Zurück   Trojaner-Board > Malware entfernen > Antiviren-, Firewall- und andere Schutzprogramme

Antiviren-, Firewall- und andere Schutzprogramme: Probleme mit dem Virenscanner/schutz

Windows 7 Sämtliche Fragen zur Bedienung von Firewalls, Anti-Viren Programmen, Anti Malware und Anti Trojaner Software sind hier richtig. Dies ist ein Diskussionsforum für Sicherheitslösungen für Windows Rechner. Benötigst du Hilfe beim Trojaner entfernen oder weil du dir einen Virus eingefangen hast, erstelle ein Thema in den oberen Bereinigungsforen.

Antwort
Alt 27.03.2014, 10:40   #1
El_CapOne
 
Probleme mit dem Virenscanner/schutz - Icon34

Probleme mit dem Virenscanner/schutz



Hallo zusammen,

habe neuerdings das Problem, dass ich gesehen habe das sich mein Antivir Echtzeitscanner nicht mehr einschalten lässt, habe es auch schon deinstalliert und neuinstalliert aber vergeblich,
dann habe ich probiert avast zu installieren doch die Installation war nicht möglich. Zudem habe ich dann noch den Virenschutz von AVG probiert, Installation geht, aber auch hier geht der Schutz nicht!

Habt ihr irgendwelche Ideen an was das liegen könnte? Virus?

Vielen Dank!

Anbei der Report von OTL:


OTL logfile created on: 27.03.2014 10:26:39 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Daniel\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,87 Gb Total Physical Memory | 2,09 Gb Available Physical Memory | 54,02% Memory free
7,73 Gb Paging File | 5,82 Gb Available in Paging File | 75,24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 284,99 Gb Total Space | 155,84 Gb Free Space | 54,68% Space Free | Partition Type: NTFS

Computer Name: DANIEL-PC | User Name: Daniel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Daniel\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
PRC - C:\Users\Daniel\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
PRC - C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Launch Manager\LMworker.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer Group)
PRC - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated)
PRC - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe ()


========== Modules (No Company Name) ==========

MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstoggdec.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstffmpegcolorspace.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstwebmdec.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstcoreplugins.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioresample.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioconvert.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstwavparse.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstdirectsound.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstdecodebin2.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstautodetect.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstwaveform.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\gstreamer.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\716959df79685a1eae0fc14275a32b0f\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\8ee98383179eca974083a41a8ca0c213\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\571b85634abf2fba6bab80c21a347081\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()
MOD - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll ()
MOD - c:\program files (x86)\adobe\reader 9.0\reader\rdlang32.deu ()
MOD - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\EScript.DEU ()
MOD - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Updater.DEU ()
MOD - C:\Program Files (x86)\Launch Manager\CdDirIo.dll ()
MOD - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annots.DEU ()
MOD - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\sqlite.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (af45d0f59a6a795) -- C:\Windows\SysNative\drivers\af45d0f59a6a795.sys ()
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (FirebirdServerDefaultInstance) -- C:\Programme\Firebird\Firebird_2_5\bin\fbserver.exe (Firebird Project)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (DsiWMIService) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
SRV - (ePowerSvc) -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated)
SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe (Atheros Commnucations)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (Updater Service) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer Group)
SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (ose64) -- C:\Programme\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (GREGService) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated)
SRV - (EPSON_EB_RPCV4_04) -- C:\Programme\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE (SEIKO EPSON CORPORATION)
SRV - (EPSON_PM_RPCV4_04) -- C:\Programme\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE (SEIKO EPSON CORPORATION)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (OMSI download service) -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe ()
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (AVGIDSHA) -- C:\Windows\SysNative\drivers\avgidsha.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgdiska) -- C:\Windows\SysNative\drivers\avgdiska.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgloga) -- C:\Windows\SysNative\drivers\avgloga.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgtdia) -- C:\Windows\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (af45d0f59a6a795) -- C:\Windows\SysNative\drivers\af45d0f59a6a795.sys ()
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys ()
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\Drivers\usbaapl64.sys ()
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\Drivers\sptd.sys ()
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys ()
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\tsusbflt.sys ()
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys ()
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\Drivers\RtsUStor.sys ()
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\drivers\btath_a2dp.sys (Atheros)
DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Atheros)
DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Atheros)
DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Atheros)
DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Atheros)
DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\drivers\btath_bus.sys (Atheros)
DRV:64bit: - (k57nd60a) -- C:\Windows\SysNative\DRIVERS\k57nd60a.sys ()
DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys ()
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\DRIVERS\iaStor.sys ()
DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys ()
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\DRIVERS\SynTP.sys ()
DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\DRIVERS\HECIx64.sys ()
DRV:64bit: - (BthAvrcp) -- C:\Windows\SysNative\drivers\BthAvrcp.sys (CSR, plc)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\DRIVERS\lsi_sas2.sys ()
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\DRIVERS\stexstor.sys ()
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\DRIVERS\WSDPrint.sys ()
DRV:64bit: - (WSDScan) -- C:\Windows\SysNative\DRIVERS\WSDScan.sys ()
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\DRIVERS\evbda.sys ()
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys ()
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys ()
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\DRIVERS\hamachi.sys ()
DRV:64bit: - (s0017unic) -- C:\Windows\SysNative\DRIVERS\s0017unic.sys ()
DRV:64bit: - (s0017obex) -- C:\Windows\SysNative\DRIVERS\s0017obex.sys ()
DRV:64bit: - (s0017mdm) -- C:\Windows\SysNative\DRIVERS\s0017mdm.sys ()
DRV:64bit: - (s0017mgmt) -- C:\Windows\SysNative\DRIVERS\s0017mgmt.sys ()
DRV:64bit: - (s0017mdfl) -- C:\Windows\SysNative\DRIVERS\s0017mdfl.sys ()
DRV:64bit: - (s0017bus) -- C:\Windows\SysNative\DRIVERS\s0017bus.sys ()
DRV:64bit: - (seehcri) -- C:\Windows\SysNative\DRIVERS\seehcri.sys ()
DRV:64bit: - (s117unic) -- C:\Windows\SysNative\DRIVERS\s117unic.sys ()
DRV:64bit: - (s117obex) -- C:\Windows\SysNative\DRIVERS\s117obex.sys ()
DRV:64bit: - (s117nd5) -- C:\Windows\SysNative\DRIVERS\s117nd5.sys ()
DRV:64bit: - (s117mdm) -- C:\Windows\SysNative\DRIVERS\s117mdm.sys ()
DRV:64bit: - (s117mgmt) -- C:\Windows\SysNative\DRIVERS\s117mgmt.sys ()
DRV:64bit: - (s117mdfl) -- C:\Windows\SysNative\DRIVERS\s117mdfl.sys ()
DRV:64bit: - (s117bus) -- C:\Windows\SysNative\DRIVERS\s117bus.sys ()
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{D4010BF7-86EB-4493-9271-EF141E4254EE}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://startsear.ch/?aff=1&q={searchTerms}
IE - HKCU\..\SearchScopes\{1C2039CF-A89E-490A-A2DB-8DCE87F2660E}: "URL" = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=d5639e83-625b-43d0-8909-86cdafa827bf&pid=icqt&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{3E107333-BD3B-46A3-A931-463435C2DE80}: "URL" = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=d5639e83-625b-43d0-8909-86cdafa827bf&pid=icqt&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{4E6E48F9-0BC5-4841-A144-56DEAF7CC8D2}: "URL" = hxxp://de.search.yahoo.com/search?fr=mcafee&type=A010DE662&p={SearchTerms}
IE - HKCU\..\SearchScopes\{6FC9FE2C-3B42-4047-9EBA-7A3E1C295E83}: "URL" = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=d5639e83-625b-43d0-8909-86cdafa827bf&pid=icqt&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{81418B17-2C97-43F0-8D21-04F0C3ECEE01}: "URL" = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=d5639e83-625b-43d0-8909-86cdafa827bf&pid=icqt&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{90156AD3-92F7-40FF-93CD-B5302FF2EC9B}: "URL" = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=d5639e83-625b-43d0-8909-86cdafa827bf&pid=icqt&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{F5B585C5-5A25-4046-ADC6-8DBA18BDB212}: "URL" = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=d5639e83-625b-43d0-8909-86cdafa827bf&pid=icqt&mode=bounce&k=0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Daniel\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Daniel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Daniel\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)



========== Chrome ==========

CHR - homepage: hxxp://www.google.com/
CHR - plugin: Error reading preferences file
CHR - Extension: Avira Sparberater = C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cojnmaaohncijldefpkpkkakjonfmgeb\1.5.14_0\
CHR - Extension: SiteAdvisor = C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.65.135.1_0\
CHR - Extension: Google Wallet = C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\

O1 HOSTS File: ([2011.09.30 18:13:06 | 000,000,852 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 74.208.10.249 gs.apple.com
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe File not found
O4:64bit: - HKLM..\Run: [Ocs_SM] C:\Users\Daniel\AppData\Roaming\OCS\SM\SearchAnonymizer.exe File not found
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Daniel\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Download with Xilisoft Online Video Downloader - C:\Program Files (x86)\Xilisoft\Online Video Downloader\upod_link.HTM ()
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Download with Xilisoft Online Video Downloader - C:\Program Files (x86)\Xilisoft\Online Video Downloader\upod_link.HTM ()
O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm ()
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found
O9:64bit: - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.189.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{042E51F7-726C-4A16-8106-6E018DC81B15}: DhcpNameServer = 192.168.189.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3DE1FAC4-B916-448F-A747-E5A362D2FC66}: DhcpNameServer = 192.168.25.1
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL (Microsoft Corporation)
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014.03.27 10:26:27 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Daniel\Desktop\OTL.exe
[2014.03.27 10:10:08 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\AVG2014
[2014.03.27 10:09:49 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\TuneUp Software
[2014.03.27 10:09:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2014.03.27 10:08:30 | 000,000,000 | -H-D | C] -- C:\$AVG
[2014.03.27 10:08:30 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2014
[2014.03.27 10:08:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2014.03.27 10:07:54 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2014.03.27 10:07:54 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\MFAData
[2014.03.27 10:07:54 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2014.03.27 10:07:54 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\Avg2014
[2014.03.27 10:05:49 | 000,421,704 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\iczibtzd.sys
[2014.03.27 09:53:45 | 000,423,240 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\ccpgjzeq.sys
[2014.03.27 09:48:14 | 000,423,240 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\rwtgsytn.sys
[2014.03.27 09:44:35 | 000,423,240 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\xglunscn.sys
[2014.03.27 09:33:15 | 000,423,240 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\krwmrqwb.sys
[2014.03.27 09:23:31 | 000,423,240 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\holidmis.sys
[2014.03.27 09:23:11 | 000,423,240 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\tnrctybw.sys
[2014.03.27 09:18:08 | 000,423,240 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\euidstbw.sys
[2014.03.27 09:18:08 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014.03.08 15:16:50 | 000,000,000 | ---D | C] -- C:\Users\Daniel\Documents\Uni Ulm
[2012.01.12 18:02:39 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpe8D21.dll
[2011.06.16 16:19:08 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpe70AB.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014.03.27 10:26:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Daniel\Desktop\OTL.exe
[2014.03.27 10:20:37 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.03.27 10:20:37 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.03.27 10:12:17 | 000,000,043 | ---- | M] () -- C:\Users\Public\Documents\AtherosServiceConfig.ini
[2014.03.27 10:11:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.03.27 10:11:25 | 3113,254,912 | -HS- | M] () -- C:\hiberfil.sys
[2014.03.27 10:09:49 | 000,000,985 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2014.lnk
[2014.03.27 10:05:49 | 000,421,704 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\iczibtzd.sys
[2014.03.27 09:53:45 | 000,423,240 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\ccpgjzeq.sys
[2014.03.27 09:48:14 | 000,423,240 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\rwtgsytn.sys
[2014.03.27 09:44:35 | 000,423,240 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\xglunscn.sys
[2014.03.27 09:33:15 | 000,423,240 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\krwmrqwb.sys
[2014.03.27 09:23:31 | 000,423,240 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\holidmis.sys
[2014.03.27 09:23:11 | 000,423,240 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\tnrctybw.sys
[2014.03.27 09:18:08 | 000,423,240 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\euidstbw.sys
[2014.03.16 11:36:35 | 001,613,412 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.03.16 11:36:35 | 000,697,098 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2014.03.16 11:36:35 | 000,652,376 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.03.16 11:36:35 | 000,148,362 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2014.03.16 11:36:35 | 000,121,308 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014.03.27 10:09:49 | 000,000,985 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2014.lnk
[2013.08.29 21:59:26 | 000,002,091 | ---- | C] () -- C:\Users\Daniel\AppData\Local\recently-used.xbel
[2013.03.17 16:56:03 | 000,098,304 | ---- | C] () -- C:\Windows\SysWow64\mtxclub.dll
[2012.12.13 11:49:50 | 000,000,241 | ---- | C] () -- C:\Windows\wininit.ini
[2012.06.18 14:57:04 | 001,591,306 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.01.01 12:29:22 | 000,005,632 | ---- | C] () -- C:\Users\Daniel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.08.30 10:12:22 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
"ThreadingModel" = Both
"" = C:\$Recycle.Bin\S-1-5-21-3312866003-2049396336-1487248635-1000\$351382c48c5879d0f55d9b98e7d407a6\n.

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 06:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 05:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\$Recycle.Bin\S-1-5-18\$351382c48c5879d0f55d9b98e7d407a6\n.
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Alternate Data Streams ==========

@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:1A60DE96

< End of report >

Alt 27.03.2014, 10:44   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Probleme mit dem Virenscanner/schutz - Standard

Probleme mit dem Virenscanner/schutz



Hi,

Zitat:
"" = C:\$Recycle.Bin\S-1-5-21-3312866003-2049396336-1487248635-1000\$351382c48c5879d0f55d9b98e7d407a6\n.
Lesestoff:
Rootkit-Warnung
Dein Computer wurde mit einem besonderen Schädling infiziert, der sich vor herkömmlichen Virenscannern und dem Betriebssystem selbst verstecken kann. Zusätzlich hat so ein Schädling meist auch Backdoor-Funktionalität, reißt also ganz bewußt Löcher durch alle Schutzmaßnahmen, damit er weiteren Schadcode nachladen oder die Daten, die er so sammelt, an die "bösen Jungs" weiterleiten kann. Was heißt das jetzt für dich?
  • Entscheide bitte ganz bewußt, ob du mit der Bereinigung fortfahren möchtest. Ein einmal derartig kompromittiertes System kann man niemals mit 100%iger Sicherheit wieder absichern. Auch wenn wir gute Chancen haben, deinen Computer zu bereinigen, kann es dennoch möglich sein, dass uns am Ende nur die Neuinstallation bleibt.

  • Wenn du mit diesem Computer beispielsweise Onlinebanking machst, dann solltest du zumindest dein Passwort von deiner Bank ändern lassen, wenn du ein ansonsten sicheres Verfahren wie beispielsweise "chip-TAN-comfort" nutzt. Hast du noch alte TAN-Bögen auf Papierbasis? Dann ist es höchste Zeit dich bei deiner Bank zu melden und notfalls das Konto temporär sperren zu lassen. Der Sperrnotruf 116 116 von www.sperr-notruf.de kann Tag und Nacht dafür benutzt werden.

