| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: USB on board wird nicht erkanntWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
05.02.2014, 20:08
| #1 |
| |  USB on board wird nicht erkannt hallo, ich hab das gleiche problem wie hier. http://www.trojaner-board.de/98722-u...e-erkannt.html ich hab auch schon alles gemacht was da stand. Hier die otl text datei OTL logfile created on: 05.02.2014 16:49:46 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Neset\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.16428) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 5,98 Gb Total Physical Memory | 3,51 Gb Available Physical Memory | 58,73% Memory free 11,96 Gb Paging File | 9,60 Gb Available in Paging File | 80,25% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 1356,16 Gb Total Space | 246,36 Gb Free Space | 18,17% Space Free | Partition Type: NTFS Drive D: | 40,00 Gb Total Space | 21,39 Gb Free Space | 53,47% Space Free | Partition Type: NTFS Drive F: | 119,02 Gb Total Space | 84,92 Gb Free Space | 71,35% Space Free | Partition Type: NTFS Computer Name: NESET-PC | User Name: Neset | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2014.02.05 16:27:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Neset\Downloads\OTL.exe PRC - [2014.02.05 09:48:32 | 004,915,040 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe PRC - [2014.02.05 09:48:31 | 012,493,152 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe PRC - [2014.02.05 09:35:14 | 000,202,592 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe PRC - [2014.01.25 23:23:35 | 003,764,024 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe PRC - [2014.01.25 23:23:35 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe PRC - [2013.12.18 10:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2013.09.12 00:17:46 | 000,414,496 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2013.09.03 08:10:44 | 000,031,232 | ---- | M] (EventGhost Project) -- C:\Program Files (x86)\EventGhost\EventGhost.exe PRC - [2013.07.31 01:50:34 | 000,189,248 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe PRC - [2013.07.31 01:50:26 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2013.07.03 22:39:22 | 001,028,896 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe PRC - [2013.07.03 22:32:38 | 001,887,520 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2013.07.03 22:32:25 | 001,205,024 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe PRC - [2013.06.04 11:21:46 | 000,702,976 | ---- | M] () -- C:\Program Files (x86)\mysms\mysms.exe PRC - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2013.04.04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2012.02.08 13:55:59 | 000,083,240 | ---- | M] () -- C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe PRC - [2012.02.01 05:21:41 | 000,292,136 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe PRC - [2012.02.01 05:21:39 | 000,075,048 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe PRC - [2011.07.14 14:45:44 | 000,009,216 | ---- | M] (Vodafone) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe PRC - [2011.07.08 14:59:34 | 000,997,376 | ---- | M] (IVT Corporation) -- C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe PRC - [2011.04.13 11:06:02 | 000,319,574 | ---- | M] (IVT Corporation) -- C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe PRC - [2011.04.13 11:00:54 | 000,147,563 | ---- | M] (IVT Corporation) -- C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsMobileCS.exe PRC - [2011.03.11 13:08:32 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2011.03.11 13:08:31 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2010.03.01 10:57:12 | 000,152,936 | ---- | M] (Buyond GmbH) -- C:\Program Files (x86)\Buyond_GmbH\GloboFleet_CC_Plus\GloboFleet_CC_Plus.exe PRC - [2001.11.12 13:31:48 | 000,020,480 | ---- | M] (X10) -- C:\PROGRA~2\COMMON~1\X10\Common\x10nets.exe ========== Modules (No Company Name) ========== MOD - [2014.01.25 23:23:35 | 019,336,120 | ---- | M] () -- C:\Programme\AVAST Software\Avast\libcef.dll MOD - [2013.09.05 00:14:10 | 004,300,456 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf MOD - [2013.09.03 08:10:58 | 000,745,984 | ---- | M] () -- C:\Program Files (x86)\EventGhost\lib26\wx._gdi_.pyd MOD - [2013.09.03 08:10:58 | 000,675,328 | ---- | M] () -- C:\Program Files (x86)\EventGhost\lib26\wx._misc_.pyd MOD - [2013.09.03 08:10:58 | 000,670,208 | ---- | M] () -- C:\Program Files (x86)\EventGhost\lib26\wx._windows_.pyd MOD - [2013.09.03 08:10:58 | 000,324,096 | ---- | M] () -- C:\Program Files (x86)\EventGhost\lib26\_imaging.pyd MOD - [2013.09.03 08:10:56 | 000,980,480 | ---- | M] () -- C:\Program Files (x86)\EventGhost\lib26\wx._core_.pyd MOD - [2013.09.03 08:10:56 | 000,965,632 | ---- | M] () -- C:\Program Files (x86)\EventGhost\lib26\wx._controls_.pyd MOD - [2013.09.03 08:10:56 | 000,324,096 | ---- | M] () -- C:\Program Files (x86)\EventGhost\lib26\PIL._imaging.pyd MOD - [2013.09.03 08:10:54 | 000,031,232 | ---- | M] () -- C:\Program Files (x86)\EventGhost\lib26\Crypto.Cipher.AES.pyd MOD - [2013.09.03 03:16:28 | 000,090,624 | ---- | M] () -- C:\Program Files (x86)\EventGhost\plugins\System\VistaVolEvents.pyd MOD - [2013.06.04 11:21:46 | 000,702,976 | ---- | M] () -- C:\Program Files (x86)\mysms\mysms.exe MOD - [2013.06.04 09:04:12 | 019,622,912 | ---- | M] () -- C:\Program Files (x86)\mysms\QtWebKit4.dll MOD - [2013.06.02 03:10:38 | 000,068,608 | ---- | M] () -- C:\Program Files (x86)\EventGhost\lib26\site-packages\cFunctions.pyd MOD - [2013.05.27 04:48:22 | 001,445,888 | ---- | M] () -- C:\Program Files (x86)\mysms\libeay32.dll MOD - [2013.05.27 04:48:22 | 000,324,608 | ---- | M] () -- C:\Program Files (x86)\mysms\ssleay32.dll MOD - [2011.04.18 23:36:52 | 000,479,744 | ---- | M] () -- C:\Program Files (x86)\EventGhost\lib26\wxmsw28uh_html_vc.dll MOD - [2011.04.18 23:36:42 | 000,730,112 | ---- | M] () -- C:\Program Files (x86)\EventGhost\lib26\wxmsw28uh_adv_vc.dll MOD - [2011.04.18 23:36:38 | 003,165,184 | ---- | M] () -- C:\Program Files (x86)\EventGhost\lib26\wxmsw28uh_core_vc.dll MOD - [2011.04.18 23:36:06 | 000,122,368 | ---- | M] () -- C:\Program Files (x86)\EventGhost\lib26\wxbase28uh_net_vc.dll MOD - [2011.04.18 23:36:04 | 001,300,992 | ---- | M] () -- C:\Program Files (x86)\EventGhost\lib26\wxbase28uh_vc.dll MOD - [2011.04.13 11:00:58 | 000,028,672 | ---- | M] () -- C:\Windows\SysWOW64\BsMobileCSps.dll MOD - [2011.03.28 10:04:52 | 000,237,568 | ---- | M] () -- C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile\BaseLib.dll MOD - [2011.02.27 18:12:56 | 000,110,080 | ---- | M] () -- C:\Program Files (x86)\EventGhost\lib26\pywintypes26.dll MOD - [2011.02.26 19:34:56 | 000,354,304 | ---- | M] () -- C:\Program Files (x86)\EventGhost\lib26\pythoncom26.dll MOD - [2011.02.26 19:33:20 | 000,167,424 | ---- | M] () -- C:\Program Files (x86)\EventGhost\lib26\win32gui.pyd MOD - [2011.02.26 19:33:14 | 000,096,768 | ---- | M] () -- C:\Program Files (x86)\EventGhost\lib26\win32api.pyd MOD - [2011.02.26 19:32:46 | 000,015,872 | ---- | M] () -- C:\Program Files (x86)\EventGhost\lib26\win32trace.pyd MOD - [2011.02.26 19:32:28 | 000,035,840 | ---- | M] () -- C:\Program Files (x86)\EventGhost\lib26\win32process.pyd MOD - [2011.02.26 19:31:46 | 000,112,128 | ---- | M] () -- C:\Program Files (x86)\EventGhost\lib26\win32file.pyd MOD - [2010.03.31 20:59:20 | 000,122,880 | ---- | M] () -- C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile\s40pack.dll MOD - [2010.03.20 15:32:18 | 000,010,240 | ---- | M] () -- C:\Program Files (x86)\EventGhost\lib26\select.pyd MOD - [2010.03.20 15:32:08 | 000,027,648 | ---- | M] () -- C:\Program Files (x86)\EventGhost\lib26\_multiprocessing.pyd MOD - [2010.03.20 15:31:40 | 000,357,376 | ---- | M] () -- C:\Program Files (x86)\EventGhost\lib26\_hashlib.pyd MOD - [2010.03.20 15:31:10 | 000,127,488 | ---- | M] () -- C:\Program Files (x86)\EventGhost\lib26\pyexpat.pyd MOD - [2010.03.20 15:30:24 | 000,093,184 | ---- | M] () -- C:\Program Files (x86)\EventGhost\lib26\_ctypes.pyd MOD - [2010.03.20 15:29:24 | 000,125,952 | ---- | M] () -- C:\Program Files (x86)\EventGhost\lib26\_elementtree.pyd MOD - [2010.03.20 15:29:00 | 000,805,888 | ---- | M] () -- C:\Program Files (x86)\EventGhost\lib26\_ssl.pyd MOD - [2010.03.20 15:28:50 | 000,584,192 | ---- | M] () -- C:\Program Files (x86)\EventGhost\lib26\unicodedata.pyd MOD - [2010.03.20 15:27:36 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\EventGhost\lib26\_socket.pyd MOD - [2010.03.01 10:57:14 | 000,058,728 | ---- | M] () -- C:\Program Files (x86)\Buyond_GmbH\GloboFleet_CC_Plus\lib\jpcsc.dll MOD - [2003.05.01 16:23:28 | 000,041,472 | ---- | M] () -- C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile\cscvt.dll ========== Services (SafeList) ========== SRV:64bit: - [2013.11.26 10:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService) SRV - [2014.02.05 16:14:15 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2014.02.05 09:48:32 | 004,915,040 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9) SRV - [2014.01.25 23:23:35 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2013.12.18 10:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013.09.12 00:17:46 | 000,414,496 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2013.07.31 01:50:34 | 000,189,248 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB) SRV - [2013.07.31 01:50:26 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2013.07.25 20:06:55 | 000,332,272 | ---- | M] (Google Inc.) [Disabled | Stopped] -- C:\ProgramData\Partner\Partner.exe -- (Partner Service) SRV - [2013.07.03 22:32:38 | 001,887,520 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2012.06.07 08:17:28 | 000,072,640 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\HDD Health\HDDHealthService.exe -- (HDDHealth) SRV - [2012.02.08 13:55:59 | 000,083,240 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe -- (CLHNServiceForPowerDVD) SRV - [2012.02.01 05:21:41 | 000,292,136 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe -- (CyberLink PowerDVD 11.0 Service) SRV - [2012.02.01 05:21:39 | 000,075,048 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe -- (CyberLink PowerDVD 11.0 Monitor Service) SRV - [2011.07.14 14:45:44 | 000,009,216 | ---- | M] (Vodafone) [Auto | Running] -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe -- (VmbService) SRV - [2011.07.08 14:59:34 | 000,997,376 | ---- | M] (IVT Corporation) [Auto | Running] -- C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe -- (BlueSoleilCS) SRV - [2011.04.30 08:32:54 | 000,013,592 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) SRV - [2011.04.13 11:09:18 | 000,192,000 | ---- | M] (IVT Corporation) [On_Demand | Running] -- C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe -- (BsHelpCS) SRV - [2011.04.13 11:00:54 | 000,147,563 | ---- | M] (IVT Corporation) [Auto | Running] -- C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsMobileCS.exe -- (BsMobileCS) SRV - [2011.03.11 13:08:32 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2011.03.11 13:08:31 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2010.03.18 21:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.01.09 20:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) SRV - [2010.01.09 20:20:56 | 000,174,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose64) SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008.09.08 06:59:00 | 000,575,488 | ---- | M] (Nokia.) [Disabled | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2001.11.12 13:31:48 | 000,020,480 | ---- | M] (X10) [Auto | Running] -- C:\PROGRA~2\COMMON~1\X10\Common\x10nets.exe -- (x10nets) ========== Driver Services (SafeList) ========== DRV:64bit: - [2014.01.25 23:24:02 | 000,079,672 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm) DRV:64bit: - [2014.01.25 23:23:36 | 000,207,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm) DRV:64bit: - [2014.01.25 23:23:36 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt) DRV:64bit: - [2014.01.25 23:23:35 | 001,034,464 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:64bit: - [2014.01.25 23:23:35 | 000,422,216 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:64bit: - [2014.01.25 23:23:35 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:64bit: - [2014.01.25 23:23:35 | 000,078,648 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:64bit: - [2013.09.29 21:39:32 | 000,034,032 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\seehcri.sys -- (seehcri) DRV:64bit: - [2013.09.29 21:39:19 | 000,027,760 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc) DRV:64bit: - [2013.09.29 21:39:19 | 000,014,448 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt) DRV:64bit: - [2013.09.17 21:22:42 | 000,196,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2013.09.13 00:10:07 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:64bit: - [2013.09.08 12:14:48 | 000,031,136 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\HWiNFO64A.SYS -- (HWiNFO32) DRV:64bit: - [2013.08.21 05:31:40 | 000,204,568 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm) DRV:64bit: - [2013.08.21 05:31:40 | 000,103,576 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus) DRV:64bit: - [2013.07.12 13:29:00 | 000,086,376 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K) DRV:64bit: - [2013.07.12 13:29:00 | 000,079,592 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS) DRV:64bit: - [2013.04.04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2012.11.09 15:35:12 | 000,514,856 | ---- | M] (ITETech ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AF15BDA.sys -- (AF9035BDA) DRV:64bit: - [2012.08.23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2012.08.23 15:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2012.08.23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011.11.04 12:37:00 | 000,146,736 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp) DRV:64bit: - [2011.06.01 09:13:13 | 000,027,240 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt) DRV:64bit: - [2011.05.20 16:15:54 | 000,058,880 | ---- | M] (Vodafone) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vodafone_zte_cdc_ecm.sys -- (vodafone_zte_cdc_ecm) DRV:64bit: - [2011.05.20 16:15:54 | 000,056,320 | ---- | M] (Vodafone) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vodafone_zte_ecm_enum_filter.sys -- (vodafone_zte_ecm_enum_filter) DRV:64bit: - [2011.05.20 16:15:54 | 000,056,320 | ---- | M] (Vodafone) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vodafone_zte_ecm_enum.sys -- (vodafone_zte_ecm_enum) DRV:64bit: - [2011.05.20 16:15:52 | 000,079,872 | ---- | M] (Vodafone) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vodafone_zte_cdc_acm.sys -- (vodafone_zte_cdc_acm) DRV:64bit: - [2011.05.20 16:15:52 | 000,014,336 | ---- | M] (Vodafone) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vodafone_zte_cpo.sys -- (vodafone_zte_cpo) DRV:64bit: - [2011.05.13 02:21:04 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm) DRV:64bit: - [2011.05.13 02:21:04 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd) DRV:64bit: - [2011.05.13 02:21:02 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) DRV:64bit: - [2011.05.13 02:21:02 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb) DRV:64bit: - [2011.05.13 02:21:02 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl) DRV:64bit: - [2011.04.26 19:07:36 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2011.03.11 13:08:31 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011.03.05 00:00:14 | 000,390,632 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci) DRV:64bit: - [2011.03.05 00:00:14 | 000,126,952 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3) DRV:64bit: - [2011.02.16 17:11:08 | 000,428,136 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.11 00:11:50 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm) DRV:64bit: - [2010.11.11 00:11:50 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus) DRV:64bit: - [2010.11.11 00:11:50 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl) DRV:64bit: - [2010.09.23 21:03:06 | 000,129,008 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd) DRV:64bit: - [2010.09.01 13:33:12 | 000,075,776 | ---- | M] (Vodafone) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vodafone_K3805-z_dc_enum.sys -- (vodafone_K3805-z_dc_enum) DRV:64bit: - [2010.08.26 20:29:30 | 000,025,352 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btcombus.sys -- (BTCOMBUS) DRV:64bit: - [2010.08.26 20:29:28 | 000,029,448 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btcomport.sys -- (BTCOM) DRV:64bit: - [2010.08.18 21:19:46 | 000,020,488 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btnetdrv.sys -- (BT) DRV:64bit: - [2010.06.24 10:35:04 | 000,042,888 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btcusb.sys -- (Btcsrusb) DRV:64bit: - [2010.04.06 17:33:10 | 000,030,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btnetBus.sys -- (btnetBUs) DRV:64bit: - [2010.04.06 17:32:48 | 000,027,016 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IvtBtBus.sys -- (IvtBtBUs) DRV:64bit: - [2010.04.06 17:32:46 | 000,023,944 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\BtHidBus.sys -- (BtHidBus) DRV:64bit: - [2010.02.06 15:49:24 | 000,690,208 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL8192su.sys -- (RTL8192su) DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.17 13:02:20 | 000,036,872 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BlueletSCOAudio.sys -- (BlueletSCOAudio) DRV:64bit: - [2009.06.17 13:02:12 | 000,036,360 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\blueletaudio.sys -- (BlueletAudio) DRV:64bit: - [2009.06.10 21:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2008.08.28 11:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd) DRV:64bit: - [2006.11.30 14:17:56 | 000,033,048 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\x10ufx2.sys -- (XUIF) DRV - [2012.02.08 14:33:58 | 000,148,976 | ---- | M] (CyberLink Corp.) [2013/12/14 18:56:45] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl -- ({329F96B6-DF1E-4328-BFDA-39EA953C1312}) DRV - [2012.02.08 13:56:00 | 000,075,248 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys -- (ntk_PowerDVD) DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2009.06.17 13:02:12 | 000,036,360 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\blueletaudio.sys -- (BlueletAudio) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=MDND&bmod=MDND IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=MDND&bmod=MDND IE - HKCU\..\SearchScopes,DefaultScope = {FAADB758-CBAD-42CE-B985-18E673BE5918} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\..\SearchScopes\{FAADB758-CBAD-42CE-B985-18E673BE5918}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDND_deDE547 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll () ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google  riginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{go ogle:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{googlemniboxStartMarginParameter}ie={inputEnco ding}CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefi xUrl}{google  ageClassification}sugkey={google:suggestAPIKeyParameter},CHR - homepage: hxxp://www.google.com/ig/redirectdomain?brand=MDND&bmod=MDND CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll CHR - Extension: ProxTube = C:\Users\Neset\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek\1.2.7_0\ CHR - Extension: Adblock Plus = C:\Users\Neset\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.2_0\ CHR - Extension: Adblock Plus = C:\Users\Neset\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.4_0\ CHR - Extension: avast! Online Security = C:\Users\Neset\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2013.75_0\ CHR - Extension: DVDVideoSoft = C:\Users\Neset\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_0\ CHR - Extension: Google Wallet = C:\Users\Neset\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\ O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (ShuopDrop) - {02667D93-E4D6-F531-4BEF-0743946C7D6A} - C:\ProgramData\ShuopDrop\wB6_4htSg.x64.dll File not found O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation) O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software) O4 - HKLM..\Run: [BtTray] C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe (IVT Corporation) O4 - HKLM..\Run: [GloboFleet] C:\Program Files (x86)\Buyond_GmbH\GloboFleet_CC_Plus\GloboFleet_CC_Plus.exe (Buyond GmbH) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd) O4 - HKCU..\Run: [mysms] C:\Program Files (x86)\mysms\mysms.exe () O4 - HKLM..\RunOnce: [20131224] C:\Program Files\AVAST Software\Avast\setup\emupdate\da0663a3-4681-4c5a-8e25-d49f5b835fb7.exe (AVAST Software) O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware (cleanup)] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll (Malwarebytes Corporation) O4 - Startup: C:\Users\Neset\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EventGhost.lnk = C:\Program Files (x86)\EventGhost\EventGhost.exe (EventGhost Project) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm () O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm () O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8:64bit: - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 File not found O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm () O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 File not found O9:64bit: - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found O9:64bit: - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.) O9:64bit: - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.) O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found O9 - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.) O9 - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{77FC1C4C-FFBD-4CD5-A278-8E060C677A59}: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\ms-help - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWOW64\skype4com.dll (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (c:\progra~2\gsb779~1.ena) - File not found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{0cdcaf20-28dc-11e3-beb3-8c89a55a952b}\Shell - "" = AutoRun O33 - MountPoints2\{0cdcaf20-28dc-11e3-beb3-8c89a55a952b}\Shell\AutoRun\command - "" = F:\setup_vmb_lite.exe /checkApplicationPresence O33 - MountPoints2\{21a130bd-277a-11e3-b6c7-8c89a55a952b}\Shell - "" = AutoRun O33 - MountPoints2\{21a130bd-277a-11e3-b6c7-8c89a55a952b}\Shell\AutoRun\command - "" = F:\setup_vmb_lite.exe /checkApplicationPresence O33 - MountPoints2\{21a13163-277a-11e3-b6c7-8c89a55a952b}\Shell - "" = AutoRun O33 - MountPoints2\{21a13163-277a-11e3-b6c7-8c89a55a952b}\Shell\AutoRun\command - "" = F:\setup_vmb_lite.exe /checkApplicationPresence O33 - MountPoints2\{2aab695b-f829-11e2-935c-8c89a55a952b}\Shell - "" = AutoRun O33 - MountPoints2\{2aab695b-f829-11e2-935c-8c89a55a952b}\Shell\AutoRun\command - "" = H:\Setup.exe O33 - MountPoints2\{2cf226bc-2945-11e3-b7e8-8c89a55a952b}\Shell - "" = AutoRun O33 - MountPoints2\{2cf226bc-2945-11e3-b7e8-8c89a55a952b}\Shell\AutoRun\command - "" = H:\setup_vmb_lite.exe /checkApplicationPresence O33 - MountPoints2\{dad40d0f-28e3-11e3-86f7-8c89a55a952b}\Shell - "" = AutoRun O33 - MountPoints2\{dad40d0f-28e3-11e3-86f7-8c89a55a952b}\Shell\AutoRun\command - "" = F:\setup_vmb_lite.exe /checkApplicationPresence O33 - MountPoints2\{dad40d12-28e3-11e3-86f7-8c89a55a952b}\Shell - "" = AutoRun O33 - MountPoints2\{dad40d12-28e3-11e3-86f7-8c89a55a952b}\Shell\AutoRun\command - "" = F:\setup_vmb_lite.exe /checkApplicationPresence O33 - MountPoints2\{df5ac249-f9b5-11e2-8bd2-8c89a55a952b}\Shell - "" = AutoRun O33 - MountPoints2\{df5ac249-f9b5-11e2-8bd2-8c89a55a952b}\Shell\AutoRun\command - "" = J:\Fairlight\Install.EXE O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HDDHealth.lnk - C:\PROGRA~2\HDDHEA~1\HDDHEA~1.EXE - (PANTERASoft) MsConfig:64bit - StartUpReg: BCSSync - hkey= - key= - C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation) MsConfig:64bit - StartUpReg: CLMLServer - hkey= - key= - File not found MsConfig:64bit - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd) MsConfig:64bit - StartUpReg: EADM - hkey= - key= - C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts) MsConfig:64bit - StartUpReg: IAStorIcon - hkey= - key= - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) MsConfig:64bit - StartUpReg: KiesAirMessage - hkey= - key= - File not found MsConfig:64bit - StartUpReg: KiesPreload - hkey= - key= - C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung) MsConfig:64bit - StartUpReg: KiesTrayAgent - hkey= - key= - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) MsConfig:64bit - StartUpReg: MedionReminder - hkey= - key= - File not found MsConfig:64bit - StartUpReg: MobileBroadband - hkey= - key= - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe (Vodafone) MsConfig:64bit - StartUpReg: RemoteControl11 - hkey= - key= - C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe (CyberLink Corp.) MsConfig:64bit - StartUpReg: swg - hkey= - key= - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) MsConfig:64bit - StartUpReg: WSHelperSetup.exe - hkey= - key= - File not found MsConfig:64bit - State: "services" - Reg Error: Key error. MsConfig:64bit - State: "startup" - Reg Error: Key error. SafeBootMin:64bit: AppMgmt - Service SafeBootMin:64bit: Base - Driver Group SafeBootMin:64bit: Boot Bus Extender - Driver Group SafeBootMin:64bit: Boot file system - Driver Group SafeBootMin:64bit: File system - Driver Group SafeBootMin:64bit: Filter - Driver Group SafeBootMin:64bit: HelpSvc - Service SafeBootMin:64bit: PCI Configuration - Driver Group SafeBootMin:64bit: PNP Filter - Driver Group SafeBootMin:64bit: Primary disk - Driver Group SafeBootMin:64bit: sacsvr - Service SafeBootMin:64bit: SCSI Class - Driver Group SafeBootMin:64bit: System Bus Extender - Driver Group SafeBootMin:64bit: vmms - Service SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:64bit: AppMgmt - Service SafeBootNet:64bit: Base - Driver Group SafeBootNet:64bit: Boot Bus Extender - Driver Group SafeBootNet:64bit: Boot file system - Driver Group SafeBootNet:64bit: File system - Driver Group SafeBootNet:64bit: Filter - Driver Group SafeBootNet:64bit: HelpSvc - Service SafeBootNet:64bit: Messenger - Service SafeBootNet:64bit: NDIS Wrapper - Driver Group SafeBootNet:64bit: NetBIOSGroup - Driver Group SafeBootNet:64bit: NetDDEGroup - Driver Group SafeBootNet:64bit: Network - Driver Group SafeBootNet:64bit: NetworkProvider - Driver Group SafeBootNet:64bit: PCI Configuration - Driver Group SafeBootNet:64bit: PNP Filter - Driver Group SafeBootNet:64bit: PNP_TDI - Driver Group SafeBootNet:64bit: Primary disk - Driver Group SafeBootNet:64bit: rdsessmgr - Service SafeBootNet:64bit: sacsvr - Service SafeBootNet:64bit: SCSI Class - Driver Group SafeBootNet:64bit: Streams Drivers - Driver Group SafeBootNet:64bit: System Bus Extender - Driver Group SafeBootNet:64bit: TDI - Driver Group SafeBootNet:64bit: vmms - Service SafeBootNet:64bit: WudfUsbccidDriver - Driver SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {76C19B34-F0C8-11cf-87CC-0020AFEECF20} - Simp Chinese Language Pack ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP Drivers32:64bit: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32:64bit: msacm.siren - File not found Drivers32:64bit: vidc.cvid - File not found Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2014.02.05 15:25:28 | 000,000,000 | ---D | C] -- C:\Users\Neset\AppData\Roaming\Malwarebytes [2014.02.05 15:25:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2014.02.05 15:25:09 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2014.02.05 15:25:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2014.02.05 15:25:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2014.01.25 23:24:10 | 000,000,000 | ---D | C] -- C:\Users\Neset\AppData\Roaming\AVAST Software [2014.01.25 23:24:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast [2014.01.25 23:23:39 | 001,034,464 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2014.01.25 23:23:39 | 000,422,216 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2014.01.25 23:23:39 | 000,079,672 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys [2014.01.25 23:23:38 | 000,092,544 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys [2014.01.25 23:23:38 | 000,078,648 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2014.01.25 23:23:37 | 000,334,136 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2014.01.25 23:23:35 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2014.01.25 23:23:15 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2014.01.25 23:22:48 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2014.01.18 15:01:15 | 000,000,000 | ---D | C] -- C:\Users\Neset\Documents\Autodata [2014.01.18 14:43:27 | 000,000,000 | ---D | C] -- C:\ADCDA2 [2014.01.15 11:11:06 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys [2014.01.15 11:11:06 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys [2014.01.15 11:11:05 | 000,376,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys [2014.01.14 23:28:33 | 000,000,000 | ---D | C] -- C:\Users\Neset\Desktop\3503058-FIAT_activated (1) [2014.01.14 21:29:55 | 000,000,000 | ---D | C] -- C:\Users\Neset\Desktop\Autodata [2014.01.14 15:12:30 | 000,000,000 | ---D | C] -- C:\ProgramData\CMUV [2014.01.14 15:11:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVBViewer TERRATEC Edition [2014.01.14 15:11:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVBViewer TERRATEC Edition [2014.01.14 15:05:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TERRATEC [2014.01.14 15:05:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\TERRATEC [2014.01.13 18:47:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GloboFleet CC Plus [2014.01.13 18:47:32 | 000,000,000 | ---D | C] -- C:\ProgramData\GloboFleet [2014.01.13 18:47:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Buyond_GmbH [2014.01.13 18:46:00 | 000,181,064 | ---- | C] (Sysinternals) -- C:\Windows\PSEXESVC.EXE [2014.01.13 18:42:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VCDS MFT 12.12.0 [2014.01.13 18:41:31 | 000,000,000 | ---D | C] -- C:\Ross-Tech [1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2014.02.05 16:28:01 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2014.02.05 16:14:17 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2014.02.05 16:14:13 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2014.02.05 16:14:13 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2014.02.05 15:32:30 | 000,001,094 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 9.lnk [2014.02.05 15:26:09 | 000,021,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2014.02.05 15:26:09 | 000,021,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2014.02.05 15:25:10 | 000,001,117 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2014.02.05 15:20:52 | 001,613,412 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2014.02.05 15:20:52 | 000,696,848 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2014.02.05 15:20:52 | 000,652,166 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2014.02.05 15:20:52 | 000,148,144 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2014.02.05 15:20:52 | 000,121,098 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2014.02.05 15:20:25 | 000,001,282 | ---- | M] () -- C:\Windows\SysWow64\bscs.ini [2014.02.05 15:16:17 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2014.02.05 15:16:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2014.02.05 15:16:03 | 522,420,223 | -HS- | M] () -- C:\hiberfil.sys [2014.01.26 22:22:39 | 000,006,510 | ---- | M] () -- C:\Windows\SysWow64\LOCALSERVICE.INI [2014.01.25 23:24:08 | 000,001,970 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2014.01.25 23:24:02 | 000,079,672 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys [2014.01.25 23:23:36 | 000,207,904 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys [2014.01.25 23:23:36 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys [2014.01.25 23:23:35 | 001,034,464 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2014.01.25 23:23:35 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2014.01.25 23:23:35 | 000,334,136 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2014.01.25 23:23:35 | 000,092,544 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys [2014.01.25 23:23:35 | 000,078,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2014.01.25 23:23:35 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2014.01.24 18:42:52 | 000,000,191 | ---- | M] () -- C:\Windows\SysWow64\LOCALDEVICE.INI [2014.01.22 15:29:11 | 000,000,535 | ---- | M] () -- C:\Users\Neset\Desktop\ADBCD - Verknüpfung.lnk [2014.01.17 11:31:03 | 000,002,023 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk [2014.01.16 09:25:06 | 000,415,256 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2014.01.14 23:28:25 | 002,356,814 | ---- | M] () -- C:\Users\Neset\Desktop\3503058-FIAT_activated (1).rar [2014.01.14 15:11:30 | 000,001,141 | ---- | M] () -- C:\Users\Neset\Desktop\DVBViewer TERRATEC Edition.lnk [2014.01.13 18:47:49 | 000,001,213 | ---- | M] () -- C:\Users\Public\Desktop\GloboFleet CC Plus.lnk [2014.01.13 18:46:00 | 000,181,064 | ---- | M] (Sysinternals) -- C:\Windows\PSEXESVC.EXE [2014.01.13 18:42:53 | 000,001,664 | ---- | M] () -- C:\Users\Public\Desktop\VCDS MFT 12.12.0.lnk [2014.01.09 09:42:49 | 000,008,172 | ---- | M] () -- C:\Users\Neset\Desktop\bookmarks_09.01.14.html [1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ] ========== Files Created - No Company Name ========== [2014.02.05 15:25:10 | 000,001,117 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2014.01.25 23:24:08 | 000,001,970 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2014.01.25 23:23:39 | 000,207,904 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys [2014.01.25 23:23:39 | 000,065,776 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys [2014.01.22 15:29:11 | 000,000,535 | ---- | C] () -- C:\Users\Neset\Desktop\ADBCD - Verknüpfung.lnk [2014.01.14 23:28:27 | 002,356,814 | ---- | C] () -- C:\Users\Neset\Desktop\3503058-FIAT_activated (1).rar [2014.01.14 15:11:30 | 000,001,141 | ---- | C] () -- C:\Users\Neset\Desktop\DVBViewer TERRATEC Edition.lnk [2014.01.13 18:47:49 | 000,001,213 | ---- | C] () -- C:\Users\Public\Desktop\GloboFleet CC Plus.lnk [2014.01.13 18:42:53 | 000,001,664 | ---- | C] () -- C:\Users\Public\Desktop\VCDS MFT 12.12.0.lnk [2014.01.09 09:42:49 | 000,008,172 | ---- | C] () -- C:\Users\Neset\Desktop\bookmarks_09.01.14.html [2013.12.29 18:29:54 | 000,127,184 | ---- | C] () -- C:\Windows\Unwise.exe [2013.10.30 12:07:00 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2013.10.30 12:06:54 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll [2013.10.30 12:06:54 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll [2013.10.30 12:06:54 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll [2013.10.30 12:06:54 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll [2013.10.29 19:09:29 | 000,007,600 | ---- | C] () -- C:\Users\Neset\AppData\Local\Resmon.ResmonCfg [2013.09.13 00:15:52 | 000,001,882 | ---- | C] () -- C:\Windows\RBSystem.ini [2013.09.13 00:13:38 | 000,487,424 | ---- | C] () -- C:\Windows\esi_kl02.dat [2013.09.13 00:13:33 | 000,655,360 | ---- | C] () -- C:\Windows\SysWow64\dslang32.dll [2013.09.13 00:13:33 | 000,327,680 | ---- | C] () -- C:\Windows\SysWow64\ldf251.dll [2013.09.13 00:12:20 | 000,000,729 | ---- | C] () -- C:\Windows\ESIDATA.ini [2013.09.10 21:54:34 | 000,002,745 | ---- | C] () -- C:\Windows\SysWow64\SHORTCUT.INI [2013.09.10 21:53:14 | 000,000,388 | ---- | C] () -- C:\Windows\SysWow64\REMOTEDEVICE.INI [2013.09.10 21:53:03 | 000,006,510 | ---- | C] () -- C:\Windows\SysWow64\LOCALSERVICE.INI [2013.09.10 21:53:02 | 000,000,191 | ---- | C] () -- C:\Windows\SysWow64\LOCALDEVICE.INI [2013.09.10 21:50:33 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\BSPRINT.INI [2013.07.31 01:50:27 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2013.07.31 01:50:26 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2013.07.29 17:04:53 | 001,591,922 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.07.12 13:02:16 | 000,232,496 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4 ========== ZeroAccess Check ========== [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2013.08.10 12:00:46 | 000,000,000 | ---D | M] -- C:\Users\Neset\AppData\Roaming\.myibay [2013.12.27 02:34:37 | 000,000,000 | ---D | M] -- C:\Users\Neset\AppData\Roaming\abgx360 [2013.08.05 10:49:20 | 000,000,000 | ---D | M] -- C:\Users\Neset\AppData\Roaming\Adobe [2014.01.25 23:24:10 | 000,000,000 | ---D | M] -- C:\Users\Neset\AppData\Roaming\AVAST Software [2013.08.23 11:07:06 | 000,000,000 | ---D | M] -- C:\Users\Neset\AppData\Roaming\Canneverbe Limited [2013.09.22 11:45:57 | 000,000,000 | ---D | M] -- C:\Users\Neset\AppData\Roaming\com.AdamOutler [2013.12.14 13:49:23 | 000,000,000 | ---D | M] -- C:\Users\Neset\AppData\Roaming\CyberLink [2013.09.13 00:12:15 | 000,000,000 | ---D | M] -- C:\Users\Neset\AppData\Roaming\DAEMON Tools Lite [2013.07.29 12:52:39 | 000,000,000 | ---D | M] -- C:\Users\Neset\AppData\Roaming\DAEMON Tools Ultra [2013.12.14 13:44:03 | 000,000,000 | ---D | M] -- C:\Users\Neset\AppData\Roaming\dvdcss [2013.12.12 13:53:26 | 000,000,000 | ---D | M] -- C:\Users\Neset\AppData\Roaming\DVDVideoSoft [2013.09.30 15:41:37 | 000,000,000 | ---D | M] -- C:\Users\Neset\AppData\Roaming\DVDVideoSoftIEHelpers [2013.12.29 18:36:22 | 000,000,000 | ---D | M] -- C:\Users\Neset\AppData\Roaming\EventGhost [2013.09.27 20:37:37 | 000,000,000 | ---D | M] -- C:\Users\Neset\AppData\Roaming\FLEXnet [2013.08.23 10:12:19 | 000,000,000 | ---D | M] -- C:\Users\Neset\AppData\Roaming\Google [2013.09.21 15:55:27 | 000,000,000 | ---D | M] -- C:\Users\Neset\AppData\Roaming\HandBrake [2013.07.25 20:09:27 | 000,000,000 | ---D | M] -- C:\Users\Neset\AppData\Roaming\Identities [2013.12.27 13:09:38 | 000,000,000 | ---D | M] -- C:\Users\Neset\AppData\Roaming\ImgBurn [2013.07.25 20:10:41 | 000,000,000 | ---D | M] -- C:\Users\Neset\AppData\Roaming\Intel Corporation [2011.02.10 21:48:57 | 000,000,000 | ---D | M] -- C:\Users\Neset\AppData\Roaming\Macromedia [2014.02.05 15:25:28 | 000,000,000 | ---D | M] -- C:\Users\Neset\AppData\Roaming\Malwarebytes [2010.11.21 08:16:41 | 000,000,000 | ---D | M] -- C:\Users\Neset\AppData\Roaming\Media Center Programs [2014.01.11 17:49:05 | 000,000,000 | --SD | M] -- C:\Users\Neset\AppData\Roaming\Microsoft [2013.12.27 02:44:24 | 000,000,000 | ---D | M] -- C:\Users\Neset\AppData\Roaming\NVIDIA [2013.09.10 13:28:02 | 000,000,000 | ---D | M] -- C:\Users\Neset\AppData\Roaming\Origin [2013.12.19 14:06:17 | 000,000,000 | ---D | M] -- C:\Users\Neset\AppData\Roaming\Samsung [2013.10.23 09:24:37 | 000,000,000 | ---D | M] -- C:\Users\Neset\AppData\Roaming\SoftGrid Client [2013.12.20 19:48:31 | 000,000,000 | ---D | M] -- C:\Users\Neset\AppData\Roaming\TeamViewer [2013.08.31 14:00:58 | 000,000,000 | ---D | M] -- C:\Users\Neset\AppData\Roaming\TP [2013.07.31 01:43:43 | 000,000,000 | ---D | M] -- C:\Users\Neset\AppData\Roaming\Ubisoft [2013.12.14 11:10:59 | 000,000,000 | ---D | M] -- C:\Users\Neset\AppData\Roaming\Ultimate Updater [2014.02.05 16:48:23 | 000,000,000 | ---D | M] -- C:\Users\Neset\AppData\Roaming\vlc [2013.09.27 20:30:39 | 000,000,000 | ---D | M] -- C:\Users\Neset\AppData\Roaming\Vodafone [2013.07.30 21:16:59 | 000,000,000 | ---D | M] -- C:\Users\Neset\AppData\Roaming\WinRAR [2013.09.09 13:48:37 | 000,000,000 | ---D | M] -- C:\Users\Neset\AppData\Roaming\X10Receiver.NET < %APPDATA%\*.exe /s > [2011.06.15 20:16:54 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Neset\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe [2013.09.10 17:20:51 | 000,004,608 | R--- | M] () -- C:\Users\Neset\AppData\Roaming\Microsoft\Installer\{6D264099-4133-453F-8588-2AE04705D7DE}\Icon6D2640991.exe [2013.09.11 10:12:52 | 000,010,134 | R--- | M] () -- C:\Users\Neset\AppData\Roaming\Microsoft\Installer\{BF5DD3E1-A2B8-483E-8AA6-49E343FB35EE}\_2639D83A1B9E3333A441E9.exe [2013.09.11 10:12:52 | 000,010,134 | R--- | M] () -- C:\Users\Neset\AppData\Roaming\Microsoft\Installer\{BF5DD3E1-A2B8-483E-8AA6-49E343FB35EE}\_2B50A6240483ABD5D49DED.exe [2013.09.11 10:12:53 | 000,010,134 | R--- | M] () -- C:\Users\Neset\AppData\Roaming\Microsoft\Installer\{BF5DD3E1-A2B8-483E-8AA6-49E343FB35EE}\_471E3D6953EAA9B29450EF.exe < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys [2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys < MD5 for: ATAPI.SYS > [2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys [2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys [2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys [2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys [2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys < MD5 for: CNGAUDIT.DLL > [2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll [2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll [2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll [2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll < MD5 for: IASTOR.SYS > [2011.04.26 19:07:36 | 000,557,848 | ---- | M] (Intel Corporation) MD5=26CF4275034214ECEDD8EC17B0A18A99 -- C:\Windows\SysNative\drivers\iaStor.sys [2011.04.26 19:07:36 | 000,557,848 | ---- | M] (Intel Corporation) MD5=26CF4275034214ECEDD8EC17B0A18A99 -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_16d1c1de1eca8452\iaStor.sys < MD5 for: IASTORV.SYS > [2010.11.21 04:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys [2010.11.21 04:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys [2011.03.11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys [2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys [2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys [2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys < MD5 for: NETLOGON.DLL > [2010.11.21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll [2010.11.21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll [2010.11.21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll [2010.11.21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll < MD5 for: NVSTOR.SYS > [2011.03.11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys [2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys [2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys [2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys [2010.11.21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys [2010.11.21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys < MD5 for: SCECLI.DLL > [2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll [2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll [2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll [2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll < MD5 for: USER32.DLL > [2010.11.21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll [2010.11.21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll [2010.11.21 04:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll [2010.11.21 04:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll < MD5 for: USERINIT.EXE > [2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe [2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe [2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe < MD5 for: WININIT.EXE > [2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe [2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe [2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe [2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe < MD5 for: WINLOGON.EXE > [2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe [2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe [2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe < MD5 for: WS2IFSL.SYS > [2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys [2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2013.11.26 08:26:42 | 011,221,504 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\ieframe.dll < End of report > nur usb 3.0 vorne funktioniert und usb 2.0 hinten nicht. Im bios einstellung hab ich schon nachgeguckt, die sind aktiv. windows liegt es auch nicht dran da ich ne neue ssd festplatte gekauft habe und da drauf ein neues system installiert habe. Am Netzteil liegt es auch nicht weil ich mir neues netzteil mit sehr viel mehr power geholt habe. |
|
05.02.2014, 20:34
| #2 |
| /// the machine /// TB-Ausbilder    | USB on board wird nicht erkannt hi,
__________________ So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
06.02.2014, 14:20
| #3 |
| | USB on board wird nicht erkanntCode:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-02-2014
Ran by Neset at 2014-02-06 14:12:11
Running from C:\Users\Neset\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
abgx360 v1.0.6 (x32 Version: - )
Adobe AIR (x32 Version: 2.7.0.19480 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.7.0.19480 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) MUI (x32 Version: 10.1.9 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (x32 Version: 11.6.0.626 - Adobe Systems, Inc.)
Adobe SVG Viewer 3.0 (x32 Version: 3.0 - )
Asmedia ASM104x USB 3.0 Host Controller Driver (x32 Version: 1.10.1.0 - Asmedia Technology)
avast! Free Antivirus (x32 Version: 9.0.2011 - Avast Software)
BlueSoleil 8.0.356.0 (Version: 8.0.356.0 - IVT Corporation)
Bosch Viewer (x32 Version: - )
CDBurnerXP (x32 Version: 4.5.2.4214 - CDBurnerXP)
Cheat Engine 6.3 (x32 Version: - Cheat Engine)
CyberLink PowerDVD 11 (x32 Version: 11.0.2608.53 - CyberLink Corp.)
CyberLink PowerDVD 11 (x32 Version: 11.0.2608.53 - CyberLink Corp.) Hidden
DAEMON Tools Lite (x32 Version: 4.47.1.0337 - Disc Soft Ltd)
Darksiders II (x32 Version: - )
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (Version: - Microsoft)
DVBViewer TERRATEC Edition (x32 Version: - CM&V)
DxO FilmPack 3 (Version: 3.4.94.0 - DxO Labs)
ESI[tronic] (x32 Version: - )
EventGhost 0.4.1.r1640 (x32 Version: 0.4.1.r1640 - EventGhost Project)
Free AVI Video Converter version 5.0.31.1125 (x32 Version: 5.0.31.1125 - DVDVideoSoft Ltd.)
