Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows 7: PC ist langsamer als sonst nach mehreren Programm installationen (genauere beschreibung im Thema)

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 29.04.2014, 19:35   #1
mco337
 
Windows 7: PC ist langsamer als sonst nach mehreren Programm installationen (genauere beschreibung im Thema) - Beitrag

Windows 7: PC ist langsamer als sonst nach mehreren Programm installationen (genauere beschreibung im Thema)



Ich habe einen "guten" PC, der Aufgrund mehrerer Programminstallationen langsamer ist. Es handete sich um kostenlose Programme, die defekte Bilder wiederherstellen sollten. Jedoch hat keins ansatzweise Funktioniert. Nach der installation hatte ich eine hartnäckige Startseite, die sich mit adwcleaner entfernen ließ. Außerdem habe ich CCleaner drüber laufen lassen, alles sogut wie gesäubert und mein Virenscanner (Symatec Endpoint Protection) suchen gelassen. Bis auf einen Cookie hat es nichts gefunden, aber ich vertraue nicht sehr auf Antivirenscanner, da die Erkennnungsraten nie auch nur ansatzweise 100% sein können. Ich selber denke das ich mich einigermaßen gut auskenne, jedoch nicht in dem berreich Viren, trojaner u.s.w.. Daher bitte ich euch um Hilfe, in der Forenanleitung steht das ich mein log file hochladen direkt hochladen soll, es ist von GMER, alles andere ist beendet außer die Intel Rapid Storage-Technologie, die sich nicht beenden lassen wollte.

log Datei download
Angehängte Dateien
Dateityp: log mco337.log (5,6 KB, 121x aufgerufen)

Alt 29.04.2014, 19:57   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7: PC ist langsamer als sonst nach mehreren Programm installationen (genauere beschreibung im Thema) - Standard

Windows 7: PC ist langsamer als sonst nach mehreren Programm installationen (genauere beschreibung im Thema)



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 29.04.2014, 20:13   #3
mco337
 
Windows 7: PC ist langsamer als sonst nach mehreren Programm installationen (genauere beschreibung im Thema) - Beitrag

Windows 7: PC ist langsamer als sonst nach mehreren Programm installationen (genauere beschreibung im Thema)



FRST.txt

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-04-2014
Ran by mco337 (administrator) on mco337-PC on 29-04-2014 21:05:58
Running from E:\Downloads
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Symantec Corporation) C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorIcon.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SmcGui.exe
(Symantec Corporation) C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe
(ASUSTeK Computer Inc.) E:\Program Files\Asus\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ASUSTeK Computer Inc.) E:\Program Files\Asus\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.22\AsusFanControlService.exe
(Apple Inc.) E:\Program Files\Bonjour\mDNSResponder.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hercules®) E:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\system32\IProsetMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(ASUSTeK Computer Inc.) E:\Program Files\Asus\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
(ASUSTeK Computer Inc.) E:\Program Files\Asus\AI Suite II\EPU\EPUHelp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212048 2012-06-07] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorIcon.exe [294360 2013-03-05] (Intel Corporation)
HKLM-x32\...\Run: [ccApp] => C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe [115560 2008-12-18] (Symantec Corporation)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3451892716-2812237109-1527965601-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3451892716-2812237109-1527965601-1000\...\Run: [Trust Gaming Mouse] => C:\Program Files (x86)\Trust Gaming Mouse GXT 34\Trust Gaming Mouse.exe [961024 2012-01-06] (Trust)
HKU\S-1-5-21-3451892716-2812237109-1527965601-1000\...\MountPoints2: {2a311453-9b16-11e3-bd09-3085a996858c} - F:\USBAutoRun.exe
HKU\S-1-5-21-3451892716-2812237109-1527965601-1000\...\MountPoints2: {3fa76628-98b0-11e3-b06f-3085a996858c} - V:\setup.exe
HKU\S-1-5-21-3451892716-2812237109-1527965601-1000\...\MountPoints2: {57f1db55-b442-11e3-90ca-001167d09a9c} - V:\setup.exe
HKU\S-1-5-21-3451892716-2812237109-1527965601-1000\...\MountPoints2: {57f1db58-b442-11e3-90ca-001167d09a9c} - V:\setup.exe
HKU\S-1-5-21-3451892716-2812237109-1527965601-1000\...\MountPoints2: {cf2b173e-97d3-11e3-9291-3085a996858c} - V:\setup.exe
HKU\S-1-5-21-3451892716-2812237109-1527965601-1000\...\MountPoints2: {fa5f6728-0e77-11e3-8b49-9033dd89c11a} - D:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-3451892716-2812237109-1527965601-1000\...\MountPoints2: {fcf14241-bc03-11e3-b957-001167d09a9c} - V:\setup.exe
Startup: C:\Users\mco337\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Thunderbird.lnk
ShortcutTarget: Mozilla Thunderbird.lnk -> E:\Programme\Thunderbird\thunderbird.exe (Mozilla Corporation)

==================== Internet (Whitelisted) ====================

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java-\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java-\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\mco337\AppData\Roaming\Mozilla\Firefox\Profiles\6foyyyzj.default
FF Homepage: https://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @java.com/DTPlugin,version=10.5.0 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.0 - E:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - E:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - E:\Programme\Picasa\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java-\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java-\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: WOT - C:\Users\mco337\AppData\Roaming\Mozilla\Firefox\Profiles\6foyyyzj.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-03-12]
FF Extension: Adblock Plus - C:\Users\mco337\AppData\Roaming\Mozilla\Firefox\Profiles\6foyyyzj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-18]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-11-16]
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (YTBookMark) - C:\Users\mco337\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdilcmobnolgdlcefnobbeocmhnomfoe [2014-01-09]
CHR Extension: (Share the Wealth) - C:\Users\mco337\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgmhgfecnmeljhchgcjlfldjiepcfpea [2014-01-09]
CHR Extension: (YoutubeAdblocker) - C:\Users\mco337\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfbmbkaibjonbodganofehckpoblklno [2014-01-09]
CHR Extension: (greatosavaer) - C:\Users\mco337\AppData\Local\Google\Chrome\User Data\Default\Extensions\laafliklblchbimhiamcckkljmplcagp [2014-01-09]

==================== Services (Whitelisted) =================

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-09-17] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2013-09-17] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.22\AsusFanControlService.exe [399744 2012-11-07] (ASUSTeK Computer Inc.)
R2 Bonjour Service; E:\Program Files\Bonjour\mDNSResponder.exe [462184 2011-08-31] (Apple Inc.)
R2 ccEvtMgr; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [108392 2008-12-18] (Symantec Corporation)
R2 ccSetMgr; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [108392 2008-12-18] (Symantec Corporation)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [233328 2012-01-23] (DTS, Inc)
R2 HerculesDJControlMP3; E:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE [47104 2013-05-21] (Hercules®)
S3 iPod Service; E:\Program Files\iPod\bin\iPodService.exe [641352 2014-01-20] (Apple Inc.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-23] (Intel Corporation)
S3 LiveUpdate; C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_3.EXE [3093880 2009-01-30] (Symantec Corporation)
S3 OpenVPNService; E:\Program Files\OpenVPN\bin\openvpnserv.exe [37176 2013-08-22] (The OpenVPN Project)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-04-27] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S2 SkypeUpdate; C:\Program Files (x86)\Updater\Updater.exe [172192 2013-10-23] (Skype Technologies)
R2 SmcService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe [3092296 2009-02-01] (Symantec Corporation)
S3 SNAC; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE [387400 2009-02-01] (Symantec Corporation)
R2 Symantec AntiVirus; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe [2440120 2009-02-01] (Symantec Corporation)
R2 VMCService; C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [9216 2009-09-18] (Vodafone)

==================== Drivers (Whitelisted) ====================

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2013-01-15] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116480 2013-07-17] (AVM Berlin)
R3 BlueletAudio; C:\Windows\System32\DRIVERS\blueletaudio.sys [38160 2007-05-11] (IVT Corporation.)
R3 BlueletAudio; C:\Windows\SysWOW64\DRIVERS\blueletaudio.sys [38160 2007-05-11] (IVT Corporation.)
R3 BlueletSCOAudio; C:\Windows\System32\DRIVERS\BlueletSCOAudio.sys [37648 2007-03-05] (IVT Corporation.)
R3 BlueletSCOAudio; C:\Windows\SysWOW64\DRIVERS\BlueletSCOAudio.sys [37648 2007-03-05] (IVT Corporation.)
S3 BT; C:\Windows\System32\DRIVERS\btnetdrv.sys [19728 2007-05-23] (IVT Corporation.)
S3 BT; C:\Windows\SysWOW64\DRIVERS\btnetdrv.sys [19728 2007-05-23] (IVT Corporation.)
S3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [44688 2007-05-23] (IVT Corporation.)
S3 Btcsrusb; C:\Windows\SysWOW64\Drivers\btcusb.sys [44688 2007-05-23] (IVT Corporation.)
R0 BTHidEnum; C:\Windows\System32\Drivers\vbtenum.sys [24976 2007-03-05] (IVT Corporation.)
R0 BTHidEnum; C:\Windows\SysWOW64\Drivers\vbtenum.sys [24976 2007-03-05] (IVT Corporation.)
R0 BTHidMgr; C:\Windows\System32\Drivers\BTHidMgr.sys [49680 2007-03-05] (IVT Corporation.)
R0 BTHidMgr; C:\Windows\SysWOW64\Drivers\BTHidMgr.sys [49680 2007-03-05] (IVT Corporation.)
S3 BthMtpEnum; C:\Windows\System32\DRIVERS\BthMtpEnum.sys [64512 2009-07-14] (Microsoft Corporation)
S3 BTHprint; C:\Windows\System32\DRIVERS\bthprint.sys [67072 2009-07-14] (Microsoft Corporation)
S3 Bulk; C:\Windows\System32\Drivers\HDJBulk.sys [258352 2013-05-21] (© Guillemot R&D, 2013. All rights reserved.)
S3 COH_Mon; C:\Windows\system32\Drivers\COH_Mon.sys [25424 2008-11-18] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-21] (Symantec Corporation)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] ()
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-12-17] (Symantec Corporation)
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] ()
S3 HDJAsioK; C:\Windows\System32\Drivers\HDJAsioK.sys [320816 2013-05-21] (© Guillemot R&D, 2013. All rights reserved.)
S3 HDJMidi; C:\Windows\System32\DRIVERS\HDJMidi.sys [274736 2013-05-21] (© Guillemot R&D, 2013. All rights reserved.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [26072 2013-03-05] (Intel Corporation)
R3 NAVENG; C:\ProgramData\Symantec\Definitions\VirusDefs\20140429.001\ENG64.SYS [126040 2013-08-22] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Symantec\Definitions\VirusDefs\20140429.001\EX64.SYS [2099288 2013-08-22] (Symantec Corporation)
R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [61592 2013-12-17] (NetFilterSDK.com)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R1 SRTSP; C:\Windows\System32\Drivers\SRTSP64.SYS [441904 2008-12-19] (Symantec Corporation)
R1 SRTSP; C:\Windows\SysWOW64\Drivers\SRTSP64.SYS [441904 2008-12-19] (Symantec Corporation)
S3 SRTSPL; C:\Windows\System32\Drivers\SRTSPL64.SYS [480304 2008-12-19] (Symantec Corporation)
S3 SRTSPL; C:\Windows\SysWOW64\Drivers\SRTSPL64.SYS [480304 2008-12-19] (Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\Drivers\SRTSPX64.SYS [32304 2008-12-19] (Symantec Corporation)
R1 SRTSPX; C:\Windows\SysWOW64\Drivers\SRTSPX64.SYS [32304 2008-12-19] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [172080 2013-07-08] (Symantec Corporation)
R3 Teefer2; C:\Windows\System32\DRIVERS\teefer2.sys [62512 2008-10-14] (Symantec Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [115488 2014-03-26] (Oracle Corporation)
R3 VComm; C:\Windows\System32\DRIVERS\VComm.sys [47120 2007-03-05] (IVT Corporation.)
R3 VComm; C:\Windows\SysWOW64\DRIVERS\VComm.sys [47120 2007-03-05] (IVT Corporation.)
R3 VcommMgr; C:\Windows\System32\Drivers\VcommMgr.sys [63248 2007-03-05] (IVT Corporation.)
R3 VcommMgr; C:\Windows\SysWOW64\Drivers\VcommMgr.sys [63248 2007-03-05] (IVT Corporation.)
R1 WPS; C:\Windows\system32\drivers\wpsdrvnt.sys [52784 2009-02-01] (Symantec Corporation)
R3 WpsHelper; C:\Windows\system32\drivers\WpsHelper.sys [233120 2012-10-04] (Symantec Corporation)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
U3 uxliapob; \??\C:\Users\mco337\AppData\Local\Temp\uxliapob.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-29 21:05 - 2014-04-29 21:05 - 00000000 ____D () C:\FRST
2014-04-29 21:00 - 2014-04-29 21:00 - 00001059 _____ () C:\Users\mco337\Desktop\JRT.txt
2014-04-29 20:56 - 2014-04-29 20:56 - 00000000 ____D () C:\Windows\ERUNT
2014-04-29 19:52 - 2014-04-29 20:26 - 00005752 _____ () C:\Users\mco337\Desktop\mco337.log
2014-04-27 20:46 - 2014-04-27 20:46 - 00000872 _____ () C:\Users\mco337\Desktop\JDownloader.lnk
2014-04-27 20:45 - 2014-04-27 20:55 - 00000000 ____D () E:\Program Files\Jdownloader
2014-04-27 20:15 - 2014-04-27 20:15 - 00000000 ____D () C:\Users\mco337\.appwork
2014-04-27 17:40 - 2014-04-27 15:46 - 00000000 ____D () C:\.fseventsd
2014-04-27 15:06 - 2014-04-27 15:09 - 00000000 ____D () C:\ProgramData\WPM
2014-04-27 15:06 - 2014-04-27 15:07 - 00000000 ____D () C:\ProgramData\IePluginService
2014-04-27 12:42 - 2014-04-27 12:42 - 00000668 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-04-26 22:21 - 2014-04-26 22:21 - 00000000 ____D () C:\Users\mco337\AppData\Local\Skype
2014-04-26 22:21 - 2014-04-26 22:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-04-26 21:59 - 2014-04-27 10:29 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-26 21:58 - 2014-04-26 21:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-26 21:30 - 2014-04-26 21:30 - 00000000 ____D () E:\Program Files\Ubisoft
2014-04-26 21:29 - 2014-04-26 21:29 - 00000332 _____ () C:\Users\mco337\Desktop\Ghost Recon Phantoms - EU.appref-ms
2014-04-19 13:32 - 2014-04-19 13:32 - 00000000 ____D () E:\Program Files\MDF to ISO
2014-04-19 13:32 - 2014-04-19 13:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MDF to ISO
2014-04-19 11:41 - 2014-04-19 11:41 - 00004032 _____ () C:\Windows\SysWOW64\gmon.out
2014-04-17 09:37 - 2014-04-17 09:37 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information
2014-04-17 09:37 - 2014-04-17 09:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP190 series
2014-04-17 09:37 - 2008-02-26 05:00 - 00279040 _____ (CANON INC.) C:\Windows\system32\CNMLM9I.DLL
2014-04-17 09:37 - 2008-02-08 15:38 - 00236032 _____ (CANON INC.) C:\Windows\system32\CNC190L.DLL
2014-04-17 09:37 - 2007-11-09 11:59 - 01335296 _____ (CANON INC.) C:\Windows\system32\CNC190C.DLL
2014-04-17 09:37 - 2007-11-09 11:59 - 00092672 _____ (CANON INC.) C:\Windows\system32\CNC190I.DLL
2014-04-17 09:37 - 2007-03-15 14:13 - 00229888 _____ (Canon Inc.) C:\Windows\system32\CNC190O.DLL
2014-04-17 09:34 - 2014-04-17 09:34 - 00000000 ___HD () E:\Program Files\CanonBJ
2014-04-16 21:03 - 2014-04-16 21:03 - 00000000 __SHD () C:\found.000
2014-04-16 17:38 - 2014-04-16 17:38 - 00000000 ____D () C:\Users\Default\AppData\Local\Symantec
2014-04-16 17:38 - 2014-04-16 17:38 - 00000000 ____D () C:\Users\Default User\AppData\Local\Symantec
2014-04-15 00:45 - 2014-03-06 12:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-15 00:45 - 2014-03-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-15 00:45 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-15 00:45 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-15 00:45 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-15 00:45 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-15 00:45 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-15 00:45 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-15 00:45 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-15 00:45 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-15 00:45 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-15 00:45 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-15 00:45 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-15 00:45 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-15 00:45 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-15 00:45 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-15 00:45 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-15 00:45 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-15 00:45 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-15 00:45 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-15 00:45 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-15 00:45 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-15 00:45 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-15 00:45 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-15 00:45 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-15 00:45 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-15 00:45 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-15 00:45 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-15 00:45 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-15 00:45 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-15 00:45 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-15 00:45 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-15 00:45 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-15 00:45 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-15 00:45 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-15 00:45 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-15 00:45 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-15 00:45 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-15 00:45 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-15 00:45 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-15 00:45 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-15 00:45 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-15 00:45 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-15 00:45 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-15 00:45 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-15 00:45 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-15 00:45 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-15 00:45 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-13 23:34 - 2014-04-13 23:39 - 00000088 _____ () C:\Users\mco337\Documents\Daniela.txt
2014-04-09 18:28 - 2014-04-17 15:14 - 00000000 ____D () C:\Users\mco337\Desktop\113___04
2014-04-09 10:29 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 10:29 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-09 10:29 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-09 10:29 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-09 10:29 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-09 10:29 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-09 10:29 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-09 10:29 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-09 10:29 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-09 10:29 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-09 10:29 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-09 10:29 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-09 10:29 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-09 10:29 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-09 10:29 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-09 10:29 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-09 10:28 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys

