegClean Pro_DEFAULT.job (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt.
C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\ExcludeList.rcp (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\German_rcp.dat (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_01-01-2014.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_03-20-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_04-19-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_05-24-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_07-20-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_09-19-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\results.rcp (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\TempHLList.rcp (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000001.rmx (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000001.rxb (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000002.rmx (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000002.rxb (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000003.rmx (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000003.rxb (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000004.rmx (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000004.rxb (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000005.rmx (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000005.rxb (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000006.rmx (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000006.rxb (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000007.rmx (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000007.rxb (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000008.rmx (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000008.rxb (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000009.rmx (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000009.rxb (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Gast1\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\ExcludeList.rcp (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Gast1\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\German_rcp.dat (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Gast1\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_07-27-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Gast1\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_07-28-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Gast1\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_07-29-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Gast1\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_09-10-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Gast1\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_12-01-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Gast1\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_12-17-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Gast1\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\results.rcp (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Gast1\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\TempHLList.rcp (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Vinc2\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\ExcludeList.rcp (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Vinc2\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\German_rcp.dat (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Vinc2\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_01-03-2014.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Vinc2\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_04-19-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Vinc2\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_10-19-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Vinc2\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_10-27-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Vinc2\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\results.rcp (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Vinc2\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\TempHLList.rcp (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Vinc2\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000001.rmx (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Vinc2\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000001.rxb (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\ExcludeList.rcp (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\German_rcp.dat (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_01-01-2014.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_01-03-2014.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_12-26-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_12-27-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_12-29-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_12-31-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\rcpupdate.ini (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\results.rcp (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\TempHLList.rcp (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000001.rmx (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000001.rxb (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000002.rmx (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000002.rxb (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000003.rmx (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000003.rxb (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000004.rmx (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.
C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000004.rxb (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt.

(Ende)
         
OTL:

Code:
ATTFilter
OTL logfile created on: 1/3/2014 6:00:02 PM - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = D:\Programme\OTL
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.65 Gb Total Physical Memory | 1.57 Gb Available Physical Memory | 43.06% Memory free
7.30 Gb Paging File | 4.79 Gb Available in Paging File | 65.54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 150.00 Gb Total Space | 79.17 Gb Free Space | 52.78% Space Free | Partition Type: NTFS
Drive D: | 150.00 Gb Total Space | 141.71 Gb Free Space | 94.47% Space Free | Partition Type: NTFS
Drive E: | 200.00 Gb Total Space | 133.24 Gb Free Space | 66.62% Space Free | Partition Type: NTFS
Drive F: | 431.51 Gb Total Space | 288.66 Gb Free Space | 66.90% Space Free | Partition Type: NTFS
 
Computer Name: BLUE-VINC | User Name: Vinc | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013/12/30 17:56:48 | 003,764,024 | ---- | M] (AVAST Software) -- D:\Programme\Avast\AvastUI.exe
PRC - [2013/12/30 17:56:48 | 000,050,344 | ---- | M] (AVAST Software) -- D:\Programme\Avast\AvastSvc.exe
PRC - [2013/12/11 20:40:36 | 001,823,656 | ---- | M] (Valve Corporation) -- D:\Programme\Steam\Steam.exe
PRC - [2013/12/11 20:40:36 | 000,569,768 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2013/12/04 03:48:06 | 000,863,184 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/10/18 23:26:10 | 000,906,536 | ---- | M] (AnchorFree Inc.) -- C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
PRC - [2013/10/18 23:24:08 | 001,795,880 | ---- | M] (AnchorFree Inc.) -- C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exe
PRC - [2013/10/18 23:21:20 | 000,555,304 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
PRC - [2013/07/03 09:32:44 | 001,228,504 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe
PRC - [2013/07/03 09:32:44 | 000,660,184 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\sua.exe
PRC - [2013/07/03 09:32:42 | 000,563,416 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
PRC - [2013/05/10 08:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/29 01:56:32 | 000,101,888 | ---- | M] (Freemake) -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
PRC - [2013/03/20 09:36:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Programme\OTL\OTL.exe
PRC - [2012/11/17 17:37:54 | 007,755,704 | ---- | M] (Systweak Inc) -- C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe
PRC - [2012/11/13 13:08:12 | 003,487,240 | ---- | M] (Safer-Networking Ltd.) -- D:\Programme\Spybot - Search & Destroy\SDUpdate.exe
PRC - [2012/11/13 13:08:08 | 003,825,176 | ---- | M] (Safer-Networking Ltd.) -- D:\Programme\Spybot - Search & Destroy\SDTray.exe
PRC - [2012/11/13 13:07:24 | 000,168,384 | ---- | M] (Safer-Networking Ltd.) -- D:\Programme\Spybot - Search & Destroy\SDWSCSvc.exe
PRC - [2012/11/13 13:07:20 | 001,369,624 | ---- | M] (Safer-Networking Ltd.) -- D:\Programme\Spybot - Search & Destroy\SDUpdSvc.exe
PRC - [2012/11/13 13:07:16 | 001,103,392 | ---- | M] (Safer-Networking Ltd.) -- D:\Programme\Spybot - Search & Destroy\SDFSSvc.exe
PRC - [2012/10/02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/05/31 11:37:17 | 003,491,792 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
PRC - [2012/04/27 21:25:04 | 001,173,680 | ---- | M] (Acronis) -- D:\Programme\Acronis True Image\TrueImageHome\TimounterMonitor.exe
PRC - [2012/04/27 21:23:54 | 005,924,008 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
PRC - [2012/04/27 21:22:54 | 000,403,656 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2012/04/27 21:22:12 | 005,993,136 | ---- | M] (Acronis) -- D:\Programme\Acronis True Image\TrueImageHome\TrueImageMonitor.exe
PRC - [2010/01/18 13:41:44 | 000,116,088 | ---- | M] (Sysinternals - www.sysinternals.com) -- D:\Programme\Microsofts Desktops\Desktops.exe
PRC - [2009/09/05 16:29:06 | 000,385,024 | ---- | M] (shbox.de) -- C:\Program Files (x86)\FreePDF_XP\fpassist.exe
PRC - [2009/02/19 13:46:26 | 000,341,264 | ---- | M] (Fujitsu Technology Solutions) -- C:\Program Files (x86)\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013/12/11 20:40:38 | 001,135,016 | ---- | M] () -- D:\Programme\Steam\bin\chromehtml.dll
MOD - [2013/12/04 03:48:04 | 000,399,312 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
MOD - [2013/12/04 03:48:02 | 004,055,504 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll
MOD - [2013/12/04 03:47:11 | 000,702,416 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
MOD - [2013/12/04 03:47:11 | 000,099,792 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libegl.dll
MOD - [2013/12/04 03:47:08 | 001,619,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
MOD - [2013/11/21 13:45:24 | 019,336,120 | ---- | M] () -- D:\Programme\Avast\libcef.dll
MOD - [2013/11/06 22:48:12 | 020,625,832 | ---- | M] () -- D:\Programme\Steam\bin\libcef.dll
MOD - [2013/11/06 22:48:10 | 000,691,200 | ---- | M] () -- D:\Programme\Steam\SDL2.dll
MOD - [2013/10/18 23:16:44 | 000,902,952 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\af_proxy.dll
MOD - [2013/07/10 17:07:22 | 000,756,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
MOD - [2013/06/15 00:49:12 | 001,100,800 | ---- | M] () -- D:\Programme\Steam\bin\avcodec-53.dll
MOD - [2013/06/15 00:49:12 | 000,192,000 | ---- | M] () -- D:\Programme\Steam\bin\avformat-53.dll
MOD - [2013/06/15 00:49:12 | 000,124,416 | ---- | M] () -- D:\Programme\Steam\bin\avutil-51.dll
MOD - [2012/11/13 13:06:32 | 000,158,624 | ---- | M] () -- D:\Programme\Spybot - Search & Destroy\snlFileFormats150.bpl
MOD - [2012/11/13 13:06:30 | 000,108,960 | ---- | M] () -- D:\Programme\Spybot - Search & Destroy\snlThirdParty150.bpl
MOD - [2012/11/13 13:06:28 | 000,554,400 | ---- | M] () -- D:\Programme\Spybot - Search & Destroy\VirtualTreesDXE150.bpl
MOD - [2012/11/13 13:06:28 | 000,528,288 | ---- | M] () -- D:\Programme\Spybot - Search & Destroy\JSDialogPack150.bpl
MOD - [2012/11/13 13:06:28 | 000,416,160 | ---- | M] () -- D:\Programme\Spybot - Search & Destroy\DEC150.bpl
MOD - [2012/05/30 19:06:48 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/05/30 19:06:30 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/04/27 21:21:52 | 013,005,104 | ---- | M] () -- C:\Program Files (x86)\Acronis\TrueImageHome\Common\ti_managers.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2013/12/04 17:35:57 | 000,621,336 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Wacom\WTabletServicePro.exe -- (WTabletServicePro)
SRV:64bit: - [2013/11/26 10:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/05/27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/12/30 17:56:48 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- D:\Programme\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/12/11 20:40:36 | 000,569,768 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/12/11 20:33:42 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/12/11 19:59:25 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/10/18 23:26:10 | 000,906,536 | ---- | M] (AnchorFree Inc.) [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe -- (hshld)
SRV - [2013/10/18 23:21:20 | 000,555,304 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe -- (HssWd)
SRV - [2013/10/16 02:46:36 | 000,078,512 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE -- (HssTrayService)
SRV - [2013/09/05 10:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/07/03 09:32:44 | 001,228,504 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2013/07/03 09:32:44 | 000,660,184 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2013/05/10 08:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/29 01:56:32 | 000,101,888 | ---- | M] (Freemake) [Auto | Running] -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe -- (Freemake Improver)
SRV - [2012/10/02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/05/31 11:37:17 | 003,491,792 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2012/04/27 21:23:54 | 005,924,008 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe -- (syncagentsrv)
SRV - [2012/04/27 21:23:22 | 001,133,360 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/08/19 13:34:04 | 000,034,816 | ---- | M] (Fujitsu Technology Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Fujitsu\DeskViewBasic\DeskViewBasicService.exe -- (DeskViewBasicService)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/02/19 13:46:26 | 000,341,264 | ---- | M] (Fujitsu Technology Solutions) [Auto | Running] -- C:\Program Files (x86)\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe -- (TestHandler)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013/12/30 17:57:27 | 000,079,672 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:64bit: - [2013/12/30 17:56:50 | 001,034,464 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013/12/30 17:56:50 | 000,422,216 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013/12/30 17:56:50 | 000,207,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013/12/30 17:56:50 | 000,078,648 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013/11/21 13:45:25 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013/11/21 13:45:25 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013/11/12 01:16:03 | 000,090,424 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wachidrouter.sys -- (WacHidRouter)
DRV:64bit: - [2013/11/12 01:16:03 | 000,015,160 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys -- (wacomrouterfilter)
DRV:64bit: - [2013/11/12 01:16:02 | 000,014,136 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidkmdf.sys -- (hidkmdf)
DRV:64bit: - [2013/10/16 02:44:42 | 000,042,184 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\taphss6.sys -- (taphss6)
DRV:64bit: - [2013/10/16 02:42:02 | 000,044,744 | ---- | M] (AnchorFree Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\hssdrv6.sys -- (HssDRV6)
DRV:64bit: - [2013/07/03 09:32:42 | 000,018,456 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\psi_mf_amd64.sys -- (PSI)
DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/05/31 11:37:18 | 000,367,200 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\afcdp.sys -- (afcdp)
DRV:64bit: - [2012/05/31 11:37:13 | 001,294,432 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tdrpman.sys -- (tdrpman)
DRV:64bit: - [2012/05/31 11:37:11 | 000,994,912 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter)
DRV:64bit: - [2012/05/31 11:37:02 | 000,211,552 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vididr.sys -- (vididr)
DRV:64bit: - [2012/05/31 11:37:00 | 000,146,528 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vsflt67.sys -- (vidsflt67)
DRV:64bit: - [2012/05/31 11:36:56 | 000,320,096 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2012/05/31 11:36:52 | 000,137,312 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fltsrv.sys -- (fltsrv)
DRV:64bit: - [2012/05/02 14:24:12 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2012/04/27 09:20:04 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012/04/24 23:32:27 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/11 18:16:38 | 010,628,640 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/07/01 14:21:50 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)
DRV:64bit: - [2009/09/22 23:00:00 | 000,283,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1k62x64.sys -- (e1kexpress)
DRV:64bit: - [2009/08/13 21:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 00:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009/07/10 05:45:00 | 000,139,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV:64bit: - [2009/06/23 12:28:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/04 17:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV - [2010/07/01 18:11:24 | 000,012,352 | ---- | M] () [Kernel | Unavailable | Unknown] -- D:\Programme\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2005/03/09 19:50:16 | 000,033,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\libusb0.sys -- (libusb0)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {951CC197-18C5-4940-B16B-38C50F803073}
IE:64bit: - HKLM\..\SearchScopes\{951CC197-18C5-4940-B16B-38C50F803073}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSB
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {81DF0A95-0BF9-4A6B-AFD4-A9D45B6DE068}
IE - HKLM\..\SearchScopes\{81DF0A95-0BF9-4A6B-AFD4-A9D45B6DE068}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSB
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://bluevinc.jimdo.com/hxxp:// [Binary data over 200 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\..\SearchScopes,DefaultScope = {81DF0A95-0BF9-4A6B-AFD4-A9D45B6DE068}
IE - HKCU\..\SearchScopes\{81DF0A95-0BF9-4A6B-AFD4-A9D45B6DE068}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGHP_de
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.13
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: D:\Programme\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: D:\Programme\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: D:\Programme\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: D:\Programme\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: D:\Programme\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: D:\Programme\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.3: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.3: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: D:\Programme\Avast\WebRep\FF [2013/12/30 17:56:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: D:\Programme\Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: D:\Programme\Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.2.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013/12/11 20:33:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.2.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 24.2.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013/12/11 20:33:37 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 24.2.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
 