Free Studio version 2013 (x32 Version: 6.1.12.925 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.18.1128 (x32 Version: 3.2.18.1128 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.17.1127 (x32 Version: 3.12.17.1127 - DVDVideoSoft Ltd.)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GloboFleet CC Plus (x32 Version: 1.7.0 - Buyond GmbH)
Google Chrome (x32 Version: 31.0.1650.63 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (x32 Version: 7.5.4805.320 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
GS.Enabler (x32 Version: 3.0.0.1009 - PremiumSoft) <==== ATTENTION
GS.Supporter 1.80 (x32 Version: - Verified Publisher) <==== ATTENTION
HDD Health v4.2 (x32 Version: - )
HWiNFO64 Version 4.22 (Version: 4.22 - Martin Malík - REALiX)
ImgBurn (x32 Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Management Engine Components (x32 Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (x32 Version: 10.5.0.1026 - Intel Corporation)
Java Auto Updater (x32 Version: 2.0.5.1 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 26 (64-bit) (Version: 6.0.260 - Oracle)
Java(TM) 6 Update 26 (x32 Version: 6.0.260 - Oracle)
JDownloader 0.9 (x32 Version: 0.9 - AppWork GmbH)
JDownloader 2 (Version: 2.0 - AppWork GmbH)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Medion Home Cinema (x32 Version: 8.0.2608 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 8.0.2608 - CyberLink Corp.) Hidden
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
Multiecuscan (x32 Version: 1.2.1 - FES Soft Ltd.)
My CyberCafe 11.0 (x32 Version: - Azzouzi Software)
Myibidder Auction Bid Sniper for eBay 1.1.4 (x32 Version: 1.1.4 (Build 551) - Myibidder.com)
mysms Version 2.0.0 (x32 Version: 2.0.0 - Up to Eleven Digital Solutions GmbH)
Nokia Connectivity Cable Driver (x32 Version: 7.0.2.0 - Nokia)
NVIDIA 3D Vision Controller-Treiber 320.49 (Version: 320.49 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 327.23 (Version: 327.23 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.5.1 (Version: 1.5.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 327.23 (Version: 327.23 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0604 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.0604 (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2723 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 327.23 (Version: 327.23 - NVIDIA Corporation) Hidden
NVIDIA Update 6.4.23 (Version: 6.4.23 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 6.4.23 - NVIDIA Corporation) Hidden
Onlinesupport 5.0.8232 QS (x32 Version: - Robert Bosch GmbH)
Oracle VM VirtualBox 4.1.6 (Version: 4.1.6 - Oracle Corporation)
Origin (x32 Version: 9.3.2.2730 - Electronic Arts, Inc.)
PC Connectivity Solution (x32 Version: 8.22.7.0 - Nokia)
PlayReady PC Runtime amd64 (Version: 1.3.0 - Microsoft Corporation)
PunkBuster Services (x32 Version: 0.993 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (x32 Version: 7.41.216.2011 - Realtek)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6285 - Realtek Semiconductor Corp.)
Samsung Kies (x32 Version: 2.6.1.13105_7 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.1.13105_7 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
Spelling Dictionaries Support For Adobe Reader X (x32 Version: 10.0.0 - Adobe Systems Incorporated)
suirrff anndd ukkeaep (x32 Version: 2.1.0.1344 - surf and keEp) <==== ATTENTION
System Requirements Lab for Intel (x32 Version: 4.5.15.0 - Husdawg, LLC)
TeamViewer 9 (x32 Version: 9.0.25942 - TeamViewer)
TERRATEC Cinergy T Stick RC (64 Bit) (x32 Version: 64.1.1129.2011 - TERRATEC)
Tom Clancy's Ghost Recon Future Soldier (x32 Version: 1.00 - Ubisoft)
Tom Clancy's Splinter Cell® Blacklist™ (x32 Version: 1.01 - Ubisoft)
Ubisoft Game Launcher (x32 Version: 1.0.0.0 - UBISOFT)
Ultimate Updater (x32 Version: 0.8.5.611 - Sereby Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2826026) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 64-Bit Edition (Version: - Microsoft)
Uplay (x32 Version: 3.0 - Ubisoft)
VCDS MFT 12.12.0 (x32 Version: MFT 12.12.0 - Ross-Tech)
Vehicle Explorer (x32 Version: 1.0.1 - Auto-Intern GmbH)
VinPower SA Basic (x32 Version: - )
VLC media player 2.0.8 (Version: 2.0.8 - VideoLAN)
Vodafone Mobile Broadband Lite (x32 Version: 10.2.302.33178 - Vodafone)
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows-Treiberpaket - FTDI CDM Driver Package - Bus/D2XX Driver (07/12/2013 2.08.30) (Version: 07/12/2013 2.08.30 - FTDI)
Windows-Treiberpaket - FTDI CDM Driver Package - VCP Driver (07/12/2013 2.08.30) (Version: 07/12/2013 2.08.30 - FTDI)
Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) (Version: 08/22/2008 7.0.0.0 - Nokia)
Windows-Treiberpaket - TERRATEC (AF9035BDA) Media (11/05/2009 9.6.3.1) (Version: 11/05/2009 9.6.3.1 - TERRATEC )
Windows-Treiberpaket - TERRATEC (RTL2832U_IRHID) HIDClass (12/15/2011 8664.003.0925.2009) (Version: 12/15/2011 8664.003.0925.2009 - TERRATEC )
Windows-Treiberpaket - TERRATEC (RTL2832UUSB) MEDIA (11/29/2011 64.001.1129.2011) (Version: 11/29/2011 64.001.1129.2011 - TERRATEC )
WinRAR 4.20 (64-Bit) (Version: 4.20.0 - win.rar GmbH)
X10 Hardware(TM) (x32 Version: - )
YoutubeAdblocker (x32 Version: 1.3.0.1133 - YoutubeAdblocker) <==== ATTENTION
==================== Restore Points =========================
26-01-2014 16:50:13 Geplanter Prüfpunkt
30-01-2014 11:56:39 Windows Update
30-01-2014 12:36:23 Sprachpaketdeinstallation
30-01-2014 13:13:10 Windows Update
05-02-2014 10:37:56 Windows Update
05-02-2014 15:51:45 OTL Restore Point - 05.02.2014 16:51:41
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {03B9F947-7624-4331-8DE3-384164316864} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-01-25] (AVAST Software)
Task: {1E2D732A-CF26-4ECF-8E6C-E9A51AD0B43D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-05] (Adobe Systems Incorporated)
Task: {3D1015EF-AF91-43B7-B801-E0BBE1105DAB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-25] (Google Inc.)
Task: {C9708F9D-DF67-4E48-84F0-473B5057D053} - System32\Tasks\{0295E246-D84D-42D3-B401-A981512EC66F} => I:\Programme\7loader\home basic\W_7_Ak\W 7 Ak\Windows 7 Loader eXtreme Edition 3.500 Multi\Activator\w7lxe.exe
Task: {D91F9A8B-BB7C-485E-A4FD-80443BAF6565} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-25] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2011-04-13 11:08 - 2011-04-13 11:08 - 00022016 _____ () C:\Windows\system32\BsTrace.dll
2014-02-05 15:20 - 2014-02-05 10:22 - 02168320 _____ () C:\Program Files\AVAST Software\Avast\defs\14020500\algo.dll
2014-02-06 14:10 - 2014-02-06 13:08 - 02168320 _____ () C:\Program Files\AVAST Software\Avast\defs\14020600\algo.dll
2011-04-13 11:08 - 2011-04-13 11:08 - 00022016 _____ () C:\Windows\system32\bstrace.dll
2011-03-28 10:04 - 2011-03-28 10:04 - 00237568 _____ () C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile\BaseLib.dll
2011-03-28 10:05 - 2011-03-28 10:05 - 00061440 _____ () C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile\ExtraLib.dll
2003-05-01 16:23 - 2003-05-01 16:23 - 00041472 _____ () C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile\cscvt.dll
2011-04-13 11:00 - 2011-04-13 11:00 - 00028672 ____N () C:\Windows\SysWOW64\BsMobileCSps.dll
2013-12-14 18:56 - 2011-11-04 08:28 - 00260096 _____ () C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\sqlite3.dll
2013-12-21 10:52 - 2013-06-04 09:04 - 19622912 _____ () C:\Program Files (x86)\mysms\QtWebKit4.dll
2013-12-21 10:52 - 2013-05-27 04:48 - 00324608 _____ () C:\Program Files (x86)\mysms\ssleay32.dll
2013-12-21 10:52 - 2013-05-27 04:48 - 01445888 _____ () C:\Program Files (x86)\mysms\libeay32.dll
2013-12-29 18:34 - 2010-03-20 15:32 - 00027648 _____ () C:\Program Files (x86)\EventGhost\lib26\_multiprocessing.pyd
2013-12-29 18:34 - 2011-02-27 18:12 - 00110080 _____ () C:\Program Files (x86)\EventGhost\lib26\pywintypes26.dll
2013-12-29 18:34 - 2011-02-26 19:34 - 00354304 _____ () C:\Program Files (x86)\EventGhost\lib26\pythoncom26.dll
2013-12-29 18:34 - 2011-02-26 19:33 - 00096768 _____ () C:\Program Files (x86)\EventGhost\lib26\win32api.pyd
2013-12-29 18:34 - 2010-03-20 15:30 - 00093184 _____ () C:\Program Files (x86)\EventGhost\lib26\_ctypes.pyd
2013-12-29 18:34 - 2013-09-03 08:10 - 00980480 _____ () C:\Program Files (x86)\EventGhost\lib26\wx._core_.pyd
2013-12-29 18:34 - 2013-09-03 08:10 - 00745984 _____ () C:\Program Files (x86)\EventGhost\lib26\wx._gdi_.pyd
2013-12-29 18:34 - 2013-09-03 08:10 - 00670208 _____ () C:\Program Files (x86)\EventGhost\lib26\wx._windows_.pyd
2013-12-29 18:34 - 2013-09-03 08:10 - 00965632 _____ () C:\Program Files (x86)\EventGhost\lib26\wx._controls_.pyd
2013-12-29 18:34 - 2013-09-03 08:10 - 00675328 _____ () C:\Program Files (x86)\EventGhost\lib26\wx._misc_.pyd
2013-12-29 18:34 - 2010-03-20 15:28 - 00584192 _____ () C:\Program Files (x86)\EventGhost\lib26\unicodedata.pyd
2013-12-29 18:34 - 2013-09-03 08:10 - 00324096 _____ () C:\Program Files (x86)\EventGhost\lib26\_imaging.pyd
2013-12-29 18:34 - 2010-03-20 15:32 - 00010240 _____ () C:\Program Files (x86)\EventGhost\lib26\select.pyd
2013-12-29 18:34 - 2010-03-20 15:27 - 00043008 _____ () C:\Program Files (x86)\EventGhost\lib26\_socket.pyd
2013-12-29 18:34 - 2010-03-20 15:29 - 00805888 _____ () C:\Program Files (x86)\EventGhost\lib26\_ssl.pyd
2013-12-29 18:34 - 2013-06-02 03:10 - 00068608 _____ () C:\Program Files (x86)\EventGhost\lib26\site-packages\cFunctions.pyd
2013-12-29 18:34 - 2013-09-03 08:10 - 00324096 _____ () C:\Program Files (x86)\EventGhost\lib26\PIL._imaging.pyd
2013-12-29 18:34 - 2010-03-20 15:29 - 00125952 _____ () C:\Program Files (x86)\EventGhost\lib26\_elementtree.pyd
2013-12-29 18:34 - 2010-03-20 15:31 - 00127488 _____ () C:\Program Files (x86)\EventGhost\lib26\pyexpat.pyd
2013-12-29 18:34 - 2011-02-26 19:33 - 00167424 _____ () C:\Program Files (x86)\EventGhost\lib26\win32gui.pyd
2013-12-29 18:34 - 2011-02-26 19:32 - 00035840 _____ () C:\Program Files (x86)\EventGhost\lib26\win32process.pyd
2013-12-29 18:34 - 2011-02-26 19:32 - 00015872 _____ () C:\Program Files (x86)\EventGhost\lib26\win32trace.pyd
2013-12-29 18:34 - 2011-02-26 19:31 - 00112128 _____ () C:\Program Files (x86)\EventGhost\lib26\win32file.pyd
2013-12-29 18:34 - 2013-09-03 03:16 - 00090624 _____ () C:\Program Files (x86)\EventGhost\plugins\System\VistaVolEvents.pyd
2013-12-29 18:34 - 2010-03-20 15:31 - 00357376 _____ () C:\Program Files (x86)\EventGhost\lib26\_hashlib.pyd
2013-12-29 18:34 - 2013-09-03 08:10 - 00031232 _____ () C:\Program Files (x86)\EventGhost\lib26\Crypto.Cipher.AES.pyd
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2011-04-13 11:14 - 2011-04-13 11:14 - 00146432 _____ () C:\Windows\system32\BsProfilefunc.dll
2010-03-31 20:59 - 2010-03-31 20:59 - 00122880 _____ () C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile\s40pack.dll
2010-03-01 10:57 - 2010-03-01 10:57 - 00058728 _____ () C:\Program Files (x86)\Buyond_GmbH\GloboFleet_CC_Plus\lib\jpcsc.dll
2014-01-25 23:23 - 2014-01-25 23:23 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service: seehcri
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service: seehcri
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service: seehcri
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service: seehcri
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service: seehcri
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service: seehcri
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service: seehcri
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service: seehcri
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/06/2014 02:07:39 PM) (Source: VmbService) (User: )
Description: conflictManagerTypeValue
Error: (02/05/2014 03:17:27 PM) (Source: VmbService) (User: )
Description: conflictManagerTypeValue
Error: (01/26/2014 10:48:20 AM) (Source: VmbService) (User: )
Description: conflictManagerTypeValue
Error: (01/26/2014 00:51:48 AM) (Source: VmbService) (User: )
Description: conflictManagerTypeValue
Error: (01/25/2014 11:23:06 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary uzremvpd.