==================== One Month Modified Files and Folders =======

2014-04-29 21:05 - 2014-04-29 21:05 - 00000000 ____D () C:\FRST
2014-04-29 21:00 - 2014-04-29 21:00 - 00001059 _____ () C:\Users\mco337\Desktop\JRT.txt
2014-04-29 20:56 - 2014-04-29 20:56 - 00000000 ____D () C:\Windows\ERUNT
2014-04-29 20:28 - 2013-07-08 20:45 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-29 20:26 - 2014-04-29 19:52 - 00005752 _____ () C:\Users\mco337\Desktop\mco337.log
2014-04-29 19:53 - 2013-07-08 20:29 - 01450002 _____ () C:\Windows\WindowsUpdate.log
2014-04-29 19:48 - 2013-07-08 20:31 - 00000000 ____D () C:\Users\mco337\AppData\Roaming\vlc
2014-04-29 19:46 - 2014-01-08 00:41 - 00000000 ____D () C:\Users\mco337\AppData\Roaming\Skype
2014-04-29 18:58 - 2011-04-12 09:43 - 00700454 _____ () C:\Windows\system32\perfh007.dat
2014-04-29 18:58 - 2011-04-12 09:43 - 00150092 _____ () C:\Windows\system32\perfc007.dat
2014-04-29 18:58 - 2009-07-14 07:13 - 01624034 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-29 14:36 - 2009-07-14 06:45 - 00033136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-29 14:36 - 2009-07-14 06:45 - 00033136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-29 14:31 - 2013-07-17 21:15 - 00000000 ____D () C:\Users\mco337\AppData\Local\Deployment
2014-04-29 14:31 - 2013-07-08 21:15 - 00000000 ____D () C:\Users\mco337\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-04-29 14:28 - 2014-02-17 20:06 - 00016849 _____ () C:\Windows\setupact.log
2014-04-29 14:28 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-28 23:29 - 2013-07-08 20:45 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-28 23:29 - 2013-07-08 20:45 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-28 23:29 - 2013-07-08 20:45 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-28 13:23 - 2013-09-03 19:10 - 00000000 ____D () C:\Users\mco337\AppData\Roaming\Mipony
2014-04-27 20:55 - 2014-04-27 20:45 - 00000000 ____D () E:\Program Files\Jdownloader
2014-04-27 20:46 - 2014-04-27 20:46 - 00000872 _____ () C:\Users\mco337\Desktop\JDownloader.lnk
2014-04-27 20:46 - 2013-11-01 23:31 - 00000836 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
2014-04-27 20:46 - 2013-11-01 23:31 - 00000796 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
2014-04-27 20:46 - 2013-11-01 23:31 - 00000781 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
2014-04-27 20:15 - 2014-04-27 20:15 - 00000000 ____D () C:\Users\mco337\.appwork
2014-04-27 20:15 - 2013-07-08 20:28 - 00000000 ____D () C:\Users\mco337
2014-04-27 19:43 - 2013-07-20 18:23 - 00000000 ____D () C:\Users\mco337\.VirtualBox
2014-04-27 15:46 - 2014-04-27 17:40 - 00000000 ____D () C:\.fseventsd
2014-04-27 15:46 - 2014-03-29 16:25 - 00000000 ___HD () C:\.Trashes
2014-04-27 15:22 - 2014-02-17 20:06 - 00152900 _____ () C:\Windows\PFRO.log
2014-04-27 15:21 - 2014-02-17 21:33 - 00000000 ____D () C:\AdwCleaner
2014-04-27 15:21 - 2013-07-08 20:30 - 00001031 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-27 15:21 - 2013-07-08 20:30 - 00001019 _____ () C:\Users\mco337\Desktop\Mozilla Firefox.lnk
2014-04-27 15:21 - 2013-07-08 20:29 - 00000813 _____ () C:\Users\mco337\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-27 15:09 - 2014-04-27 15:06 - 00000000 ____D () C:\ProgramData\WPM
2014-04-27 15:07 - 2014-04-27 15:06 - 00000000 ____D () C:\ProgramData\IePluginService
2014-04-27 13:52 - 2013-07-10 16:47 - 00291760 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-04-27 13:52 - 2013-07-09 12:53 - 00291760 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-04-27 13:50 - 2013-07-09 12:53 - 00291488 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-04-27 12:45 - 2014-03-27 10:06 - 00000000 ____D () C:\Users\mco337\AppData\Roaming\uTorrent
2014-04-27 12:45 - 2014-02-21 18:43 - 00000000 ____D () C:\Users\mco337\AppData\Local\CrashDumps
2014-04-27 12:45 - 2013-08-30 16:47 - 00000000 ____D () C:\Users\mco337\AppData\Roaming\FileZilla
2014-04-27 12:42 - 2014-04-27 12:42 - 00000668 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-04-27 10:29 - 2014-04-26 21:59 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-27 02:16 - 2011-04-12 09:54 - 00000000 ____D () C:\Windows\ShellNew
2014-04-27 01:10 - 2013-07-10 16:47 - 00000000 ____D () C:\Users\mco337\AppData\Local\PunkBuster
2014-04-27 01:03 - 2013-07-09 12:53 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-04-26 22:21 - 2014-04-26 22:21 - 00000000 ____D () C:\Users\mco337\AppData\Local\Skype
2014-04-26 22:21 - 2014-04-26 22:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-04-26 22:21 - 2014-01-08 00:41 - 00000000 ____D () C:\ProgramData\Skype
2014-04-26 21:58 - 2014-04-26 21:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-26 21:30 - 2014-04-26 21:30 - 00000000 ____D () E:\Program Files\Ubisoft
2014-04-26 21:29 - 2014-04-26 21:29 - 00000332 _____ () C:\Users\mco337\Desktop\Ghost Recon Phantoms - EU.appref-ms
2014-04-23 20:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-23 16:47 - 2013-08-30 16:47 - 00000328 _____ () C:\Windows\Tasks\SuperEasyDriverUpdater_UPDATES.job
2014-04-19 13:32 - 2014-04-19 13:32 - 00000000 ____D () E:\Program Files\MDF to ISO
2014-04-19 13:32 - 2014-04-19 13:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MDF to ISO
2014-04-19 11:41 - 2014-04-19 11:41 - 00004032 _____ () C:\Windows\SysWOW64\gmon.out
2014-04-18 13:37 - 2013-11-01 23:33 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-17 15:14 - 2014-04-09 18:28 - 00000000 ____D () C:\Users\mco337\Desktop\113___04
2014-04-17 12:00 - 2009-07-14 05:20 - 00000000 __RSD () C:\Windows\Media
2014-04-17 09:37 - 2014-04-17 09:37 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information
2014-04-17 09:37 - 2014-04-17 09:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP190 series
2014-04-17 09:34 - 2014-04-17 09:34 - 00000000 ___HD () E:\Program Files\CanonBJ
2014-04-16 21:03 - 2014-04-16 21:03 - 00000000 __SHD () C:\found.000
2014-04-16 20:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-16 17:41 - 2013-07-08 21:16 - 00000000 ____D () C:\ProgramData\Origin
2014-04-16 17:38 - 2014-04-16 17:38 - 00000000 ____D () C:\Users\Default\AppData\Local\Symantec
2014-04-16 17:38 - 2014-04-16 17:38 - 00000000 ____D () C:\Users\Default User\AppData\Local\Symantec
2014-04-14 20:13 - 2014-02-21 20:55 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-14 20:05 - 2014-02-21 20:55 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-14 20:05 - 2014-02-21 20:55 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-14 20:04 - 2014-02-21 20:55 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-14 13:50 - 2013-07-08 20:45 - 00000000 ____D () C:\Users\mco337\AppData\Local\Adobe
2014-04-13 23:39 - 2014-04-13 23:34 - 00000088 _____ () C:\Users\mco337\Documents\Daniela.txt
2014-04-09 11:38 - 2013-08-14 14:38 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-09 11:37 - 2013-07-22 12:28 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Some content of TEMP:
====================
C:\Users\mco337\AppData\Local\Temp\JDSetup130430979024980518.exe
C:\Users\mco337\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\mco337\AppData\Local\Temp\proxy_vole8926367741149586.dll
C:\Users\mco337\AppData\Local\Temp\pyl2E8F.tmp.exe
C:\Users\mco337\AppData\Local\Temp\pyl9C2F.tmp.exe
C:\Users\mco337\AppData\Local\Temp\Quarantine.exe
C:\Users\mco337\AppData\Local\Temp\sdanircmdc.exe
C:\Users\mco337\AppData\Local\Temp\sdapskill.exe
C:\Users\mco337\AppData\Local\Temp\sdaspwn.exe
C:\Users\mco337\AppData\Local\Temp\sonarinst.exe
C:\Users\mco337\AppData\Local\Temp\sweetpage_294wld.exe
C:\Users\mco337\AppData\Local\Temp\vlc-2.1.3-win32.exe
C:\Users\mco337\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-29 14:49

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Addition.txt

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-04-2014
Ran by mco337 at 2014-04-29 21:06:09
Running from E:\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