  • Hast du ansonsten sensible Daten auf deinem Computer, dann solltest du auch darüber nachdenken, wie du damit umgehst, da sie sich praktisch "jeder" ansehen konnte.
Teile mir also mit, wie du dich entschieden hast.
__________________

__________________

Alt 27.03.2014, 10:50   #3
El_CapOne
 
Probleme mit dem Virenscanner/schutz - Standard

Probleme mit dem Virenscanner/schutz



Ich habe es befürchtet
Ich möchte dennoch ein Reinigungsversuch probieren, wie sollte am besten fortgefahren werden?

Vielen Dank!!
__________________

Alt 27.03.2014, 10:51   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Probleme mit dem Virenscanner/schutz - Standard

Probleme mit dem Virenscanner/schutz



Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!




Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 27.03.2014, 10:58   #5
El_CapOne
 
Probleme mit dem Virenscanner/schutz - Standard

Probleme mit dem Virenscanner/schutz



Antivir ist nicht fündig geworden, ansonsten habe ich keine Logs mehr... Mir ist auch nicht bekannt seit wann der Virus besteht, habe quasi heute erst entdeckt, dass der Virenscanner nicht mehr läuft.

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Daniel (administrator) on DANIEL-PC on 27-03-2014 10:54:31
Running from C:\Users\Daniel\AppData\Local\Opera\Opera\temporary_downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
() C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Facebook Inc.) C:\Users\Daniel\AppData\Local\Facebook\Update\FacebookUpdate.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Opera Software) C:\Program Files (x86)\Opera\Opera.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\system32\prevhost.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\WINWORD.EXE


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [mwlDaemon] - C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-22] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-10] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [861216 2010-06-11] (Acer Incorporated)
HKLM\...\Run: [Ocs_SM] - C:\Users\Daniel\AppData\Roaming\OCS\SM\SearchAnonymizer.exe
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [585376 2010-05-25] (Atheros Commnucations)
HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [354464 2010-05-25] (Atheros Commnucations)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-13] (Intel Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [37296 2011-09-07] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [265984 2010-06-28] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [975952 2010-08-10] (Dritek System Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-08-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-03-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [421736 2012-03-27] (Apple Inc.)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4971024 2014-03-19] (AVG Technologies CZ, s.r.o.)
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] C:\$Recycle.Bin\S-1-5-18\$351382c48c5879d0f55d9b98e7d407a6\n. ATTENTION! ====> ZeroAccess?
HKU\S-1-5-21-3312866003-2049396336-1487248635-1000\...\Run: [Facebook Update] - C:\Users\Daniel\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-09-30] (Facebook Inc.)
HKU\S-1-5-21-3312866003-2049396336-1487248635-1000\...\Run: [MobileDocuments] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe [59240 2012-02-23] (Apple Inc.)
HKU\S-1-5-21-3312866003-2049396336-1487248635-1000\...409d6c4515e9\InprocServer32: [Default-shell32] C:\$Recycle.Bin\S-1-5-21-3312866003-2049396336-1487248635-1000\$351382c48c5879d0f55d9b98e7d407a6\n. ATTENTION! ====> ZeroAccess?

==================== Internet (Whitelisted) ====================

URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKCU - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://startsear.ch/?aff=1&q={searchTerms}
SearchScopes: HKCU - {1C2039CF-A89E-490A-A2DB-8DCE87F2660E} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=d5639e83-625b-43d0-8909-86cdafa827bf&pid=icqt&mode=bounce&k=0
SearchScopes: HKCU - {3E107333-BD3B-46A3-A931-463435C2DE80} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=d5639e83-625b-43d0-8909-86cdafa827bf&pid=icqt&mode=bounce&k=0
SearchScopes: HKCU - {4E6E48F9-0BC5-4841-A144-56DEAF7CC8D2} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&type=A010DE662&p={SearchTerms}
SearchScopes: HKCU - {6FC9FE2C-3B42-4047-9EBA-7A3E1C295E83} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=d5639e83-625b-43d0-8909-86cdafa827bf&pid=icqt&mode=bounce&k=0
SearchScopes: HKCU - {81418B17-2C97-43F0-8D21-04F0C3ECEE01} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=d5639e83-625b-43d0-8909-86cdafa827bf&pid=icqt&mode=bounce&k=0
SearchScopes: HKCU - {90156AD3-92F7-40FF-93CD-B5302FF2EC9B} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=d5639e83-625b-43d0-8909-86cdafa827bf&pid=icqt&mode=bounce&k=0
SearchScopes: HKCU - {F5B585C5-5A25-4046-ADC6-8DBA18BDB212} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=d5639e83-625b-43d0-8909-86cdafa827bf&pid=icqt&mode=bounce&k=0
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 74.208.10.249 gs.apple.com
Tcpip\Parameters: [DhcpNameServer] 192.168.189.1

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR Extension: (Avira Sparberater) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cojnmaaohncijldefpkpkkakjonfmgeb [2014-03-27]
CHR Extension: (SiteAdvisor) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2014-03-27]
CHR Extension: (Google Wallet) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-27]

==================== Services (Whitelisted) =================

S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3782672 2014-02-23] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
S3 FirebirdServerDefaultInstance; C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe [5708800 2013-03-19] (Firebird Project)
R2 OMSI download service; C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [90112 2009-04-30] ()
S2 0292681395908944mcinstcleanup; C:\Users\Daniel\AppData\Local\Temp\029268~1.EXE -cleanup -nolog [X]