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (01/25/2014 10:25:47 PM) (Source: VmbService) (User: )
Description: conflictManagerTypeValue
Error: (01/25/2014 11:17:04 AM) (Source: VmbService) (User: )
Description: conflictManagerTypeValue
Error: (01/24/2014 06:42:41 PM) (Source: VmbService) (User: )
Description: conflictManagerTypeValue
Error: (01/24/2014 02:23:41 PM) (Source: VmbService) (User: )
Description: conflictManagerTypeValue
Error: (01/24/2014 00:44:06 AM) (Source: VmbService) (User: )
Description: conflictManagerTypeValue
System errors:
=============
Error: (01/28/2014 00:26:31 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (01/28/2014 00:26:30 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (01/28/2014 00:26:30 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (01/28/2014 00:26:29 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (01/28/2014 00:26:29 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (01/28/2014 00:22:33 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Vodafone-Mobile-Broadband-Dienst erreicht.
Error: (01/26/2014 00:22:56 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht vergrößert werden kann.
Error: (01/25/2014 11:43:29 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden gelöscht, weil der Schattenkopiespeicher nicht rechtzeitig vergrößert wurde. Sie sollten die E/A-Last auf dem System verringern oder ein Schattenkopie-Speichervolume, von dem keine Schattenkopie erstellt wird, auswählen.
Error: (01/23/2014 02:22:28 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (01/22/2014 07:14:12 PM) (Source: Service Control Manager) (User: )
Description: Dienst "CyberLink PowerDVD 11.0 Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office Sessions:
=========================
Error: (02/06/2014 02:07:39 PM) (Source: VmbService)(User: )
Description: conflictManagerTypeValue
Error: (02/05/2014 03:17:27 PM) (Source: VmbService)(User: )
Description: conflictManagerTypeValue
Error: (01/26/2014 10:48:20 AM) (Source: VmbService)(User: )
Description: conflictManagerTypeValue
Error: (01/26/2014 00:51:48 AM) (Source: VmbService)(User: )
Description: conflictManagerTypeValue
Error: (01/25/2014 11:23:06 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary uzremvpd.
System Error:
Das System kann die angegebene Datei nicht finden.
Error: (01/25/2014 10:25:47 PM) (Source: VmbService)(User: )
Description: conflictManagerTypeValue
Error: (01/25/2014 11:17:04 AM) (Source: VmbService)(User: )
Description: conflictManagerTypeValue
Error: (01/24/2014 06:42:41 PM) (Source: VmbService)(User: )
Description: conflictManagerTypeValue
Error: (01/24/2014 02:23:41 PM) (Source: VmbService)(User: )
Description: conflictManagerTypeValue
Error: (01/24/2014 00:44:06 AM) (Source: VmbService)(User: )
Description: conflictManagerTypeValue
==================== Memory info ===========================
Percentage of memory in use: 41%
Total physical RAM: 6125.63 MB
Available physical RAM: 3588.21 MB
Total Pagefile: 12249.44 MB
Available Pagefile: 9619.64 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (Boot) (Fixed) (Total:1356.16 GB) (Free:254.49 GB) NTFS
Drive d: (Recover) (Fixed) (Total:40 GB) (Free:21.39 GB) NTFS
Drive f: () (Fixed) (Total:119.02 GB) (Free:84.52 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: 00000000)
Partition: GPT Partition Type
========================================================
Disk: 1 (Size: 1397 GB) (Disk ID: 7646CB37)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=-742853181440) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=40 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
==================== End Of Log ============================
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-02-2014
Ran by Neset (administrator) on NESET-PC on 06-02-2014 14:11:42
Running from C:\Users\Neset\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(IVT Corporation) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
(IVT Corporation) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsMobileCS.exe
() C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(X10) C:\Program Files (x86)\Common Files\X10\Common\X10nets.exe
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
(IVT Corporation) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe
(Microsoft Corporation) C:\Windows\System32\dinotify.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
() C:\Program Files (x86)\mysms\mysms.exe
(EventGhost Project) C:\Program Files (x86)\EventGhost\EventGhost.exe
(IVT Corporation) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe
(Buyond GmbH) C:\Program Files (x86)\Buyond_GmbH\GloboFleet_CC_Plus\GloboFleet_CC_Plus.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\drvinst.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11774568 2011-01-13] (Realtek Semiconductor)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-03] (NVIDIA Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BtTray] - C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe [319574 2011-04-13] (IVT Corporation)
HKLM-x32\...\Run: [GloboFleet] - C:\Program Files (x86)\Buyond_GmbH\GloboFleet_CC_Plus\GloboFleet_CC_Plus.exe [152936 2010-03-01] (Buyond GmbH)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2014-01-25] (AVAST Software)
HKU\S-1-5-21-2581815234-3374379992-3411118385-1002\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673696 2013-08-01] (Disc Soft Ltd)
HKU\S-1-5-21-2581815234-3374379992-3411118385-1002\...\Run: [mysms] - C:\Program Files (x86)\mysms\mysms.exe [702976 2013-06-04] ()
HKU\S-1-5-21-2581815234-3374379992-3411118385-1002\...\MountPoints2: {0cdcaf20-28dc-11e3-beb3-8c89a55a952b} - F:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-2581815234-3374379992-3411118385-1002\...\MountPoints2: {21a130bd-277a-11e3-b6c7-8c89a55a952b} - F:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-2581815234-3374379992-3411118385-1002\...\MountPoints2: {21a13163-277a-11e3-b6c7-8c89a55a952b} - F:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-2581815234-3374379992-3411118385-1002\...\MountPoints2: {2aab695b-f829-11e2-935c-8c89a55a952b} - H:\Setup.exe
HKU\S-1-5-21-2581815234-3374379992-3411118385-1002\...\MountPoints2: {2cf226bc-2945-11e3-b7e8-8c89a55a952b} - H:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-2581815234-3374379992-3411118385-1002\...\MountPoints2: {dad40d0f-28e3-11e3-86f7-8c89a55a952b} - F:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-2581815234-3374379992-3411118385-1002\...\MountPoints2: {dad40d12-28e3-11e3-86f7-8c89a55a952b} - F:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-2581815234-3374379992-3411118385-1002\...\MountPoints2: {df5ac249-f9b5-11e2-8bd2-8c89a55a952b} - J:\Fairlight\Install.EXE
HKU\S-1-5-21-2581815234-3374379992-3411118385-1004\...\RunOnce: [HKCU] - C:\Windows\System32\oobe\info\HKCU.vbs [126 2009-11-12] ()
AppInit_DLLs-x32: c:\progra~2\gsb779~1.ena => File Not Found
Startup: C:\Users\Neset\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EventGhost.lnk
ShortcutTarget: EventGhost.lnk -> C:\Program Files (x86)\EventGhost\EventGhost.exe (EventGhost Project)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=MDND&bmod=MDND
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=MDND&bmod=MDND
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ShuopDrop - {02667D93-E4D6-F531-4BEF-0743946C7D6A} - C:\ProgramData\ShuopDrop\wB6_4htSg.x64.dll No File
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWOW64\skype4com.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Chrome:
=======
CHR HomePage: hxxp://www.google.com/ig/redirectdomain?brand=MDND&bmod=MDND
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.260.3) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U26) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll No File
CHR Extension: (ProxTube) - C:\Users\Neset\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-01-04]
CHR Extension: (Adblock Plus) - C:\Users\Neset\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-01-04]
CHR Extension: (avast! Online Security) - C:\Users\Neset\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-01-26]
CHR Extension: (DVDVideoSoft) - C:\Users\Neset\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-09-30]
CHR Extension: (Google Wallet) - C:\Users\Neset\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-09-30]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-01-25]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-25] (AVAST Software)
R2 BlueSoleilCS; C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [997376 2011-07-08] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe [192000 2011-04-13] (IVT Corporation)
R2 BsMobileCS; C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsMobileCS.exe [147563 2011-04-13] (IVT Corporation)
R2 CLHNServiceForPowerDVD; C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [83240 2012-02-08] ()
R2 CyberLink PowerDVD 11.0 Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [75048 2012-02-01] (CyberLink)
R2 CyberLink PowerDVD 11.0 Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [292136 2012-02-01] (CyberLink)
S4 HDDHealth; C:\Program Files (x86)\HDD Health\HDDHealthService.exe [72640 2012-06-07] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-07-31] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2013-07-31] ()
R2 x10nets; C:\Program Files (x86)\Common Files\X10\Common\X10nets.exe [20480 2001-11-12] (X10)
==================== Drivers (Whitelisted) ====================
S3 AF9035BDA; C:\Windows\System32\DRIVERS\AF15BDA.sys [514856 2012-11-09] (ITETech )
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-01-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2014-01-25] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-01-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1034464 2014-01-25] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [422216 2014-01-25] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [79672 2014-01-25] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-25] ()
S3 BlueletAudio; C:\Windows\System32\DRIVERS\blueletaudio.sys [36360 2009-06-17] (IVT Corporation.)
S3 BlueletAudio; C:\Windows\SysWOW64\DRIVERS\blueletaudio.sys [36360 2009-06-17] (IVT Corporation.)
S3 BlueletSCOAudio; C:\Windows\System32\DRIVERS\BlueletSCOAudio.sys [36872 2009-06-17] (IVT Corporation.)
S3 BT; C:\Windows\System32\DRIVERS\btnetdrv.sys [20488 2010-08-18] (IVT Corporation.)
S3 BTCOM; C:\Windows\System32\DRIVERS\btcomport.sys [29448 2010-08-26] (IVT Corporation.)
R3 BTCOMBUS; C:\Windows\System32\Drivers\btcombus.sys [25352 2010-08-26] (IVT Corporation.)
S3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [42888 2010-06-24] (IVT Corporation.)
R0 BtHidBus; C:\Windows\System32\Drivers\BtHidBus.sys [23944 2010-04-06] (IVT Corporation.)