µTorrent (HKCU\...\uTorrent) (Version: 3.4.0.30660 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.8 - Adobe Systems)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.42.34 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.05) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.05 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.04.01 - ASUSTeK Computer Inc.)
AMD Accelerated Video Transcoding (Version: 12.10.100.30328 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{C8807716-1F6F-5C43-3C32-7295A45CF060}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.80328.2204 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{A922C4B7-50E0-4787-A94C-59DBF3C65DBE}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.12.0 - Asmedia Technology)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Bluesoleil2.6.0.9 Release 070606 (HKLM-x32\...\{846AC73B-9394-48B9-B941-8F7F472F0047}) (Version: 2.6.0.9 Release 070606 - IVT Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BurnAware Free 6.9.3 (HKLM-x32\...\BurnAware Free_is1) (Version:  - Burnaware)
calibre (HKLM-x32\...\{0305E6D9-E11E-445C-B468-CAA3996641BA}) (Version: 1.18.0 - Kovid Goyal)
Call of Duty: Modern Warfare 3 - Dedicated Server (HKLM-x32\...\Steam App 42750) (Version:  - Infinity Ward - Sledgehammer Games)
Canon MP190 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP190_series) (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2013.0328.2218.38225 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DesignSpark PCB 5.0 (x32 Version: 5.0 - RS Components) Hidden
DesignSpark PCB Version 5.0 (HKLM-x32\...\InstallShield_{D50500AA-D25A-463B-98BF-E09585325711}) (Version: 5.0 - RS Components)
EaseUS Partition Master 9.3.0 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.05 - Ubisoft)
FileZilla Client 3.7.3 (HKLM-x32\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free Video to JPG Converter version 5.0.30.1029 (HKLM-x32\...\Free Video to JPG Converter_is1) (Version: 5.0.30.1029 - DVDVideoSoft Ltd.)
Free Video to MP3 Converter version 5.0.32.1230 (HKLM-x32\...\Free Video to MP3 Converter_is1) (Version: 5.0.32.1230 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.20.1230 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.20.1230 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.29.304 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.29.304 - DVDVideoSoft Ltd.)
FRITZ!Box USB-Fernanschluss (HKCU\...\2db37667170956ee) (Version: 2.3.1.0 - AVM Berlin)
Frontschweine (HKLM-x32\...\Hogs Of War) (Version: 1.0 - Infogrames)
Ghost Recon Phantoms - EU (HKCU\...\d8be6c3f847d7d92) (Version: 1.35.6405.2 - Ubisoft)
Hercules DJ Products Series drivers (HKLM-x32\...\{33999F1F-EA46-4E55-A239-1BA803235396}) (Version: 2.HDJS.2013 - Hercules)
Hex-Editor MX (HKLM-x32\...\{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1) (Version: 6.0 - NEXT-Soft)
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version:  - IO Interactive)
HxD Hex Editor Version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.10.1300 - Intel Corporation)
Intel(R) Network Connections 17.3.63.0 (HKLM\...\PROSetDX) (Version: 17.3.63.0 - Intel)
Intel(R) Network Connections 17.3.63.0 (Version: 17.3.63.0 - Intel) Hidden
Intel(R) Rapid Storage Technology enterprise (HKLM-x32\...\{8B313BF5-9BD5-42a3-94C1-A28AF3AA51CC}) (Version: 3.6.0.1086 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.26.242.3 - Intel Corporation) Hidden
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version:  - Intel Corporation)
iTunes (HKLM\...\{0D924CB2-2EA4-4044-BAF7-770202D6BD0D}) (Version: 11.1.4.62 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 7 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417005FF}) (Version: 7.0.50 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LG PC Suite II (HKLM-x32\...\{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}) (Version: 2.00.0000 - LG PC Suite)
LG PC Suite II (x32 Version: 2.00.0000 - LG PC Suite) Hidden
LiveUpdate 3.3 (Symantec Corporation) (HKLM-x32\...\LiveUpdate) (Version: 3.3.0.78 - Symantec Corporation)
MDF to ISO version 1.0 (HKLM-x32\...\{79DDA36F-B19E-4293-A4F2-FA3EC1C06E6E}_is1) (Version: 1.0 - mdftoiso.com)
MediaInfo 0.7.64 (HKLM\...\MediaInfo) (Version: 0.7.64 - MediaArea.net)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 2.2.173.0 - Microsoft Corporation) Hidden
MiPony 2.1.2 (HKLM-x32\...\MiPony) (Version: 2.1.2 - )
mIRC (HKLM-x32\...\mIRC) (Version: 7.32 - mIRC Co. Ltd.)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
Mozilla Thunderbird 17.0.8 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 17.0.8 (x86 de)) (Version: 17.0.8 - Mozilla)
Mozilla Thunderbird 24.4.0 (x86 de) (HKCU\...\Mozilla Thunderbird 24.4.0 (x86 de)) (Version: 24.4.0 - Mozilla)
MSI Afterburner 2.3.1 (HKLM-x32\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.4 - Notepad++ Team)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
OpenVPN 2.3.2-I003  (HKLM\...\OpenVPN) (Version: 2.3.2-I003 - )
Opera Stable 18.0.1284.68 (HKLM-x32\...\Opera 18.0.1284.68) (Version: 18.0.1284.68 - Opera Software ASA)
Oracle VM VirtualBox 4.3.10 (HKLM\...\{5632714F-6A48-4BF2-89E0-F8B6CE9FE6D1}) (Version: 4.3.10 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14013.45 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14013.45 - Samsung Electronics Co., Ltd.) Hidden
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Sleeping Dogs™ (HKLM-x32\...\Steam App 202170) (Version:  - United Front Games)
smartision ScreenCopy 2.3 (HKLM-x32\...\smartision ScreenCopy_is1) (Version:  - Steffen Schramm)
Spotify (HKCU\...\Spotify) (Version: 0.9.6.72.ge389c074 - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Symantec Endpoint Protection (HKLM\...\{00FFE001-A408-416C-B9E3-07BD99ADA445}) (Version: 11.0.4010.19 - *Symantec Corporation)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.10 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.24482 - TeamViewer)
TransMac version 11.0 (HKLM-x32\...\TransMac_is1) (Version: 11.0 - Acute Systems)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Trust Gaming Mouse (HKLM-x32\...\{1EDE0243-CA4E-4613-B87B-C6B57C76C17C}) (Version: 1.0.0 - Trust)
Uplay (HKLM-x32\...\Uplay) (Version: 3.0 - Ubisoft)
VirtualDJ PRO Full (HKLM-x32\...\{311545C7-3432-4EB3-9229-D5E8DB10AE8A}) (Version: 7.2 - Atomix Productions)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Vodafone Mobile Connect Lite (HKLM-x32\...\{96B51C0B-D3BE-4DF3-959C-28B22C10CFBB}) (Version: 9.4.4.17702 - Vodafone)
WavePad Audio-Editor (HKLM-x32\...\WavePad) (Version: 5.58 - NCH Software)
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 3.6 - Bazis)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Wireshark 1.10.5 (32-bit) (HKLM-x32\...\Wireshark) (Version: 1.10.5 - The Wireshark developer community, hxxp://www.wireshark.org)

==================== Restore Points  =========================

14-04-2014 22:45:27 Windows Update
16-04-2014 12:04:58 Windows Update
16-04-2014 15:44:39 Windows Update
18-04-2014 11:37:17 Installed Java 7 Update 55
25-04-2014 17:40:05 Geplanter Prüfpunkt
26-04-2014 19:29:06 DirectX wurde installiert
27-04-2014 10:38:50 Removed CM Installer
27-04-2014 10:51:12 Entfernt DELISprint
27-04-2014 13:07:19 Installed VG JPEG-Repair Online
27-04-2014 13:08:51 Removed VG JPEG-Repair Online

==================== Hosts content: ==========================

2014-01-27 21:46 - 2014-01-27 22:15 - 00001090 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1                   practivate.adobe.com
127.0.0.1                   lmlicenses.wip4.adobe.com
127.0.0.1                   lm.licenses.adobe.com
74.208.10.249 gs.apple.com


==================== Scheduled Tasks (whitelisted) =============

Task: {330F5DE7-12CF-4FA7-BAB1-7FDE8E109456} - System32\Tasks\ASUS\USB 3.0 Boost Service => E:\Program Files\Asus\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe [2011-09-10] ()
Task: {3C67AC2C-FD5A-4555-9BF8-9C418E9303A1} - System32\Tasks\SuperEasyDriverUpdater_UPDATES => C:\Program Files (x86)\SuperEasy Software\Driver Updater\supereasydu.exe
Task: {67F886EA-8832-4D29-A671-753ECEB99EDF} - System32\Tasks\CCleanerSkipUAC => E:\Programme\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd)
Task: {95FF1E1C-62EB-4228-BD35-C2B2A0E3B06D} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {AD416C2B-1E73-4D0E-9ACC-D98EFB2D5FB0} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {BD04CDA6-FF4C-436D-AFA6-8F0274D08395} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {BFC67964-12FF-4A67-A017-0C7B06368943} - System32\Tasks\{7B654A59-F8C0-4218-92C7-0E5DC60105AC} => Firefox.exe hxxp://ui.skype.com/ui/0/6.11.59.102/de/abandoninstall?page=tsPlugin
Task: {C8455876-9BF6-4E11-BD3A-D9009FBA4D84} - System32\Tasks\ASUS\ASUS AI Suite II Execute => E:\Program Files\Asus\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {CCA68B2B-14A8-44B2-8019-D5FFA06EB09E} - System32\Tasks\SuperEasyDriverUpdaterRunAtStartup => C:\Program Files (x86)\SuperEasy Software\Driver Updater\supereasydu.exe
Task: {D5763DBB-D8C7-4DE5-9BED-9B4FCBAEBE0D} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {E87EF279-ADBE-4C13-95FE-930B2BFDAE78} - System32\Tasks\ASUS\ASUS DigiPowerControl Help => E:\Program Files\Asus\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe [2013-01-14] (ASUSTeK Computer Inc.)
Task: {F41484C8-9994-4A6E-8608-F06F34113656} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-28] (Adobe Systems Incorporated)
Task: {F520C16C-8D3F-4524-9A6A-FEA4208DC3E9} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\SuperEasyDriverUpdater_UPDATES.job => C:\Program Files (x86)\SuperEasy Software\Driver Updater\supereasydu.exe

==================== Loaded Modules (whitelisted) =============

2013-07-09 12:53 - 2014-04-27 01:03 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-02-16 23:02 - 2013-09-17 19:58 - 00920736 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () E:\Programme\FileZilla FTP Client\fzshellext_64.dll
2012-06-18 17:24 - 2012-06-18 17:24 - 00222720 _____ () E:\Program Files\Notepad++\NppShell_05.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-02-16 23:02 - 2014-04-29 14:28 - 00028160 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2014-02-16 23:02 - 2010-06-29 11:58 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2014-02-15 19:10 - 2014-02-15 19:10 - 00019968 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\PSIClient\478bf44daaadc465b065707dfbcd6070\PSIClient.ni.dll
2014-03-29 23:38 - 2014-03-29 23:38 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\.Trashes:AFP_AfpInfo
AlternateDataStreams: C:\Users\mco337\AppData\Local\Temp:KNa1yxGyS0WgEMKXcw
AlternateDataStreams: C:\Users\mco337\AppData\Local\Temp:LVj9rm038OlPqAeyijRLa4R

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antvirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ccEvtMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ccSetMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmcService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Symantec Antivirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Symantec Antvirus => ""="Service"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^Users^mco337^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Serviio.lnk => C:\Windows\pss\Serviio.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AVMUSBFernanschluss => "C:\Users\mco337\AppData\Local\Apps\2.0\CV3ERQTB.117\LAW3J1TT.TWY\frit..tion_1acae14e4778b8d2_0002.0003_7c9366a34786c7f9\AVMAutoStart.exe"
MSCONFIG\startupreg: EaseUS EPM tray => E:\Program Files\EaseUS Partition Master 9.3.0\bin\EpmNews.exe
MSCONFIG\startupreg: Hercules DJ Series TrayAgent => E:\Program Files\Guillemot\HDJTray\HDJSeries2TrayBar.exe /boot
MSCONFIG\startupreg: iTunesHelper => "E:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesPreload => E:\Program Files\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => E:\Program Files\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\mco337\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\mco337\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: uTorrent => "C:\Users\mco337\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED

==================== Faulty Device Manager Devices =============

Name: Bluetooth PAN Network Adapter
Description: Bluetooth PAN Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: IVT Corporation
Service: BT
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: NAVEX15
Description: NAVEX15
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: NAVEX15
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-04-29 21:05:15.802
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-29 20:55:55.467
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-29 18:54:57.781
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-29 18:15:32.023
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-29 17:33:25.439
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-29 14:29:01.418
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-28 23:56:14.995
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-28 23:34:49.045
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-28 23:11:36.231
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-28 16:02:28.833
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 16%
Total physical RAM: 16324.75 MB
Available physical RAM: 13689.15 MB
Total Pagefile: 18322.93 MB
Available Pagefile: 15686.82 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:119.14 GB) (Free:56.22 GB) NTFS
Drive e: () (Fixed) (Total:1863.01 GB) (Free:730.05 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: FCA8B455)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: B568CEDA)
Partition 1: (Not Active) - (Size=-198631751680) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 153 GB) (Disk ID: 086BA0D6)

Partition: GPT Partition Type.