[2010/07/25 14:43:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vinc\AppData\Roaming\mozilla\Extensions
[2010/07/25 14:43:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vinc\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2013/05/09 16:14:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vinc\AppData\Roaming\mozilla\Firefox\Profiles\extensions
[2013/12/15 13:40:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vinc\AppData\Roaming\mozilla\Firefox\Profiles\xme43mgw.default\extensions
[2013/04/08 18:11:52 | 000,199,379 | ---- | M] () (No name found) -- C:\Users\Vinc\AppData\Roaming\mozilla\firefox\profiles\extensions\m2k@m2kdownloader.com.xpi
[2013/12/15 13:40:05 | 000,287,503 | ---- | M] () (No name found) -- C:\Users\Vinc\AppData\Roaming\mozilla\firefox\profiles\xme43mgw.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2012/12/13 15:45:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: hxxp://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\Vinc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: WacomTabletPlugin (Enabled) = C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
CHR - plugin: Java Deployment Toolkit 7.0.210.11 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: iTunes Application Detector (Enabled) = D:\Programme\iTunes\Mozilla Plugins\npitunes.dll
CHR - Extension: Click&Clean = C:\Users\Vinc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\8.3_0\
CHR - Extension: AdBlock = C:\Users\Vinc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0\
CHR - Extension: Google Wallet = C:\Users\Vinc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Click&Clean App = C:\Users\Vinc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp\8.0_0\
 
O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - D:\Programme\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Programme\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Programme\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - D:\Programme\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - D:\Programme\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - D:\Programme\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AcronisTimounterMonitor] D:\Programme\Acronis True Image\TrueImageHome\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AvastUI.exe] D:\Programme\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Program Files (x86)\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [SDTray] D:\Programme\Spybot - Search & Destroy\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [TrueImageMonitor.exe] D:\Programme\Acronis True Image\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKCU..\Run: [DS3 Tool] D:\Programme\MotioninJoy\ds3\DS3_Tool.exe (www.motioninjoy.com)
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKCU..\Run: [Spybot-S&D Cleaning] D:\Programme\Spybot - Search & Destroy\SDCleaner.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [Steam] D:\Programme\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [Sysinternals Desktops] D:\Programme\Microsofts Desktops\Desktops.exe (Sysinternals - www.sysinternals.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Key error. File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer-Networking Ltd.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Vertrauenswürdige Sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Vertrauenswürdige Sites)
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Lokales Intranet)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Vertrauenswürdige Sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Vertrauenswürdige Sites)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AA44982D-5625-444B-926F-A42C4142DB57}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/01/03 15:24:39 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Registry
[2013/12/31 17:05:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TabletPlugins
[2013/12/31 17:05:47 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablett
[2013/12/31 17:05:47 | 000,000,000 | ---D | C] -- C:\Program Files\TabletPlugins
[2013/12/31 17:05:44 | 000,015,160 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys
[2013/12/31 17:05:43 | 000,090,424 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wachidrouter.sys
[2013/12/31 17:05:35 | 001,945,880 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Wacom_Tablet.dll
[2013/12/31 17:05:35 | 001,938,712 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Wacom_Touch_Tablet.dll
[2013/12/31 17:05:35 | 001,808,152 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Wintab32.dll
[2013/12/31 17:05:35 | 001,805,080 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\WacomMT.dll
[2013/12/31 17:05:35 | 001,604,376 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Wacom_Tablet.dll
[2013/12/31 17:05:35 | 001,596,696 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Wacom_Touch_Tablet.dll
[2013/12/31 17:05:35 | 001,483,032 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Wintab32.dll
[2013/12/31 17:05:35 | 001,479,960 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\WacomMT.dll
[2013/12/31 16:36:55 | 000,000,000 | ---D | C] -- C:\Users\Vinc\.android
[2013/12/31 16:02:15 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Hotspot Shield
[2013/12/31 15:19:22 | 000,000,000 | ---D | C] -- C:\Users\Vinc\AppData\Local\Paint.NET
[2013/12/31 02:25:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
[2013/12/31 02:25:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Hotspot Shield
[2013/12/31 02:23:53 | 000,044,744 | ---- | C] (AnchorFree Inc.) -- C:\Windows\SysNative\drivers\hssdrv6.sys
[2013/12/31 02:23:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hotspot Shield
[2013/12/31 02:23:24 | 000,000,000 | ---D | C] -- C:\Users\Vinc\AppData\Roaming\Hotspot Shield
[2013/12/30 17:57:14 | 000,079,672 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys
[2013/12/15 13:26:32 | 000,000,000 | ---D | C] -- C:\Users\Vinc\AppData\Roaming\RoboForm
[2013/12/15 13:23:00 | 000,000,000 | ---D | C] -- C:\ProgramData\RoboForm
[2013/12/15 13:22:50 | 000,000,000 | ---D | C] -- F:\Eigene Dateien\Eigene Dokumente\My RoboForm Data
[2013/12/15 13:17:54 | 000,000,000 | ---D | C] -- C:\Users\Vinc\AppData\Local\Mozilla
[2013/12/11 20:33:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2013/12/08 18:22:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Alarm Clock
 