==================== Drivers (Whitelisted) ====================

S3 1394ohci; C:\Windows\system32\drivers\1394ohci.sys [229888 2010-11-20] ()
R0 ACPI; C:\Windows\System32\drivers\ACPI.sys [334208 2010-11-20] ()
S3 AcpiPmi; C:\Windows\system32\drivers\acpipmi.sys [12800 2010-11-20] ()
S3 adp94xx; C:\Windows\system32\DRIVERS\adp94xx.sys [491088 2009-07-14] ()
S3 adpahci; C:\Windows\system32\DRIVERS\adpahci.sys [339536 2009-07-14] ()
S3 adpu320; C:\Windows\system32\DRIVERS\adpu320.sys [182864 2009-07-14] ()
U5 af45d0f59a6a795; C:\Windows\System32\Drivers\af45d0f59a6a795.sys [78264 2013-07-02] () <===== ATTENTION Necurs Rootkit?
R1 AFD; C:\Windows\system32\drivers\afd.sys [498688 2011-12-28] ()
S3 agp440; C:\Windows\system32\drivers\agp440.sys [61008 2009-07-14] ()
S3 aliide; C:\Windows\system32\drivers\aliide.sys [15440 2009-07-14] ()
S3 amdide; C:\Windows\system32\drivers\amdide.sys [15440 2009-07-14] ()
S3 AmdK8; C:\Windows\system32\DRIVERS\amdk8.sys [64512 2009-07-14] ()
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [6856192 2010-08-25] ()
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [264192 2010-08-25] ()
S3 AmdPPM; C:\Windows\system32\DRIVERS\amdppm.sys [60928 2009-07-14] ()
S3 amdsata; C:\Windows\system32\drivers\amdsata.sys [107904 2011-03-11] ()
S3 amdsbs; C:\Windows\system32\DRIVERS\amdsbs.sys [194128 2009-07-14] ()
R0 amdxata; C:\Windows\System32\drivers\amdxata.sys [27008 2011-03-11] ()
S3 AppID; C:\Windows\system32\drivers\appid.sys [61440 2010-11-20] ()
S3 arc; C:\Windows\system32\DRIVERS\arc.sys [87632 2009-07-14] ()
S3 arcsas; C:\Windows\system32\DRIVERS\arcsas.sys [97856 2009-07-14] ()
S3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [23040 2009-07-14] ()
R0 atapi; C:\Windows\System32\drivers\atapi.sys [24128 2009-07-14] ()
S1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [150808 2013-11-25] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [243480 2013-11-25] (AVG Technologies CZ, s.r.o.)
S0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [196376 2013-11-25] (AVG Technologies CZ, s.r.o.)
S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-10-31] (AVG Technologies CZ, s.r.o.)
S0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-10-31] (AVG Technologies CZ, s.r.o.)
S0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-10-01] (AVG Technologies CZ, s.r.o.)
S0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-10] (AVG Technologies CZ, s.r.o.)
S1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.)
S3 b06bdrv; C:\Windows\system32\DRIVERS\bxvbda.sys [468480 2009-06-10] ()
S3 b57nd60a; C:\Windows\System32\DRIVERS\b57nd60a.sys [270848 2009-06-10] ()
U5 BattC; C:\Windows\System32\Drivers\BattC.sys [28240 2009-07-14] ()
R3 BCM43XX; C:\Windows\System32\DRIVERS\bcmwl664.sys [4171328 2010-06-03] ()
R1 Beep; C:\Windows\System32\Drivers\Beep.sys [6656 2009-07-14] ()
R1 blbdrive; C:\Windows\system32\DRIVERS\blbdrive.sys [45056 2009-07-14] ()
R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [90624 2011-02-23] ()
S3 BrFiltLo; C:\Windows\system32\DRIVERS\BrFiltLo.sys [18432 2009-06-10] ()
S3 BrFiltUp; C:\Windows\system32\DRIVERS\BrFiltUp.sys [8704 2009-06-10] ()
S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [286720 2009-07-14] ()
S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [47104 2009-06-10] ()
S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [14976 2009-06-10] ()
S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [14720 2009-06-10] ()
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [29184 2009-08-13] ()
S3 BthEnum; C:\Windows\System32\DRIVERS\BthEnum.sys [41984 2009-07-14] ()
S3 BTHMODEM; C:\Windows\System32\DRIVERS\bthmodem.sys [72192 2009-07-14] ()
S3 BthPan; C:\Windows\System32\DRIVERS\bthpan.sys [118784 2009-07-14] ()
S3 BTHPORT; C:\Windows\System32\Drivers\BTHport.sys [552960 2012-07-06] ()
S3 BTHUSB; C:\Windows\System32\Drivers\BTHUSB.sys [80384 2011-04-28] ()
S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [92160 2009-07-14] ()
R1 cdrom; C:\Windows\system32\drivers\cdrom.sys [147456 2010-11-20] ()
S3 circlass; C:\Windows\system32\DRIVERS\circlass.sys [45568 2009-07-14] ()
R0 CLFS; C:\Windows\System32\CLFS.sys [367696 2009-07-14] ()
R3 CmBatt; C:\Windows\system32\DRIVERS\CmBatt.sys [17664 2009-07-14] ()
S3 cmdide; C:\Windows\system32\drivers\cmdide.sys [17488 2009-07-14] ()
R0 CNG; C:\Windows\System32\Drivers\cng.sys [458704 2012-06-02] ()
R0 Compbatt; C:\Windows\System32\DRIVERS\compbatt.sys [21584 2009-07-14] ()
R3 CompositeBus; C:\Windows\system32\drivers\CompositeBus.sys [38912 2010-11-20] ()
S4 crcdisk; C:\Windows\system32\DRIVERS\crcdisk.sys [24144 2009-07-14] ()
R1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [102400 2010-11-20] ()
R1 discache; C:\Windows\System32\drivers\discache.sys [40448 2009-07-14] ()
R0 Disk; C:\Windows\System32\DRIVERS\disk.sys [73280 2009-07-14] ()
S3 drmkaud; C:\Windows\System32\drivers\drmkaud.sys [5632 2009-07-14] ()
R3 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [983400 2013-04-10] ()
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] ()
S3 elxstor; C:\Windows\system32\DRIVERS\elxstor.sys [530496 2009-07-14] ()
S3 ErrDev; C:\Windows\system32\drivers\errdev.sys [9728 2009-07-14] ()
S3 exfat; C:\Windows\System32\Drivers\exfat.sys [195072 2009-07-14] ()
S3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [204800 2009-07-14] ()
S3 fdc; C:\Windows\system32\DRIVERS\fdc.sys [29696 2009-07-14] ()
R0 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [70224 2009-07-14] ()
S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34304 2009-07-14] ()
S3 flpydisk; C:\Windows\system32\DRIVERS\flpydisk.sys [24576 2009-07-14] ()
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [289664 2010-11-20] ()
S3 FsDepends; C:\Windows\System32\drivers\FsDepends.sys [55376 2009-07-14] ()
U0 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [23408 2012-03-01] ()
R0 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [223752 2013-01-24] ()
S3 gagp30kx; C:\Windows\system32\DRIVERS\gagp30kx.sys [65088 2009-07-14] ()
R3 GEARAspiWDM; C:\Windows\System32\DRIVERS\GEARAspiWDM.sys [34152 2009-05-18] ()
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [33856 2009-03-18] ()
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [31232 2009-06-10] ()
S3 HdAudAddService; C:\Windows\system32\drivers\HdAudio.sys [350208 2010-11-20] ()
R3 HDAudBus; C:\Windows\system32\drivers\HDAudBus.sys [122368 2010-11-20] ()
R3 HECIx64; C:\Windows\system32\DRIVERS\HECIx64.sys [56344 2009-09-17] ()
S3 HidBatt; C:\Windows\system32\DRIVERS\HidBatt.sys [26624 2009-07-14] ()
S3 HidBth; C:\Windows\System32\DRIVERS\hidbth.sys [100864 2009-07-14] ()
S3 HidIr; C:\Windows\system32\DRIVERS\hidir.sys [46592 2009-07-14] ()
S3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [30208 2010-11-20] ()
S3 HpSAMD; C:\Windows\system32\drivers\HpSAMD.sys [78720 2010-11-20] ()
R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [753664 2010-11-20] ()
R0 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14720 2010-11-20] ()
R3 i8042prt; C:\Windows\system32\drivers\i8042prt.sys [105472 2009-07-14] ()
R0 iaStor; C:\Windows\System32\DRIVERS\iaStor.sys [540696 2010-04-13] ()
S3 iaStorV; C:\Windows\system32\drivers\iaStorV.sys [410496 2011-03-11] ()
S3 iirsp; C:\Windows\system32\DRIVERS\iirsp.sys [44112 2009-07-14] ()
R3 IntcAzAudAddService; C:\Windows\System32\drivers\RTKVHD64.sys [2399848 2010-06-22] ()
S3 intelide; C:\Windows\system32\drivers\intelide.sys [16960 2009-07-14] ()
R3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [62464 2009-07-14] ()
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [82944 2010-11-20] ()
S3 IPMIDRV; C:\Windows\system32\drivers\IPMIDrv.sys [78848 2010-11-20] ()
S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [116224 2009-07-14] ()
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2009-07-14] ()
S3 isapnp; C:\Windows\system32\drivers\isapnp.sys [20544 2009-07-14] ()
S3 iScsiPrt; C:\Windows\system32\drivers\msiscsi.sys [273792 2010-11-20] ()
R3 k57nd60a; C:\Windows\System32\DRIVERS\k57nd60a.sys [384040 2010-05-15] ()
R3 kbdclass; C:\Windows\System32\DRIVERS\kbdclass.sys [50768 2009-07-14] ()
S3 kbdhid; C:\Windows\System32\DRIVERS\kbdhid.sys [33280 2010-11-20] ()
R0 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [95600 2012-06-02] ()
R0 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [151920 2012-06-02] ()
R3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [20992 2009-07-14] ()
R2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [60928 2009-07-14] ()
S3 LSI_FC; C:\Windows\system32\DRIVERS\lsi_fc.sys [114752 2009-07-14] ()
S3 LSI_SAS; C:\Windows\system32\DRIVERS\lsi_sas.sys [106560 2009-07-14] ()
S3 LSI_SAS2; C:\Windows\system32\DRIVERS\lsi_sas2.sys [65600 2009-07-14] ()
S3 LSI_SCSI; C:\Windows\system32\DRIVERS\lsi_scsi.sys [115776 2009-07-14] ()
R2 luafv; C:\Windows\system32\drivers\luafv.sys [113152 2009-07-14] ()
S3 megasas; C:\Windows\system32\DRIVERS\megasas.sys [35392 2009-07-14] ()
S3 MegaSR; C:\Windows\system32\DRIVERS\MegaSR.sys [284736 2009-07-14] ()
S3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2009-07-14] ()
R3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [30208 2009-07-14] ()
R3 mouclass; C:\Windows\System32\DRIVERS\mouclass.sys [49216 2009-07-14] ()
S3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [31232 2009-07-14] ()
R0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94592 2010-11-20] ()
S3 mpio; C:\Windows\system32\drivers\mpio.sys [155008 2010-11-20] ()
S3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [77312 2009-07-14] ()
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [140800 2010-11-20] ()
R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [158208 2011-04-27] ()
R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [288768 2011-07-09] ()
R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [128000 2011-04-27] ()
S3 msahci; C:\Windows\system32\drivers\msahci.sys [31104 2010-11-20] ()
S3 msdsm; C:\Windows\system32\drivers\msdsm.sys [140672 2010-11-20] ()
R1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [26112 2009-07-14] ()
S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2009-07-14] ()
R0 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [15424 2009-07-14] ()
S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [11136 2009-07-14] ()
S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [7168 2009-07-14] ()
S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [6784 2009-07-14] ()
S3 MsRPC; C:\Windows\System32\Drivers\MsRPC.sys [366976 2010-11-20] ()
R1 mssmbios; C:\Windows\system32\drivers\mssmbios.sys [32320 2009-07-14] ()
S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [8064 2009-07-14] ()
S3 MTConfig; C:\Windows\system32\DRIVERS\MTConfig.sys [15360 2009-07-14] ()
R0 Mup; C:\Windows\System32\Drivers\mup.sys [60496 2009-07-14] ()
R3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [318976 2009-07-14] ()
R0 NDIS; C:\Windows\System32\drivers\ndis.sys [950128 2012-08-22] ()
S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [35328 2009-07-14] ()
R3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [24064 2009-07-14] ()
R3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [56832 2010-11-20] ()
R3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [164352 2010-11-20] ()
R3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [57856 2010-11-20] ()
R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [44544 2009-07-14] ()
R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [261632 2010-11-20] ()
S3 nfrd960; C:\Windows\system32\DRIVERS\nfrd960.sys [51264 2009-07-14] ()
R1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [44032 2009-07-14] ()
R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [24576 2009-07-14] ()
R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1656680 2013-04-12] ()
R3 NTIDrvr; C:\Windows\system32\drivers\NTIDrvr.sys [18432 2010-04-20] ()
R1 Null; C:\Windows\System32\Drivers\Null.sys [6144 2009-07-14] ()
S3 nvraid; C:\Windows\system32\drivers\nvraid.sys [148352 2011-03-11] ()
S3 nvstor; C:\Windows\system32\drivers\nvstor.sys [166272 2011-03-11] ()
S3 nv_agp; C:\Windows\system32\drivers\nv_agp.sys [122960 2009-07-14] ()
S3 ohci1394; C:\Windows\system32\drivers\ohci1394.sys [72832 2009-07-14] ()
S3 Parport; C:\Windows\system32\DRIVERS\parport.sys [97280 2009-07-14] ()
R0 partmgr; C:\Windows\System32\drivers\partmgr.sys [75120 2012-03-17] ()
R0 pci; C:\Windows\System32\drivers\pci.sys [184704 2010-11-20] ()
S3 pciide; C:\Windows\system32\drivers\pciide.sys [12352 2009-07-14] ()
S3 pcmcia; C:\Windows\system32\DRIVERS\pcmcia.sys [220752 2009-07-14] ()
R0 pcw; C:\Windows\System32\drivers\pcw.sys [50768 2009-07-14] ()
R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [651264 2009-07-14] ()
R3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [111104 2010-11-20] ()
S3 Processor; C:\Windows\system32\DRIVERS\processr.sys [60416 2009-07-14] ()
R1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [131584 2010-11-20] ()
S3 ql2300; C:\Windows\system32\DRIVERS\ql2300.sys [1524816 2009-07-14] ()
S3 ql40xx; C:\Windows\system32\DRIVERS\ql40xx.sys [128592 2009-07-14] ()
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [46592 2009-07-14] ()
S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [14848 2009-07-14] ()
R3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [60416 2009-07-14] ()
R3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [129536 2010-11-20] ()
R3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [92672 2009-07-14] ()
R3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [83968 2009-07-14] ()
R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [309248 2010-11-20] ()
S3 rdpbus; C:\Windows\system32\DRIVERS\rdpbus.sys [24064 2009-07-14] ()
R1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7680 2009-07-14] ()
R1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [7680 2009-07-14] ()
R1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [8192 2009-07-14] ()
S3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [210944 2012-04-28] ()
R0 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [213888 2010-11-20] ()
S3 RFCOMM; C:\Windows\System32\DRIVERS\rfcomm.sys [158720 2009-07-14] ()
R2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [76800 2009-07-14] ()
S3 RSUSBSTOR; C:\Windows\System32\Drivers\RtsUStor.sys [246376 2010-06-17] ()
R3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIVX.sys [231328 2010-01-27] ()
S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [113704 2008-10-21] ()
S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [19496 2008-10-21] ()
S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [152616 2008-10-21] ()
S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [133160 2008-10-21] ()
S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [128552 2008-10-21] ()
S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [145960 2008-10-21] ()
S3 s117bus; C:\Windows\System32\DRIVERS\s117bus.sys [108072 2007-06-25] ()
S3 s117mdfl; C:\Windows\System32\DRIVERS\s117mdfl.sys [19496 2007-06-25] ()
S3 s117mdm; C:\Windows\System32\DRIVERS\s117mdm.sys [144424 2007-06-25] ()
S3 s117mgmt; C:\Windows\System32\DRIVERS\s117mgmt.sys [125992 2007-06-25] ()
S3 s117nd5; C:\Windows\System32\DRIVERS\s117nd5.sys [31272 2007-06-25] ()
S3 s117obex; C:\Windows\System32\DRIVERS\s117obex.sys [123432 2007-06-25] ()
S3 s117unic; C:\Windows\System32\DRIVERS\s117unic.sys [130088 2007-06-25] ()
S3 sbp2port; C:\Windows\system32\drivers\sbp2port.sys [103808 2010-11-20] ()
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [29696 2010-11-20] ()
R2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-10] ()
R3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2008-01-09] ()
S3 Serenum; C:\Windows\system32\DRIVERS\serenum.sys [23552 2009-07-14] ()
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] ()
S3 sermouse; C:\Windows\system32\DRIVERS\sermouse.sys [26624 2009-07-14] ()
S3 sffdisk; C:\Windows\system32\drivers\sffdisk.sys [14336 2009-07-14] ()
S3 sffp_mmc; C:\Windows\system32\drivers\sffp_mmc.sys [13824 2009-07-14] ()
S3 sffp_sd; C:\Windows\system32\drivers\sffp_sd.sys [14336 2010-11-20] ()
S3 sfloppy; C:\Windows\system32\DRIVERS\sfloppy.sys [16896 2009-07-14] ()
S3 SiSRaid2; C:\Windows\system32\DRIVERS\SiSRaid2.sys [43584 2009-07-14] ()
S3 SiSRaid4; C:\Windows\system32\DRIVERS\sisraid4.sys [80464 2009-07-14] ()
S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [93184 2009-07-14] ()
R0 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-14] ()
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-12-31] ()
R3 srv; C:\Windows\System32\DRIVERS\srv.sys [467456 2011-04-29] ()
R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [410112 2011-04-29] ()
R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [168448 2011-04-29] ()
S3 stexstor; C:\Windows\system32\DRIVERS\stexstor.sys [24656 2009-07-14] ()
R3 swenum; C:\Windows\system32\drivers\swenum.sys [12496 2009-07-14] ()
R3 SynTP; C:\Windows\System32\DRIVERS\SynTP.sys [301104 2009-12-10] ()
R0 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1910632 2013-05-08] ()
S3 TCPIP6; C:\Windows\System32\DRIVERS\tcpip.sys [1910632 2013-05-08] ()
R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [45568 2012-10-03] ()
S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [15872 2009-07-14] ()
S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [23552 2012-02-17] ()
R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [119296 2010-11-20] ()
R1 TermDD; C:\Windows\system32\drivers\termdd.sys [63360 2010-11-20] ()
S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [39424 2010-11-20] ()
S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [59392 2010-11-20] ()
R3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [125440 2010-11-20] ()
S3 uagp35; C:\Windows\system32\DRIVERS\uagp35.sys [64080 2009-07-14] ()
R3 UBHelper; C:\Windows\system32\drivers\UBHelper.sys [17408 2010-07-09] ()
S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [328192 2010-11-20] ()
S3 uliagpkx; C:\Windows\system32\drivers\uliagpkx.sys [64592 2009-07-14] ()
R3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [48640 2010-11-20] ()
S3 UmPass; C:\Windows\system32\DRIVERS\umpass.sys [9728 2009-07-14] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [52736 2012-02-15] ()
R3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [98816 2011-03-25] ()
S3 usbcir; C:\Windows\system32\drivers\usbcir.sys [100352 2009-07-14] ()
R3 usbehci; C:\Windows\system32\drivers\usbehci.sys [52736 2011-03-25] ()
R3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [343040 2011-03-25] ()
S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [25600 2011-03-25] ()
S3 usbprint; C:\Windows\system32\DRIVERS\usbprint.sys [25088 2009-07-14] ()
S3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [91648 2011-03-11] ()
S3 usbuhci; C:\Windows\system32\drivers\usbuhci.sys [30720 2011-03-25] ()
R3 usbvideo; C:\Windows\System32\Drivers\usbvideo.sys [184960 2010-11-20] ()
R0 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [36432 2009-07-14] ()
S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [29184 2009-07-14] ()
R1 VgaSave; C:\Windows\System32\drivers\vga.sys [29184 2009-07-14] ()
S3 vhdmp; C:\Windows\system32\drivers\vhdmp.sys [215936 2010-11-20] ()
S3 viaide; C:\Windows\system32\drivers\viaide.sys [17488 2009-07-14] ()
R0 volmgr; C:\Windows\System32\drivers\volmgr.sys [71552 2010-11-20] ()
R0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363392 2010-11-20] ()
R0 volsnap; C:\Windows\System32\drivers\volsnap.sys [295808 2010-11-20] ()
S3 vsmraid; C:\Windows\system32\DRIVERS\vsmraid.sys [161872 2009-07-14] ()
R3 vwifibus; C:\Windows\System32\DRIVERS\vwifibus.sys [24576 2009-07-14] ()
R1 vwififlt; C:\Windows\System32\DRIVERS\vwififlt.sys [59904 2009-07-14] ()
R3 vwifimp; C:\Windows\System32\DRIVERS\vwifimp.sys [17920 2009-07-14] ()
S3 WacomPen; C:\Windows\system32\DRIVERS\wacompen.sys [27776 2009-07-14] ()
S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-20] ()
R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-20] ()
S3 Wd; C:\Windows\system32\DRIVERS\wd.sys [21056 2009-07-14] ()
R0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [785512 2012-07-26] ()
R1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [12800 2009-07-14] ()
S3 WIMMount; C:\Windows\System32\drivers\wimmount.sys [22096 2009-07-14] ()
S3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [41984 2010-11-20] ()
R3 WmiAcpi; C:\Windows\system32\drivers\wmiacpi.sys [14336 2009-07-14] ()
S4 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [21504 2009-07-14] ()
S3 WSDPrintDevice; C:\Windows\System32\DRIVERS\WSDPrint.sys [23040 2009-07-14] ()
S3 WSDScan; C:\Windows\System32\DRIVERS\WSDScan.sys [25088 2009-07-14] ()
S3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [87040 2012-07-26] ()
S3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [198656 2012-07-26] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-27 10:54 - 2014-03-27 10:54 - 00000000 ____D () C:\FRST
2014-03-27 10:26 - 2014-03-27 10:26 - 00602112 _____ (OldTimer Tools) C:\Users\Daniel\Desktop\OTL.exe
2014-03-27 10:10 - 2014-03-27 10:10 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\AVG2014
2014-03-27 10:09 - 2014-03-27 10:09 - 00000985 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-03-27 10:09 - 2014-03-27 10:09 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\TuneUp Software
2014-03-27 10:08 - 2014-03-27 10:10 - 00000000 ____D () C:\ProgramData\AVG2014
2014-03-27 10:08 - 2014-03-27 10:08 - 00000000 ___HD () C:\$AVG
2014-03-27 10:08 - 2014-03-27 10:08 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-03-27 10:07 - 2014-03-27 10:16 - 00000000 ____D () C:\ProgramData\MFAData
2014-03-27 10:07 - 2014-03-27 10:10 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Avg2014
2014-03-27 10:07 - 2014-03-27 10:07 - 00000000 ____D () C:\Users\Daniel\AppData\Local\MFAData
2014-03-27 10:05 - 2014-03-27 10:05 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\iczibtzd.sys
2014-03-27 09:53 - 2014-03-27 09:53 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\ccpgjzeq.sys
2014-03-27 09:48 - 2014-03-27 09:48 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\rwtgsytn.sys
2014-03-27 09:44 - 2014-03-27 09:44 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\xglunscn.sys
2014-03-27 09:33 - 2014-03-27 09:33 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\krwmrqwb.sys
2014-03-27 09:23 - 2014-03-27 09:23 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\tnrctybw.sys
2014-03-27 09:23 - 2014-03-27 09:23 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\holidmis.sys
2014-03-27 09:18 - 2014-03-27 09:18 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\euidstbw.sys
2014-03-27 09:18 - 2014-03-27 09:18 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-03-08 15:16 - 2014-03-08 15:19 - 00000000 ____D () C:\Users\Daniel\Documents\Uni Ulm