==================== End Of Log ============================
         
Der Benutzername wurde durch meinen username mco337 ersätzt.
__________________

Alt 30.04.2014, 23:42   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7: PC ist langsamer als sonst nach mehreren Programm installationen (genauere beschreibung im Thema) - Standard

Windows 7: PC ist langsamer als sonst nach mehreren Programm installationen (genauere beschreibung im Thema)



Zitat:
127.0.0.1 practivate.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
74.208.10.249 gs.apple.com
joah, nett.....
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 01.05.2014, 00:43   #5
mco337
 
Windows 7: PC ist langsamer als sonst nach mehreren Programm installationen (genauere beschreibung im Thema) - Beitrag

Windows 7: PC ist langsamer als sonst nach mehreren Programm installationen (genauere beschreibung im Thema)



Zitat:
Zitat von schrauber Beitrag anzeigen
joah, nett.....
Geht ist das bedenklich ?
ist ja nur ne "geblockte" internetverbindung, aber eigentlich will ich damit garnichts mehr zutun haben, da man sich mit sowas die größten viren einfängt, ich meine die bieten das sicher nicht an damit sie was "gutes" tun, jeder will halt sein geld oder gewinn...

Sollte ich das nun löschen, oder hast du was bedenkliches gefunden?


Alt 01.05.2014, 16:55   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7: PC ist langsamer als sonst nach mehreren Programm installationen (genauere beschreibung im Thema) - Standard

Windows 7: PC ist langsamer als sonst nach mehreren Programm installationen (genauere beschreibung im Thema)



Zitat:
ist ja nur ne "geblockte" internetverbindung
und damit willst du die geklaute Adobe-Software verschleiern.

Und bevor es hier support gibt wird alles gekrackte vom Rechner entfernt.
__________________
--> Windows 7: PC ist langsamer als sonst nach mehreren Programm installationen (genauere beschreibung im Thema)

Alt 01.05.2014, 20:43   #7
mco337
 
Windows 7: PC ist langsamer als sonst nach mehreren Programm installationen (genauere beschreibung im Thema) - Standard

Windows 7: PC ist langsamer als sonst nach mehreren Programm installationen (genauere beschreibung im Thema)



Okay ich mach n neuen log wenn ich das von meinem pc runtergeworfen habe...



Hostfix von microsoft durchgeführt und neuer Scan durchgeführt...

addition.txt
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-05-2014 01
Ran by mco337 at 2014-05-01 21:34:00
Running from E:\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

µTorrent (HKCU\...\uTorrent) (Version: 3.4.0.30660 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.42.34 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.05) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.05 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.04.01 - ASUSTeK Computer Inc.)
AMD Accelerated Video Transcoding (Version: 12.10.100.30328 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{C8807716-1F6F-5C43-3C32-7295A45CF060}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.80328.2204 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{A922C4B7-50E0-4787-A94C-59DBF3C65DBE}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.12.0 - Asmedia Technology)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Bluesoleil2.6.0.9 Release 070606 (HKLM-x32\...\{846AC73B-9394-48B9-B941-8F7F472F0047}) (Version: 2.6.0.9 Release 070606 - IVT Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BurnAware Free 6.9.3 (HKLM-x32\...\BurnAware Free_is1) (Version:  - Burnaware)
calibre (HKLM-x32\...\{0305E6D9-E11E-445C-B468-CAA3996641BA}) (Version: 1.18.0 - Kovid Goyal)
Call of Duty: Modern Warfare 3 - Dedicated Server (HKLM-x32\...\Steam App 42750) (Version:  - Infinity Ward - Sledgehammer Games)
Canon MP190 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP190_series) (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2013.0328.2218.38225 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DesignSpark PCB 5.0 (x32 Version: 5.0 - RS Components) Hidden
DesignSpark PCB Version 5.0 (HKLM-x32\...\InstallShield_{D50500AA-D25A-463B-98BF-E09585325711}) (Version: 5.0 - RS Components)
EaseUS Partition Master 9.3.0 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.05 - Ubisoft)
FileZilla Client 3.7.3 (HKLM-x32\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free Video to JPG Converter version 5.0.30.1029 (HKLM-x32\...\Free Video to JPG Converter_is1) (Version: 5.0.30.1029 - DVDVideoSoft Ltd.)
Free Video to MP3 Converter version 5.0.32.1230 (HKLM-x32\...\Free Video to MP3 Converter_is1) (Version: 5.0.32.1230 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.20.1230 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.20.1230 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.29.304 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.29.304 - DVDVideoSoft Ltd.)
FRITZ!Box USB-Fernanschluss (HKCU\...\2db37667170956ee) (Version: 2.3.1.0 - AVM Berlin)
Frontschweine (HKLM-x32\...\Hogs Of War) (Version: 1.0 - Infogrames)
Ghost Recon Phantoms - EU (HKCU\...\d8be6c3f847d7d92) (Version: 1.35.6405.2 - Ubisoft)
Hercules DJ Products Series drivers (HKLM-x32\...\{33999F1F-EA46-4E55-A239-1BA803235396}) (Version: 2.HDJS.2013 - Hercules)
Hex-Editor MX (HKLM-x32\...\{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1) (Version: 6.0 - NEXT-Soft)
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version:  - IO Interactive)
HxD Hex Editor Version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.10.1300 - Intel Corporation)
Intel(R) Network Connections 17.3.63.0 (HKLM\...\PROSetDX) (Version: 17.3.63.0 - Intel)
Intel(R) Network Connections 17.3.63.0 (Version: 17.3.63.0 - Intel) Hidden
Intel(R) Rapid Storage Technology enterprise (HKLM-x32\...\{8B313BF5-9BD5-42a3-94C1-A28AF3AA51CC}) (Version: 3.6.0.1086 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.26.242.3 - Intel Corporation) Hidden
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version:  - Intel Corporation)
iTunes (HKLM\...\{0D924CB2-2EA4-4044-BAF7-770202D6BD0D}) (Version: 11.1.4.62 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 7 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417005FF}) (Version: 7.0.50 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LiveUpdate 3.3 (Symantec Corporation) (HKLM-x32\...\LiveUpdate) (Version: 3.3.0.78 - Symantec Corporation)
MDF to ISO version 1.0 (HKLM-x32\...\{79DDA36F-B19E-4293-A4F2-FA3EC1C06E6E}_is1) (Version: 1.0 - mdftoiso.com)
MediaInfo 0.7.64 (HKLM\...\MediaInfo) (Version: 0.7.64 - MediaArea.net)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 2.2.173.0 - Microsoft Corporation) Hidden
MiPony 2.1.2 (HKLM-x32\...\MiPony) (Version: 2.1.2 - )
mIRC (HKLM-x32\...\mIRC) (Version: 7.32 - mIRC Co. Ltd.)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
Mozilla Thunderbird 17.0.8 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 17.0.8 (x86 de)) (Version: 17.0.8 - Mozilla)
Mozilla Thunderbird 24.5.0 (x86 de) (HKCU\...\Mozilla Thunderbird 24.5.0 (x86 de)) (Version: 24.5.0 - Mozilla)
MSI Afterburner 2.3.1 (HKLM-x32\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.4 - Notepad++ Team)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
OpenVPN 2.3.2-I003  (HKLM\...\OpenVPN) (Version: 2.3.2-I003 - )
Opera Stable 18.0.1284.68 (HKLM-x32\...\Opera 18.0.1284.68) (Version: 18.0.1284.68 - Opera Software ASA)
Oracle VM VirtualBox 4.3.10 (HKLM\...\{5632714F-6A48-4BF2-89E0-F8B6CE9FE6D1}) (Version: 4.3.10 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14013.45 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14013.45 - Samsung Electronics Co., Ltd.) Hidden
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Sleeping Dogs™ (HKLM-x32\...\Steam App 202170) (Version:  - United Front Games)
smartision ScreenCopy 2.3 (HKLM-x32\...\smartision ScreenCopy_is1) (Version:  - Steffen Schramm)
Spotify (HKCU\...\Spotify) (Version: 0.9.6.72.ge389c074 - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Symantec Endpoint Protection (HKLM\...\{00FFE001-A408-416C-B9E3-07BD99ADA445}) (Version: 11.0.4010.19 -  Symantec Corporation)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.10 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.24482 - TeamViewer)
TransMac version 11.0 (HKLM-x32\...\TransMac_is1) (Version: 11.0 - Acute Systems)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Trust Gaming Mouse (HKLM-x32\...\{1EDE0243-CA4E-4613-B87B-C6B57C76C17C}) (Version: 1.0.0 - Trust)
Uplay (HKLM-x32\...\Uplay) (Version: 3.0 - Ubisoft)
VirtualDJ PRO Full (HKLM-x32\...\{311545C7-3432-4EB3-9229-D5E8DB10AE8A}) (Version: 7.2 - Atomix Productions)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WavePad Audio-Editor (HKLM-x32\...\WavePad) (Version: 5.58 - NCH Software)
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 3.6 - Bazis)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Wireshark 1.10.5 (32-bit) (HKLM-x32\...\Wireshark) (Version: 1.10.5 - The Wireshark developer community, hxxp://www.wireshark.org)

==================== Restore Points  =========================

25-04-2014 17:40:05 Geplanter Prüfpunkt
26-04-2014 19:29:06 DirectX wurde installiert
27-04-2014 10:38:50 Removed CM Installer
27-04-2014 10:51:12 Entfernt DELISprint
27-04-2014 13:07:19 Installed VG JPEG-Repair Online
27-04-2014 13:08:51 Removed VG JPEG-Repair Online
01-05-2014 18:40:43 Installed Microsoft Fix it 50267
01-05-2014 19:08:23 Removed Vodafone Mobile Connect Lite.
01-05-2014 19:14:21 Entfernt LG PC Suite II

==================== Hosts content: ==========================

2014-01-27 21:46 - 2013-09-03 17:19 - 00000833 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {330F5DE7-12CF-4FA7-BAB1-7FDE8E109456} - System32\Tasks\ASUS\USB 3.0 Boost Service => E:\Program Files\Asus\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe [2011-09-10] ()
Task: {3C67AC2C-FD5A-4555-9BF8-9C418E9303A1} - System32\Tasks\SuperEasyDriverUpdater_UPDATES => C:\Program Files (x86)\SuperEasy Software\Driver Updater\supereasydu.exe
Task: {67F886EA-8832-4D29-A671-753ECEB99EDF} - System32\Tasks\CCleanerSkipUAC => E:\Programme\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd)
Task: {95FF1E1C-62EB-4228-BD35-C2B2A0E3B06D} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {AD416C2B-1E73-4D0E-9ACC-D98EFB2D5FB0} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {BD04CDA6-FF4C-436D-AFA6-8F0274D08395} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {BFC67964-12FF-4A67-A017-0C7B06368943} - System32\Tasks\{7B654A59-F8C0-4218-92C7-0E5DC60105AC} => Firefox.exe hxxp://ui.skype.com/ui/0/6.11.59.102/de/abandoninstall?page=tsPlugin
Task: {C8455876-9BF6-4E11-BD3A-D9009FBA4D84} - System32\Tasks\ASUS\ASUS AI Suite II Execute => E:\Program Files\Asus\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {CCA68B2B-14A8-44B2-8019-D5FFA06EB09E} - System32\Tasks\SuperEasyDriverUpdaterRunAtStartup => C:\Program Files (x86)\SuperEasy Software\Driver Updater\supereasydu.exe
Task: {D5763DBB-D8C7-4DE5-9BED-9B4FCBAEBE0D} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {E87EF279-ADBE-4C13-95FE-930B2BFDAE78} - System32\Tasks\ASUS\ASUS DigiPowerControl Help => E:\Program Files\Asus\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe [2013-01-14] (ASUSTeK Computer Inc.)
Task: {F41484C8-9994-4A6E-8608-F06F34113656} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-28] (Adobe Systems Incorporated)
Task: {F520C16C-8D3F-4524-9A6A-FEA4208DC3E9} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\SuperEasyDriverUpdater_UPDATES.job => C:\Program Files (x86)\SuperEasy Software\Driver Updater\supereasydu.exe

==================== Loaded Modules (whitelisted) =============

2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () E:\Programme\FileZilla FTP Client\fzshellext_64.dll
2012-06-18 17:24 - 2012-06-18 17:24 - 00222720 _____ () E:\Program Files\Notepad++\NppShell_05.dll
2013-07-09 12:53 - 2014-04-27 01:03 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-02-16 23:02 - 2013-09-17 19:58 - 00920736 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-02-16 23:02 - 2014-05-01 21:15 - 00028160 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2014-02-16 23:02 - 2010-06-29 11:58 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2014-02-15 19:10 - 2014-02-15 19:10 - 00019968 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\PSIClient\478bf44daaadc465b065707dfbcd6070\PSIClient.ni.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\.Trashes:AFP_AfpInfo
AlternateDataStreams: C:\Users\mco337\AppData\Local\Temp:KNa1yxGyS0WgEMKXcw
AlternateDataStreams: C:\Users\mco337\AppData\Local\Temp:LVj9rm038OlPqAeyijRLa4R

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antvirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ccEvtMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ccSetMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmcService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Symantec Antivirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Symantec Antvirus => ""="Service"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^Users^mco337^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Serviio.lnk => C:\Windows\pss\Serviio.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AVMUSBFernanschluss => "C:\Users\mco337\AppData\Local\Apps\2.0\CV3ERQTB.117\LAW3J1TT.TWY\frit..tion_1acae14e4778b8d2_0002.0003_7c9366a34786c7f9\AVMAutoStart.exe"
MSCONFIG\startupreg: EaseUS EPM tray => E:\Program Files\EaseUS Partition Master 9.3.0\bin\EpmNews.exe
MSCONFIG\startupreg: Hercules DJ Series TrayAgent => E:\Program Files\Guillemot\HDJTray\HDJSeries2TrayBar.exe /boot
MSCONFIG\startupreg: iTunesHelper => "E:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesPreload => E:\Program Files\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => E:\Program Files\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\mco337\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\mco337\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: uTorrent => "C:\Users\mco337\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED

==================== Faulty Device Manager Devices =============

Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Bluetooth PAN Network Adapter
Description: Bluetooth PAN Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: IVT Corporation
Service: BT
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Intel(R) 82579V Gigabit Network Connection
Description: Intel(R) 82579V Gigabit Network Connection
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: e1cexpress
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/01/2014 09:17:34 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/01/2014 09:14:21 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed.