========== Files - Modified Within 30 Days ==========
 
[2014/01/03 18:02:29 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\RegClean Prosch.job
[2014/01/03 17:59:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/03 17:54:48 | 000,000,000 | ---- | M] () -- C:\Users\Vinc\defogger_reenable
[2014/01/03 17:51:00 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/03 17:38:40 | 000,009,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/03 17:38:39 | 000,009,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/03 17:27:06 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/03 17:26:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/03 17:26:50 | 2941,440,000 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/03 17:19:58 | 005,036,216 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/01/03 15:45:28 | 000,000,677 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/01/01 22:55:08 | 000,001,074 | ---- | M] () -- C:\Users\Vinc\Desktop\RegClean Pro.lnk
[2014/01/01 22:55:01 | 000,013,449 | ---- | M] () -- C:\Users\Vinc\Desktop\Recuva.lnk
[2014/01/01 22:54:33 | 000,000,743 | ---- | M] () -- C:\Users\Vinc\Desktop\CDBurnerXP.lnk
[2014/01/01 22:54:24 | 000,000,619 | ---- | M] () -- C:\Users\Vinc\Desktop\VLC media player.lnk
[2014/01/01 22:54:17 | 000,001,547 | ---- | M] () -- C:\Users\Vinc\Desktop\iTunes.lnk
[2014/01/01 22:54:02 | 000,001,931 | ---- | M] () -- C:\Users\Vinc\Desktop\Driver DVD.lnk
[2014/01/01 22:53:45 | 000,001,030 | ---- | M] () -- C:\Users\Vinc\Desktop\ Malwarebytes Anti-Malware .lnk
[2014/01/01 21:18:32 | 000,000,282 | ---- | M] () -- C:\Windows\tasks\RegClean Pro_UPDATES.job
[2014/01/01 15:01:27 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\RegClean Pro_DEFAULT.job
[2013/12/30 17:57:27 | 000,079,672 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys
[2013/12/30 17:56:50 | 001,034,464 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013/12/30 17:56:50 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013/12/30 17:56:50 | 000,334,136 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013/12/30 17:56:50 | 000,207,904 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013/12/30 17:56:50 | 000,078,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013/12/30 17:56:50 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2013/12/21 14:43:56 | 000,000,651 | ---- | M] () -- C:\Users\Public\Desktop\Mp3tag.lnk
[2013/12/21 11:33:53 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/12/21 11:33:53 | 000,653,968 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013/12/21 11:33:53 | 000,615,850 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/12/21 11:33:53 | 000,129,840 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013/12/21 11:33:53 | 000,106,230 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/12/15 13:17:42 | 000,000,729 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/12/08 18:22:48 | 000,000,719 | ---- | M] () -- C:\Users\Vinc\Desktop\Free Alarm Clock.lnk
[2013/12/05 13:49:31 | 000,002,181 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
 
========== Files Created - No Company Name ==========
 
[2014/01/03 17:54:48 | 000,000,000 | ---- | C] () -- C:\Users\Vinc\defogger_reenable
[2014/01/03 17:19:45 | 005,036,216 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/01/03 15:45:28 | 000,000,677 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/01/01 22:55:08 | 000,001,074 | ---- | C] () -- C:\Users\Vinc\Desktop\RegClean Pro.lnk
[2014/01/01 22:55:01 | 000,013,449 | ---- | C] () -- C:\Users\Vinc\Desktop\Recuva.lnk
[2014/01/01 22:54:33 | 000,000,743 | ---- | C] () -- C:\Users\Vinc\Desktop\CDBurnerXP.lnk
[2014/01/01 22:54:24 | 000,000,619 | ---- | C] () -- C:\Users\Vinc\Desktop\VLC media player.lnk
[2014/01/01 22:54:17 | 000,001,547 | ---- | C] () -- C:\Users\Vinc\Desktop\iTunes.lnk
[2014/01/01 22:54:02 | 000,001,931 | ---- | C] () -- C:\Users\Vinc\Desktop\Driver DVD.lnk
[2014/01/01 22:53:45 | 000,001,030 | ---- | C] () -- C:\Users\Vinc\Desktop\ Malwarebytes Anti-Malware .lnk
[2013/12/15 13:17:42 | 000,000,729 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/12/15 13:17:42 | 000,000,729 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/12/08 18:22:48 | 000,000,719 | ---- | C] () -- C:\Users\Vinc\Desktop\Free Alarm Clock.lnk
[2013/05/04 12:37:55 | 000,000,132 | ---- | C] () -- C:\Users\Vinc\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2013/04/21 16:01:57 | 000,033,792 | ---- | C] () -- C:\Windows\SysWow64\drivers\libusb0.sys
[2013/03/12 17:15:53 | 000,000,214 | ---- | C] () -- C:\Users\Vinc\.swfinfo
[2012/11/19 08:33:32 | 000,065,656 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2012/11/19 08:33:30 | 000,022,640 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll
[2012/09/25 12:28:24 | 000,007,605 | ---- | C] () -- C:\Users\Vinc\AppData\Local\Resmon.ResmonCfg
[2012/05/27 11:25:53 | 000,003,584 | ---- | C] () -- C:\Users\Vinc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013/04/24 18:37:27 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\Acreon
[2012/05/31 11:39:12 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\Acronis
[2012/09/13 14:20:48 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\Audacity
[2013/11/21 16:32:44 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\AVAST Software
[2012/09/28 19:42:12 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\avidemux
[2013/04/19 15:02:12 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\BANDISOFT
[2013/04/20 08:56:21 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\Blender Foundation
[2013/04/04 22:44:41 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\Canneverbe Limited
[2012/09/16 16:16:19 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/09/28 20:25:02 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\DVDVideoSoft
[2013/09/04 11:46:26 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\GoforFiles
[2013/12/31 02:23:24 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\Hotspot Shield
[2012/09/09 21:07:06 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\KompoZer
[2013/03/02 13:51:02 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\LolClient
[2013/04/21 16:19:00 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\MotioninJoy
[2013/12/28 17:54:12 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\Mp3tag
[2013/04/19 22:08:15 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\OBS
[2012/09/12 15:28:51 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\Opera
[2013/05/11 15:33:47 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\Origin
[2012/09/16 17:11:26 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\PDAppFlex
[2012/09/13 18:13:27 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\RaimaRadioPro
[2013/12/31 16:43:40 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\RoboForm
[2013/08/19 12:56:06 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\Screaming Bee
[2012/09/16 17:22:23 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\Sony
[2013/08/14 09:41:58 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\Systweak
[2010/07/25 15:17:39 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\TeamViewer
[2014/01/03 15:57:08 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\Thunderbird
 
========== Purity Check ==========
 
 

< End of report >
         
FRST und GMER-Log kommen noch.

Alt 04.01.2014, 11:59   #2
bluevinc
 
Windows 7 findet "einige" Viren - Standard

Windows 7 findet "einige" Viren



FRST.txt von FRST:

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-01-2014
Ran by Vinc (administrator) on BLUE-VINC on 03-01-2014 18:10:26
Running from C:\Users\Vinc\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(AVAST Software) D:\Programme\Avast\AvastSvc.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
() C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
(Safer-Networking Ltd.) D:\Programme\Spybot - Search & Destroy\SDFSSvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Fujitsu Technology Solutions) C:\Program Files (x86)\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Sysinternals - www.sysinternals.com) D:\Programme\Microsofts Desktops\Desktops.exe
(Valve Corporation) D:\Programme\Steam\Steam.exe
(www.motioninjoy.com) D:\Programme\MotioninJoy\ds3\DS3_Tool.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Acronis) D:\Programme\Acronis True Image\TrueImageHome\TrueImageMonitor.exe
(Acronis) D:\Programme\Acronis True Image\TrueImageHome\TimounterMonitor.exe
(Apple Inc.) D:\Programme\iTunes\iTunesHelper.exe
(Safer-Networking Ltd.) D:\Programme\Spybot - Search & Destroy\SDTray.exe
(AVAST Software) D:\Programme\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Safer-Networking Ltd.) D:\Programme\Spybot - Search & Destroy\SDUpdSvc.exe
(Safer-Networking Ltd.) D:\Programme\Spybot - Search & Destroy\SDWSCSvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\HSSCP.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Safer-Networking Ltd.) D:\Programme\Spybot - Search & Destroy\SDUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9642528 2009-12-03] (Realtek Semiconductor)
HKLM\...\Run: [CanonSolutionMenu] - C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.EXE [767312 2009-03-18] (CANON INC.)
HKLM\...\Run: [Acronis Scheduler2 Service] - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [403656 2012-04-27] (Acronis)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [FreePDF Assistant] - C:\Program Files (x86)\FreePDF_XP\fpassist.exe [385024 2009-09-05] (shbox.de)
HKLM-x32\...\Run: [TrueImageMonitor.exe] - D:\Programme\Acronis True Image\TrueImageHome\TrueImageMonitor.exe [5993136 2012-04-27] (Acronis)
HKLM-x32\...\Run: [AcronisTimounterMonitor] - D:\Programme\Acronis True Image\TrueImageHome\TimounterMonitor.exe [1173680 2012-04-27] (Acronis)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - D:\Programme\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [SDTray] - D:\Programme\Spybot - Search & Destroy\SDTray.exe [3825176 2012-11-13] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [AvastUI.exe] - D:\Programme\Avast\AvastUI.exe [3764024 2013-12-30] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [MobileDocuments] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe [59240 2012-02-23] (Apple Inc.)
HKCU\...\Run: [Sysinternals Desktops] - D:\Programme\Microsofts Desktops\Desktops.exe [116088 2010-01-18] (Sysinternals - www.sysinternals.com)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKCU\...\Run: [Steam] - D:\Programme\Steam\Steam.exe [1823656 2013-12-11] (Valve Corporation)
HKCU\...\Run: [DS3 Tool] - D:\Programme\MotioninJoy\ds3\DS3_Tool.exe [104768 2013-10-23] (www.motioninjoy.com)
HKCU\...\Run: [Spybot-S&D Cleaning] - D:\Programme\Spybot - Search & Destroy\SDCleaner.exe [3713032 2012-11-13] (Safer-Networking Ltd.)
HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-05-27] (Google Inc.)
HKU\Admin\...\Run: [MobileDocuments] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe [59240 2012-02-23] (Apple Inc.)
HKU\Admin\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-05-27] (Google Inc.)
HKU\Admin\...\Run: [Sysinternals Desktops] - D:\Programme\Microsofts Desktops\Desktops.exe [116088 2010-01-18] (Sysinternals - www.sysinternals.com)
HKU\Gast1\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-05-27] (Google Inc.)
HKU\Vinc2\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-05-27] (Google Inc.)
HKU\Vinc2\...\Run: [Sysinternals Desktops] - D:\Programme\Microsofts Desktops\Desktops.exe [116088 2010-01-18] (Sysinternals - www.sysinternals.com)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\startup\LaunchCenter.lnk
ShortcutTarget: LaunchCenter.lnk -> C:\Program Files (x86)\Fujitsu\LaunchCenter\LaunchCenter.exe (Fujitsu Technology Solutions)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\startup\LaunchCenter.lnk
ShortcutTarget: LaunchCenter.lnk -> C:\Program Files (x86)\Fujitsu\LaunchCenter\LaunchCenter.exe (Fujitsu Technology Solutions)
Startup: C:\Users\Vinc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://bluevinc.jimdo.com/
hxxp://youtube.com/user/bluevinc
hxxp://facebook.de/
hxxp://twitter.com/
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {951CC197-18C5-4940-B16B-38C50F803073} URL = 
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - D:\Programme\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Programme\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer-Networking Ltd.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Programme\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: af0.Adblock.BHO - {90EFF544-3981-4d46-85C9-C0361D0931D6} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - D:\Programme\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - D:\Programme\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - D:\Programme\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Vinc\AppData\Roaming\Mozilla\Firefox\Profiles\xme43mgw.default
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.4 - D:\Programme\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.5 - D:\Programme\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 - D:\Programme\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 - D:\Programme\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 - D:\Programme\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - D:\Programme\VLC\npvlc.dll (VideoLAN)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - D:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Extension: Greasemonkey - C:\Users\Vinc\AppData\Roaming\Mozilla\Firefox\Profiles\xme43mgw.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
FF Extension: No Name - C:\Users\Vinc\AppData\Roaming\Mozilla\Firefox\profiles\extensions\m2k@m2kdownloader.com.xpi
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - D:\Programme\Avast\WebRep\FF
FF Extension: avast! Online Security - D:\Programme\Avast\WebRep\FF
FF StartMenuInternet: FIREFOX.EXE - D:\Programme\Firefox\firefox.exe