==================== One Month Modified Files and Folders =======

2014-03-27 10:54 - 2014-03-27 10:54 - 00000000 ____D () C:\FRST
2014-03-27 10:26 - 2014-03-27 10:26 - 00602112 _____ (OldTimer Tools) C:\Users\Daniel\Desktop\OTL.exe
2014-03-27 10:20 - 2009-07-14 05:45 - 00010240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-27 10:20 - 2009-07-14 05:45 - 00010240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-27 10:16 - 2014-03-27 10:07 - 00000000 ____D () C:\ProgramData\MFAData
2014-03-27 10:12 - 2013-11-22 17:54 - 00000043 _____ () C:\Users\Public\Documents\AtherosServiceConfig.ini
2014-03-27 10:11 - 2010-10-05 03:52 - 00251798 _____ () C:\Windows\PFRO.log
2014-03-27 10:11 - 2010-08-30 10:24 - 00000000 ____D () C:\Program Files (x86)\EgisTec MyWinLocker
2014-03-27 10:11 - 2009-07-14 05:51 - 00078433 _____ () C:\Windows\setupact.log
2014-03-27 10:10 - 2014-03-27 10:10 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\AVG2014
2014-03-27 10:10 - 2014-03-27 10:08 - 00000000 ____D () C:\ProgramData\AVG2014
2014-03-27 10:10 - 2014-03-27 10:07 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Avg2014
2014-03-27 10:09 - 2014-03-27 10:09 - 00000985 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-03-27 10:09 - 2014-03-27 10:09 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\TuneUp Software
2014-03-27 10:08 - 2014-03-27 10:08 - 00000000 ___HD () C:\$AVG
2014-03-27 10:08 - 2014-03-27 10:08 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-03-27 10:07 - 2014-03-27 10:07 - 00000000 ____D () C:\Users\Daniel\AppData\Local\MFAData
2014-03-27 10:05 - 2014-03-27 10:05 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\iczibtzd.sys
2014-03-27 09:53 - 2014-03-27 09:53 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\ccpgjzeq.sys
2014-03-27 09:53 - 2010-08-30 10:03 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-27 09:50 - 2010-08-30 10:12 - 00000000 ____D () C:\Program Files (x86)\Acer GameZone
2014-03-27 09:48 - 2014-03-27 09:48 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\rwtgsytn.sys
2014-03-27 09:44 - 2014-03-27 09:44 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\xglunscn.sys
2014-03-27 09:33 - 2014-03-27 09:33 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\krwmrqwb.sys
2014-03-27 09:32 - 2013-07-10 21:45 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-03-27 09:30 - 2010-12-31 12:22 - 00000000 ___RD () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-27 09:30 - 2010-08-30 10:19 - 00000000 ____D () C:\ProgramData\McAfee
2014-03-27 09:28 - 2013-02-07 08:08 - 00000000 ____D () C:\Program Files\McAfee
2014-03-27 09:23 - 2014-03-27 09:23 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\tnrctybw.sys
2014-03-27 09:23 - 2014-03-27 09:23 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\holidmis.sys
2014-03-27 09:18 - 2014-03-27 09:18 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\euidstbw.sys
2014-03-27 09:18 - 2014-03-27 09:18 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-03-27 09:18 - 2013-07-10 21:45 - 00000000 ____D () C:\ProgramData\Avira
2014-03-27 09:17 - 2010-10-05 03:55 - 01324236 _____ () C:\Windows\WindowsUpdate.log
2014-03-27 09:08 - 2013-03-17 21:36 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-03-27 09:07 - 2013-11-24 10:55 - 00000000 ____D () C:\AdwCleaner
2014-03-27 09:01 - 2013-03-17 21:36 - 00000000 ____D () C:\Users\Daniel\Documents\Anti-Malware
2014-03-27 07:08 - 2012-03-27 19:24 - 00000000 ____D () C:\Users\Daniel\Documents\DHBW Ravensburg
2014-03-16 11:36 - 2010-10-05 13:46 - 00697098 _____ () C:\Windows\system32\perfh007.dat
2014-03-16 11:36 - 2010-10-05 13:46 - 00148362 _____ () C:\Windows\system32\perfc007.dat
2014-03-16 11:36 - 2009-07-14 06:13 - 01613412 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-08 15:19 - 2014-03-08 15:16 - 00000000 ____D () C:\Users\Daniel\Documents\Uni Ulm
2014-03-06 21:57 - 2013-01-19 13:07 - 00000000 ____D () C:\Users\Daniel\Documents\Outlook-Dateien

ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-3312866003-2049396336-1487248635-1000\$351382c48c5879d0f55d9b98e7d407a6

ZeroAccess:
C:\$Recycle.Bin\S-1-5-18\$351382c48c5879d0f55d9b98e7d407a6

Files to move or delete:
====================
C:\ProgramData\hpe70AB.dll
C:\ProgramData\hpe8D21.dll


Some content of TEMP:
====================
C:\Users\Daniel\AppData\Local\Temp\InstallFlashPlayer.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2011-05-08 10:19] - [2010-11-20 14:34] - 0295808 ____A () D41D8CD98F00B204E9800998ECF8427E

C:\Windows\System32\Drivers\volsnap.sys No Company Name <===== ATTENTION!

ATTENTION: ====> ZeroAccess. Use DeleteJunctionsIndirectory: C:\Program Files\Windows Defender


testsigning: ==> Check for possible unsigned rootkit driver <===== ATTENTION!


LastRegBack: 2013-07-24 19:02

==================== End Of Log ============================
         
--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Daniel at 2014-03-27 10:54:50
Running from C:\Users\Daniel\AppData\Local\Opera\Opera\temporary_downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: AntiVir Desktop (Enabled - Up to date) {090F9C29-64CE-6C6F-379C-5901B49A85B7}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AntiVir Desktop (Enabled - Up to date) {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}

==================== Installed Programs ======================

Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.68 - NewTech Infosystems)
Acer Crystal Eye webcam (HKLM-x32\...\{51F026FA-5146-4232-A8BA-1364740BD053}) (Version: 1.0.4.3 - Liteon)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3005 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3013 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{58F4D244-314F-4D26-B5EF-C28AB32E22CB}_is1) (Version: 6.1.0.9 - Oberon Media, Inc.)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3003 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0707.2010 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.7.700.224 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 3.2 64-bit (HKLM\...\{A94AABAE-52F0-48C4-9F94-A4CA4B423576}) (Version: 3.2.1 - Adobe)
Adobe Reader 9.4.6 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.4.6 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.8.638 - Adobe Systems, Inc.)
Age of Empires III (HKLM-x32\...\InstallShield_{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Apple Application Support (HKLM-x32\...\{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}) (Version: 2.1.7 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}) (Version: 5.1.1.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{BAF4695F-7867-D8B2-528A-A1EF2EE0A9EF}) (Version: 3.0.778.0 - ATI Technologies, Inc.)
Avanquest update (HKLM-x32\...\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}) (Version: 1.29 - Avanquest Software)
AvERP Version 2014.02 (HKLM-x32\...\AvERP_is1) (Version:  - SYNERPY GmbH)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4354 - AVG Technologies)
AVG 2014 (Version: 14.0.3722 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4354 - AVG Technologies) Hidden
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version:  - )
Backup Manager Basic (x32 Version: 2.0.0.68 - NewTech Infosystems) Hidden
Battlefield 2(TM) (HKLM-x32\...\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}) (Version:  - )
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.01.000.18 - Atheros Communications)
Broadcom Gigabit NetLink Controller (HKLM\...\{A84DB02B-9C2B-4272-9D2D-A80E00A56513}) (Version: 14.0.2.3 - Broadcom Corporation)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0825.2205.37769 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0825.2205.37769 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0825.2205.37769 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0825.2204.37769 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0825.2204.37769 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0825.2204.37769 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0825.2204.37769 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0825.2204.37769 - ATI) Hidden
CCC Help English (x32 Version: 2010.0825.2204.37769 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0825.2204.37769 - ATI) Hidden
CCC Help French (x32 Version: 2010.0825.2204.37769 - ATI) Hidden
CCC Help German (x32 Version: 2010.0825.2204.37769 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0825.2204.37769 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0825.2204.37769 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0825.2204.37769 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0825.2204.37769 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0825.2204.37769 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0825.2204.37769 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0825.2204.37769 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0825.2204.37769 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0825.2204.37769 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0825.2204.37769 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0825.2204.37769 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0825.2204.37769 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0825.2204.37769 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0825.2205.37769 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2010.0825.2205.37769 - ATI) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.4.0.2905 - CDBurnerXP)
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.3216.50 - CyberLink Corp.)
CyberLink PowerDVD 9 (x32 Version: 9.0.3216.50 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{FEE83E48-5D21-4EEC-A345-5C5887869DBE}) (Version:  - Microsoft)
Die*Sims™*3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.0.631 - Electronic Arts)
Dropbox (HKCU\...\Dropbox) (Version: 1.6.4 - Dropbox, Inc.)
Druckerdeinstallation für EPSON SX525WD Series (HKLM\...\EPSON SX525WD Series) (Version:  - SEIKO EPSON Corporation)
eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
Facebook Messenger 2.1.4814.0 (HKLM-x32\...\{7204BDEE-1A48-4D95-A964-44A9250B439E}) (Version: 2.1.4814.0 - Facebook)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
FIFA 11 (HKLM-x32\...\{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}) (Version: 1.0.0.0 - Electronic Arts)
Firebird 2.5.2.26540 (x64) (HKLM\...\FBDBServer_2_5_x64_is1) (Version: 2.5.2.26540 - Firebird Project)
Free Audio CD Burner version 1.5.3.920 (HKLM-x32\...\Free Audio CD Burner_is1) (Version:  - DVDVideoSoft Ltd.)
Free Studio version 5.3.3 (HKLM-x32\...\Free Studio_is1) (Version:  - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.20.1230 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.20.1230 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.20.1230 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.20.1230 - DVDVideoSoft Ltd.)
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
iCloud (HKLM\...\{8B485965-8EFE-464A-842F-CF8F18C3DFD7}) (Version: 1.1.0.40 - Apple Inc.)
ICQ Away Reader 1.4 (HKLM-x32\...\{C1A80F67-656F-4DF3-A6C4-DE18A47477C5}_is1) (Version:  - murb.com)
ICQ7.5 (HKLM-x32\...\{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}) (Version: 7.5 - ICQ)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation)
Internet-TV für Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
iTunes (HKLM\...\{CF8FFD12-602B-422D-AF1D-511B411E7632}) (Version: 10.6.1.7 - Apple Inc.)
Java(TM) 6 Update 37 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216037FF}) (Version: 6.0.370 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.14 - Acer Inc.)
Merriam Websters Spell Jam (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}) (Version:  - Oberon Media)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version:  - )
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}) (Version:  - Microsoft)
Microsoft Office 2010 Service Pack 1 (SP1) (Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20125.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{EBFC96E5-4409-426E-88B7-650ADB342E78}) (Version: 8.0.50727.42 - The Firebird Project)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 7 Essentials (HKLM-x32\...\{2D7D9D86-923A-41A8-919F-437332AB1031}) (Version: 7.02.2760 - Nero AG)
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.8928 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.8928 - NTI Corporation) Hidden
Opera 11.61 (HKLM-x32\...\Opera 11.61.1250) (Version: 11.61.1250 - Opera Software ASA)
Opera 12.16 (HKLM-x32\...\Opera 12.16.1860) (Version: 12.16.1860 - Opera Software ASA)
Poker Pop (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111355427}) (Version:  - Oberon Media)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
QuickTime (HKLM-x32\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6034 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6141 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30122 - Realtek Semiconductor Corp.)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
SAMSUNG Android USB Modem Software (HKLM\...\SAMSUNG Android USB Modem) (Version: V5.28.2.1 - )
Secure Download Manager (HKLM-x32\...\{B15B400A-19ED-4CC7-B3E4-9295D8470CBE}) (Version: 3.0.3 - e-academy Inc.)
Skype™ 6.0 (HKLM-x32\...\{EA17F4FC-FDBF-4CF8-A529-2D983132D053}) (Version: 6.0.126 - Skype Technologies S.A.)
Sony Ericsson PC Suite 6.012.00 (HKLM-x32\...\{2FFE93F0-BB72-4E52-8761-354D1AAA9387}) (Version: 6.012.00 - Sony Ericsson)
SopCast 3.3.2 (HKLM-x32\...\SopCast) (Version: 3.3.2 - www.sopcast.com)
Spin & Win (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110300453}) (Version:  - Oberon Media)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.19.0 - Synaptics Incorporated)
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version:  - Nadeo)
TuneUp Companion 2.2.5 (HKLM-x32\...\TuneUpMedia) (Version: 2.2.5 - TuneUp Media, Inc.)
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version:  - )
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2473228) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2010 (KB2553065) (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{57CEB66B-DD29-4883-92A2-671331657B52}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553092) (HKLM\...\{90140000-0044-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{E636FE63-842B-4F4B-9884-DA189ACC0B91}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553092) (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{E636FE63-842B-4F4B-9884-DA189ACC0B91}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{E24F10E6-7D9B-4E3A-B6CF-4C3257A382CD}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{E24F10E6-7D9B-4E3A-B6CF-4C3257A382CD}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{3E381AC3-30C3-41D7-9B27-B3F3E17BDCB8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition (HKLM\...\{90140000-001F-0410-1000-0000000FF1CE}_Office14.PROPLUSR_{C60D896D-47DE-443F-9DCB-0A80E7E9AD2F}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition (HKLM\...\{90140000-006E-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{61A3A423-93E5-467D-80F1-B5EC686474D0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553378) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{CABC3FE9-02BD-47C8-8576-EA3E8BB1BE1A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2566458) (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A6C194EA-C6CB-4314-9E43-AD1F4A1E9D74}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition (HKLM\...\{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{2D507B6C-B472-447F-B61F-8EF54D9893A5}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{A8EC00BF-EDF5-46F0-B466-C4312722D8F3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUSR_{02A7E7E4-15FB-4240-963D-61E9029E0135}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{7750DF63-F5DC-4198-8B8B-AE03B212F462}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{7750DF63-F5DC-4198-8B8B-AE03B212F462}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2767886) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{204B60A2-CCEA-4075-9F58-B7BC1BA5E742}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition (HKLM\...\{90140000-00A1-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{AA344E1A-06FE-4EA1-8040-A3AA2A3A87EF}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2597090) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{0977F620-BD31-41EC-B18C-31E341D5935E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition (HKLM\...\{90140000-001A-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{2F9F8E9D-DBE2-4200-AB69-1A802B50F594}) (Version:  - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition (HKLM\...\{90140000-001A-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{EE34F250-0C70-4774-82A8-B1EAAEB89991}) (Version:  - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{7861C766-2AA2-4A50-AB75-A57D451CEA76}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2598240) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{AF61D314-0E39-485E-A603-2B2F03AB7376}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{E1757044-ECB2-4551-B1D5-5E39F7E109CE}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{E1757044-ECB2-4551-B1D5-5E39F7E109CE}) (Version:  - Microsoft)
Update for Zip Opener (HKCU\...\DigitalSite) (Version:  - ) <==== ATTENTION
Veetle TV (HKLM-x32\...\Veetle TV) (Version: 0.9.18 - Veetle, Inc)
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version:  - NCH Software)
Videora iPhone 4 Converter 6 (HKLM-x32\...\Videora iPhone 4 Converter) (Version: 6 - Red Kawa)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3004 - Acer Incorporated)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Media Center Add-in for Silverlight (HKLM-x32\...\{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}) (Version: 4.7.3.0 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter: Treiberupdate (HKLM\...\{92DBCA36-9B41-4DD1-941A-AED149DD37F0}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )
Xilisoft Online Video Downloader (HKLM-x32\...\Xilisoft Online Video Downloader) (Version: 2.1.0.1216 - Xilisoft)
YouTube Downloader App 3.00 (HKLM-x32\...\YouTube Downloader App) (Version: 3.00 - Regensoft)

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 03:34 - 2011-09-30 18:13 - 00000852 ____A C:\Windows\system32\Drivers\etc\hosts
74.208.10.249 gs.apple.com