R3 btnetBUs; C:\Windows\System32\Drivers\btnetBus.sys [30088 2010-04-06] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-09-13] (Disc Soft Ltd)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31136 2013-09-08] (REALiX(tm))
R3 IvtBtBUs; C:\Windows\System32\Drivers\IvtBtBus.sys [27016 2010-04-06] (IVT Corporation.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2013-09-29] (Sony Ericsson Mobile Communications)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [117040 2011-11-04] (Oracle Corporation)
S3 vodafone_zte_cdc_acm; C:\Windows\System32\DRIVERS\vodafone_zte_cdc_acm.sys [79872 2011-05-20] (Vodafone)
S3 vodafone_zte_cdc_ecm; C:\Windows\System32\DRIVERS\vodafone_zte_cdc_ecm.sys [58880 2011-05-20] (Vodafone)
S3 vodafone_zte_cpo; C:\Windows\System32\DRIVERS\vodafone_zte_cpo.sys [14336 2011-05-20] (Vodafone)
S3 vodafone_zte_ecm_enum; C:\Windows\System32\DRIVERS\vodafone_zte_ecm_enum.sys [56320 2011-05-20] (Vodafone)
S3 vodafone_zte_ecm_enum_filter; C:\Windows\System32\DRIVERS\vodafone_zte_ecm_enum_filter.sys [56320 2011-05-20] (Vodafone)
S3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [33048 2006-11-30] (X10 Wireless Technology, Inc.)
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312}; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [148976 2012-02-08] (CyberLink Corp.)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-06 14:11 - 2014-02-06 14:11 - 00016698 _____ () C:\Users\Neset\Downloads\FRST.txt
2014-02-06 14:11 - 2014-02-06 14:11 - 00000000 ____D () C:\FRST
2014-02-06 14:10 - 2014-02-06 14:11 - 02082304 _____ (Farbar) C:\Users\Neset\Downloads\FRST64.exe
2014-02-05 17:02 - 2014-02-05 17:02 - 00187140 _____ () C:\Users\Neset\Downloads\OTL.Txt
2014-02-05 17:02 - 2014-02-05 17:02 - 00069884 _____ () C:\Users\Neset\Downloads\Extras.Txt
2014-02-05 16:27 - 2014-02-05 16:27 - 00602112 _____ (OldTimer Tools) C:\Users\Neset\Downloads\OTL.exe
2014-02-05 15:25 - 2014-02-05 15:25 - 00001117 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-05 15:25 - 2014-02-05 15:25 - 00000000 ____D () C:\Users\Neset\AppData\Roaming\Malwarebytes
2014-02-05 15:25 - 2014-02-05 15:25 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-05 15:25 - 2014-02-05 15:25 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-05 15:25 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-05 15:22 - 2014-02-05 15:23 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Neset\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-25 23:24 - 2014-01-25 23:24 - 00001970 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-01-25 23:24 - 2014-01-25 23:24 - 00000000 ____D () C:\Users\Neset\AppData\Roaming\AVAST Software
2014-01-25 23:23 - 2014-02-06 14:08 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-25 23:23 - 2014-01-25 23:24 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-01-25 23:23 - 2014-01-25 23:23 - 01034464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-01-25 23:23 - 2014-01-25 23:23 - 00422216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-01-25 23:23 - 2014-01-25 23:23 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-01-25 23:23 - 2014-01-25 23:23 - 00207904 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-01-25 23:23 - 2014-01-25 23:23 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-01-25 23:23 - 2014-01-25 23:23 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-01-25 23:23 - 2014-01-25 23:23 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-01-25 23:23 - 2014-01-25 23:23 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-25 23:23 - 2014-01-25 23:23 - 00000000 ____D () C:\Program Files\AVAST Software
2014-01-25 23:22 - 2014-01-25 23:22 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-01-23 13:17 - 2014-01-23 14:19 - 852346457 _____ () C:\Users\Neset\Downloads\I9305XXBME3_I9305DBTBMF1_DBT.zip
2014-01-22 15:29 - 2014-01-22 15:29 - 00000535 _____ () C:\Users\Neset\Desktop\ADBCD - Verknüpfung.lnk
2014-01-18 15:01 - 2014-01-18 15:01 - 00000000 ____D () C:\Users\Neset\Documents\Autodata
2014-01-18 14:43 - 2014-02-05 16:48 - 00000000 ____D () C:\ADCDA2
2014-01-16 09:39 - 2014-01-16 09:41 - 19411400 _____ (Milewski Fahrzeugtechnik) C:\Users\Neset\Downloads\VCDS-MFT-12120-setup.exe
2014-01-15 11:11 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 11:11 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 11:11 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 11:11 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 11:11 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 11:11 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 11:11 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 11:11 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 11:11 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-14 23:28 - 2014-01-14 23:28 - 02356814 _____ () C:\Users\Neset\Downloads\3503058-FIAT_activated (1).rar
2014-01-14 23:28 - 2014-01-14 23:28 - 02356814 _____ () C:\Users\Neset\Desktop\3503058-FIAT_activated (1).rar
2014-01-14 23:28 - 2014-01-14 23:28 - 00000000 ____D () C:\Users\Neset\Desktop\3503058-FIAT_activated (1)
2014-01-14 21:29 - 2014-01-18 14:27 - 00000000 ____D () C:\Users\Neset\Desktop\Autodata
2014-01-14 15:29 - 2014-01-14 16:13 - 02356814 _____ () C:\Users\Neset\Downloads\3503058-FIAT_activated.rar
2014-01-14 15:12 - 2014-01-14 15:15 - 00000000 ____D () C:\ProgramData\CMUV
2014-01-14 15:11 - 2014-01-14 15:11 - 00001141 _____ () C:\Users\Neset\Desktop\DVBViewer TERRATEC Edition.lnk
2014-01-14 15:11 - 2014-01-14 15:11 - 00000000 ____D () C:\Program Files (x86)\DVBViewer TERRATEC Edition
2014-01-14 15:07 - 2014-01-14 15:08 - 11958904 _____ (CM&V ) C:\Users\Neset\Downloads\DVBViewer_TERRATEC_Edition_8.3.4.exe
2014-01-14 15:05 - 2014-01-14 15:05 - 00000000 ____D () C:\Program Files (x86)\TERRATEC
2014-01-14 15:03 - 2014-01-14 15:03 - 02574616 _____ () C:\Users\Neset\Downloads\TERRATEC_Cinergy_T_Stick_RC_Drv_Setup_64.1.1129.2011_Vista_7_8_64Bit.exe
2014-01-13 18:47 - 2014-01-13 18:47 - 00001213 _____ () C:\Users\Public\Desktop\GloboFleet CC Plus.lnk
2014-01-13 18:47 - 2014-01-13 18:47 - 00000000 ____D () C:\ProgramData\GloboFleet
2014-01-13 18:47 - 2014-01-13 18:47 - 00000000 ____D () C:\Program Files (x86)\Buyond_GmbH
2014-01-13 18:46 - 2014-01-13 18:46 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2014-01-13 18:42 - 2014-01-13 18:42 - 00001664 _____ () C:\Users\Public\Desktop\VCDS MFT 12.12.0.lnk
2014-01-13 18:41 - 2014-01-13 18:41 - 00000000 ____D () C:\Ross-Tech
2014-01-13 18:40 - 2014-01-13 18:43 - 41258376 _____ (Buyond GmbH) C:\Users\Neset\Downloads\GloboFleet_CC_Plus_Setup.exe
2014-01-13 18:32 - 2014-01-13 18:37 - 74717877 _____ () C:\Users\Neset\Downloads\VCDS-DRV-MFT_12.12.rar
2014-01-13 18:27 - 2014-01-13 18:30 - 35303148 _____ () C:\Users\Neset\Downloads\10.6de.zip
2014-01-13 18:27 - 2014-01-13 18:29 - 12994242 _____ () C:\Users\Neset\Downloads\vag11x.rar
2014-01-12 21:49 - 2014-01-12 21:49 - 06766216 _____ (Myibidder.com ) C:\Users\Neset\Downloads\myibay-setup (1).exe
2014-01-12 10:48 - 2014-01-12 10:48 - 00005262 _____ () C:\Users\Neset\Downloads\invoice.htm
2014-01-11 09:47 - 2014-01-11 09:47 - 08430511 _____ () C:\Users\Neset\Downloads\surfmatik_2012.exe
2014-01-11 09:46 - 2014-01-11 09:46 - 06687040 _____ () C:\Users\Neset\Downloads\surfmatik_2011.exe
2014-01-10 12:24 - 2014-01-10 12:26 - 37324254 _____ () C:\Users\Neset\Downloads\dfe_v7.60.220.4298.rar
2014-01-10 12:06 - 2014-01-10 12:07 - 07424185 _____ () C:\Users\Neset\Downloads\Deep.Freeze.Standard.v6.61.20.2822_x86-x64.rar
2014-01-10 12:06 - 2014-01-10 12:06 - 00000984 _____ () C:\Users\Neset\Downloads\relink.us_bf1e54e6badc5d4e2848d1e435ce5e.dlc
2014-01-09 09:42 - 2014-01-09 09:42 - 00008172 _____ () C:\Users\Neset\Desktop\bookmarks_09.01.14.html
2014-01-08 20:18 - 2014-01-08 20:18 - 00083268 _____ () C:\Users\Neset\Downloads\Naruto_Shippuuden_-_GS_-_UL-ix87lymommm15.dlc
==================== One Month Modified Files and Folders =======
2014-02-06 14:11 - 2014-02-06 14:11 - 00016698 _____ () C:\Users\Neset\Downloads\FRST.txt
2014-02-06 14:11 - 2014-02-06 14:11 - 00000000 ____D () C:\FRST
2014-02-06 14:11 - 2014-02-06 14:10 - 02082304 _____ (Farbar) C:\Users\Neset\Downloads\FRST64.exe
2014-02-06 14:11 - 2013-07-25 20:02 - 01847816 _____ () C:\Windows\WindowsUpdate.log
2014-02-06 14:08 - 2014-01-25 23:23 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-02-06 14:08 - 2009-07-14 05:51 - 00133160 _____ () C:\Windows\setupact.log
2014-02-06 14:06 - 2013-07-25 20:06 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-06 14:06 - 2011-07-08 14:59 - 00001282 _____ () C:\Windows\SysWOW64\bscs.ini
2014-02-06 14:06 - 2011-06-15 01:34 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-06 14:06 - 2010-11-21 04:47 - 00033742 _____ () C:\Windows\PFRO.log
2014-02-06 14:06 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-05 20:25 - 2013-09-10 21:53 - 00006510 _____ () C:\Windows\SysWOW64\LOCALSERVICE.INI
2014-02-05 20:13 - 2013-09-23 16:22 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-05 20:03 - 2013-08-23 20:34 - 00000000 ____D () C:\Users\Neset\Desktop\hd filme
2014-02-05 20:03 - 2013-07-31 10:15 - 00000000 ____D () C:\Users\Neset\AppData\Roaming\vlc
2014-02-05 19:28 - 2013-07-25 20:06 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-05 19:17 - 2009-07-14 05:45 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-05 19:17 - 2009-07-14 05:45 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-05 17:13 - 2013-09-23 16:22 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-05 17:13 - 2013-09-23 16:22 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-05 17:13 - 2011-06-14 22:58 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-05 17:02 - 2014-02-05 17:02 - 00187140 _____ () C:\Users\Neset\Downloads\OTL.Txt