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Skype Click to Call) - C:\Users\Vinc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility) - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
CHR Plugin: (WacomTabletPlugin) - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.210.11) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (iTunes Application Detector) - D:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Extension: (Click&Clean) - C:\Users\Vinc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\8.3_0
CHR Extension: (AdBlock) - C:\Users\Vinc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0
CHR Extension: (Google Wallet) - C:\Users\Vinc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR Extension: (Click&Clean App) - C:\Users\Vinc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp\8.0_0
CHR HKLM-x32\...\Chrome\Extension: [lbbbdmbjkgojacipgefbifkiebpcdjhn] - C:\Program Files (x86)\Movie2KDownloader.com\m2kDownloader10.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx

==================== Services (Whitelisted) =================

R2 avast! Antivirus; D:\Programme\Avast\AvastSvc.exe [50344 2013-12-30] (AVAST Software)
S2 DeskViewBasicService; C:\Program Files (x86)\Fujitsu\DeskViewBasic\DeskViewBasicService.exe [34816 2009-08-19] (Fujitsu Technology Solutions)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101888 2013-04-29] (Freemake)
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [906536 2013-10-18] (AnchorFree Inc.)
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [78512 2013-10-16] ()
R2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [555304 2013-10-18] ()
R2 SDScannerService; D:\Programme\Spybot - Search & Destroy\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.)
R2 SDUpdateService; D:\Programme\Spybot - Search & Destroy\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.)
R2 SDWSCService; D:\Programme\Spybot - Search & Destroy\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504 2013-07-03] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660184 2013-07-03] (Secunia)
R2 TestHandler; C:\Program Files (x86)\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe [341264 2009-02-19] (Fujitsu Technology Solutions)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [621336 2013-12-04] (Wacom Technology, Corp.)
S2 AntiVirSchedulerService; "C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe" [x]
S2 AntiVirService; "C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe" [x]

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2013-12-30] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-11-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-21] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1034464 2013-12-30] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422216 2013-12-30] (AVAST Software)
S3 aswStm; C:\Windows\system32\drivers\aswStm.sys [79672 2013-12-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2013-12-30] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98848 2012-04-24] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132832 2012-04-27] (Avira GmbH)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [27760 2012-05-02] (Avira GmbH)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2013-10-16] (AnchorFree Inc.)
S3 libusb0; C:\Windows\SysWow64\drivers\libusb0.sys [33792 2005-03-09] ()
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-07-03] (Secunia)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-10-16] (Anchorfree Inc.)
U5 UnlockerDriver5; D:\Programme\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-03 18:10 - 2014-01-03 18:10 - 01931750 _____ (Farbar) C:\Users\Vinc\Desktop\FRST64.exe
2014-01-03 18:10 - 2014-01-03 18:10 - 00022836 _____ C:\Users\Vinc\Desktop\FRST.txt
2014-01-03 17:54 - 2014-01-03 17:54 - 00000470 _____ C:\Users\Vinc\Desktop\defogger_disable.log
2014-01-03 17:54 - 2014-01-03 17:54 - 00000000 _____ C:\Users\Vinc\defogger_reenable
2014-01-03 17:19 - 2014-01-03 17:26 - 00000112 _____ C:\Windows\setupact.log
2014-01-03 17:19 - 2014-01-03 17:19 - 05036216 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-03 17:19 - 2014-01-03 17:19 - 00000000 _____ C:\Windows\setuperr.log
2014-01-03 17:17 - 2014-01-03 17:17 - 00108904 _____ C:\Users\Vinc\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-03 15:45 - 2014-01-03 15:45 - 00000677 _____ C:\Users\Public\Desktop\CCleaner.lnk
2014-01-03 15:34 - 2014-01-03 15:34 - 00108904 _____ C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-03 15:24 - 2014-01-03 15:24 - 00108904 _____ C:\Users\Vinc2\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-03 15:21 - 2014-01-03 15:21 - 00001020 _____ C:\Users\Vinc2\Desktop\SNES9x.lnk
2014-01-03 15:20 - 2014-01-03 15:20 - 00001365 _____ C:\Users\Vinc2\Desktop\WinDS PRO Apps.lnk
2014-01-03 15:20 - 2014-01-03 15:20 - 00001026 _____ C:\Users\Vinc2\Desktop\Nestopia.lnk
2014-01-03 15:19 - 2014-01-03 15:19 - 00000628 _____ C:\Users\Vinc2\Desktop\Pokemon World Online.lnk
2014-01-03 15:18 - 2014-01-03 15:19 - 00001179 _____ C:\Users\Vinc2\Desktop\PlanetSide 2.lnk
2014-01-03 15:17 - 2014-01-03 15:17 - 00000752 _____ C:\Users\Vinc2\Desktop\TeamSpeak 3.lnk
2014-01-03 15:17 - 2014-01-03 15:17 - 00000529 _____ C:\Users\Vinc2\Desktop\League of Legends.lnk
2014-01-03 15:16 - 2014-01-03 15:16 - 00000665 _____ C:\Users\Vinc2\Desktop\Steam.lnk
2014-01-03 15:14 - 2014-01-03 15:14 - 00000990 _____ C:\Users\Vinc2\Desktop\SDCopy.lnk
2014-01-03 15:13 - 2014-01-03 15:13 - 00000975 _____ C:\Users\Vinc2\Desktop\Spybot-S&D Start Center.lnk
2014-01-03 15:13 - 2014-01-03 15:13 - 00000719 _____ C:\Users\Vinc2\Desktop\Free Alarm Clock.lnk
2014-01-03 15:12 - 2014-01-03 15:12 - 00013449 _____ C:\Users\Vinc2\Desktop\Recuva.lnk
2014-01-03 15:12 - 2014-01-03 15:12 - 00001075 _____ C:\Users\Vinc2\Desktop\Secunia PSI.lnk
2014-01-03 15:12 - 2014-01-03 15:12 - 00001074 _____ C:\Users\Vinc2\Desktop\RegClean Pro.lnk
2014-01-03 15:11 - 2014-01-03 15:11 - 00001218 _____ C:\Users\Vinc2\Desktop\Mc Affe Labs Stinger.lnk
2014-01-03 15:11 - 2014-01-03 15:11 - 00000846 _____ C:\Users\Vinc2\Desktop\CCleaner.lnk
2014-01-03 15:11 - 2014-01-03 15:11 - 00000743 _____ C:\Users\Vinc2\Desktop\CDBurnerXP.lnk
2014-01-03 15:11 - 2014-01-03 15:11 - 00000619 _____ C:\Users\Vinc2\Desktop\VLC media player.lnk
2014-01-03 15:10 - 2014-01-03 15:10 - 00001931 _____ C:\Users\Vinc2\Desktop\Driver DVD.lnk
2014-01-03 15:10 - 2014-01-03 15:10 - 00001547 _____ C:\Users\Vinc2\Desktop\iTunes.lnk
2014-01-03 15:09 - 2014-01-03 15:09 - 00001030 _____ C:\Users\Vinc2\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-01 23:05 - 2014-01-01 23:05 - 00000000 ____D C:\Users\Vinc2\AppData\Roaming\WTablet
2014-01-01 23:05 - 2014-01-01 23:05 - 00000000 ____D C:\Users\Vinc2\AppData\Roaming\AVAST Software
2014-01-01 23:04 - 2014-01-01 23:04 - 00000000 ____D C:\Users\Gast1\AppData\Roaming\WTablet
2014-01-01 22:59 - 2014-01-01 22:59 - 00001030 _____ C:\Users\Admin\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-01 22:55 - 2014-01-01 22:55 - 00013449 _____ C:\Users\Vinc\Desktop\Recuva.lnk
2014-01-01 22:55 - 2014-01-01 22:55 - 00001074 _____ C:\Users\Vinc\Desktop\RegClean Pro.lnk
2014-01-01 22:54 - 2014-01-01 22:54 - 00001931 _____ C:\Users\Vinc\Desktop\Driver DVD.lnk
2014-01-01 22:54 - 2014-01-01 22:54 - 00001547 _____ C:\Users\Vinc\Desktop\iTunes.lnk
2014-01-01 22:54 - 2014-01-01 22:54 - 00000743 _____ C:\Users\Vinc\Desktop\CDBurnerXP.lnk
2014-01-01 22:54 - 2014-01-01 22:54 - 00000619 _____ C:\Users\Vinc\Desktop\VLC media player.lnk
2014-01-01 22:53 - 2014-01-01 22:53 - 00001030 _____ C:\Users\Vinc\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-01 22:38 - 2014-01-01 22:38 - 00001020 _____ C:\Users\Admin\Desktop\SNES9x.lnk
2014-01-01 22:37 - 2014-01-01 22:37 - 00001026 _____ C:\Users\Admin\Desktop\Nestopia.lnk
2014-01-01 22:34 - 2014-01-01 22:34 - 00001311 _____ C:\Users\Admin\Desktop\Movie Maker (2).lnk
2014-01-01 22:33 - 2014-01-01 22:33 - 00000990 _____ C:\Users\Admin\Desktop\SDCopy.lnk
2014-01-01 22:32 - 2014-01-01 22:32 - 00013763 _____ C:\Users\Admin\Desktop\Soundrecorder.lnk
2014-01-01 22:29 - 2014-01-01 22:29 - 00000719 _____ C:\Users\Admin\Desktop\Free Alarm Clock.lnk
2014-01-01 22:28 - 2014-01-01 22:28 - 00001075 _____ C:\Users\Admin\Desktop\Secunia PSI.lnk
2014-01-01 22:27 - 2014-01-01 22:27 - 00013449 _____ C:\Users\Admin\Desktop\Recuva.lnk
2014-01-01 22:27 - 2014-01-01 22:27 - 00001218 _____ C:\Users\Admin\Desktop\Mc Affe Labs Stinger.lnk
2014-01-01 22:27 - 2014-01-01 22:27 - 00001074 _____ C:\Users\Admin\Desktop\RegClean Pro.lnk
2014-01-01 22:26 - 2014-01-01 22:26 - 00001014 _____ C:\Users\Admin\Desktop\Acronis*True*Image*Home.lnk
2014-01-01 22:26 - 2014-01-01 22:26 - 00000846 _____ C:\Users\Admin\Desktop\CCleaner.lnk
2014-01-01 22:26 - 2014-01-01 22:26 - 00000743 _____ C:\Users\Admin\Desktop\CDBurnerXP.lnk
2014-01-01 22:25 - 2014-01-01 22:25 - 00000619 _____ C:\Users\Admin\Desktop\VLC media player.lnk
2014-01-01 22:24 - 2014-01-01 22:24 - 00012482 _____ C:\Users\Admin\Desktop\Computer.lnk
2014-01-01 22:24 - 2014-01-01 22:24 - 00001931 _____ C:\Users\Admin\Desktop\Driver DVD.lnk
2014-01-01 22:24 - 2014-01-01 22:24 - 00001547 _____ C:\Users\Admin\Desktop\iTunes.lnk
2014-01-01 22:18 - 2014-01-01 22:58 - 00000000 ____D C:\Users\Admin\AppData\Roaming\WTablet
2013-12-31 17:05 - 2013-12-31 17:05 - 00000000 ____D C:\Program Files\TabletPlugins
2013-12-31 17:05 - 2013-12-31 17:05 - 00000000 ____D C:\Program Files (x86)\TabletPlugins
2013-12-31 17:05 - 2013-12-04 17:35 - 01945880 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wacom_Tablet.dll
2013-12-31 17:05 - 2013-12-04 17:35 - 01938712 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wacom_Touch_Tablet.dll
2013-12-31 17:05 - 2013-12-04 17:35 - 01808152 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wintab32.dll
2013-12-31 17:05 - 2013-12-04 17:35 - 01805080 _____ (Wacom Technology, Corp.) C:\Windows\system32\WacomMT.dll
2013-12-31 17:05 - 2013-12-04 17:35 - 01604376 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wacom_Tablet.dll
2013-12-31 17:05 - 2013-12-04 17:35 - 01596696 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wacom_Touch_Tablet.dll
2013-12-31 17:05 - 2013-12-04 17:35 - 01483032 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wintab32.dll
2013-12-31 17:05 - 2013-12-04 17:35 - 01479960 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\WacomMT.dll
2013-12-31 17:05 - 2013-11-12 01:16 - 00090424 _____ (Wacom Technology) C:\Windows\system32\Drivers\wachidrouter.sys
2013-12-31 17:05 - 2013-11-12 01:16 - 00015160 _____ (Wacom Technology) C:\Windows\system32\Drivers\wacomrouterfilter.sys
2013-12-31 16:36 - 2013-12-31 16:36 - 00000000 ____D C:\Users\Vinc\.android
2013-12-31 16:02 - 2013-12-31 16:02 - 00000000 ____D C:\Windows\SysWOW64\Hotspot Shield
2013-12-31 15:19 - 2013-12-31 16:35 - 00000000 ____D C:\Users\Vinc\AppData\Local\Paint.NET
2013-12-31 02:25 - 2013-12-31 02:25 - 00000000 ____D C:\ProgramData\Hotspot Shield
2013-12-31 02:23 - 2013-12-31 02:26 - 00000000 ____D C:\Program Files (x86)\Hotspot Shield
2013-12-31 02:23 - 2013-12-31 02:23 - 00000000 ____D C:\Users\Vinc\AppData\Roaming\Hotspot Shield
2013-12-31 02:23 - 2013-10-16 02:42 - 00044744 _____ (AnchorFree Inc.) C:\Windows\system32\Drivers\hssdrv6.sys
2013-12-30 17:57 - 2013-12-30 17:57 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-15 21:54 - 2013-12-26 16:56 - 00000000 ____D C:\Users\Vinc\Downloads\Arbeit
2013-12-15 13:26 - 2013-12-31 16:43 - 00000000 ____D C:\Users\Vinc\AppData\Roaming\RoboForm
2013-12-15 13:26 - 2013-12-31 16:41 - 00003972 _____ C:\Windows\System32\Tasks\Open URL by RoboForm
2013-12-15 13:26 - 2013-12-15 13:26 - 00003492 _____ C:\Windows\System32\Tasks\Run RoboForm TaskBar Icon
2013-12-15 13:23 - 2013-12-31 16:43 - 00000000 ____D C:\ProgramData\RoboForm
2013-12-15 13:17 - 2013-12-15 13:18 - 00000000 ____D C:\Users\Vinc\AppData\Local\Mozilla
2013-12-15 13:17 - 2013-12-15 13:17 - 00000729 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-11 20:33 - 2013-12-12 13:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-12-11 16:48 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-11 16:48 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-11 16:48 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-11 16:48 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-11 16:47 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-11 16:47 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-11 16:47 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-11 16:47 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-11 16:47 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-11 16:47 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-11 16:47 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-11 16:47 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-11 16:47 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-11 16:47 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-11 16:47 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-11 16:47 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-11 16:47 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-11 16:47 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-11 16:47 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-11 16:47 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-11 16:47 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-11 16:47 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-11 16:47 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-11 16:47 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-11 16:47 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-11 16:47 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-11 16:47 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-11 16:47 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-11 16:47 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-11 16:47 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-11 16:47 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-11 16:47 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-11 16:47 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-11 16:47 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-11 16:47 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-11 16:10 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-11 16:10 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-11 16:10 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-11 16:10 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-11 16:10 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-11 16:10 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-11 16:10 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 16:10 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 16:10 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-11 16:10 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 16:10 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 16:10 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-11 16:10 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-11 16:10 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 16:10 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-11 16:10 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-11 16:10 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-11 16:10 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 16:10 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-08 18:22 - 2013-12-08 18:22 - 00000719 _____ C:\Users\Vinc\Desktop\Free Alarm Clock.lnk