==================== Scheduled Tasks (whitelisted) =============

Task: {15974E15-EE34-4D7D-91C3-80E18D063D20} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3312866003-2049396336-1487248635-1000UA => C:\Users\Daniel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-30] (Facebook Inc.)
Task: {15FA8E09-3B04-454D-98EE-3D4D47284097} - System32\Tasks\EQXNUXYNK => Rundll32.exe "C:\Windows\SysWOW64\mtxclub.dll",DDRQGBQE
Task: {3C336E20-840E-4E45-8635-687C35800002} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9A39537A-E834-448C-BC8C-EC844FD9DA34} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3312866003-2049396336-1487248635-1000Core => C:\Users\Daniel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-30] (Facebook Inc.)
Task: {B124274C-D88B-4C79-8E92-A895D2938DD1} - System32\Tasks\{4AF484DB-684D-4BF0-9989-B1738EDEA207} => c:\program files (x86)\opera\opera.exe [2013-07-10] (Opera Software)
Task: {D0411A54-D29E-47AB-A55F-B3C608F30F0B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-23] (Adobe Systems Incorporated)
Task: {E6B1F542-207A-4685-8C0B-70BF2DEB336F} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\EQXNUXYNK.job => C:\Windows\SysWOW64\mtxclub.dll
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3312866003-2049396336-1487248635-1000Core.job => C:\Users\Daniel\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3312866003-2049396336-1487248635-1000UA.job => C:\Users\Daniel\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf28ee75952824.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-04-11 17:07 - 2013-03-19 06:46 - 00043520 _____ () C:\Windows\system32\CSRSRV.dll
2009-07-14 00:19 - 2009-07-14 02:41 - 00036864 _____ () C:\Windows\system32\pcwum.dll
2009-07-14 00:19 - 2009-07-14 02:41 - 00036864 _____ () c:\windows\system32\pcwum.DLL
2011-06-16 16:19 - 2009-04-30 12:23 - 00090112 _____ () C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
2011-03-17 00:07 - 2011-03-17 00:07 - 04297568 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2011-03-17 00:07 - 2011-03-17 00:07 - 04297568 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf
2011-09-27 06:23 - 2011-09-27 06:23 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 06:22 - 2011-09-27 06:22 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-06-28 23:20 - 2010-06-28 23:20 - 00465576 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2010-06-28 23:12 - 2010-06-28 23:12 - 01081600 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2010-08-30 10:45 - 2009-05-20 07:02 - 00072200 _____ () C:\Program Files (x86)\Launch Manager\CdDirIo.dll
2011-03-17 00:11 - 2011-03-17 00:11 - 04297568 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2009-12-22 08:57 - 2009-12-22 08:57 - 07573504 _____ () c:\program files (x86)\adobe\reader 9.0\reader\rdlang32.deu
2009-02-28 00:40 - 2009-02-28 00:40 - 01712128 _____ () C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annots.DEU
2014-02-23 12:53 - 2014-02-23 12:53 - 16265096 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll
2010-12-31 12:50 - 2013-07-10 21:55 - 00835584 _____ () C:\Program Files (x86)\Opera\gstreamer\gstreamer.dll
2010-12-31 12:50 - 2013-07-10 21:55 - 00093696 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioconvert.dll
2010-12-31 12:50 - 2013-07-10 21:55 - 00094208 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioresample.dll
2010-12-31 12:50 - 2013-07-10 21:55 - 00057344 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstautodetect.dll
2011-12-18 12:18 - 2013-07-10 21:55 - 00096256 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstcoreplugins.dll
2010-12-31 12:50 - 2013-07-10 21:55 - 00062976 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstdecodebin2.dll
2010-12-31 12:50 - 2013-07-10 21:55 - 00067072 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstdirectsound.dll
2010-12-31 12:50 - 2013-07-10 21:55 - 00158208 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstffmpegcolorspace.dll
2010-12-31 12:50 - 2013-07-10 21:55 - 00312832 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstoggdec.dll
2010-12-31 12:50 - 2013-07-10 21:55 - 00038912 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstwaveform.dll
2010-12-31 12:50 - 2013-07-10 21:55 - 00073728 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstwavparse.dll
2010-12-31 12:50 - 2013-07-10 21:55 - 00101888 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstwebmdec.dll
2009-02-27 20:52 - 2009-02-27 20:52 - 00258048 _____ () C:\Program Files (x86)\Adobe\Reader 9.0\Reader\sqlite.dll
2009-10-03 10:45 - 2009-10-03 10:45 - 00012288 _____ () C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Updater.DEU
2009-10-03 10:48 - 2009-10-03 10:48 - 00106496 _____ () C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\EScript.DEU
2009-02-28 00:41 - 2009-02-28 00:41 - 00023552 _____ () C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\SaveAsRTF.DEU
2013-01-15 21:51 - 2013-01-15 21:51 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\99bd60d446f190d3f787f8eb02442187\IsdiInterop.ni.dll
2010-08-30 10:03 - 2010-04-13 17:52 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:1A60DE96

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Asynchroner RAS-Adapter
Description: Asynchroner RAS-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: AsyncMac
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.

Name: sptd
Description: sptd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: sptd
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Atheros Bluetooth Bus
Description: Atheros Bluetooth Bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Atheros Communications
Service: BTATH_BUS
Problem: : Windows cannot initialize the device driver for this hardware. (Code 37)
Resolution: The driver returned failure from its DriverEntry routine. Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/27/2014 10:35:10 AM) (Source: Application Hang) (User: )
Description: Programm WINWORD.EXE, Version 14.0.6129.5000 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 920

Startzeit: 01cf499ef2bd739b

Endzeit: 0

Anwendungspfad: C:\PROGRA~1\MICROS~2\Office14\WINWORD.EXE

Berichts-ID: 0a897fd8-b593-11e3-86b1-1c750805ec91

Error: (03/27/2014 04:47:47 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5132

Error: (03/27/2014 04:47:47 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5132

Error: (03/27/2014 04:47:47 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/25/2014 01:17:16 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1796102

Error: (03/25/2014 01:17:16 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1796102

Error: (03/25/2014 01:17:16 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/25/2014 01:17:05 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1785821

Error: (03/25/2014 01:17:05 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1785821

Error: (03/25/2014 01:17:05 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (03/27/2014 10:17:06 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AVGIDSAgent" ist vom Dienst "AVGIDSDriver" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%31

Error: (03/27/2014 10:17:06 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AVGIDSDriver" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%31

Error: (03/27/2014 10:17:06 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AVG AVI Loader Driver" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%31

Error: (03/27/2014 10:16:14 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AVGIDSAgent" ist vom Dienst "AVGIDSDriver" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%31

Error: (03/27/2014 10:16:14 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AVGIDSDriver" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%31

Error: (03/27/2014 10:16:14 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AVG AVI Loader Driver" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%31

Error: (03/27/2014 10:13:09 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (03/27/2014 10:12:05 AM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
Avgdiska
AVGIDSDriver
AVGIDSHA
Avgldx64
Avgloga
Avgmfx64
Avgrkx64
Avgtdia
sptd

Error: (03/27/2014 10:11:58 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "IPsec-Richtlinien-Agent" ist von folgendem Dienst abhängig: BFE. Dieser Dienst ist eventuell nicht installiert.

Error: (03/27/2014 10:11:58 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "IKE- und AuthIP IPsec-Schlüsselerstellungsmodule" ist von folgendem Dienst abhängig: BFE. Dieser Dienst ist eventuell nicht installiert.


Microsoft Office Sessions:
=========================
Error: (03/27/2014 10:35:10 AM) (Source: Application Hang)(User: )
Description: WINWORD.EXE14.0.6129.500092001cf499ef2bd739b0C:\PROGRA~1\MICROS~2\Office14\WINWORD.EXE0a897fd8-b593-11e3-86b1-1c750805ec91

Error: (03/27/2014 04:47:47 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5132

Error: (03/27/2014 04:47:47 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5132

Error: (03/27/2014 04:47:47 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/25/2014 01:17:16 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1796102

Error: (03/25/2014 01:17:16 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1796102

Error: (03/25/2014 01:17:16 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/25/2014 01:17:05 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1785821

Error: (03/25/2014 01:17:05 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1785821

Error: (03/25/2014 01:17:05 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second


CodeIntegrity Errors:
===================================
  Date: 2013-07-02 08:30:31.717
  Description: N/A

  Date: 2013-07-02 08:30:31.514
  Description: N/A


==================== Memory info =========================== 

Percentage of memory in use: 56%
Total physical RAM: 3958.71 MB
Available physical RAM: 1717.52 MB
Total Pagefile: 7915.61 MB
Available Pagefile: 5617.64 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:284.99 GB) (Free:155.72 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 2FA7803C)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=285 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         


Alt 27.03.2014, 11:00   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Probleme mit dem Virenscanner/schutz - Standard

Probleme mit dem Virenscanner/schutz



Zitat:
U5 af45d0f59a6a795; C:\Windows\System32\Drivers\af45d0f59a6a795.sys [78264 2013-07-02] () <===== ATTENTION Necurs Rootkit?
Necurs Rootkit ist ja auch noch drauf neben ZeroAccess


Dann bitte jetzt Combofix ausführen:

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
--> Probleme mit dem Virenscanner/schutz

Alt 27.03.2014, 11:12   #7
El_CapOne
 
Probleme mit dem Virenscanner/schutz - Standard

Probleme mit dem Virenscanner/schutz



Oh man!

Also eben kam die Meldung, dass noch folgende Real Time Scanner aktiv sind:

- antivirus: AntiVir Destkop
- antispyware: AntiVir Destkop

Antivir ist allerdings jedoch schon deinstalliert.

Soll der Scan dennoch durchgeführt werden?

Alt 27.03.2014, 11:34   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Probleme mit dem Virenscanner/schutz - Standard

Probleme mit dem Virenscanner/schutz



Dann einfach weiterwerkeln lassen
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 27.03.2014, 11:45   #9
El_CapOne
 
Probleme mit dem Virenscanner/schutz - Standard

Probleme mit dem Virenscanner/schutz



Folgender Report kam heraus:

[CODE]
Combofix Logfile:
Code:
ATTFilter
ComboFix 14-03-24.01 - Daniel 27.03.2014  11:26:43.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3959.1423 [GMT 1:00]
ausgeführt von:: c:\users\Daniel\AppData\Local\Opera\Opera\temporary_downloads\ComboFix.exe
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\prefs.js
c:\programdata\hpe70AB.dll
c:\programdata\hpe8D21.dll
c:\users\Daniel\AppData\Roaming\Xyuzor
c:\users\Daniel\AppData\Roaming\Xyuzor\adabr.ozy
c:\windows\Tasks\EQXNUXYNK.job
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-02-27 bis 2014-03-27  ))))))))))))))))))))))))))))))
.
.
2014-03-27 10:32 . 2014-03-27 10:32	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-03-27 09:54 . 2014-03-27 09:55	--------	d-----w-	C:\FRST
2014-03-27 09:10 . 2014-03-27 09:10	--------	d-----w-	c:\users\Daniel\AppData\Roaming\AVG2014
2014-03-27 09:09 . 2014-03-27 09:09	--------	d-----w-	c:\users\Daniel\AppData\Roaming\TuneUp Software
2014-03-27 09:08 . 2014-03-27 09:10	--------	d-----w-	c:\programdata\AVG2014
2014-03-27 09:08 . 2014-03-27 09:08	--------	d-----w-	C:\$AVG
2014-03-27 09:08 . 2014-03-27 09:08	--------	d-----w-	c:\program files (x86)\AVG
2014-03-27 09:07 . 2014-03-27 09:16	--------	d-----w-	c:\programdata\MFAData
2014-03-27 09:07 . 2014-03-27 09:10	--------	d-----w-	c:\users\Daniel\AppData\Local\Avg2014
2014-03-27 09:07 . 2014-03-27 09:07	--------	d--h--w-	c:\programdata\Common Files
2014-03-27 09:07 . 2014-03-27 09:07	--------	d-----w-	c:\users\Daniel\AppData\Local\MFAData
2014-03-27 09:05 . 2014-03-27 09:05	421704	----a-w-	c:\windows\system32\drivers\iczibtzd.sys
2014-03-27 08:53 . 2014-03-27 08:53	423240	----a-w-	c:\windows\system32\drivers\ccpgjzeq.sys
2014-03-27 08:48 . 2014-03-27 08:48	423240	----a-w-	c:\windows\system32\drivers\rwtgsytn.sys
2014-03-27 08:44 . 2014-03-27 08:44	423240	----a-w-	c:\windows\system32\drivers\xglunscn.sys
2014-03-27 08:33 . 2014-03-27 08:33	423240	----a-w-	c:\windows\system32\drivers\krwmrqwb.sys
2014-03-27 08:23 . 2014-03-27 08:23	423240	----a-w-	c:\windows\system32\drivers\holidmis.sys
2014-03-27 08:23 . 2014-03-27 08:23	423240	----a-w-	c:\windows\system32\drivers\tnrctybw.sys
2014-03-27 08:18 . 2014-03-27 08:18	423240	----a-w-	c:\windows\system32\drivers\euidstbw.sys
2014-03-27 08:18 . 2014-03-27 08:18	--------	d-----w-	c:\programdata\AVAST Software
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-23 11:53 . 2012-06-25 19:30	692616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-02-23 11:53 . 2011-05-16 10:15	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-04-13 284696]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-06-28 265984]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-08-10 975952]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-08-25 98304]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"AVG_UI"="c:\program files (x86)\AVG\AVG2014\avgui.exe" [2014-03-19 4971024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
R0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
R0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
R1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c:\windows\SYSNATIVE\DRIVERS\avgdiska.sys [x]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
R1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
R1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
R2 0292681395908944mcinstcleanup;McAfee Application Installer Cleanup (0292681395908944);c:\users\Daniel\AppData\Local\Temp\029268~1.EXE;c:\users\Daniel\AppData\Local\Temp\029268~1.EXE [x]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
R3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
R3 BthAvrcp;Bluetooth-AVRCP-Profil;c:\windows\system32\DRIVERS\BthAvrcp.sys;c:\windows\SYSNATIVE\DRIVERS\BthAvrcp.sys [x]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_2_5\bin\fbserver.exe;c:\program files\Firebird\Firebird_2_5\bin\fbserver.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\DRIVERS\s0017bus.sys;c:\windows\SYSNATIVE\DRIVERS\s0017bus.sys [x]
R3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0017mdfl.sys;c:\windows\SYSNATIVE\DRIVERS\s0017mdfl.sys [x]
R3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0017mdm.sys;c:\windows\SYSNATIVE\DRIVERS\s0017mdm.sys [x]
R3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0017mgmt.sys;c:\windows\SYSNATIVE\DRIVERS\s0017mgmt.sys [x]
R3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0017obex.sys;c:\windows\SYSNATIVE\DRIVERS\s0017obex.sys [x]
R3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\DRIVERS\s0017unic.sys;c:\windows\SYSNATIVE\DRIVERS\s0017unic.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WSDScan;WSD-Scanunterstützung durch UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE;c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [x]
S2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE;c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [x]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe;c:\program files (x86)\Acer\Registration\GREGsvc.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [x]
S2 OMSI download service;Sony Ericsson OMSI download service;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys;c:\windows\SYSNATIVE\DRIVERS\seehcri.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
*Deregistered* - af45d0f59a6a795
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-03-15 08:57	1150280	----a-w-	c:\program files (x86)\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-02-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-25 11:53]
.
2013-07-25 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3312866003-2049396336-1487248635-1000Core.job
- c:\users\Daniel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-05-05 11:20]
.
2013-07-25 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3312866003-2049396336-1487248635-1000UA.job
- c:\users\Daniel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-05-05 11:20]
.
2014-02-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cf28ee75952824.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-10-18 14:59]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-22 10920552]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-06-11 861216]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2010-05-25 585376]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2010-05-25 354464]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
IE: An OneNote s&enden - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Download with Xilisoft Online Video Downloader - c:\program files (x86)\Xilisoft\Online Video Downloader\upod_link.HTM
IE: Free YouTube Download - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files (x86)\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 192.168.25.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
HKLM-Run-mwlDaemon - c:\program files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-Ocs_SM - c:\users\Daniel\AppData\Roaming\OCS\SM\SearchAnonymizer.exe
AddRemove-VideoPad - c:\program files (x86)\NCH Software\VideoPad\uninst.exe
AddRemove-DigitalSite - c:\users\Daniel\AppData\Roaming\DigitalSite\UpdateProc\UpdateTask.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\af45d0f59a6a795]
"ImagePath"="\SystemRoot\System32\Drivers\af45d0f59a6a795.sys"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-03-27  11:42:20 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-03-27 10:42
.
Vor Suchlauf: 12 Verzeichnis(se), 184.050.388.992 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 184.945.643.520 Bytes frei
.
- - End Of File - - 620A902C23ACA048D3BEFB5868611B71
         
--- --- ---

Alt 27.03.2014, 12:01   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Probleme mit dem Virenscanner/schutz - Standard

Probleme mit dem Virenscanner/schutz



Combofix-Skript
WARNUNG für die MITLESER:
Folgendes ComboFix Skript ist ausschließlich für diesen User in dieser Situtation erstellt worden.
Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!