System Error:
0xC0000039 (unresolvable).

Error: (05/01/2014 09:14:21 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "IVssAsrWriterBackup::GetVolumeComponents" ist ein unerwarteter Fehler aufgetreten. hr = 0x80073bc3, Das angeforderte Systemgerät kann nicht gefunden werden.
.


Vorgang:
   OnIdentify-Ereignis
   Generatordaten werden gesammelt

Kontext:
   Ausführungskontext: ASR Writer
   Generatorklassen-ID: {be000cbe-11fe-4426-9c58-531aa6355fc4}
   Generatorname: ASR Writer
   Generatorinstanz-ID: {0dbc9064-2200-4549-807e-a7c33173daaa}

Error: (05/01/2014 09:08:23 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed.

System Error:
0xC0000039 (unresolvable).

Error: (05/01/2014 09:08:23 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed.

System Error:
0xC0000039 (unresolvable).

Error: (05/01/2014 09:08:23 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "IVssAsrWriterBackup::GetVolumeComponents" ist ein unerwarteter Fehler aufgetreten. hr = 0x80073bc3, Das angeforderte Systemgerät kann nicht gefunden werden.
.


Vorgang:
   OnIdentify-Ereignis
   Generatordaten werden gesammelt

Kontext:
   Ausführungskontext: ASR Writer
   Generatorklassen-ID: {be000cbe-11fe-4426-9c58-531aa6355fc4}
   Generatorname: ASR Writer
   Generatorinstanz-ID: {65e87cd2-d243-4baf-95e2-e91d0b35690d}

Error: (05/01/2014 09:08:23 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "IVssAsrWriterBackup::GetVolumeComponents" ist ein unerwarteter Fehler aufgetreten. hr = 0x80073bc3, Das angeforderte Systemgerät kann nicht gefunden werden.
.


Vorgang:
   OnIdentify-Ereignis
   Generatordaten werden gesammelt

Kontext:
   Ausführungskontext: ASR Writer
   Generatorklassen-ID: {be000cbe-11fe-4426-9c58-531aa6355fc4}
   Generatorname: ASR Writer
   Generatorinstanz-ID: {65e87cd2-d243-4baf-95e2-e91d0b35690d}

Error: (05/01/2014 08:43:32 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/01/2014 08:41:50 PM) (Source: VMCService) (User: )
Description: conflictManagerTypeValue

Error: (05/01/2014 08:40:43 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed.

System Error:
0xC0000039 (unresolvable).


System errors:
=============
Error: (05/01/2014 03:19:15 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "COH_Mon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (05/01/2014 02:19:15 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "COH_Mon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (05/01/2014 01:19:15 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "COH_Mon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (05/01/2014 01:19:15 PM) (Source: Application Popup) (User: )
Description: Treiber COH_Mon.sys konnte nicht geladen werden.

Error: (05/01/2014 03:34:51 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "COH_Mon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (05/01/2014 02:34:51 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "COH_Mon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (05/01/2014 02:34:51 AM) (Source: Application Popup) (User: )
Description: Treiber COH_Mon.sys konnte nicht geladen werden.

Error: (04/30/2014 04:57:22 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "COH_Mon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (04/30/2014 03:57:22 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "COH_Mon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (04/30/2014 02:57:22 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "COH_Mon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275


Microsoft Office Sessions:
=========================
Error: (05/01/2014 09:17:34 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/01/2014 09:14:21 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: 
Details:
AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed.

System Error:
0xC0000039 (unresolvable)

Error: (05/01/2014 09:14:21 PM) (Source: VSS)(User: )
Description: IVssAsrWriterBackup::GetVolumeComponents0x80073bc3, Das angeforderte Systemgerät kann nicht gefunden werden.


Vorgang:
   OnIdentify-Ereignis
   Generatordaten werden gesammelt

Kontext:
   Ausführungskontext: ASR Writer
   Generatorklassen-ID: {be000cbe-11fe-4426-9c58-531aa6355fc4}
   Generatorname: ASR Writer
   Generatorinstanz-ID: {0dbc9064-2200-4549-807e-a7c33173daaa}

Error: (05/01/2014 09:08:23 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: 
Details:
AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed.

System Error:
0xC0000039 (unresolvable)

Error: (05/01/2014 09:08:23 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: 
Details:
AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed.

System Error:
0xC0000039 (unresolvable)

Error: (05/01/2014 09:08:23 PM) (Source: VSS)(User: )
Description: IVssAsrWriterBackup::GetVolumeComponents0x80073bc3, Das angeforderte Systemgerät kann nicht gefunden werden.


Vorgang:
   OnIdentify-Ereignis
   Generatordaten werden gesammelt

Kontext:
   Ausführungskontext: ASR Writer
   Generatorklassen-ID: {be000cbe-11fe-4426-9c58-531aa6355fc4}
   Generatorname: ASR Writer
   Generatorinstanz-ID: {65e87cd2-d243-4baf-95e2-e91d0b35690d}

Error: (05/01/2014 09:08:23 PM) (Source: VSS)(User: )
Description: IVssAsrWriterBackup::GetVolumeComponents0x80073bc3, Das angeforderte Systemgerät kann nicht gefunden werden.


Vorgang:
   OnIdentify-Ereignis
   Generatordaten werden gesammelt

Kontext:
   Ausführungskontext: ASR Writer
   Generatorklassen-ID: {be000cbe-11fe-4426-9c58-531aa6355fc4}
   Generatorname: ASR Writer
   Generatorinstanz-ID: {65e87cd2-d243-4baf-95e2-e91d0b35690d}

Error: (05/01/2014 08:43:32 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/01/2014 08:41:50 PM) (Source: VMCService)(User: )
Description: conflictManagerTypeValue

Error: (05/01/2014 08:40:43 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: 
Details:
AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed.

System Error:
0xC0000039 (unresolvable)


CodeIntegrity Errors:
===================================
  Date: 2014-05-01 20:41:54.656
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-01 20:38:28.154
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-01 12:19:17.695
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-01 03:36:20.699
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-01 01:46:19.339
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-01 01:34:53.495
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-30 14:55:32.934
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-30 14:22:34.793
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-30 13:57:22.778
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-30 07:04:35.171
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 16%
Total physical RAM: 16324.75 MB
Available physical RAM: 13678.21 MB
Total Pagefile: 18322.93 MB
Available Pagefile: 15934.24 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:119.14 GB) (Free:68.18 GB) NTFS
Drive e: () (Fixed) (Total:1863.01 GB) (Free:776.7 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: FCA8B455)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: B568CEDA)
Partition 1: (Not Active) - (Size=-198631751680) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 153 GB) (Disk ID: 086BA0D6)

Partition: GPT Partition Type.

==================== End Of Log ============================
         
FRST.txt

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-05-2014 01
Ran by mco337 (administrator) on mco337-PC on 01-05-2014 21:33:50
Running from E:\Downloads
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Symantec Corporation) C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorIcon.exe
(Symantec Corporation) C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SmcGui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ASUSTeK Computer Inc.) E:\Program Files\Asus\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.22\AsusFanControlService.exe
(ASUSTeK Computer Inc.) E:\Program Files\Asus\AI Suite II\AsRoutineController.exe
(Apple Inc.) E:\Program Files\Bonjour\mDNSResponder.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(Hercules®) E:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(ASUSTeK Computer Inc.) E:\Program Files\Asus\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
(ASUSTeK Computer Inc.) E:\Program Files\Asus\AI Suite II\EPU\EPUHelp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212048 2012-06-07] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorIcon.exe [294360 2013-03-05] (Intel Corporation)
HKLM-x32\...\Run: [ccApp] => C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe [115560 2008-12-18] (Symantec Corporation)
HKU\S-1-5-21-3451892716-2812237109-1527965601-1000\...\Run: [Trust Gaming Mouse] => C:\Program Files (x86)\Trust Gaming Mouse GXT 34\Trust Gaming Mouse.exe [961024 2012-01-06] (Trust)
HKU\S-1-5-21-3451892716-2812237109-1527965601-1000\...\MountPoints2: {2a311453-9b16-11e3-bd09-3085a996858c} - F:\USBAutoRun.exe
HKU\S-1-5-21-3451892716-2812237109-1527965601-1000\...\MountPoints2: {3fa76628-98b0-11e3-b06f-3085a996858c} - V:\setup.exe
HKU\S-1-5-21-3451892716-2812237109-1527965601-1000\...\MountPoints2: {57f1db55-b442-11e3-90ca-001167d09a9c} - V:\setup.exe
HKU\S-1-5-21-3451892716-2812237109-1527965601-1000\...\MountPoints2: {57f1db58-b442-11e3-90ca-001167d09a9c} - V:\setup.exe
HKU\S-1-5-21-3451892716-2812237109-1527965601-1000\...\MountPoints2: {cf2b173e-97d3-11e3-9291-3085a996858c} - V:\setup.exe
HKU\S-1-5-21-3451892716-2812237109-1527965601-1000\...\MountPoints2: {fa5f6728-0e77-11e3-8b49-9033dd89c11a} - D:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-3451892716-2812237109-1527965601-1000\...\MountPoints2: {fcf14241-bc03-11e3-b957-001167d09a9c} - V:\setup.exe
Startup: C:\Users\mco337\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Thunderbird.lnk
ShortcutTarget: Mozilla Thunderbird.lnk -> E:\Programme\Thunderbird\thunderbird.exe (Mozilla Corporation)

==================== Internet (Whitelisted) ====================

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java-\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java-\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\mco337\AppData\Roaming\Mozilla\Firefox\Profiles\6foyyyzj.default
FF Homepage: https://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @java.com/DTPlugin,version=10.5.0 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.0 - E:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - E:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - E:\Programme\Picasa\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java-\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java-\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: WOT - C:\Users\mco337\AppData\Roaming\Mozilla\Firefox\Profiles\6foyyyzj.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-03-12]
FF Extension: Adblock Plus - C:\Users\mco337\AppData\Roaming\Mozilla\Firefox\Profiles\6foyyyzj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-18]
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (YTBookMark) - C:\Users\mco337\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdilcmobnolgdlcefnobbeocmhnomfoe [2014-01-09]
CHR Extension: (Share the Wealth) - C:\Users\mco337\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgmhgfecnmeljhchgcjlfldjiepcfpea [2014-01-09]
CHR Extension: (YoutubeAdblocker) - C:\Users\mco337\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfbmbkaibjonbodganofehckpoblklno [2014-01-09]
CHR Extension: (greatosavaer) - C:\Users\mco337\AppData\Local\Google\Chrome\User Data\Default\Extensions\laafliklblchbimhiamcckkljmplcagp [2014-01-09]

==================== Services (Whitelisted) =================

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-09-17] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2013-09-17] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.22\AsusFanControlService.exe [399744 2012-11-07] (ASUSTeK Computer Inc.)
R2 Bonjour Service; E:\Program Files\Bonjour\mDNSResponder.exe [462184 2011-08-31] (Apple Inc.)
R2 ccEvtMgr; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [108392 2008-12-18] (Symantec Corporation)
R2 ccSetMgr; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [108392 2008-12-18] (Symantec Corporation)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [233328 2012-01-23] (DTS, Inc)
R2 HerculesDJControlMP3; E:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE [47104 2013-05-21] (Hercules®)
S3 iPod Service; E:\Program Files\iPod\bin\iPodService.exe [641352 2014-01-20] (Apple Inc.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-23] (Intel Corporation)
S3 LiveUpdate; C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_3.EXE [3093880 2009-01-30] (Symantec Corporation)
S3 OpenVPNService; E:\Program Files\OpenVPN\bin\openvpnserv.exe [37176 2013-08-22] (The OpenVPN Project)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-04-27] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S2 SkypeUpdate; C:\Program Files (x86)\Updater\Updater.exe [172192 2013-10-23] (Skype Technologies)
R2 SmcService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe [3092296 2009-02-01] (Symantec Corporation)
S3 SNAC; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE [387400 2009-02-01] (Symantec Corporation)
R2 Symantec AntiVirus; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe [2440120 2009-02-01] (Symantec Corporation)