==================== One Month Modified Files and Folders =======

2014-01-03 18:10 - 2014-01-03 18:10 - 01931750 _____ (Farbar) C:\Users\Vinc\Desktop\FRST64.exe
2014-01-03 18:10 - 2014-01-03 18:10 - 00022836 _____ C:\Users\Vinc\Desktop\FRST.txt
2014-01-03 18:02 - 2013-08-14 09:44 - 00000266 _____ C:\Windows\Tasks\RegClean Prosch.job
2014-01-03 18:00 - 2013-02-10 12:22 - 00003108 _____ C:\Windows\System32\Tasks\RegClean Pro
2014-01-03 17:59 - 2012-05-26 15:35 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-03 17:57 - 2010-07-25 18:50 - 02067520 _____ C:\Windows\WindowsUpdate.log
2014-01-03 17:54 - 2014-01-03 17:54 - 00000470 _____ C:\Users\Vinc\Desktop\defogger_disable.log
2014-01-03 17:54 - 2014-01-03 17:54 - 00000000 _____ C:\Users\Vinc\defogger_reenable
2014-01-03 17:54 - 2010-07-25 11:08 - 00000000 ____D C:\Users\Vinc
2014-01-03 17:51 - 2012-05-27 11:05 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-03 17:40 - 2013-11-14 18:26 - 00000000 ____D C:\Users\Thunderbird\yiodlzyq.default
2014-01-03 17:38 - 2009-07-14 05:45 - 00009712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-03 17:38 - 2009-07-14 05:45 - 00009712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-03 17:29 - 2012-09-09 21:26 - 00000000 ____D C:\Users\Vinc\AppData\Roaming\Skype
2014-01-03 17:27 - 2012-05-27 11:05 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-03 17:26 - 2014-01-03 17:19 - 00000112 _____ C:\Windows\setupact.log
2014-01-03 17:26 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-03 17:19 - 2014-01-03 17:19 - 05036216 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-03 17:19 - 2014-01-03 17:19 - 00000000 _____ C:\Windows\setuperr.log
2014-01-03 17:17 - 2014-01-03 17:17 - 00108904 _____ C:\Users\Vinc\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-03 15:57 - 2013-11-14 17:58 - 00000000 ____D C:\Users\Vinc\AppData\Roaming\Thunderbird
2014-01-03 15:55 - 2013-03-24 16:46 - 00000000 ____D C:\Users\Vinc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDS PRO
2014-01-03 15:45 - 2014-01-03 15:45 - 00000677 _____ C:\Users\Public\Desktop\CCleaner.lnk
2014-01-03 15:45 - 2012-09-12 16:55 - 00002762 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-01-03 15:34 - 2014-01-03 15:34 - 00108904 _____ C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-03 15:33 - 2013-03-10 22:27 - 00000000 ____D C:\Windows\Minidump
2014-01-03 15:33 - 2009-08-10 21:07 - 00000000 ____D C:\Windows\Panther
2014-01-03 15:24 - 2014-01-03 15:24 - 00108904 _____ C:\Users\Vinc2\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-03 15:21 - 2014-01-03 15:21 - 00001020 _____ C:\Users\Vinc2\Desktop\SNES9x.lnk
2014-01-03 15:20 - 2014-01-03 15:20 - 00001365 _____ C:\Users\Vinc2\Desktop\WinDS PRO Apps.lnk
2014-01-03 15:20 - 2014-01-03 15:20 - 00001026 _____ C:\Users\Vinc2\Desktop\Nestopia.lnk
2014-01-03 15:19 - 2014-01-03 15:19 - 00000628 _____ C:\Users\Vinc2\Desktop\Pokemon World Online.lnk
2014-01-03 15:19 - 2014-01-03 15:18 - 00001179 _____ C:\Users\Vinc2\Desktop\PlanetSide 2.lnk
2014-01-03 15:17 - 2014-01-03 15:17 - 00000752 _____ C:\Users\Vinc2\Desktop\TeamSpeak 3.lnk
2014-01-03 15:17 - 2014-01-03 15:17 - 00000529 _____ C:\Users\Vinc2\Desktop\League of Legends.lnk
2014-01-03 15:16 - 2014-01-03 15:16 - 00000665 _____ C:\Users\Vinc2\Desktop\Steam.lnk
2014-01-03 15:14 - 2014-01-03 15:14 - 00000990 _____ C:\Users\Vinc2\Desktop\SDCopy.lnk
2014-01-03 15:13 - 2014-01-03 15:13 - 00000975 _____ C:\Users\Vinc2\Desktop\Spybot-S&D Start Center.lnk
2014-01-03 15:13 - 2014-01-03 15:13 - 00000719 _____ C:\Users\Vinc2\Desktop\Free Alarm Clock.lnk
2014-01-03 15:12 - 2014-01-03 15:12 - 00013449 _____ C:\Users\Vinc2\Desktop\Recuva.lnk
2014-01-03 15:12 - 2014-01-03 15:12 - 00001075 _____ C:\Users\Vinc2\Desktop\Secunia PSI.lnk
2014-01-03 15:12 - 2014-01-03 15:12 - 00001074 _____ C:\Users\Vinc2\Desktop\RegClean Pro.lnk
2014-01-03 15:11 - 2014-01-03 15:11 - 00001218 _____ C:\Users\Vinc2\Desktop\Mc Affe Labs Stinger.lnk
2014-01-03 15:11 - 2014-01-03 15:11 - 00000846 _____ C:\Users\Vinc2\Desktop\CCleaner.lnk
2014-01-03 15:11 - 2014-01-03 15:11 - 00000743 _____ C:\Users\Vinc2\Desktop\CDBurnerXP.lnk
2014-01-03 15:11 - 2014-01-03 15:11 - 00000619 _____ C:\Users\Vinc2\Desktop\VLC media player.lnk
2014-01-03 15:10 - 2014-01-03 15:10 - 00001931 _____ C:\Users\Vinc2\Desktop\Driver DVD.lnk
2014-01-03 15:10 - 2014-01-03 15:10 - 00001547 _____ C:\Users\Vinc2\Desktop\iTunes.lnk
2014-01-03 15:09 - 2014-01-03 15:09 - 00001030 _____ C:\Users\Vinc2\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-03 15:07 - 2012-09-13 12:53 - 00004144 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-01 23:05 - 2014-01-01 23:05 - 00000000 ____D C:\Users\Vinc2\AppData\Roaming\WTablet
2014-01-01 23:05 - 2014-01-01 23:05 - 00000000 ____D C:\Users\Vinc2\AppData\Roaming\AVAST Software
2014-01-01 23:04 - 2014-01-01 23:04 - 00000000 ____D C:\Users\Gast1\AppData\Roaming\WTablet
2014-01-01 22:59 - 2014-01-01 22:59 - 00001030 _____ C:\Users\Admin\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-01 22:58 - 2014-01-01 22:18 - 00000000 ____D C:\Users\Admin\AppData\Roaming\WTablet
2014-01-01 22:58 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2014-01-01 22:55 - 2014-01-01 22:55 - 00013449 _____ C:\Users\Vinc\Desktop\Recuva.lnk
2014-01-01 22:55 - 2014-01-01 22:55 - 00001074 _____ C:\Users\Vinc\Desktop\RegClean Pro.lnk
2014-01-01 22:54 - 2014-01-01 22:54 - 00001931 _____ C:\Users\Vinc\Desktop\Driver DVD.lnk
2014-01-01 22:54 - 2014-01-01 22:54 - 00001547 _____ C:\Users\Vinc\Desktop\iTunes.lnk
2014-01-01 22:54 - 2014-01-01 22:54 - 00000743 _____ C:\Users\Vinc\Desktop\CDBurnerXP.lnk
2014-01-01 22:54 - 2014-01-01 22:54 - 00000619 _____ C:\Users\Vinc\Desktop\VLC media player.lnk
2014-01-01 22:53 - 2014-01-01 22:53 - 00001030 _____ C:\Users\Vinc\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-01 22:40 - 2013-04-19 12:44 - 00000875 _____ C:\Users\Admin\Desktop\Nintendo.lnk
2014-01-01 22:38 - 2014-01-01 22:38 - 00001020 _____ C:\Users\Admin\Desktop\SNES9x.lnk
2014-01-01 22:37 - 2014-01-01 22:37 - 00001026 _____ C:\Users\Admin\Desktop\Nestopia.lnk
2014-01-01 22:34 - 2014-01-01 22:34 - 00001311 _____ C:\Users\Admin\Desktop\Movie Maker (2).lnk
2014-01-01 22:33 - 2014-01-01 22:33 - 00000990 _____ C:\Users\Admin\Desktop\SDCopy.lnk
2014-01-01 22:32 - 2014-01-01 22:32 - 00013763 _____ C:\Users\Admin\Desktop\Soundrecorder.lnk
2014-01-01 22:29 - 2014-01-01 22:29 - 00000719 _____ C:\Users\Admin\Desktop\Free Alarm Clock.lnk