2014-02-05 17:02 - 2014-02-05 17:02 - 00069884 _____ () C:\Users\Neset\Downloads\Extras.Txt
2014-02-05 16:48 - 2014-01-18 14:43 - 00000000 ____D () C:\ADCDA2
2014-02-05 16:48 - 2014-01-01 17:05 - 00000000 ____D () C:\ProgramData\ShuopDrop
2014-02-05 16:48 - 2013-12-27 01:49 - 00000000 ____D () C:\Program Files (x86)\suirrff anndd ukkeaep
2014-02-05 16:48 - 2013-07-25 20:09 - 00000000 ____D () C:\Users\Neset
2014-02-05 16:27 - 2014-02-05 16:27 - 00602112 _____ (OldTimer Tools) C:\Users\Neset\Downloads\OTL.exe
2014-02-05 15:32 - 2013-12-22 10:57 - 00001094 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-02-05 15:25 - 2014-02-05 15:25 - 00001117 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-05 15:25 - 2014-02-05 15:25 - 00000000 ____D () C:\Users\Neset\AppData\Roaming\Malwarebytes
2014-02-05 15:25 - 2014-02-05 15:25 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-05 15:25 - 2014-02-05 15:25 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-05 15:23 - 2014-02-05 15:22 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Neset\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-05 15:20 - 2011-02-10 20:25 - 00696848 _____ () C:\Windows\system32\perfh007.dat
2014-02-05 15:20 - 2011-02-10 20:25 - 00148144 _____ () C:\Windows\system32\perfc007.dat
2014-02-05 15:20 - 2009-07-14 06:13 - 01613412 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-01-26 22:04 - 2013-12-27 01:49 - 00000000 ____D () C:\ProgramData\YoutubeAdblocker
2014-01-26 22:04 - 2013-12-27 01:49 - 00000000 ____D () C:\ProgramData\suirrff anndd ukkeaep
2014-01-26 14:26 - 2012-02-29 16:03 - 00000000 ____D () C:\Users\Neset\Desktop\Spiele
2014-01-25 23:51 - 2013-09-22 09:56 - 06595106 _____ () C:\Users\Neset\Downloads\ace-update-root-cwm.zip
2014-01-25 23:24 - 2014-01-25 23:24 - 00001970 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-01-25 23:24 - 2014-01-25 23:24 - 00000000 ____D () C:\Users\Neset\AppData\Roaming\AVAST Software
2014-01-25 23:24 - 2014-01-25 23:23 - 00079672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-01-25 23:23 - 2014-01-25 23:23 - 01034464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-01-25 23:23 - 2014-01-25 23:23 - 00422216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-01-25 23:23 - 2014-01-25 23:23 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-01-25 23:23 - 2014-01-25 23:23 - 00207904 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-01-25 23:23 - 2014-01-25 23:23 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-01-25 23:23 - 2014-01-25 23:23 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-01-25 23:23 - 2014-01-25 23:23 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-01-25 23:23 - 2014-01-25 23:23 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-25 23:23 - 2014-01-25 23:23 - 00000000 ____D () C:\Program Files\AVAST Software
2014-01-25 23:22 - 2014-01-25 23:22 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-01-24 18:42 - 2013-09-10 21:53 - 00000191 _____ () C:\Windows\SysWOW64\LOCALDEVICE.INI
2014-01-23 15:10 - 2013-09-10 18:00 - 00000000 ____D () C:\Users\Neset\AppData\Local\JDownloader v2.0
2014-01-23 14:19 - 2014-01-23 13:17 - 852346457 _____ () C:\Users\Neset\Downloads\I9305XXBME3_I9305DBTBMF1_DBT.zip
2014-01-22 15:29 - 2014-01-22 15:29 - 00000535 _____ () C:\Users\Neset\Desktop\ADBCD - Verknüpfung.lnk
2014-01-18 15:01 - 2014-01-18 15:01 - 00000000 ____D () C:\Users\Neset\Documents\Autodata
2014-01-18 14:27 - 2014-01-14 21:29 - 00000000 ____D () C:\Users\Neset\Desktop\Autodata
2014-01-17 11:31 - 2013-08-23 11:34 - 00002023 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk
2014-01-16 09:41 - 2014-01-16 09:39 - 19411400 _____ (Milewski Fahrzeugtechnik) C:\Users\Neset\Downloads\VCDS-MFT-12120-setup.exe
2014-01-16 09:25 - 2009-07-14 05:45 - 00415256 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-15 12:39 - 2013-07-29 13:45 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-15 12:37 - 2011-02-10 21:56 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-14 23:28 - 2014-01-14 23:28 - 02356814 _____ () C:\Users\Neset\Downloads\3503058-FIAT_activated (1).rar
2014-01-14 23:28 - 2014-01-14 23:28 - 02356814 _____ () C:\Users\Neset\Desktop\3503058-FIAT_activated (1).rar
2014-01-14 23:28 - 2014-01-14 23:28 - 00000000 ____D () C:\Users\Neset\Desktop\3503058-FIAT_activated (1)
2014-01-14 16:13 - 2014-01-14 15:29 - 02356814 _____ () C:\Users\Neset\Downloads\3503058-FIAT_activated.rar
2014-01-14 15:15 - 2014-01-14 15:12 - 00000000 ____D () C:\ProgramData\CMUV
2014-01-14 15:11 - 2014-01-14 15:11 - 00001141 _____ () C:\Users\Neset\Desktop\DVBViewer TERRATEC Edition.lnk
2014-01-14 15:11 - 2014-01-14 15:11 - 00000000 ____D () C:\Program Files (x86)\DVBViewer TERRATEC Edition
2014-01-14 15:08 - 2014-01-14 15:07 - 11958904 _____ (CM&V ) C:\Users\Neset\Downloads\DVBViewer_TERRATEC_Edition_8.3.4.exe
2014-01-14 15:05 - 2014-01-14 15:05 - 00000000 ____D () C:\Program Files (x86)\TERRATEC
2014-01-14 15:05 - 2013-09-10 21:49 - 00000000 ____D () C:\Program Files\DIFX
2014-01-14 15:03 - 2014-01-14 15:03 - 02574616 _____ () C:\Users\Neset\Downloads\TERRATEC_Cinergy_T_Stick_RC_Drv_Setup_64.1.1129.2011_Vista_7_8_64Bit.exe
2014-01-13 18:47 - 2014-01-13 18:47 - 00001213 _____ () C:\Users\Public\Desktop\GloboFleet CC Plus.lnk
2014-01-13 18:47 - 2014-01-13 18:47 - 00000000 ____D () C:\ProgramData\GloboFleet
2014-01-13 18:47 - 2014-01-13 18:47 - 00000000 ____D () C:\Program Files (x86)\Buyond_GmbH
2014-01-13 18:46 - 2014-01-13 18:46 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2014-01-13 18:46 - 2011-06-14 22:43 - 00027658 _____ () C:\Windows\DPINST.LOG
2014-01-13 18:43 - 2014-01-13 18:40 - 41258376 _____ (Buyond GmbH) C:\Users\Neset\Downloads\GloboFleet_CC_Plus_Setup.exe
2014-01-13 18:42 - 2014-01-13 18:42 - 00001664 _____ () C:\Users\Public\Desktop\VCDS MFT 12.12.0.lnk
2014-01-13 18:41 - 2014-01-13 18:41 - 00000000 ____D () C:\Ross-Tech
2014-01-13 18:37 - 2014-01-13 18:32 - 74717877 _____ () C:\Users\Neset\Downloads\VCDS-DRV-MFT_12.12.rar
2014-01-13 18:30 - 2014-01-13 18:27 - 35303148 _____ () C:\Users\Neset\Downloads\10.6de.zip
2014-01-13 18:30 - 2013-09-10 17:22 - 00000000 ____D () C:\Program Files (x86)\VinPower SA Basic
2014-01-13 18:29 - 2014-01-13 18:27 - 12994242 _____ () C:\Users\Neset\Downloads\vag11x.rar
2014-01-12 21:49 - 2014-01-12 21:49 - 06766216 _____ (Myibidder.com ) C:\Users\Neset\Downloads\myibay-setup (1).exe
2014-01-12 10:48 - 2014-01-12 10:48 - 00005262 _____ () C:\Users\Neset\Downloads\invoice.htm
2014-01-11 09:47 - 2014-01-11 09:47 - 08430511 _____ () C:\Users\Neset\Downloads\surfmatik_2012.exe
2014-01-11 09:46 - 2014-01-11 09:46 - 06687040 _____ () C:\Users\Neset\Downloads\surfmatik_2011.exe
2014-01-10 12:26 - 2014-01-10 12:24 - 37324254 _____ () C:\Users\Neset\Downloads\dfe_v7.60.220.4298.rar
2014-01-10 12:07 - 2014-01-10 12:06 - 07424185 _____ () C:\Users\Neset\Downloads\Deep.Freeze.Standard.v6.61.20.2822_x86-x64.rar
2014-01-10 12:06 - 2014-01-10 12:06 - 00000984 _____ () C:\Users\Neset\Downloads\relink.us_bf1e54e6badc5d4e2848d1e435ce5e.dlc
2014-01-09 09:42 - 2014-01-09 09:42 - 00008172 _____ () C:\Users\Neset\Desktop\bookmarks_09.01.14.html
2014-01-08 22:20 - 2013-10-23 09:34 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-08 22:17 - 2009-07-14 03:34 - 00000584 _____ () C:\Windows\win.ini
2014-01-08 20:18 - 2014-01-08 20:18 - 00083268 _____ () C:\Users\Neset\Downloads\Naruto_Shippuuden_-_GS_-_UL-ix87lymommm15.dlc
2014-01-07 15:07 - 2013-07-27 00:01 - 00016366 _____ () C:\Users\Neset\Documents\iii.txt
Some content of TEMP:
====================
C:\Users\Neset\AppData\Local\Temp\COMAP.EXE
C:\Users\Neset\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Neset\AppData\Local\Temp\proxy_vole6202522371288443349.dll
C:\Users\Neset\AppData\Local\Temp\ubi45DB.tmp.exe
C:\Users\Neset\AppData\Local\Temp\ubi7ADB.tmp.exe
C:\Users\Neset\AppData\Local\Temp\ubi9BC4.tmp.exe
C:\Users\Neset\AppData\Local\Temp\vlc-2.0.8-win64.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-05 17:43
==================== End Of Log ============================
--- --- --- |
|
07.02.2014, 09:48
| #4 |
| /// the machine /// TB-Ausbilder | USB on board wird nicht erkannt Mal abgesehen von der Malware auf der Kiste: Ich will ja jetzt nit klugscheissen, aber haste mal Treiber geguckt, Geräte manager ob da ein USB mit gelbem Ausrufezeichen is, mal abgesehen von der total unwarscheinlichen Idee das die USB Anschlüsse einfach im Arsch sind?  Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
07.02.2014, 14:01
| #5 |
| | USB on board wird nicht erkannt also ja nach denn Treiber im Geräte Manager hab ich nachgeguckt. Leider ist da nichts was mit einem Ausrufezeichen steht was ich installieren kann. Das komische dabei ist das der LAN Eingang direkt daneben funktioniert. |
|
08.02.2014, 11:26
| #6 | |
| /// the machine /// TB-Ausbilder | USB on board wird nicht erkanntZitat:
 Combofix bitte.
__________________ --> USB on board wird nicht erkannt |
|
| Themen zu USB on board wird nicht erkannt |
| 4d36e972-e325-11ce-bfc1-08002be10318, antivirus, bho, browser, computer, converter, desktop, dvdvideosoft ltd., ebay, einstellung, error, excel, fehler, festplatte, firefox, flash player, funktion, google, helper, home, homepage, logfile, mp3, nvpciflt.sys, problem, realtek, scan, security, senden, software, ssd festplatte, windows, wird nicht erkannt, wrapper |