==================== Drivers (Whitelisted) ====================

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2013-01-15] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116480 2013-07-17] (AVM Berlin)
R3 BlueletAudio; C:\Windows\System32\DRIVERS\blueletaudio.sys [38160 2007-05-11] (IVT Corporation.)
R3 BlueletAudio; C:\Windows\SysWOW64\DRIVERS\blueletaudio.sys [38160 2007-05-11] (IVT Corporation.)
R3 BlueletSCOAudio; C:\Windows\System32\DRIVERS\BlueletSCOAudio.sys [37648 2007-03-05] (IVT Corporation.)
R3 BlueletSCOAudio; C:\Windows\SysWOW64\DRIVERS\BlueletSCOAudio.sys [37648 2007-03-05] (IVT Corporation.)
S3 BT; C:\Windows\System32\DRIVERS\btnetdrv.sys [19728 2007-05-23] (IVT Corporation.)
S3 BT; C:\Windows\SysWOW64\DRIVERS\btnetdrv.sys [19728 2007-05-23] (IVT Corporation.)
S3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [44688 2007-05-23] (IVT Corporation.)
S3 Btcsrusb; C:\Windows\SysWOW64\Drivers\btcusb.sys [44688 2007-05-23] (IVT Corporation.)
R0 BTHidEnum; C:\Windows\System32\Drivers\vbtenum.sys [24976 2007-03-05] (IVT Corporation.)
R0 BTHidEnum; C:\Windows\SysWOW64\Drivers\vbtenum.sys [24976 2007-03-05] (IVT Corporation.)
R0 BTHidMgr; C:\Windows\System32\Drivers\BTHidMgr.sys [49680 2007-03-05] (IVT Corporation.)
R0 BTHidMgr; C:\Windows\SysWOW64\Drivers\BTHidMgr.sys [49680 2007-03-05] (IVT Corporation.)
S3 BthMtpEnum; C:\Windows\System32\DRIVERS\BthMtpEnum.sys [64512 2009-07-14] (Microsoft Corporation)
S3 BTHprint; C:\Windows\System32\DRIVERS\bthprint.sys [67072 2009-07-14] (Microsoft Corporation)
S3 Bulk; C:\Windows\System32\Drivers\HDJBulk.sys [258352 2013-05-21] (© Guillemot R&D, 2013. All rights reserved.)
S3 COH_Mon; C:\Windows\system32\Drivers\COH_Mon.sys [25424 2008-11-18] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-21] (Symantec Corporation)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] ()
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-12-17] (Symantec Corporation)
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] ()
S3 HDJAsioK; C:\Windows\System32\Drivers\HDJAsioK.sys [320816 2013-05-21] (© Guillemot R&D, 2013. All rights reserved.)
S3 HDJMidi; C:\Windows\System32\DRIVERS\HDJMidi.sys [274736 2013-05-21] (© Guillemot R&D, 2013. All rights reserved.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [26072 2013-03-05] (Intel Corporation)
R3 NAVENG; C:\ProgramData\Symantec\Definitions\VirusDefs\20140430.021\ENG64.SYS [126040 2013-08-22] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Symantec\Definitions\VirusDefs\20140430.021\EX64.SYS [2099288 2013-08-22] (Symantec Corporation)
R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [61592 2013-12-17] (NetFilterSDK.com)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R1 SRTSP; C:\Windows\System32\Drivers\SRTSP64.SYS [441904 2008-12-19] (Symantec Corporation)
R1 SRTSP; C:\Windows\SysWOW64\Drivers\SRTSP64.SYS [441904 2008-12-19] (Symantec Corporation)
S3 SRTSPL; C:\Windows\System32\Drivers\SRTSPL64.SYS [480304 2008-12-19] (Symantec Corporation)
S3 SRTSPL; C:\Windows\SysWOW64\Drivers\SRTSPL64.SYS [480304 2008-12-19] (Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\Drivers\SRTSPX64.SYS [32304 2008-12-19] (Symantec Corporation)
R1 SRTSPX; C:\Windows\SysWOW64\Drivers\SRTSPX64.SYS [32304 2008-12-19] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [172080 2013-07-08] (Symantec Corporation)
R3 Teefer2; C:\Windows\System32\DRIVERS\teefer2.sys [62512 2008-10-14] (Symantec Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [115488 2014-03-26] (Oracle Corporation)
R3 VComm; C:\Windows\System32\DRIVERS\VComm.sys [47120 2007-03-05] (IVT Corporation.)
R3 VComm; C:\Windows\SysWOW64\DRIVERS\VComm.sys [47120 2007-03-05] (IVT Corporation.)
R3 VcommMgr; C:\Windows\System32\Drivers\VcommMgr.sys [63248 2007-03-05] (IVT Corporation.)
R3 VcommMgr; C:\Windows\SysWOW64\Drivers\VcommMgr.sys [63248 2007-03-05] (IVT Corporation.)
R1 WPS; C:\Windows\system32\drivers\wpsdrvnt.sys [52784 2009-02-01] (Symantec Corporation)
R3 WpsHelper; C:\Windows\system32\drivers\WpsHelper.sys [233120 2012-10-04] (Symantec Corporation)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-29 21:05 - 2014-05-01 21:33 - 00000000 ____D () C:\FRST
2014-04-29 20:56 - 2014-04-29 20:56 - 00000000 ____D () C:\Windows\ERUNT
2014-04-27 20:46 - 2014-04-27 20:46 - 00000872 _____ () C:\Users\mco337\Desktop\JDownloader.lnk
2014-04-27 20:45 - 2014-04-27 20:55 - 00000000 ____D () E:\Program Files\Jdownloader
2014-04-27 20:15 - 2014-04-27 20:15 - 00000000 ____D () C:\Users\mco337\.appwork
2014-04-27 17:40 - 2014-04-27 15:46 - 00000000 ____D () C:\.fseventsd
2014-04-27 15:06 - 2014-04-27 15:09 - 00000000 ____D () C:\ProgramData\WPM
2014-04-27 15:06 - 2014-04-27 15:07 - 00000000 ____D () C:\ProgramData\IePluginService
2014-04-27 12:42 - 2014-04-27 12:42 - 00000668 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-04-26 22:21 - 2014-04-26 22:21 - 00000000 ____D () C:\Users\mco337\AppData\Local\Skype
2014-04-26 22:21 - 2014-04-26 22:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-04-26 21:59 - 2014-04-27 10:29 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-26 21:58 - 2014-04-26 21:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-26 21:30 - 2014-04-26 21:30 - 00000000 ____D () E:\Program Files\Ubisoft
2014-04-26 21:29 - 2014-04-26 21:29 - 00000332 _____ () C:\Users\mco337\Desktop\Ghost Recon Phantoms - EU.appref-ms
2014-04-19 13:32 - 2014-04-19 13:32 - 00000000 ____D () E:\Program Files\MDF to ISO
2014-04-19 13:32 - 2014-04-19 13:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MDF to ISO
2014-04-19 11:41 - 2014-04-19 11:41 - 00004032 _____ () C:\Windows\SysWOW64\gmon.out
2014-04-17 09:37 - 2014-04-17 09:37 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information
2014-04-17 09:37 - 2014-04-17 09:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP190 series
2014-04-17 09:37 - 2008-02-26 05:00 - 00279040 _____ (CANON INC.) C:\Windows\system32\CNMLM9I.DLL
2014-04-17 09:37 - 2008-02-08 15:38 - 00236032 _____ (CANON INC.) C:\Windows\system32\CNC190L.DLL
2014-04-17 09:37 - 2007-11-09 11:59 - 01335296 _____ (CANON INC.) C:\Windows\system32\CNC190C.DLL
2014-04-17 09:37 - 2007-11-09 11:59 - 00092672 _____ (CANON INC.) C:\Windows\system32\CNC190I.DLL
2014-04-17 09:37 - 2007-03-15 14:13 - 00229888 _____ (Canon Inc.) C:\Windows\system32\CNC190O.DLL
2014-04-17 09:34 - 2014-04-17 09:34 - 00000000 ___HD () E:\Program Files\CanonBJ
2014-04-16 21:03 - 2014-04-16 21:03 - 00000000 __SHD () C:\found.000
2014-04-16 17:38 - 2014-04-16 17:38 - 00000000 ____D () C:\Users\Default\AppData\Local\Symantec
2014-04-16 17:38 - 2014-04-16 17:38 - 00000000 ____D () C:\Users\Default User\AppData\Local\Symantec
2014-04-15 00:45 - 2014-03-06 12:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-15 00:45 - 2014-03-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-15 00:45 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-15 00:45 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-15 00:45 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-15 00:45 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-15 00:45 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-15 00:45 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-15 00:45 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-15 00:45 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-15 00:45 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-15 00:45 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-15 00:45 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-15 00:45 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-15 00:45 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-15 00:45 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-15 00:45 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-15 00:45 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-15 00:45 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-15 00:45 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-15 00:45 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-15 00:45 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-15 00:45 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-15 00:45 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-15 00:45 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-15 00:45 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-15 00:45 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-15 00:45 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-15 00:45 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-15 00:45 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-15 00:45 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-15 00:45 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-15 00:45 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-15 00:45 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-15 00:45 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-15 00:45 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-15 00:45 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-15 00:45 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-15 00:45 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-15 00:45 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-15 00:45 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-15 00:45 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-15 00:45 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-15 00:45 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-15 00:45 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-15 00:45 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-15 00:45 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-15 00:45 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-13 23:34 - 2014-04-13 23:39 - 00000088 _____ () C:\Users\mco337\Documents\Daniela.txt
2014-04-09 10:29 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 10:29 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-09 10:29 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-09 10:29 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-09 10:29 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-09 10:29 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-09 10:29 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-09 10:29 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-09 10:29 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-09 10:29 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-09 10:29 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-09 10:29 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-09 10:29 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-09 10:29 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-09 10:29 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-09 10:29 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-09 10:28 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys

==================== One Month Modified Files and Folders =======

2014-05-01 21:33 - 2014-04-29 21:05 - 00000000 ____D () C:\FRST
2014-05-01 21:31 - 2013-07-08 20:29 - 01539499 _____ () C:\Windows\WindowsUpdate.log
2014-05-01 21:29 - 2014-02-24 19:35 - 00000000 ____D () C:\Users\mco337\AppData\Roaming\Notepad++
2014-05-01 21:28 - 2013-07-08 20:45 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-01 21:23 - 2009-07-14 06:45 - 00033136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-01 21:23 - 2009-07-14 06:45 - 00033136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-01 21:20 - 2011-04-12 09:43 - 00700454 _____ () C:\Windows\system32\perfh007.dat
2014-05-01 21:20 - 2011-04-12 09:43 - 00150092 _____ () C:\Windows\system32\perfc007.dat
2014-05-01 21:20 - 2009-07-14 07:13 - 01624034 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-01 21:15 - 2014-02-17 20:06 - 00153444 _____ () C:\Windows\PFRO.log
2014-05-01 21:15 - 2014-02-17 20:06 - 00017353 _____ () C:\Windows\setupact.log
2014-05-01 21:15 - 2013-07-08 21:38 - 00103376 _____ () C:\Users\mco337\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-01 21:15 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-01 21:15 - 2009-07-14 06:45 - 05094168 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-01 21:14 - 2014-02-21 18:44 - 00000000 ____D () E:\Program Files\LG Suite II
2014-05-01 21:05 - 2013-11-16 15:37 - 00000000 ____D () E:\Program Files\Adobe
2014-05-01 21:05 - 2013-07-09 15:00 - 00000000 ____D () C:\ProgramData\Adobe
2014-05-01 21:05 - 2013-07-08 20:49 - 00000000 ____D () C:\Users\mco337\AppData\Roaming\Adobe
2014-05-01 21:00 - 2013-07-08 20:28 - 00000000 ____D () C:\Users\mco337
2014-05-01 20:51 - 2013-07-08 20:45 - 00000000 ____D () C:\Users\mco337\AppData\Local\Adobe
2014-05-01 13:02 - 2013-07-10 16:47 - 00291760 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-05-01 13:02 - 2013-07-09 12:53 - 00291760 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-05-01 12:59 - 2013-07-09 12:53 - 00291488 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-05-01 12:58 - 2013-07-17 21:15 - 00000000 ____D () C:\Users\mco337\AppData\Local\Deployment
2014-05-01 12:56 - 2013-07-08 21:15 - 00000000 ____D () C:\Users\mco337\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-05-01 03:36 - 2013-09-03 19:10 - 00000000 ____D () C:\Users\mco337\AppData\Roaming\Mipony
2014-05-01 03:22 - 2013-07-08 20:31 - 00000000 ____D () C:\Users\mco337\AppData\Roaming\vlc
2014-05-01 01:46 - 2014-02-09 22:42 - 00000000 ____D () C:\Users\mco337\Desktop\Programme
2014-04-30 16:47 - 2013-08-30 16:47 - 00000328 _____ () C:\Windows\Tasks\SuperEasyDriverUpdater_UPDATES.job
2014-04-29 20:56 - 2014-04-29 20:56 - 00000000 ____D () C:\Windows\ERUNT
2014-04-29 19:46 - 2014-01-08 00:41 - 00000000 ____D () C:\Users\mco337\AppData\Roaming\Skype
2014-04-28 23:29 - 2013-07-08 20:45 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-28 23:29 - 2013-07-08 20:45 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-28 23:29 - 2013-07-08 20:45 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-27 20:55 - 2014-04-27 20:45 - 00000000 ____D () E:\Program Files\Jdownloader
2014-04-27 20:46 - 2014-04-27 20:46 - 00000872 _____ () C:\Users\mco337\Desktop\JDownloader.lnk
2014-04-27 20:46 - 2013-11-01 23:31 - 00000836 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
2014-04-27 20:46 - 2013-11-01 23:31 - 00000796 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
2014-04-27 20:46 - 2013-11-01 23:31 - 00000781 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
2014-04-27 20:15 - 2014-04-27 20:15 - 00000000 ____D () C:\Users\mco337\.appwork
2014-04-27 19:43 - 2013-07-20 18:23 - 00000000 ____D () C:\Users\mco337\.VirtualBox
2014-04-27 15:46 - 2014-04-27 17:40 - 00000000 ____D () C:\.fseventsd
2014-04-27 15:46 - 2014-03-29 16:25 - 00000000 ___HD () C:\.Trashes
2014-04-27 15:21 - 2014-02-17 21:33 - 00000000 ____D () C:\AdwCleaner
2014-04-27 15:21 - 2013-07-08 20:30 - 00001031 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-27 15:21 - 2013-07-08 20:30 - 00001019 _____ () C:\Users\mco337\Desktop\Mozilla Firefox.lnk
2014-04-27 15:21 - 2013-07-08 20:29 - 00000813 _____ () C:\Users\mco337\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-27 15:09 - 2014-04-27 15:06 - 00000000 ____D () C:\ProgramData\WPM
2014-04-27 15:07 - 2014-04-27 15:06 - 00000000 ____D () C:\ProgramData\IePluginService
2014-04-27 12:45 - 2014-03-27 10:06 - 00000000 ____D () C:\Users\mco337\AppData\Roaming\uTorrent
2014-04-27 12:45 - 2014-02-21 18:43 - 00000000 ____D () C:\Users\mco337\AppData\Local\CrashDumps
2014-04-27 12:45 - 2013-08-30 16:47 - 00000000 ____D () C:\Users\mco337\AppData\Roaming\FileZilla
2014-04-27 12:42 - 2014-04-27 12:42 - 00000668 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-04-27 10:29 - 2014-04-26 21:59 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-27 02:16 - 2011-04-12 09:54 - 00000000 ____D () C:\Windows\ShellNew
2014-04-27 01:10 - 2013-07-10 16:47 - 00000000 ____D () C:\Users\mco337\AppData\Local\PunkBuster
2014-04-27 01:03 - 2013-07-09 12:53 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-04-26 22:21 - 2014-04-26 22:21 - 00000000 ____D () C:\Users\mco337\AppData\Local\Skype
2014-04-26 22:21 - 2014-04-26 22:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-04-26 22:21 - 2014-01-08 00:41 - 00000000 ____D () C:\ProgramData\Skype
2014-04-26 21:58 - 2014-04-26 21:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-26 21:30 - 2014-04-26 21:30 - 00000000 ____D () E:\Program Files\Ubisoft
2014-04-26 21:29 - 2014-04-26 21:29 - 00000332 _____ () C:\Users\mco337\Desktop\Ghost Recon Phantoms - EU.appref-ms
2014-04-23 20:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-19 13:32 - 2014-04-19 13:32 - 00000000 ____D () E:\Program Files\MDF to ISO
2014-04-19 13:32 - 2014-04-19 13:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MDF to ISO
2014-04-19 11:41 - 2014-04-19 11:41 - 00004032 _____ () C:\Windows\SysWOW64\gmon.out
2014-04-18 13:37 - 2013-11-01 23:33 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-17 12:00 - 2009-07-14 05:20 - 00000000 __RSD () C:\Windows\Media
2014-04-17 09:37 - 2014-04-17 09:37 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information
2014-04-17 09:37 - 2014-04-17 09:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP190 series
2014-04-17 09:34 - 2014-04-17 09:34 - 00000000 ___HD () E:\Program Files\CanonBJ
2014-04-16 21:03 - 2014-04-16 21:03 - 00000000 __SHD () C:\found.000
2014-04-16 20:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-16 17:41 - 2013-07-08 21:16 - 00000000 ____D () C:\ProgramData\Origin
2014-04-16 17:38 - 2014-04-16 17:38 - 00000000 ____D () C:\Users\Default\AppData\Local\Symantec
2014-04-16 17:38 - 2014-04-16 17:38 - 00000000 ____D () C:\Users\Default User\AppData\Local\Symantec
2014-04-14 20:13 - 2014-02-21 20:55 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-14 20:05 - 2014-02-21 20:55 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-14 20:05 - 2014-02-21 20:55 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-14 20:04 - 2014-02-21 20:55 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-13 23:39 - 2014-04-13 23:34 - 00000088 _____ () C:\Users\mco337\Documents\Daniela.txt
2014-04-09 11:38 - 2013-08-14 14:38 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-09 11:37 - 2013-07-22 12:28 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Some content of TEMP:
====================
C:\Users\mco337\AppData\Local\Temp\JDSetup130430979024980518.exe
C:\Users\mco337\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\mco337\AppData\Local\Temp\proxy_vole8926367741149586.dll
C:\Users\mco337\AppData\Local\Temp\pyl2E8F.tmp.exe
C:\Users\mco337\AppData\Local\Temp\pyl9C2F.tmp.exe
C:\Users\mco337\AppData\Local\Temp\Quarantine.exe
C:\Users\mco337\AppData\Local\Temp\sdanircmdc.exe
C:\Users\mco337\AppData\Local\Temp\sdapskill.exe
C:\Users\mco337\AppData\Local\Temp\sdaspwn.exe
C:\Users\mco337\AppData\Local\Temp\sonarinst.exe
C:\Users\mco337\AppData\Local\Temp\sweetpage_294wld.exe
C:\Users\mco337\AppData\Local\Temp\vlc-2.1.3-win32.exe
C:\Users\mco337\AppData\Local\Temp\xmlUpdater.exe
C:\Users\mco337\AppData\Local\Temp\_is897A.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-29 14:49

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Benutzername durch mco337 ersätzt

Geändert von mco337 (01.05.2014 um 20:11 Uhr)

Alt 02.05.2014, 16:47   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7: PC ist langsamer als sonst nach mehreren Programm installationen (genauere beschreibung im Thema) - Standard

Windows 7: PC ist langsamer als sonst nach mehreren Programm installationen (genauere beschreibung im Thema)



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 02.05.2014, 17:43   #9
mco337
 
Windows 7: PC ist langsamer als sonst nach mehreren Programm installationen (genauere beschreibung im Thema) - Beitrag

Windows 7: PC ist langsamer als sonst nach mehreren Programm installationen (genauere beschreibung im Thema)



mbam.txt
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org


Protection, 02.05.2014 17:55:57, SYSTEM, MCO337-PC, Protection, Malware Protection, Starting, 
Protection, 02.05.2014 17:55:57, SYSTEM, MCO337-PC, Protection, Malware Protection, Started, 
Protection, 02.05.2014 17:55:57, SYSTEM, MCO337-PC, Protection, Malicious Website Protection, Starting, 
Protection, 02.05.2014 17:55:58, SYSTEM, MCO337-PC, Protection, Malicious Website Protection, Started, 
Update, 02.05.2014 17:56:10, SYSTEM, MCO337-PC, Manual, Rootkit Database, 2014.2.20.1, 2014.3.27.1, 
Update, 02.05.2014 17:56:23, SYSTEM, MCO337-PC, Manual, Malware Database, 2014.3.4.9, 2014.5.2.9, 
Protection, 02.05.2014 17:56:28, SYSTEM, MCO337-PC, Protection, Refresh, Starting, 
Protection, 02.05.2014 17:56:28, SYSTEM, MCO337-PC, Protection, Malicious Website Protection, Stopping, 
Protection, 02.05.2014 17:56:28, SYSTEM, MCO337-PC, Protection, Malicious Website Protection, Stopped, 
Protection, 02.05.2014 17:56:30, SYSTEM, MCO337-PC, Protection, Refresh, Success, 
Protection, 02.05.2014 17:56:30, SYSTEM, MCO337-PC, Protection, Malicious Website Protection, Starting, 
Protection, 02.05.2014 17:56:30, SYSTEM, MCO337-PC, Protection, Malicious Website Protection, Started, 
Protection, 02.05.2014 18:05:32, SYSTEM, MCO337-PC, Protection, Malware Protection, Starting, 
Protection, 02.05.2014 18:05:32, SYSTEM, MCO337-PC, Protection, Malware Protection, Started, 
Protection, 02.05.2014 18:05:32, SYSTEM, MCO337-PC, Protection, Malicious Website Protection, Starting, 
Protection, 02.05.2014 18:05:34, SYSTEM, MCO337-PC, Protection, Malicious Website Protection, Started, 

(end)
         
AdwCleaner[S3].txt
Code:
ATTFilter
# AdwCleaner v3.205 - Bericht erstellt am 02/05/2014 um 18:11:21
# Aktualisiert 28/04/2014 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzername : mco337 - mco337-PC
# Gestartet von : E:\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfbmbkaibjonbodganofehckpoblklno
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfbmbkaibjonbodganofehckpoblklno
Ordner Gelöscht : C:\Users\mco337\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfbmbkaibjonbodganofehckpoblklno
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\laafliklblchbimhiamcckkljmplcagp
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\laafliklblchbimhiamcckkljmplcagp
Ordner Gelöscht : C:\Users\mco337\AppData\Local\Google\Chrome\User Data\Default\Extensions\laafliklblchbimhiamcckkljmplcagp

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Mozilla Firefox v28.0 (de)

[ Datei : C:\Users\mco337\AppData\Roaming\Mozilla\Firefox\Profiles\6foyyyzj.default\prefs.js ]


-\\ Google Chrome v

*************************

AdwCleaner[R0].txt - [5459 octets] - [17/02/2014 21:33:49]
AdwCleaner[R1].txt - [2712 octets] - [23/03/2014 23:21:17]
AdwCleaner[R2].txt - [6528 octets] - [27/04/2014 15:21:26]
AdwCleaner[R3].txt - [1937 octets] - [02/05/2014 18:09:49]
AdwCleaner[R4].txt - [1997 octets] - [02/05/2014 18:10:36]
AdwCleaner[S0].txt - [4230 octets] - [17/02/2014 21:34:45]
AdwCleaner[S1].txt - [2631 octets] - [23/03/2014 23:21:39]
AdwCleaner[S2].txt - [4658 octets] - [27/04/2014 15:21:39]
AdwCleaner[S3].txt - [1918 octets] - [02/05/2014 18:11:21]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1978 octets] ##########
         
JRT.txt
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x64
Ran by mco337 on 02.05.2014 at 18:16:14,27
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\mco337\AppData\Roaming\mozilla\firefox\profiles\6foyyyzj.default\minidumps [4 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02.05.2014 at 18:20:05,63
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Addition.txt
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-05-2014 01
Ran by mco337 at 2014-05-02 18:23:01
Running from E:\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