2014-01-01 22:28 - 2014-01-01 22:28 - 00001075 _____ C:\Users\Admin\Desktop\Secunia PSI.lnk
2014-01-01 22:27 - 2014-01-01 22:27 - 00013449 _____ C:\Users\Admin\Desktop\Recuva.lnk
2014-01-01 22:27 - 2014-01-01 22:27 - 00001218 _____ C:\Users\Admin\Desktop\Mc Affe Labs Stinger.lnk
2014-01-01 22:27 - 2014-01-01 22:27 - 00001074 _____ C:\Users\Admin\Desktop\RegClean Pro.lnk
2014-01-01 22:26 - 2014-01-01 22:26 - 00001014 _____ C:\Users\Admin\Desktop\Acronis*True*Image*Home.lnk
2014-01-01 22:26 - 2014-01-01 22:26 - 00000846 _____ C:\Users\Admin\Desktop\CCleaner.lnk
2014-01-01 22:26 - 2014-01-01 22:26 - 00000743 _____ C:\Users\Admin\Desktop\CDBurnerXP.lnk
2014-01-01 22:25 - 2014-01-01 22:25 - 00000619 _____ C:\Users\Admin\Desktop\VLC media player.lnk
2014-01-01 22:24 - 2014-01-01 22:24 - 00012482 _____ C:\Users\Admin\Desktop\Computer.lnk
2014-01-01 22:24 - 2014-01-01 22:24 - 00001931 _____ C:\Users\Admin\Desktop\Driver DVD.lnk
2014-01-01 22:24 - 2014-01-01 22:24 - 00001547 _____ C:\Users\Admin\Desktop\iTunes.lnk
2014-01-01 21:18 - 2013-09-25 20:09 - 00000282 _____ C:\Windows\Tasks\RegClean Pro_UPDATES.job
2014-01-01 15:01 - 2013-09-25 20:09 - 00000274 _____ C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2014-01-01 00:30 - 2013-05-08 17:19 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-12-31 17:12 - 2013-03-10 15:36 - 00000000 ____D C:\Users\Vinc\AppData\Roaming\WTablet
2013-12-31 17:08 - 2013-03-01 18:02 - 00000000 ____D C:\Program Files (x86)\Pando Networks
2013-12-31 17:05 - 2013-12-31 17:05 - 00000000 ____D C:\Program Files\TabletPlugins
2013-12-31 17:05 - 2013-12-31 17:05 - 00000000 ____D C:\Program Files (x86)\TabletPlugins
2013-12-31 17:05 - 2013-03-10 15:35 - 00000000 ____D C:\Program Files\Tablet
2013-12-31 16:43 - 2013-12-15 13:26 - 00000000 ____D C:\Users\Vinc\AppData\Roaming\RoboForm
2013-12-31 16:43 - 2013-12-15 13:23 - 00000000 ____D C:\ProgramData\RoboForm
2013-12-31 16:43 - 2010-07-25 13:29 - 00000000 ____D C:\Windows\system32\appmgmt
2013-12-31 16:41 - 2013-12-15 13:26 - 00003972 _____ C:\Windows\System32\Tasks\Open URL by RoboForm
2013-12-31 16:36 - 2013-12-31 16:36 - 00000000 ____D C:\Users\Vinc\.android
2013-12-31 16:35 - 2013-12-31 15:19 - 00000000 ____D C:\Users\Vinc\AppData\Local\Paint.NET
2013-12-31 16:02 - 2013-12-31 16:02 - 00000000 ____D C:\Windows\SysWOW64\Hotspot Shield
2013-12-31 02:33 - 2013-03-10 17:25 - 00000000 ____D C:\Users\Vinc\AppData\Roaming\vlc
2013-12-31 02:26 - 2013-12-31 02:23 - 00000000 ____D C:\Program Files (x86)\Hotspot Shield
2013-12-31 02:25 - 2013-12-31 02:25 - 00000000 ____D C:\ProgramData\Hotspot Shield
2013-12-31 02:23 - 2013-12-31 02:23 - 00000000 ____D C:\Users\Vinc\AppData\Roaming\Hotspot Shield
2013-12-30 17:57 - 2013-12-30 17:57 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2013-12-30 17:56 - 2013-03-14 14:14 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-12-30 17:56 - 2012-09-13 12:53 - 01034464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-12-30 17:56 - 2012-09-13 12:53 - 00422216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-12-30 17:56 - 2012-09-13 12:53 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-12-30 17:56 - 2012-09-13 12:53 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-12-30 17:56 - 2012-09-13 12:53 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-12-28 17:54 - 2013-01-27 17:32 - 00000000 ____D C:\Users\Vinc\AppData\Roaming\Mp3tag
2013-12-26 16:56 - 2013-12-15 21:54 - 00000000 ____D C:\Users\Vinc\Downloads\Arbeit
2013-12-22 20:35 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-21 14:43 - 2012-09-13 17:51 - 00000651 _____ C:\Users\Public\Desktop\Mp3tag.lnk
2013-12-21 11:33 - 2009-08-10 21:20 - 00653968 _____ C:\Windows\system32\perfh007.dat
2013-12-21 11:33 - 2009-08-10 21:20 - 00129840 _____ C:\Windows\system32\perfc007.dat
2013-12-21 11:33 - 2009-07-14 06:13 - 01498506 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-15 13:26 - 2013-12-15 13:26 - 00003492 _____ C:\Windows\System32\Tasks\Run RoboForm TaskBar Icon
2013-12-15 13:18 - 2013-12-15 13:17 - 00000000 ____D C:\Users\Vinc\AppData\Local\Mozilla
2013-12-15 13:17 - 2013-12-15 13:17 - 00000729 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-15 13:17 - 2012-12-13 15:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-14 11:03 - 2013-08-15 20:52 - 00000000 ____D C:\Windows\system32\MRT
2013-12-14 11:02 - 2010-07-25 14:11 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-14 10:55 - 2012-05-27 11:05 - 00000000 ____D C:\Users\Vinc\AppData\Local\Google
2013-12-12 20:12 - 2012-10-19 18:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-12 13:29 - 2013-12-11 20:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-12-11 19:59 - 2012-05-26 15:35 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-11 19:59 - 2012-05-26 15:35 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-11 19:59 - 2012-05-26 15:35 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-11 16:48 - 2009-08-21 10:14 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-08 18:22 - 2013-12-08 18:22 - 00000719 _____ C:\Users\Vinc\Desktop\Free Alarm Clock.lnk
2013-12-08 15:31 - 2012-09-09 21:26 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-08 15:31 - 2012-09-09 21:26 - 00000000 ____D C:\ProgramData\Skype
2013-12-05 18:46 - 2012-05-27 11:05 - 00004102 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-05 18:46 - 2012-05-27 11:05 - 00003850 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-05 13:49 - 2012-05-28 10:25 - 00002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-12-04 17:35 - 2013-12-31 17:05 - 01945880 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wacom_Tablet.dll
2013-12-04 17:35 - 2013-12-31 17:05 - 01938712 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wacom_Touch_Tablet.dll
2013-12-04 17:35 - 2013-12-31 17:05 - 01808152 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wintab32.dll
2013-12-04 17:35 - 2013-12-31 17:05 - 01805080 _____ (Wacom Technology, Corp.) C:\Windows\system32\WacomMT.dll
2013-12-04 17:35 - 2013-12-31 17:05 - 01604376 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wacom_Tablet.dll
2013-12-04 17:35 - 2013-12-31 17:05 - 01596696 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wacom_Touch_Tablet.dll
2013-12-04 17:35 - 2013-12-31 17:05 - 01483032 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wintab32.dll
2013-12-04 17:35 - 2013-12-31 17:05 - 01479960 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\WacomMT.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-31 03:35