  • Lösche die vorhandene Combofix.exe von deinem Desktop und lade das Programm von folgenden Download-Spiegel neu herunter: Link
  • Speichere es erneut auf dem Desktop (nicht woanders hin, das ist wichtig)!
  • Drücke die Windows + R Taste --> notepad (hinein schreiben) --> OK
  • Kopiere nun den Text aus der folgenden Codebox komplett in das leere Textdokument.
    Code:
    ATTFilter
    File::
    C:\Windows\System32\Drivers\af45d0f59a6a795.sys
    c:\windows\system32\drivers\iczibtzd.sys
    c:\windows\system32\drivers\ccpgjzeq.sys
    c:\windows\system32\drivers\rwtgsytn.sys
    c:\windows\system32\drivers\xglunscn.sys
    c:\windows\system32\drivers\krwmrqwb.sys
    c:\windows\system32\drivers\holidmis.sys
    c:\windows\system32\drivers\tnrctybw.sys
    c:\windows\system32\drivers\euidstbw.sys
    
    Folder::
    C:\$Recycle.Bin\S-1-5-21-3312866003-2049396336-1487248635-1000\$351382c48c5879d0f55d9b98e7d407a6
    C:\$Recycle.Bin\S-1-5-18\$351382c48c5879d0f55d9b98e7d407a6
    
    Driver::
    af45d0f59a6a795
    
    Registry::
    [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\af45d0f59a6a795]
             
  • Speichere dies als CFScript.txt auf deinem Desktop.
  • Wichtig: Stelle deine Anti Viren Software temporär ab. Dies kann ComboFix nämlich bei der Arbeit behindern.
    Danach wieder anstellen nicht vergessen!
  • Schließe alle laufenden Programme damit ComboFix ungehindert arbeiten kann.
  • Ziehe CFScript.txt in die ComboFix.exe wie in diesem Bild:
  • Mache nichts am Computer, bewege nicht die Maus über das ComboFix-Fenster oder klicke in dieses hinein. Dies kann dazu führen, dass ComboFix sich aufhängt.
  • Wenn ComboFix fertig ist wird es ein Log erstellen: C:\ComboFix.txt
    Bitte füge es hier als Antwort (in CODE-Tags mit dem #-Button des Editors) ein.

Hinweis:
Suspect:: und Collect::
Falls im Skript diese Anweisungen enthalten sind, sollen Dateien zur Analyse eingeschickt werden. Es erscheint eine Message-Box, nachdem Combofix fertig ist. Klicke OK und folge den Aufforderungen/Anweisungen, um die Dateien hochzuladen. Teile mir unbedingt mit, ob der Upload geklappt hat!

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 27.03.2014, 13:36   #11
El_CapOne
 
Probleme mit dem Virenscanner/schutz - Standard

Probleme mit dem Virenscanner/schutz



Code:
ATTFilter
Combofix Logfile:
Code:
ATTFilter
ComboFix 14-03-24.01 - Daniel 27.03.2014  13:17:06.2.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3959.1660 [GMT 1:00]
ausgeführt von:: c:\users\Daniel\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\Daniel\Desktop\CFScript.txt
AV: AVG AntiVirus Free Edition 2014 *Disabled/Outdated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus Free Edition 2014 *Disabled/Outdated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
FILE ::
"c:\windows\System32\Drivers\af45d0f59a6a795.sys"
"c:\windows\system32\drivers\ccpgjzeq.sys"
"c:\windows\system32\drivers\euidstbw.sys"
"c:\windows\system32\drivers\holidmis.sys"
"c:\windows\system32\drivers\iczibtzd.sys"
"c:\windows\system32\drivers\krwmrqwb.sys"
"c:\windows\system32\drivers\rwtgsytn.sys"
"c:\windows\system32\drivers\tnrctybw.sys"
"c:\windows\system32\drivers\xglunscn.sys"
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\drivers\ccpgjzeq.sys
c:\windows\system32\drivers\euidstbw.sys
c:\windows\system32\drivers\holidmis.sys
c:\windows\system32\drivers\iczibtzd.sys
c:\windows\system32\drivers\krwmrqwb.sys
c:\windows\system32\drivers\rwtgsytn.sys
c:\windows\system32\drivers\tnrctybw.sys
c:\windows\system32\drivers\xglunscn.sys
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_AF45D0F59A6A795
-------\Service_af45d0f59a6a795
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-02-27 bis 2014-03-27  ))))))))))))))))))))))))))))))
.
.
2014-03-27 09:54 . 2014-03-27 09:55	--------	d-----w-	C:\FRST
2014-03-27 09:10 . 2014-03-27 09:10	--------	d-----w-	c:\users\Daniel\AppData\Roaming\AVG2014
2014-03-27 09:09 . 2014-03-27 09:09	--------	d-----w-	c:\users\Daniel\AppData\Roaming\TuneUp Software
2014-03-27 09:08 . 2014-03-27 09:10	--------	d-----w-	c:\programdata\AVG2014
2014-03-27 09:08 . 2014-03-27 09:08	--------	d-----w-	C:\$AVG
2014-03-27 09:08 . 2014-03-27 09:08	--------	d-----w-	c:\program files (x86)\AVG
2014-03-27 09:07 . 2014-03-27 09:16	--------	d-----w-	c:\programdata\MFAData
2014-03-27 09:07 . 2014-03-27 09:10	--------	d-----w-	c:\users\Daniel\AppData\Local\Avg2014
2014-03-27 09:07 . 2014-03-27 09:07	--------	d--h--w-	c:\programdata\Common Files
2014-03-27 09:07 . 2014-03-27 09:07	--------	d-----w-	c:\users\Daniel\AppData\Local\MFAData
2014-03-27 08:18 . 2014-03-27 08:18	--------	d-----w-	c:\programdata\AVAST Software
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-23 11:53 . 2012-06-25 19:30	692616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-02-23 11:53 . 2011-05-16 10:15	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-04-13 284696]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-06-28 265984]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-08-10 975952]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-08-25 98304]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"AVG_UI"="c:\program files (x86)\AVG\AVG2014\avgui.exe" [2014-03-19 4971024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
R0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
R0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
R1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c:\windows\SYSNATIVE\DRIVERS\avgdiska.sys [x]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
R1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
R1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
R2 0292681395908944mcinstcleanup;McAfee Application Installer Cleanup (0292681395908944);c:\users\Daniel\AppData\Local\Temp\029268~1.EXE;c:\users\Daniel\AppData\Local\Temp\029268~1.EXE [x]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
R3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
R3 BthAvrcp;Bluetooth-AVRCP-Profil;c:\windows\system32\DRIVERS\BthAvrcp.sys;c:\windows\SYSNATIVE\DRIVERS\BthAvrcp.sys [x]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_2_5\bin\fbserver.exe;c:\program files\Firebird\Firebird_2_5\bin\fbserver.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\DRIVERS\s0017bus.sys;c:\windows\SYSNATIVE\DRIVERS\s0017bus.sys [x]
R3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0017mdfl.sys;c:\windows\SYSNATIVE\DRIVERS\s0017mdfl.sys [x]
R3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0017mdm.sys;c:\windows\SYSNATIVE\DRIVERS\s0017mdm.sys [x]
R3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0017mgmt.sys;c:\windows\SYSNATIVE\DRIVERS\s0017mgmt.sys [x]
R3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0017obex.sys;c:\windows\SYSNATIVE\DRIVERS\s0017obex.sys [x]
R3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\DRIVERS\s0017unic.sys;c:\windows\SYSNATIVE\DRIVERS\s0017unic.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WSDScan;WSD-Scanunterstützung durch UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE;c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [x]
S2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE;c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [x]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe;c:\program files (x86)\Acer\Registration\GREGsvc.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [x]
S2 OMSI download service;Sony Ericsson OMSI download service;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys;c:\windows\SYSNATIVE\DRIVERS\seehcri.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - AF45D0F59A6A795
*Deregistered* - af45d0f59a6a795
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-03-15 08:57	1150280	----a-w-	c:\program files (x86)\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-02-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-25 11:53]
.
2013-07-25 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3312866003-2049396336-1487248635-1000Core.job
- c:\users\Daniel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-05-05 11:20]
.
2013-07-25 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3312866003-2049396336-1487248635-1000UA.job
- c:\users\Daniel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-05-05 11:20]
.
2014-02-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cf28ee75952824.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-10-18 14:59]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"mwlDaemon"="c:\program files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe" [BU]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-22 10920552]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-06-11 861216]
"Ocs_SM"="c:\users\Daniel\AppData\Roaming\OCS\SM\SearchAnonymizer.exe" [BU]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2010-05-25 585376]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2010-05-25 354464]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
IE: An OneNote s&enden - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Download with Xilisoft Online Video Downloader - c:\program files (x86)\Xilisoft\Online Video Downloader\upod_link.HTM
IE: Free YouTube Download - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files (x86)\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 192.168.25.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
AddRemove-VideoPad - c:\program files (x86)\NCH Software\VideoPad\uninst.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\af45d0f59a6a795]
"ImagePath"="\SystemRoot\System32\Drivers\af45d0f59a6a795.sys"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-03-27  13:33:27 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-03-27 12:33
ComboFix2.txt  2014-03-27 10:42
.
Vor Suchlauf: 18 Verzeichnis(se), 184.799.670.272 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 184.259.907.584 Bytes frei
.
- - End Of File - - B9566A2FDDB41C8D841B9CA0D6A17721
         
--- --- ---

Alt 27.03.2014, 16:03   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Probleme mit dem Virenscanner/schutz - Standard

Probleme mit dem Virenscanner/schutz



Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 27.03.2014, 22:00   #13
El_CapOne
 
Probleme mit dem Virenscanner/schutz - Standard

Probleme mit dem Virenscanner/schutz



Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org

Database version: v2014.03.27.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16618
Daniel :: DANIEL-PC [administrator]

27.03.2014 20:47:43
mbar-log-2014-03-27 (20-47-43).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 263352
Time elapsed: 28 minute(s), 53 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Windows\Installer\{1E05D1D7-4891-79EC-AB47-EA2F8B10D086}\syshost.exe (Trojan.Dropper.NEC) -> Delete on reboot.

Physical Sectors Detected: 0
(No malicious items detected)

(end)

Code:
ATTFilter
         
Malwarebytes Anti-Rootkit BETA 1.07.0.1009 www.malwarebytes.org Database version: v2014.03.27.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16618 Daniel :: DANIEL-PC [administrator] 27.03.2014 21:26:59 mbar-log-2014-03-27 (21-26-59).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: Objects scanned: 263354 Time elapsed: 26 minute(s), 38 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end)

Alt 27.03.2014, 23:42   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Probleme mit dem Virenscanner/schutz - Standard

Probleme mit dem Virenscanner/schutz



Adware/Junkware/Toolbars entfernen


1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 28.03.2014, 13:22   #15
El_CapOne
 
Probleme mit dem Virenscanner/schutz - Standard

Probleme mit dem Virenscanner/schutz



Adwcleaner

AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v3.022 - Bericht erstellt am 28/03/2014 um 13:03:19
# Aktualisiert 13/03/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Daniel - DANIEL-PC
# Gestartet von : C:\Users\Daniel\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16611


-\\ Google Chrome v33.0.1750.154

[ Datei : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [27324 octets] - [24/11/2013 10:55:36]
AdwCleaner[R1].txt - [24078 octets] - [24/11/2013 10:59:58]
AdwCleaner[R2].txt - [1900 octets] - [27/03/2014 09:06:17]
AdwCleaner[R3].txt - [1164 octets] - [28/03/2014 13:02:06]
AdwCleaner[S0].txt - [2945 octets] - [24/11/2013 10:58:45]
AdwCleaner[S1].txt - [18810 octets] - [24/11/2013 11:02:28]
AdwCleaner[S2].txt - [1917 octets] - [27/03/2014 09:07:43]
AdwCleaner[S3].txt - [1086 octets] - [28/03/2014 13:03:19]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1146 octets] ##########
         
--- --- ---


JRT:

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 7 Home Premium x64
Ran by Daniel on 28.03.2014 at 13:09:41,13
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3312866003-2049396336-1487248635-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim



~~~ Files

Successfully deleted: [File] "C:\Users\Daniel\appdata\locallow\SkwConfig.bin"



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\red kawa"
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{3ACCBFAB-AEB0-4D17-9680-52A592F98CA5}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{54134961-DC00-44CE-9DC4-613C71DA008F}
Successfully deleted: [Empty Folder] C:\Users\Daniel\appdata\local\{7801F22B-F9FB-40AE-B306-814B226A0BDA}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 28.03.2014 at 13:17:25,94
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

FRST:


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Daniel (administrator) on DANIEL-PC on 28-03-2014 13:19:55
Running from C:\Users\Daniel\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
() C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [mwlDaemon] - C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-22] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-10] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [861216 2010-06-11] (Acer Incorporated)
HKLM\...\Run: [Ocs_SM] - C:\Users\Daniel\AppData\Roaming\OCS\SM\SearchAnonymizer.exe
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [585376 2010-05-25] (Atheros Commnucations)
HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [354464 2010-05-25] (Atheros Commnucations)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-13] (Intel Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [37296 2011-09-07] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [265984 2010-06-28] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [975952 2010-08-10] (Dritek System Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-08-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-03-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [421736 2012-03-27] (Apple Inc.)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4971024 2014-03-19] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-3312866003-2049396336-1487248635-1000\...\Run: [MobileDocuments] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe [59240 2012-02-23] (Apple Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKCU - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKCU - {1C2039CF-A89E-490A-A2DB-8DCE87F2660E} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=d5639e83-625b-43d0-8909-86cdafa827bf&pid=icqt&mode=bounce&k=0
SearchScopes: HKCU - {3E107333-BD3B-46A3-A931-463435C2DE80} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=d5639e83-625b-43d0-8909-86cdafa827bf&pid=icqt&mode=bounce&k=0
SearchScopes: HKCU - {4E6E48F9-0BC5-4841-A144-56DEAF7CC8D2} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&type=A010DE662&p={SearchTerms}
SearchScopes: HKCU - {6FC9FE2C-3B42-4047-9EBA-7A3E1C295E83} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=d5639e83-625b-43d0-8909-86cdafa827bf&pid=icqt&mode=bounce&k=0
SearchScopes: HKCU - {81418B17-2C97-43F0-8D21-04F0C3ECEE01} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=d5639e83-625b-43d0-8909-86cdafa827bf&pid=icqt&mode=bounce&k=0
SearchScopes: HKCU - {90156AD3-92F7-40FF-93CD-B5302FF2EC9B} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=d5639e83-625b-43d0-8909-86cdafa827bf&pid=icqt&mode=bounce&k=0
SearchScopes: HKCU - {F5B585C5-5A25-4046-ADC6-8DBA18BDB212} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=d5639e83-625b-43d0-8909-86cdafa827bf&pid=icqt&mode=bounce&k=0
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR Extension: (Avira Sparberater) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cojnmaaohncijldefpkpkkakjonfmgeb [2014-03-27]
CHR Extension: (SiteAdvisor) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2014-03-27]
CHR Extension: (Google Wallet) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-27]

==================== Services (Whitelisted) =================

S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3782672 2014-02-23] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
S3 FirebirdServerDefaultInstance; C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe [5708800 2013-03-19] (Firebird Project)
R2 OMSI download service; C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [90112 2009-04-30] ()
S2 0292681395908944mcinstcleanup; C:\Users\Daniel\AppData\Local\Temp\029268~1.EXE -cleanup -nolog [X]

==================== Drivers (Whitelisted) ====================

U5 af45d0f59a6a795; C:\Windows\System32\Drivers\af45d0f59a6a795.sys [78264 2013-07-02] () <===== ATTENTION Necurs Rootkit?
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [150808 2013-11-25] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [243480 2013-11-25] (AVG Technologies CZ, s.r.o.)
S0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [196376 2013-11-25] (AVG Technologies CZ, s.r.o.)
S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-10-31] (AVG Technologies CZ, s.r.o.)
S0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-10-31] (AVG Technologies CZ, s.r.o.)
S0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-10-01] (AVG Technologies CZ, s.r.o.)
S0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-10] (AVG Technologies CZ, s.r.o.)
S1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.)
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [29184 2009-08-13] (CSR, plc)
S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34304 2009-07-14] ()
S3 flpydisk; C:\Windows\system32\DRIVERS\flpydisk.sys [24576 2009-07-14] ()
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [289664 2010-11-20] ()
S3 FsDepends; C:\Windows\System32\drivers\FsDepends.sys [55376 2009-07-14] ()
U0 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [23408 2012-03-01] ()
R0 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [223752 2013-01-24] ()
S3 gagp30kx; C:\Windows\system32\DRIVERS\gagp30kx.sys [65088 2009-07-14] ()
R3 GEARAspiWDM; C:\Windows\System32\DRIVERS\GEARAspiWDM.sys [34152 2009-05-18] ()
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [33856 2009-03-18] ()
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [31232 2009-06-10] ()
S3 HdAudAddService; C:\Windows\system32\drivers\HdAudio.sys [350208 2010-11-20] ()
R3 HDAudBus; C:\Windows\system32\drivers\HDAudBus.sys [122368 2010-11-20] ()
R3 HECIx64; C:\Windows\system32\DRIVERS\HECIx64.sys [56344 2009-09-17] ()
S3 HidBatt; C:\Windows\system32\DRIVERS\HidBatt.sys [26624 2009-07-14] ()
S3 HidBth; C:\Windows\System32\DRIVERS\hidbth.sys [100864 2009-07-14] ()
S3 HidIr; C:\Windows\system32\DRIVERS\hidir.sys [46592 2009-07-14] ()
S3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [30208 2010-11-20] ()
S3 HpSAMD; C:\Windows\system32\drivers\HpSAMD.sys [78720 2010-11-20] ()
R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [753664 2010-11-20] ()
R0 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14720 2010-11-20] ()
R3 i8042prt; C:\Windows\system32\drivers\i8042prt.sys [105472 2009-07-14] ()
R0 iaStor; C:\Windows\System32\DRIVERS\iaStor.sys [540696 2010-04-13] ()
S3 iaStorV; C:\Windows\system32\drivers\iaStorV.sys [410496 2011-03-11] ()
S3 iirsp; C:\Windows\system32\DRIVERS\iirsp.sys [44112 2009-07-14] ()
R3 IntcAzAudAddService; C:\Windows\System32\drivers\RTKVHD64.sys [2399848 2010-06-22] ()
S3 intelide; C:\Windows\system32\drivers\intelide.sys [16960 2009-07-14] ()
R3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [62464 2009-07-14] ()
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [82944 2010-11-20] ()
S3 IPMIDRV; C:\Windows\system32\drivers\IPMIDrv.sys [78848 2010-11-20] ()
S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [116224 2009-07-14] ()
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2009-07-14] ()
S3 isapnp; C:\Windows\system32\drivers\isapnp.sys [20544 2009-07-14] ()
S3 iScsiPrt; C:\Windows\system32\drivers\msiscsi.sys [273792 2010-11-20] ()
R3 k57nd60a; C:\Windows\System32\DRIVERS\k57nd60a.sys [384040 2010-05-15] ()
R3 kbdclass; C:\Windows\System32\DRIVERS\kbdclass.sys [50768 2009-07-14] ()
S3 kbdhid; C:\Windows\System32\DRIVERS\kbdhid.sys [33280 2010-11-20] ()
R0 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [95600 2012-06-02] ()
R0 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [151920 2012-06-02] ()
R3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [20992 2009-07-14] ()
R2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [60928 2009-07-14] ()
S3 LSI_FC; C:\Windows\system32\DRIVERS\lsi_fc.sys [114752 2009-07-14] ()
S3 LSI_SAS; C:\Windows\system32\DRIVERS\lsi_sas.sys [106560 2009-07-14] ()
S3 LSI_SAS2; C:\Windows\system32\DRIVERS\lsi_sas2.sys [65600 2009-07-14] ()
S3 LSI_SCSI; C:\Windows\system32\DRIVERS\lsi_scsi.sys [115776 2009-07-14] ()
R2 luafv; C:\Windows\system32\drivers\luafv.sys [113152 2009-07-14] ()
R0 mbamchameleon; C:\Windows\System32\drivers\mbamchameleon.sys [91352 2014-03-27] (Malwarebytes Corporation)
S3 megasas; C:\Windows\system32\DRIVERS\megasas.sys [35392 2009-07-14] ()
S3 MegaSR; C:\Windows\system32\DRIVERS\MegaSR.sys [284736 2009-07-14] ()
S3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2009-07-14] ()
R3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [30208 2009-07-14] ()
R3 mouclass; C:\Windows\System32\DRIVERS\mouclass.sys [49216 2009-07-14] ()
S3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [31232 2009-07-14] ()
R0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94592 2010-11-20] ()
S3 mpio; C:\Windows\system32\drivers\mpio.sys [155008 2010-11-20] ()
R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [77312 2009-07-14] ()
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [140800 2010-11-20] ()
R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [158208 2011-04-27] ()
R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [288768 2011-07-09] ()
R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [128000 2011-04-27] ()
S3 msahci; C:\Windows\system32\drivers\msahci.sys [31104 2010-11-20] ()
S3 msdsm; C:\Windows\system32\drivers\msdsm.sys [140672 2010-11-20] ()
R1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [26112 2009-07-14] ()
S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2009-07-14] ()
R0 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [15424 2009-07-14] ()
S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [11136 2009-07-14] ()
S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [7168 2009-07-14] ()
S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [6784 2009-07-14] ()
S3 MsRPC; C:\Windows\System32\Drivers\MsRPC.sys [366976 2010-11-20] ()
R1 mssmbios; C:\Windows\system32\drivers\mssmbios.sys [32320 2009-07-14] ()
S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [8064 2009-07-14] ()
S3 MTConfig; C:\Windows\system32\DRIVERS\MTConfig.sys [15360 2009-07-14] ()
R0 Mup; C:\Windows\System32\Drivers\mup.sys [60496 2009-07-14] ()
R3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [318976 2009-07-14] ()
R0 NDIS; C:\Windows\System32\drivers\ndis.sys [950128 2012-08-22] ()
S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [35328 2009-07-14] ()
R3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [24064 2009-07-14] ()
R3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [56832 2010-11-20] ()
R3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [164352 2010-11-20] ()
R3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [57856 2010-11-20] ()
R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [44544 2009-07-14] ()
R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [261632 2010-11-20] ()
S3 nfrd960; C:\Windows\system32\DRIVERS\nfrd960.sys [51264 2009-07-14] ()
R1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [44032 2009-07-14] ()
R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [24576 2009-07-14] ()
R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1656680 2013-04-12] ()
R3 NTIDrvr; C:\Windows\system32\drivers\NTIDrvr.sys [18432 2010-04-20] ()
R1 Null; C:\Windows\System32\Drivers\Null.sys [6144 2009-07-14] ()
S3 nvraid; C:\Windows\system32\drivers\nvraid.sys [148352 2011-03-11] ()
S3 nvstor; C:\Windows\system32\drivers\nvstor.sys [166272 2011-03-11] ()
S3 nv_agp; C:\Windows\system32\drivers\nv_agp.sys [122960 2009-07-14] ()
S3 ohci1394; C:\Windows\system32\drivers\ohci1394.sys [72832 2009-07-14] ()
S3 Parport; C:\Windows\system32\DRIVERS\parport.sys [97280 2009-07-14] ()
R0 partmgr; C:\Windows\System32\drivers\partmgr.sys [75120 2012-03-17] ()
R0 pci; C:\Windows\System32\drivers\pci.sys [184704 2010-11-20] ()
S3 pciide; C:\Windows\system32\drivers\pciide.sys [12352 2009-07-14] ()
S3 pcmcia; C:\Windows\system32\DRIVERS\pcmcia.sys [220752 2009-07-14] ()
R0 pcw; C:\Windows\System32\drivers\pcw.sys [50768 2009-07-14] ()
R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [651264 2009-07-14] ()
R3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [111104 2010-11-20] ()
S3 Processor; C:\Windows\system32\DRIVERS\processr.sys [60416 2009-07-14] ()
R1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [131584 2010-11-20] ()
S3 ql2300; C:\Windows\system32\DRIVERS\ql2300.sys [1524816 2009-07-14] ()
S3 ql40xx; C:\Windows\system32\DRIVERS\ql40xx.sys [128592 2009-07-14] ()
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [46592 2009-07-14] ()
S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [14848 2009-07-14] ()
R3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [60416 2009-07-14] ()
R3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [129536 2010-11-20] ()
R3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [92672 2009-07-14] ()
R3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [83968 2009-07-14] ()
R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [309248 2010-11-20] ()
S3 rdpbus; C:\Windows\system32\DRIVERS\rdpbus.sys [24064 2009-07-14] ()
R1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7680 2009-07-14] ()
R1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [7680 2009-07-14] ()
R1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [8192 2009-07-14] ()
S3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [210944 2012-04-28] ()
R0 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [213888 2010-11-20] ()
S3 RFCOMM; C:\Windows\System32\DRIVERS\rfcomm.sys [158720 2009-07-14] ()
R2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [76800 2009-07-14] ()
S3 RSUSBSTOR; C:\Windows\System32\Drivers\RtsUStor.sys [246376 2010-06-17] ()
R3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIVX.sys [231328 2010-01-27] ()
S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [113704 2008-10-21] ()
S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [19496 2008-10-21] ()
S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [152616 2008-10-21] ()
S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [133160 2008-10-21] ()
S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [128552 2008-10-21] ()
S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [145960 2008-10-21] ()
S3 s117bus; C:\Windows\System32\DRIVERS\s117bus.sys [108072 2007-06-25] ()
S3 s117mdfl; C:\Windows\System32\DRIVERS\s117mdfl.sys [19496 2007-06-25] ()
S3 s117mdm; C:\Windows\System32\DRIVERS\s117mdm.sys [144424 2007-06-25] ()
S3 s117mgmt; C:\Windows\System32\DRIVERS\s117mgmt.sys [125992 2007-06-25] ()
S3 s117nd5; C:\Windows\System32\DRIVERS\s117nd5.sys [31272 2007-06-25] ()
S3 s117obex; C:\Windows\System32\DRIVERS\s117obex.sys [123432 2007-06-25] ()
S3 s117unic; C:\Windows\System32\DRIVERS\s117unic.sys [130088 2007-06-25] ()
S3 sbp2port; C:\Windows\system32\drivers\sbp2port.sys [103808 2010-11-20] ()
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [29696 2010-11-20] ()
R2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-10] ()
R3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2008-01-09] ()
S3 Serenum; C:\Windows\system32\DRIVERS\serenum.sys [23552 2009-07-14] ()
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] ()
S3 sermouse; C:\Windows\system32\DRIVERS\sermouse.sys [26624 2009-07-14] ()