==================== End Of Log ============================
         
GMER-Log ist gleich fertig

Hier GMER:

Code:
ATTFilter
GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2014-01-03 18:21:15
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2 ST1000DM005_HD103SJ rev.1AJ10001 931,51GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\Vinc\AppData\Local\Temp\kftcipow.sys


---- Kernel code sections - GMER 2.1 ----

INITKDBG  C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528                                                                                            fffff80002fbc000 45 bytes [00, 00, 22, 02, 4D, 6D, 43, ...]
INITKDBG  C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 575                                                                                            fffff80002fbc02f 16 bytes [00, 02, 00, 00, 00, 00, 00, ...]

---- User code sections - GMER 2.1 ----

.text     C:\Windows\system32\wininit.exe[776] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                    0000000076f3eecd 1 byte [62]
.text     C:\Windows\system32\services.exe[832] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                   0000000076f3eecd 1 byte [62]
.text     C:\Windows\system32\lsass.exe[860] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                      0000000076f3eecd 1 byte [62]
.text     C:\Windows\system32\winlogon.exe[892] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                   0000000076f3eecd 1 byte [62]
.text     C:\Windows\system32\svchost.exe[1012] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                   0000000076f3eecd 1 byte [62]
.text     C:\Windows\system32\svchost.exe[644] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                    0000000076f3eecd 1 byte [62]
.text     C:\Windows\System32\svchost.exe[720] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                    0000000076f3eecd 1 byte [62]
.text     C:\Windows\System32\svchost.exe[560] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                    0000000076f3eecd 1 byte [62]
.text     C:\Windows\system32\svchost.exe[632] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                    0000000076f3eecd 1 byte [62]
.text     C:\Windows\system32\svchost.exe[1040] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                   0000000076f3eecd 1 byte [62]
.text     C:\Program Files\Tablet\Wacom\WTabletServicePro.exe[1284] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                               0000000076f3eecd 1 byte [62]
.text     C:\Windows\system32\svchost.exe[1388] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                   0000000076f3eecd 1 byte [62]
.text     C:\Windows\System32\spoolsv.exe[1704] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                   0000000076f3eecd 1 byte [62]
.text     C:\Windows\system32\svchost.exe[1768] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                   0000000076f3eecd 1 byte [62]
.text     C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1912] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                      000000007564a2ba 1 byte [62]
.text     C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe[2024] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                      000000007564a2ba 1 byte [62]
.text     C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1492] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112      000000007564a2ba 1 byte [62]
.text     C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe[2076] C:\Windows\syswow64\KERNEL32.dll!GetBinaryTypeW + 112                             000000007564a2ba 1 byte [62]
.text     C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe[2160] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                             000000007564a2ba 1 byte [62]
.text     C:\Windows\system32\taskhost.exe[2496] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                  0000000076f3eecd 1 byte [62]
.text     C:\Windows\Explorer.EXE[2608] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                           0000000076f3eecd 1 byte [62]
.text     C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe[2648] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                               000000007564a2ba 1 byte [62]
.text     D:\Programme\Spybot - Search & Destroy\SDFSSvc.exe[2932] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                                000000007564a2ba 1 byte [62]
.text     C:\Program Files (x86)\Secunia\PSI\PSIA.exe[2508] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                                       000000007564a2ba 1 byte [62]
.text     C:\Program Files (x86)\Secunia\PSI\PSIA.exe[2508] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                     0000000076d81465 2 bytes [D8, 76]
.text     C:\Program Files (x86)\Secunia\PSI\PSIA.exe[2508] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                    0000000076d814bb 2 bytes [D8, 76]
.text     ...                                                                                                                                                           * 2
.text     C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe[2660] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                   000000007564a2ba 1 byte [62]
.text     C:\Windows\system32\svchost.exe[2828] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                   0000000076f3eecd 1 byte [62]
.text     C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2308] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                   0000000076f3eecd 1 byte [62]
.text     C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe[3160] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                            000000007564a2ba 1 byte [62]
.text     C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe[3208] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                000000007564a2ba 1 byte [62]
.text     C:\Program Files (x86)\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe[3220] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112     000000007564a2ba 1 byte [62]
.text     C:\Windows\System32\igfxtray.exe[3540] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                  0000000076f3eecd 1 byte [62]
.text     C:\Windows\System32\hkcmd.exe[3576] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                     0000000076f3eecd 1 byte [62]
.text     C:\Windows\System32\igfxpers.exe[3832] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                  0000000076f3eecd 1 byte [62]
.text     D:\Programme\Microsofts Desktops\Desktops.exe[4016] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                                     000000007564a2ba 1 byte [62]
.text     C:\Windows\system32\wbem\wmiprvse.exe[2768] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                             0000000076f3eecd 1 byte [62]
.text     D:\Programme\Steam\Steam.exe[1968] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                                                      000000007564a2ba 1 byte [62]
.text     D:\Programme\MotioninJoy\ds3\DS3_Tool.exe[3692] C:\Windows\system32\KERNEL32.dll!GetBinaryTypeW + 189                                                         0000000076f3eecd 1 byte [62]
.text     C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3956] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                     000000007564a2ba 1 byte [62]
.text     C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[1260] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                                   000000007564a2ba 1 byte [62]
.text     C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[1260] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                 0000000076d81465 2 bytes [D8, 76]
.text     C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[1260] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                0000000076d814bb 2 bytes [D8, 76]
.text     ...                                                                                                                                                           * 2
.text     C:\Program Files (x86)\FreePDF_XP\fpassist.exe[3352] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                                    000000007564a2ba 1 byte [62]
.text     C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE[3936] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                     000000007564a2ba 1 byte [62]
.text     D:\Programme\Acronis True Image\TrueImageHome\TrueImageMonitor.exe[952] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                 000000007564a2ba 1 byte [62]
.text     D:\Programme\Acronis True Image\TrueImageHome\TimounterMonitor.exe[4112] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                000000007564a2ba 1 byte [62]
.text     D:\Programme\iTunes\iTunesHelper.exe[4256] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                                              000000007564a2ba 1 byte [62]
.text     D:\Programme\Spybot - Search & Destroy\SDTray.exe[4460] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                                 000000007564a2ba 1 byte [62]
.text     D:\Programme\Spybot - Search & Destroy\SDTray.exe[4460] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69                                               0000000076d81465 2 bytes [D8, 76]
.text     D:\Programme\Spybot - Search & Destroy\SDTray.exe[4460] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155                                              0000000076d814bb 2 bytes [D8, 76]
.text     ...                                                                                                                                                           * 2
.text     D:\Programme\Avast\AvastUI.exe[4468] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                                                    000000007564a2ba 1 byte [62]
.text     D:\Programme\Avast\AvastUI.exe[4468] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                  0000000076d81465 2 bytes [D8, 76]
.text     D:\Programme\Avast\AvastUI.exe[4468] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                 0000000076d814bb 2 bytes [D8, 76]
.text     ...                                                                                                                                                           * 2
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[4500] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                  000000007564a2ba 1 byte [62]
.text     D:\Programme\Spybot - Search & Destroy\SDUpdSvc.exe[4752] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                               000000007564a2ba 1 byte [62]
.text     D:\Programme\Spybot - Search & Destroy\SDWSCSvc.exe[4908] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                               000000007564a2ba 1 byte [62]
.text     C:\Program Files\iPod\bin\iPodService.exe[4248] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                         0000000076f3eecd 1 byte [62]
.text     C:\Windows\system32\SearchIndexer.exe[4812] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                             0000000076f3eecd 1 byte [62]
.text     C:\Program Files (x86)\Secunia\PSI\sua.exe[4100] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                                        000000007564a2ba 1 byte [62]
.text     C:\Program Files (x86)\Secunia\PSI\sua.exe[4100] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                      0000000076d81465 2 bytes [D8, 76]
.text     C:\Program Files (x86)\Secunia\PSI\sua.exe[4100] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                     0000000076d814bb 2 bytes [D8, 76]
.text     ...                                                                                                                                                           * 2
.text     C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exe[4252] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                               000000007564a2ba 1 byte [62]
.text     C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exe[4252] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                             0000000076d81465 2 bytes [D8, 76]
.text     C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exe[4252] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                            0000000076d814bb 2 bytes [D8, 76]
.text     ...                                                                                                                                                           * 2
.text     C:\Windows\system32\svchost.exe[5148] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                   0000000076f3eecd 1 byte [62]
.text     C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe[5500] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                 0000000076f3eecd 1 byte [62]
.text     C:\Program Files\Windows Media Player\wmpnetwk.exe[5832] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                0000000076f3eecd 1 byte [62]
.text     C:\Program Files (x86)\Common Files\Steam\SteamService.exe[1888] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                        000000007564a2ba 1 byte [62]
.text     C:\Program Files (x86)\Common Files\Steam\SteamService.exe[1888] C:\Windows\syswow64\KERNELBASE.dll!HeapCreate                                                0000000076c1549c 5 bytes JMP 0000000100300800
.text     C:\Program Files (x86)\Common Files\Steam\SteamService.exe[1888] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69                                      0000000076d81465 2 bytes [D8, 76]
.text     C:\Program Files (x86)\Common Files\Steam\SteamService.exe[1888] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155                                     0000000076d814bb 2 bytes [D8, 76]
.text     ...                                                                                                                                                           * 2
.text     C:\Windows\System32\svchost.exe[6328] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                                   0000000076f3eecd 1 byte [62]
.text     C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE[6612] C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE!wdGetApplicationObject + 166  000000002fcf1afc 2 bytes [CF, 2F]
.text     C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE[6612] C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE!wdGetApplicationObject + 253  000000002fcf1b53 2 bytes [CF, 2F]
.text     C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE[6612] C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE!wdGetApplicationObject + 320  000000002fcf1b96 2 bytes [CF, 2F]
.text     C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE[6612] C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE!wdGetApplicationObject + 390  000000002fcf1bdc 2 bytes [CF, 2F]
.text     C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE[6612] C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE!wdGetApplicationObject + 738  000000002fcf1d38 2 bytes [CF, 2F]
.text     C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE[6612] C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE!wdGetApplicationObject + 937  000000002fcf1dff 2 bytes [CF, 2F]
.text     C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE[6612] C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE!wdGetApplicationObject + 958  000000002fcf1e14 2 bytes [CF, 2F]
.text     C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE[6612] C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE!wdGetApplicationObject + 970  000000002fcf1e20 2 bytes [CF, 2F]
.text     C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE[6612] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter                               0000000075628769 5 bytes JMP 0000000151ea53fc
.text     C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE[6612] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                      000000007564a2ba 1 byte [62]
.text     C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE[6612] C:\Windows\syswow64\ole32.dll!OleLoadFromStream                                            0000000074c76143 5 bytes JMP 000000015296f68e
.text     C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE[6612] C:\Windows\syswow64\OLEAUT32.dll!SysFreeString                                             00000000753d3e59 5 bytes JMP 0000000151ed10b7
.text     C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE[6612] C:\Windows\syswow64\OLEAUT32.dll!VariantClear                                              00000000753d3eae 5 bytes JMP 0000000151edb0be
.text     C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE[6612] C:\Windows\syswow64\OLEAUT32.dll!SysAllocStringByteLen                                     00000000753d4731 5 bytes JMP 0000000151f0b5dc
.text     C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE[6612] C:\Windows\syswow64\OLEAUT32.dll!VariantChangeType                                         00000000753d5dee 5 bytes JMP 0000000151f0c50f
.text     C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE[6612] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                    0000000076d81465 2 bytes [D8, 76]
.text     C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE[6612] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                   0000000076d814bb 2 bytes [D8, 76]
.text     ...                                                                                                                                                           * 2
.text     C:\Windows\system32\AUDIODG.EXE[2416] C:\Windows\System32\kernel32.dll!GetBinaryTypeW + 189                                                                   0000000076f3eecd 1 byte [62]
.text     C:\Users\Vinc\Desktop\gmer_2.1.19163.exe[2696] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                                          000000007564a2ba 1 byte [62]

---- Threads - GMER 2.1 ----

Thread    C:\Program Files\Windows Media Player\wmpnetwk.exe [5832:5136]                                                                                                000007fefb212a7c
Thread    C:\Program Files\Windows Media Player\wmpnetwk.exe [5832:4676]                                                                                                000007feea884830
Thread    C:\Program Files\Windows Media Player\wmpnetwk.exe [5832:5792]                                                                                                000007feea884830
Thread    C:\Program Files\Windows Media Player\wmpnetwk.exe [5832:5728]                                                                                                000007feea884830
Thread    C:\Program Files\Windows Media Player\wmpnetwk.exe [5832:3700]                                                                                                000007feea884830
Thread    C:\Program Files\Windows Media Player\wmpnetwk.exe [5832:1956]                                                                                                000007fef7ca5124
Thread    C:\Program Files\Windows Media Player\wmpnetwk.exe [5832:6560]                                                                                                000007feea809d90
Thread    C:\Program Files\Windows Media Player\wmpnetwk.exe [5832:2720]                                                                                                000007feea884830
Thread    C:\Windows\System32\svchost.exe [6328:6516]                                                                                                                   000007feedfa9688

---- Disk sectors - GMER 2.1 ----

Disk      \Device\Harddisk0\DR0                                                                                                                                         unknown MBR code

---- EOF - GMER 2.1 ----
         
Habe ich jetzt Viren oder nicht?

LG

Will mir denn keiner helfen ): ?
__________________


Alt 08.01.2014, 22:30   #3
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 7 findet "einige" Viren - Standard

Windows 7 findet "einige" Viren



Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!




Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
__________________

Antwort

Themen zu Windows 7 findet "einige" Viren
adblock, antivirus, avg, avira, browser, defender, firefox, flash player, google, helper, hotspot, install.exe, logfile, mozilla, object, plug-in, pup.optional.babylon.a, pup.optional.datamngr.a, pup.optional.delta.a, pup.optional.diamondata.a, pup.optional.regcleanerpro.a, pup.optional.regcleanerpro.j, pup.optional.regcleanpro.a, realtek, secunia psi, security, senden, tablet, viren, windows




Ähnliche Themen: Windows 7 findet "einige" Viren


  1. Diverse Malware ("CoolSaleCoupon", "ddownlloaditkeep", "omiga-plus", "SaveSense", "SaleItCoupon"); lahmer PC & viel Werbung!
    Plagegeister aller Art und deren Bekämpfung - 11.01.2015 (16)
  2. Windows 8.1: Avira findet "TR/Swrort.A.10259" in "C:\Program Files (x86)\Google\Chrome\Application\old_chrome.exe"
    Plagegeister aller Art und deren Bekämpfung - 23.07.2014 (3)
  3. Windows XP: Avira findet "TR.Trash.Gen" [trojan]
    Log-Analyse und Auswertung - 17.06.2014 (26)
  4. Windows 7 findet "einige" Viren (MBAM)
    Mülltonne - 08.01.2014 (2)
  5. VIRUS! Uninstall von "i livid Download Manager" erfolglos. SpyHunter findet Viren, Avira nicht - was tun?
    Plagegeister aller Art und deren Bekämpfung - 16.12.2013 (12)
  6. Windows 7 - Virenprogramm findet einige Viren + Computerabsturz
    Log-Analyse und Auswertung - 14.08.2013 (11)
  7. Webseite via FTP/FileZilla gehackt, Viren "JS/BlacoleRef.W.234" und "EXP/Pdfka.EL.831" gefunden
    Plagegeister aller Art und deren Bekämpfung - 20.02.2013 (37)
  8. Wiederholte Avira Warnung: Speicherveränderung entdeckt -> Rescue-System findet "nur" Viren-Signatur in HD-Kopier-Image
    Log-Analyse und Auswertung - 07.12.2012 (17)
  9. Avast! findet "Rootkit: hiddenfile" in meinem Windows Ordner
    Plagegeister aller Art und deren Bekämpfung - 05.08.2012 (1)
  10. malwarebytes findet 42 "PUP.Blabblers" Viren beim Vollscan
    Plagegeister aller Art und deren Bekämpfung - 19.07.2012 (1)
  11. Bundespolizei Ukash Trojaner ; "Xubuntu 12.04" findet Laufwerk "C" nicht.
    Plagegeister aller Art und deren Bekämpfung - 15.06.2012 (1)
  12. Avira findet "TR/Rogue.kdv.623486" und "EXP/12-0507.BD.2.B"
    Plagegeister aller Art und deren Bekämpfung - 20.05.2012 (3)
  13. fake alert virus, einige Aktionen laut forum erledigt, immer noch einige Ordner "unsichtbar"
    Log-Analyse und Auswertung - 14.03.2012 (3)
  14. aswMBR.exe findet "Windows XP default MBR code" auf Win7 64bit System und unbekannte Partitionstabel
    Log-Analyse und Auswertung - 29.10.2011 (5)
  15. viren "Trojan:Win32/Bumat!rts" und "Exploit Java/CVE-2010-0840.ew" auf Laptop
    Plagegeister aller Art und deren Bekämpfung - 05.10.2011 (8)
  16. Avira findet "TR.Swizzor.aafj" "TR.Swisyn.aiwd.1"
    Log-Analyse und Auswertung - 22.08.2011 (4)
  17. Seltsame Popups von "Windows"... panda findet spyware
    Log-Analyse und Auswertung - 02.08.2006 (4)

Zum Thema Windows 7 findet "einige" Viren - Hey, habe gerade Avast Suchlauf gestartet, nichts gefunden. Stattdessen dann MBAM (Defogger war disabled): Code: Alles auswählen Aufklappen ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2014.01.03.04 Windows 7 Service Pack - Windows 7 findet "einige" Viren...
Archiv
Du betrachtest: Windows 7 findet "einige" Viren auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.