S3 sffdisk; C:\Windows\system32\drivers\sffdisk.sys [14336 2009-07-14] ()
S3 sffp_mmc; C:\Windows\system32\drivers\sffp_mmc.sys [13824 2009-07-14] ()
S3 sffp_sd; C:\Windows\system32\drivers\sffp_sd.sys [14336 2010-11-20] ()
S3 sfloppy; C:\Windows\system32\DRIVERS\sfloppy.sys [16896 2009-07-14] ()
S3 SiSRaid2; C:\Windows\system32\DRIVERS\SiSRaid2.sys [43584 2009-07-14] ()
S3 SiSRaid4; C:\Windows\system32\DRIVERS\sisraid4.sys [80464 2009-07-14] ()
S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [93184 2009-07-14] ()
R0 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-14] ()
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-12-31] ()
R3 srv; C:\Windows\System32\DRIVERS\srv.sys [467456 2011-04-29] ()
R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [410112 2011-04-29] ()
R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [168448 2011-04-29] ()
S3 stexstor; C:\Windows\system32\DRIVERS\stexstor.sys [24656 2009-07-14] ()
R3 swenum; C:\Windows\system32\drivers\swenum.sys [12496 2009-07-14] ()
R3 SynTP; C:\Windows\System32\DRIVERS\SynTP.sys [301104 2009-12-10] ()
R0 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1910632 2013-05-08] ()
S3 TCPIP6; C:\Windows\System32\DRIVERS\tcpip.sys [1910632 2013-05-08] ()
R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [45568 2012-10-03] ()
S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [15872 2009-07-14] ()
S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [23552 2012-02-17] ()
R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [119296 2010-11-20] ()
R1 TermDD; C:\Windows\system32\drivers\termdd.sys [63360 2010-11-20] ()
S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [39424 2010-11-20] ()
S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [59392 2010-11-20] ()
R3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [125440 2010-11-20] ()
S3 uagp35; C:\Windows\system32\DRIVERS\uagp35.sys [64080 2009-07-14] ()
R3 UBHelper; C:\Windows\system32\drivers\UBHelper.sys [17408 2010-07-09] ()
S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [328192 2010-11-20] ()
S3 uliagpkx; C:\Windows\system32\drivers\uliagpkx.sys [64592 2009-07-14] ()
R3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [48640 2010-11-20] ()
S3 UmPass; C:\Windows\system32\DRIVERS\umpass.sys [9728 2009-07-14] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [52736 2012-02-15] ()
R3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [98816 2011-03-25] ()
S3 usbcir; C:\Windows\system32\drivers\usbcir.sys [100352 2009-07-14] ()
R3 usbehci; C:\Windows\system32\drivers\usbehci.sys [52736 2011-03-25] ()
R3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [343040 2011-03-25] ()
S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [25600 2011-03-25] ()
S3 usbprint; C:\Windows\system32\DRIVERS\usbprint.sys [25088 2009-07-14] ()
S3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [91648 2011-03-11] ()
S3 usbuhci; C:\Windows\system32\drivers\usbuhci.sys [30720 2011-03-25] ()
R3 usbvideo; C:\Windows\System32\Drivers\usbvideo.sys [184960 2010-11-20] ()
R0 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [36432 2009-07-14] ()
S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [29184 2009-07-14] ()
R1 VgaSave; C:\Windows\System32\drivers\vga.sys [29184 2009-07-14] ()
S3 vhdmp; C:\Windows\system32\drivers\vhdmp.sys [215936 2010-11-20] ()
S3 viaide; C:\Windows\system32\drivers\viaide.sys [17488 2009-07-14] ()
R0 volmgr; C:\Windows\System32\drivers\volmgr.sys [71552 2010-11-20] ()
R0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363392 2010-11-20] ()
R0 volsnap; C:\Windows\System32\drivers\volsnap.sys [295808 2010-11-20] ()
S3 vsmraid; C:\Windows\system32\DRIVERS\vsmraid.sys [161872 2009-07-14] ()
R3 vwifibus; C:\Windows\System32\DRIVERS\vwifibus.sys [24576 2009-07-14] ()
R1 vwififlt; C:\Windows\System32\DRIVERS\vwififlt.sys [59904 2009-07-14] ()
R3 vwifimp; C:\Windows\System32\DRIVERS\vwifimp.sys [17920 2009-07-14] ()
S3 WacomPen; C:\Windows\system32\DRIVERS\wacompen.sys [27776 2009-07-14] ()
S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-20] ()
R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-20] ()
S3 Wd; C:\Windows\system32\DRIVERS\wd.sys [21056 2009-07-14] ()
R0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [785512 2012-07-26] ()
R1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [12800 2009-07-14] ()
S3 WIMMount; C:\Windows\System32\drivers\wimmount.sys [22096 2009-07-14] ()
S3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [41984 2010-11-20] ()
R3 WmiAcpi; C:\Windows\system32\drivers\wmiacpi.sys [14336 2009-07-14] ()
R1 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [21504 2009-07-14] ()
S3 WSDPrintDevice; C:\Windows\System32\DRIVERS\WSDPrint.sys [23040 2009-07-14] ()
S3 WSDScan; C:\Windows\System32\DRIVERS\WSDScan.sys [25088 2009-07-14] ()
S3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [87040 2012-07-26] ()
S3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [198656 2012-07-26] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-28 13:19 - 2014-03-28 13:19 - 02157056 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
2014-03-28 13:19 - 2014-03-28 13:19 - 00028458 _____ () C:\Users\Daniel\Desktop\FRST.txt
2014-03-28 13:17 - 2014-03-28 13:17 - 00001676 _____ () C:\Users\Daniel\Desktop\JRT.txt
2014-03-28 13:09 - 2014-03-28 13:09 - 00000000 ____D () C:\Windows\ERUNT
2014-03-28 13:08 - 2014-03-28 13:08 - 01038974 _____ (Thisisu) C:\Users\Daniel\Desktop\JRT.exe
2014-03-28 13:05 - 2014-03-28 13:05 - 00001226 _____ () C:\Users\Daniel\Desktop\AdwCleaner[S3].txt
2014-03-28 13:01 - 2014-03-28 13:01 - 01950720 _____ () C:\Users\Daniel\Desktop\adwcleaner.exe
2014-03-27 21:26 - 2014-03-27 21:54 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-27 20:45 - 2014-03-27 21:26 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-27 20:44 - 2014-03-27 21:54 - 00000000 ____D () C:\Users\Daniel\Desktop\mbar
2014-03-27 20:44 - 2014-03-27 21:20 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-27 20:43 - 2014-03-27 20:43 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Daniel\Desktop\mbar-1.07.0.1009.exe
2014-03-27 13:33 - 2014-03-27 13:33 - 00022448 _____ () C:\ComboFix.txt
2014-03-27 11:24 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-03-27 11:24 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-03-27 11:24 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-03-27 11:24 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-03-27 11:24 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-03-27 11:24 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-03-27 11:24 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-03-27 11:24 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-03-27 11:06 - 2014-03-27 13:33 - 00000000 ____D () C:\Qoobox
2014-03-27 11:06 - 2014-03-27 13:25 - 00000000 ____D () C:\Windows\erdnt
2014-03-27 10:54 - 2014-03-28 13:19 - 00000000 ____D () C:\FRST
2014-03-27 10:10 - 2014-03-27 10:10 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\AVG2014
2014-03-27 10:09 - 2014-03-27 10:09 - 00000985 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-03-27 10:09 - 2014-03-27 10:09 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\TuneUp Software
2014-03-27 10:08 - 2014-03-27 10:10 - 00000000 ____D () C:\ProgramData\AVG2014
2014-03-27 10:08 - 2014-03-27 10:08 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-03-27 10:08 - 2014-03-27 10:08 - 00000000 ____D () C:\$AVG
2014-03-27 10:07 - 2014-03-28 10:12 - 00000000 ____D () C:\ProgramData\MFAData
2014-03-27 10:07 - 2014-03-27 10:10 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Avg2014
2014-03-27 10:07 - 2014-03-27 10:07 - 00000000 ____D () C:\Users\Daniel\AppData\Local\MFAData
2014-03-27 09:18 - 2014-03-27 09:18 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-03-08 15:16 - 2014-03-08 15:19 - 00000000 ____D () C:\Users\Daniel\Documents\Uni Ulm

==================== One Month Modified Files and Folders =======

2014-03-28 13:20 - 2014-03-28 13:19 - 00028458 _____ () C:\Users\Daniel\Desktop\FRST.txt
2014-03-28 13:19 - 2014-03-28 13:19 - 02157056 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
2014-03-28 13:19 - 2014-03-27 10:54 - 00000000 ____D () C:\FRST
2014-03-28 13:17 - 2014-03-28 13:17 - 00001676 _____ () C:\Users\Daniel\Desktop\JRT.txt
2014-03-28 13:12 - 2009-07-14 05:45 - 00010240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-28 13:12 - 2009-07-14 05:45 - 00010240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-28 13:09 - 2014-03-28 13:09 - 00000000 ____D () C:\Windows\ERUNT
2014-03-28 13:08 - 2014-03-28 13:08 - 01038974 _____ (Thisisu) C:\Users\Daniel\Desktop\JRT.exe
2014-03-28 13:05 - 2014-03-28 13:05 - 00001226 _____ () C:\Users\Daniel\Desktop\AdwCleaner[S3].txt
2014-03-28 13:04 - 2013-11-22 17:54 - 00000043 _____ () C:\Users\Public\Documents\AtherosServiceConfig.ini
2014-03-28 13:04 - 2009-07-14 05:51 - 00078825 _____ () C:\Windows\setupact.log
2014-03-28 13:03 - 2013-11-24 10:55 - 00000000 ____D () C:\AdwCleaner
2014-03-28 13:01 - 2014-03-28 13:01 - 01950720 _____ () C:\Users\Daniel\Desktop\adwcleaner.exe
2014-03-28 10:12 - 2014-03-27 10:07 - 00000000 ____D () C:\ProgramData\MFAData
2014-03-27 21:54 - 2014-03-27 21:26 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-27 21:54 - 2014-03-27 20:44 - 00000000 ____D () C:\Users\Daniel\Desktop\mbar
2014-03-27 21:26 - 2014-03-27 20:45 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-27 21:22 - 2010-10-05 03:52 - 00254316 _____ () C:\Windows\PFRO.log
2014-03-27 21:20 - 2014-03-27 20:44 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-27 20:43 - 2014-03-27 20:43 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Daniel\Desktop\mbar-1.07.0.1009.exe
2014-03-27 20:03 - 2014-02-10 13:07 - 00000000 ____D () C:\Users\Daniel\Desktop\Ticketverkauf
2014-03-27 13:33 - 2014-03-27 13:33 - 00022448 _____ () C:\ComboFix.txt
2014-03-27 13:33 - 2014-03-27 11:06 - 00000000 ____D () C:\Qoobox
2014-03-27 13:27 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-03-27 13:26 - 2009-07-14 03:34 - 86245376 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-03-27 13:26 - 2009-07-14 03:34 - 24641536 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-03-27 13:26 - 2009-07-14 03:34 - 00524288 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-03-27 13:26 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-03-27 13:26 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-03-27 13:25 - 2014-03-27 11:06 - 00000000 ____D () C:\Windows\erdnt
2014-03-27 11:42 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-03-27 10:11 - 2010-08-30 10:24 - 00000000 ____D () C:\Program Files (x86)\EgisTec MyWinLocker
2014-03-27 10:10 - 2014-03-27 10:10 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\AVG2014
2014-03-27 10:10 - 2014-03-27 10:08 - 00000000 ____D () C:\ProgramData\AVG2014
2014-03-27 10:10 - 2014-03-27 10:07 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Avg2014
2014-03-27 10:09 - 2014-03-27 10:09 - 00000985 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-03-27 10:09 - 2014-03-27 10:09 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\TuneUp Software
2014-03-27 10:08 - 2014-03-27 10:08 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-03-27 10:08 - 2014-03-27 10:08 - 00000000 ____D () C:\$AVG
2014-03-27 10:07 - 2014-03-27 10:07 - 00000000 ____D () C:\Users\Daniel\AppData\Local\MFAData
2014-03-27 09:53 - 2010-08-30 10:03 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-27 09:50 - 2010-08-30 10:12 - 00000000 ____D () C:\Program Files (x86)\Acer GameZone
2014-03-27 09:32 - 2013-07-10 21:45 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-03-27 09:30 - 2010-12-31 12:22 - 00000000 ___RD () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-27 09:30 - 2010-08-30 10:19 - 00000000 ____D () C:\ProgramData\McAfee
2014-03-27 09:28 - 2013-02-07 08:08 - 00000000 ____D () C:\Program Files\McAfee
2014-03-27 09:18 - 2014-03-27 09:18 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-03-27 09:18 - 2013-07-10 21:45 - 00000000 ____D () C:\ProgramData\Avira
2014-03-27 09:17 - 2010-10-05 03:55 - 01324236 _____ () C:\Windows\WindowsUpdate.log
2014-03-27 09:08 - 2013-03-17 21:36 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-03-27 09:01 - 2013-03-17 21:36 - 00000000 ____D () C:\Users\Daniel\Documents\Anti-Malware
2014-03-27 07:08 - 2012-03-27 19:24 - 00000000 ____D () C:\Users\Daniel\Documents\DHBW Ravensburg
2014-03-16 11:36 - 2010-10-05 13:46 - 00697098 _____ () C:\Windows\system32\perfh007.dat
2014-03-16 11:36 - 2010-10-05 13:46 - 00148362 _____ () C:\Windows\system32\perfc007.dat
2014-03-16 11:36 - 2009-07-14 06:13 - 01613412 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-08 15:19 - 2014-03-08 15:16 - 00000000 ____D () C:\Users\Daniel\Documents\Uni Ulm
2014-03-06 21:57 - 2013-01-19 13:07 - 00000000 ____D () C:\Users\Daniel\Documents\Outlook-Dateien

Some content of TEMP:
====================
C:\Users\Daniel\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2011-05-08 10:19] - [2010-11-20 14:34] - 0295808 ____A () D41D8CD98F00B204E9800998ECF8427E

C:\Windows\System32\Drivers\volsnap.sys No Company Name <===== ATTENTION!



testsigning: ==> Check for possible unsigned rootkit driver <===== ATTENTION!


LastRegBack: 2013-07-24 19:02

==================== End Of Log ============================
         
--- --- ---

Antwort

Themen zu Probleme mit dem Virenscanner/schutz
antivir, autorun, avira, bho, browser, converter, downloader, error, firefox, format, home, homepage, installation, launch, logfile, mp3, object, preferences, problem, realtek, registry, scan, senden, siteadvisor, software, virus, windows



Ähnliche Themen: Probleme mit dem Virenscanner/schutz


  1. Virenscanner macht Probleme / Fund bei Malwarebytes
    Plagegeister aller Art und deren Bekämpfung - 10.11.2014 (6)
  2. Selbständiges deaktivieren von Avira Echtzeitscanner, Firewall, Browser-Schutz und E-Mail-Schutz
    Plagegeister aller Art und deren Bekämpfung - 28.01.2014 (10)
  3. DDoS-Schutz
    Diskussionsforum - 22.12.2013 (4)
  4. Virenscanner meldet Probleme
    Log-Analyse und Auswertung - 31.08.2013 (3)
  5. Probleme mit Virenscanner
    Plagegeister aller Art und deren Bekämpfung - 11.08.2013 (24)
  6. PCK/PESpin: gefährliche Malware oder jagt der PC Virenscanner den Homeserver-Virenscanner?
    Plagegeister aller Art und deren Bekämpfung - 01.04.2013 (2)
  7. Update-Probleme mit Microsofts Gratis-Virenscanner
    Nachrichten - 24.01.2013 (0)
  8. Der richtige Schutz - Welchen Virenscanner? Zusatz-Schutz?
    Antiviren-, Firewall- und andere Schutzprogramme - 24.02.2011 (9)
  9. Rechner total versucht, Browser- Virenscanner-probleme. Windows (xp)
    Plagegeister aller Art und deren Bekämpfung - 03.09.2010 (14)
  10. Virenscanner als Virenscanner unzulässige Win32 Anwendung, mrofinu1386.exe
    Plagegeister aller Art und deren Bekämpfung - 05.03.2008 (48)
  11. W-Lan Schutz
    Netzwerk und Hardware - 29.10.2007 (3)
  12. Schutz-Software
    Antiviren-, Firewall- und andere Schutzprogramme - 15.02.2006 (3)
  13. Hilfe! Probleme mit Virenscanner!
    Antiviren-, Firewall- und andere Schutzprogramme - 09.01.2006 (2)
  14. Phishing-Schutz...
    Antiviren-, Firewall- und andere Schutzprogramme - 30.11.2005 (1)
  15. Der optimale Schutz
    Antiviren-, Firewall- und andere Schutzprogramme - 15.10.2004 (5)
  16. Dialer Schutz
    Plagegeister aller Art und deren Bekämpfung - 21.02.2004 (17)
  17. IT-Experten: Virenscanner bieten keinen Schutz mehr
    Antiviren-, Firewall- und andere Schutzprogramme - 26.10.2003 (32)

Zum Thema Probleme mit dem Virenscanner/schutz - Hallo zusammen, habe neuerdings das Problem, dass ich gesehen habe das sich mein Antivir Echtzeitscanner nicht mehr einschalten lässt, habe es auch schon deinstalliert und neuinstalliert aber vergeblich, dann habe - Probleme mit dem Virenscanner/schutz...
Archiv
Du betrachtest: Probleme mit dem Virenscanner/schutz auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.