µTorrent (HKCU\...\uTorrent) (Version: 3.4.0.30660 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.42.34 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.05) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.05 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.04.01 - ASUSTeK Computer Inc.)
AMD Accelerated Video Transcoding (Version: 12.10.100.30328 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{C8807716-1F6F-5C43-3C32-7295A45CF060}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.80328.2204 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{A922C4B7-50E0-4787-A94C-59DBF3C65DBE}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.12.0 - Asmedia Technology)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Bluesoleil2.6.0.9 Release 070606 (HKLM-x32\...\{846AC73B-9394-48B9-B941-8F7F472F0047}) (Version: 2.6.0.9 Release 070606 - IVT Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BurnAware Free 6.9.3 (HKLM-x32\...\BurnAware Free_is1) (Version:  - Burnaware)
calibre (HKLM-x32\...\{0305E6D9-E11E-445C-B468-CAA3996641BA}) (Version: 1.18.0 - Kovid Goyal)
Call of Duty: Modern Warfare 3 - Dedicated Server (HKLM-x32\...\Steam App 42750) (Version:  - Infinity Ward - Sledgehammer Games)
Canon MP190 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP190_series) (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2013.0328.2218.38225 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DesignSpark PCB 5.0 (x32 Version: 5.0 - RS Components) Hidden
DesignSpark PCB Version 5.0 (HKLM-x32\...\InstallShield_{D50500AA-D25A-463B-98BF-E09585325711}) (Version: 5.0 - RS Components)
EaseUS Partition Master 9.3.0 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.05 - Ubisoft)
FileZilla Client 3.7.3 (HKLM-x32\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free Video to JPG Converter version 5.0.30.1029 (HKLM-x32\...\Free Video to JPG Converter_is1) (Version: 5.0.30.1029 - DVDVideoSoft Ltd.)
Free Video to MP3 Converter version 5.0.32.1230 (HKLM-x32\...\Free Video to MP3 Converter_is1) (Version: 5.0.32.1230 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.20.1230 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.20.1230 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.29.304 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.29.304 - DVDVideoSoft Ltd.)
FRITZ!Box USB-Fernanschluss (HKCU\...\2db37667170956ee) (Version: 2.3.1.0 - AVM Berlin)
Frontschweine (HKLM-x32\...\Hogs Of War) (Version: 1.0 - Infogrames)
Ghost Recon Phantoms - EU (HKCU\...\d8be6c3f847d7d92) (Version: 1.35.6405.2 - Ubisoft)
Hercules DJ Products Series drivers (HKLM-x32\...\{33999F1F-EA46-4E55-A239-1BA803235396}) (Version: 2.HDJS.2013 - Hercules)
Hex-Editor MX (HKLM-x32\...\{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1) (Version: 6.0 - NEXT-Soft)
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version:  - IO Interactive)
HxD Hex Editor Version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.10.1300 - Intel Corporation)
Intel(R) Network Connections 17.3.63.0 (HKLM\...\PROSetDX) (Version: 17.3.63.0 - Intel)
Intel(R) Network Connections 17.3.63.0 (Version: 17.3.63.0 - Intel) Hidden
Intel(R) Rapid Storage Technology enterprise (HKLM-x32\...\{8B313BF5-9BD5-42a3-94C1-A28AF3AA51CC}) (Version: 3.6.0.1086 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.26.242.3 - Intel Corporation) Hidden
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version:  - Intel Corporation)
iTunes (HKLM\...\{0D924CB2-2EA4-4044-BAF7-770202D6BD0D}) (Version: 11.1.4.62 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 7 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417005FF}) (Version: 7.0.50 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LiveUpdate 3.3 (Symantec Corporation) (HKLM-x32\...\LiveUpdate) (Version: 3.3.0.78 - Symantec Corporation)
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
MDF to ISO version 1.0 (HKLM-x32\...\{79DDA36F-B19E-4293-A4F2-FA3EC1C06E6E}_is1) (Version: 1.0 - mdftoiso.com)
MediaInfo 0.7.64 (HKLM\...\MediaInfo) (Version: 0.7.64 - MediaArea.net)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 2.2.173.0 - Microsoft Corporation) Hidden
MiPony 2.1.2 (HKLM-x32\...\MiPony) (Version: 2.1.2 - )
mIRC (HKLM-x32\...\mIRC) (Version: 7.32 - mIRC Co. Ltd.)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
Mozilla Thunderbird 17.0.8 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 17.0.8 (x86 de)) (Version: 17.0.8 - Mozilla)
Mozilla Thunderbird 24.5.0 (x86 de) (HKCU\...\Mozilla Thunderbird 24.5.0 (x86 de)) (Version: 24.5.0 - Mozilla)
MSI Afterburner 2.3.1 (HKLM-x32\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.4 - Notepad++ Team)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
OpenVPN 2.3.2-I003  (HKLM\...\OpenVPN) (Version: 2.3.2-I003 - )
Opera Stable 18.0.1284.68 (HKLM-x32\...\Opera 18.0.1284.68) (Version: 18.0.1284.68 - Opera Software ASA)
Oracle VM VirtualBox 4.3.10 (HKLM\...\{5632714F-6A48-4BF2-89E0-F8B6CE9FE6D1}) (Version: 4.3.10 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14013.45 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14013.45 - Samsung Electronics Co., Ltd.) Hidden
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Sleeping Dogs™ (HKLM-x32\...\Steam App 202170) (Version:  - United Front Games)
smartision ScreenCopy 2.3 (HKLM-x32\...\smartision ScreenCopy_is1) (Version:  - Steffen Schramm)
Spotify (HKCU\...\Spotify) (Version: 0.9.6.72.ge389c074 - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Symantec Endpoint Protection (HKLM\...\{00FFE001-A408-416C-B9E3-07BD99ADA445}) (Version: 11.0.4010.19 - *Symantec Corporation)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.10 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.24482 - TeamViewer)
TransMac version 11.0 (HKLM-x32\...\TransMac_is1) (Version: 11.0 - Acute Systems)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Trust Gaming Mouse (HKLM-x32\...\{1EDE0243-CA4E-4613-B87B-C6B57C76C17C}) (Version: 1.0.0 - Trust)
Uplay (HKLM-x32\...\Uplay) (Version: 3.0 - Ubisoft)
VirtualDJ PRO Full (HKLM-x32\...\{311545C7-3432-4EB3-9229-D5E8DB10AE8A}) (Version: 7.2 - Atomix Productions)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WavePad Audio-Editor (HKLM-x32\...\WavePad) (Version: 5.58 - NCH Software)
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 3.6 - Bazis)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Wireshark 1.10.5 (32-bit) (HKLM-x32\...\Wireshark) (Version: 1.10.5 - The Wireshark developer community, hxxp://www.wireshark.org)

==================== Restore Points  =========================

25-04-2014 17:40:05 Geplanter Prüfpunkt
26-04-2014 19:29:06 DirectX wurde installiert
27-04-2014 10:38:50 Removed CM Installer
27-04-2014 10:51:12 Entfernt DELISprint
27-04-2014 13:07:19 Installed VG JPEG-Repair Online
27-04-2014 13:08:51 Removed VG JPEG-Repair Online
01-05-2014 18:40:43 Installed Microsoft Fix it 50267
01-05-2014 19:08:23 Removed Vodafone Mobile Connect Lite.
01-05-2014 19:14:21 Entfernt LG PC Suite II

==================== Hosts content: ==========================

2014-01-27 21:46 - 2013-09-03 17:19 - 00000833 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {330F5DE7-12CF-4FA7-BAB1-7FDE8E109456} - System32\Tasks\ASUS\USB 3.0 Boost Service => E:\Program Files\Asus\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe [2011-09-10] ()
Task: {3C67AC2C-FD5A-4555-9BF8-9C418E9303A1} - System32\Tasks\SuperEasyDriverUpdater_UPDATES => C:\Program Files (x86)\SuperEasy Software\Driver Updater\supereasydu.exe
Task: {67F886EA-8832-4D29-A671-753ECEB99EDF} - System32\Tasks\CCleanerSkipUAC => E:\Programme\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd)
Task: {95FF1E1C-62EB-4228-BD35-C2B2A0E3B06D} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {AD416C2B-1E73-4D0E-9ACC-D98EFB2D5FB0} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {BD04CDA6-FF4C-436D-AFA6-8F0274D08395} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {BFC67964-12FF-4A67-A017-0C7B06368943} - System32\Tasks\{7B654A59-F8C0-4218-92C7-0E5DC60105AC} => Firefox.exe hxxp://ui.skype.com/ui/0/6.11.59.102/de/abandoninstall?page=tsPlugin
Task: {C8455876-9BF6-4E11-BD3A-D9009FBA4D84} - System32\Tasks\ASUS\ASUS AI Suite II Execute => E:\Program Files\Asus\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {CCA68B2B-14A8-44B2-8019-D5FFA06EB09E} - System32\Tasks\SuperEasyDriverUpdaterRunAtStartup => C:\Program Files (x86)\SuperEasy Software\Driver Updater\supereasydu.exe
Task: {D5763DBB-D8C7-4DE5-9BED-9B4FCBAEBE0D} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {E87EF279-ADBE-4C13-95FE-930B2BFDAE78} - System32\Tasks\ASUS\ASUS DigiPowerControl Help => E:\Program Files\Asus\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe [2013-01-14] (ASUSTeK Computer Inc.)
Task: {F41484C8-9994-4A6E-8608-F06F34113656} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-28] (Adobe Systems Incorporated)
Task: {F520C16C-8D3F-4524-9A6A-FEA4208DC3E9} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\SuperEasyDriverUpdater_UPDATES.job => C:\Program Files (x86)\SuperEasy Software\Driver Updater\supereasydu.exe

==================== Loaded Modules (whitelisted) =============

2013-07-09 12:53 - 2014-04-27 01:03 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-02-16 23:02 - 2013-09-17 19:58 - 00920736 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2012-06-18 17:24 - 2012-06-18 17:24 - 00222720 _____ () E:\Program Files\Notepad++\NppShell_05.dll
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () E:\Programme\FileZilla FTP Client\fzshellext_64.dll
2014-05-01 02:41 - 2014-05-01 02:41 - 03019888 _____ () E:\Programme\Thunderbird\mozjs.dll
2014-05-01 02:41 - 2014-05-01 02:41 - 00158832 _____ () E:\Programme\Thunderbird\NSLDAP32V60.dll
2014-05-01 02:41 - 2014-05-01 02:41 - 00023152 _____ () E:\Programme\Thunderbird\NSLDAPPR32V60.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-02-16 23:02 - 2014-05-02 18:12 - 00028160 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2014-02-16 23:02 - 2010-06-29 11:58 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2014-02-16 23:03 - 2011-07-12 20:14 - 00147456 _____ () E:\Program Files\Asus\AI Suite II\AssistFunc.dll
2014-02-16 23:03 - 2010-10-05 09:22 - 00253952 _____ () E:\Program Files\Asus\AI Suite II\pngio.dll
2014-02-16 23:03 - 2012-10-08 18:07 - 00972288 _____ () E:\Program Files\Asus\AI Suite II\BarGadget\BarGadget.dll
2014-02-16 23:03 - 2013-05-08 17:22 - 01040896 _____ () E:\Program Files\Asus\AI Suite II\EasyUpdate\EasyUpdt.dll
2014-02-16 23:04 - 2012-06-19 13:56 - 01305600 _____ () E:\Program Files\Asus\AI Suite II\MyLogo\MyLogo.dll
2014-02-16 23:04 - 2012-07-20 10:39 - 01047040 _____ () E:\Program Files\Asus\AI Suite II\Probe_II\ProbeII.dll
2014-02-16 23:03 - 2013-04-15 15:19 - 00883712 _____ () E:\Program Files\Asus\AI Suite II\Sensor\Sensor.dll
2014-02-16 23:03 - 2012-05-28 22:27 - 01622528 _____ () E:\Program Files\Asus\AI Suite II\Sensor Graph\SensorGraph.dll
2014-02-16 23:03 - 2011-09-19 21:18 - 01243136 _____ () E:\Program Files\Asus\AI Suite II\Settings\Settings.dll
2014-02-16 23:03 - 2011-07-21 10:06 - 00846848 _____ () E:\Program Files\Asus\AI Suite II\Splitter\Splitter.dll
2014-02-16 23:03 - 2012-08-29 19:09 - 00875520 _____ () E:\Program Files\Asus\AI Suite II\TabGadget\TabGadget.dll
2014-02-16 23:02 - 2010-08-23 11:17 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
2014-02-16 23:03 - 2010-10-05 09:22 - 00208896 _____ () E:\Program Files\Asus\AI Suite II\ImageHelper.dll
2014-02-16 23:03 - 2009-08-12 21:15 - 00253952 _____ () E:\Program Files\Asus\AI Suite II\Sensor\AlertHelper\pngio.dll
2014-02-15 19:10 - 2014-02-15 19:10 - 00019968 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\PSIClient\478bf44daaadc465b065707dfbcd6070\PSIClient.ni.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00113171 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlc.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 02396179 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlccore.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00268307 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdshow_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00027667 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00031251 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 11148307 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 01248787 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\misc\libxml_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00066579 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 02021395 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00100371 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00240659 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00076307 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_vdr_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00045587 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00060947 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libsmooth_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00531475 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libhttplive_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00708627 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libdash_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00114195 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libzip_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00040467 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libstream_filter_rar_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00014867 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\librecord_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00133139 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 01512467 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00296979 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\lua\liblua_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00054291 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00038419 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libglobalhotkeys_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00025619 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libes_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00336403 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00016403 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\librawvideo_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00146451 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00733203 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00015891 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00022035 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00021523 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_flac_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00030739 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_dirac_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00021011 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_mlp_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00063507 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4audio_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00036883 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_vc1_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00017427 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libsvcdsub_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00019987 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00025619 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4video_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00024595 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpegvideo_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00018963 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libcvdsub_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00064531 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_h264_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00018963 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00383507 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libupnp_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00118803 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libsap_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00021011 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libpodcast_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00017427 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libmediadirs_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00014867 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libwindrive_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00189971 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00091667 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libavi_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00067603 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libasf_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00077331 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libflacsys_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00291859 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libpng_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00017939 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 01280019 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00018451 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libdts_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00344595 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00198675 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libflac_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00027155 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libg711_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 01371667 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00013843 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00018963 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00130579 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libmpgatofixed32_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00168979 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libdtstofloat32_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00058899 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\liba52tofloat32_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 01496083 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00019475 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00013331 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\liba52tospdif_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00014355 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libdtstospdif_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00014867 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00014355 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libugly_resampler_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00015379 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00025619 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libaudio_format_plugin.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\.Trashes:AFP_AfpInfo
AlternateDataStreams: C:\Users\mco337\AppData\Local\Temp:KNa1yxGyS0WgEMKXcw
AlternateDataStreams: C:\Users\mco337\AppData\Local\Temp:LVj9rm038OlPqAeyijRLa4R

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antvirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ccEvtMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ccSetMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmcService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Symantec Antivirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Symantec Antvirus => ""="Service"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^Users^mco337^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Serviio.lnk => C:\Windows\pss\Serviio.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AVMUSBFernanschluss => "C:\Users\mco337\AppData\Local\Apps\2.0\CV3ERQTB.117\LAW3J1TT.TWY\frit..tion_1acae14e4778b8d2_0002.0003_7c9366a34786c7f9\AVMAutoStart.exe"
MSCONFIG\startupreg: EaseUS EPM tray => E:\Program Files\EaseUS Partition Master 9.3.0\bin\EpmNews.exe
MSCONFIG\startupreg: Hercules DJ Series TrayAgent => E:\Program Files\Guillemot\HDJTray\HDJSeries2TrayBar.exe /boot
MSCONFIG\startupreg: iTunesHelper => "E:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesPreload => E:\Program Files\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => E:\Program Files\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\mco337\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\mco337\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: uTorrent => "C:\Users\mco337\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED

==================== Faulty Device Manager Devices =============

Name: Intel(R) 82579V Gigabit Network Connection
Description: Intel(R) 82579V Gigabit Network Connection
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: e1cexpress
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Bluetooth PAN Network Adapter
Description: Bluetooth PAN Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: IVT Corporation
Service: BT
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-05-02 18:12:43.965
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-02 18:05:29.246
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-02 11:49:28.896
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-02 08:27:05.560
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-01 21:48:33.002
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-01 20:41:54.656
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-01 20:38:28.154
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-01 12:19:17.695
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-01 03:36:20.699
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-01 01:46:19.339
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 16%
Total physical RAM: 16324.75 MB
Available physical RAM: 13641.93 MB
Total Pagefile: 26322.93 MB
Available Pagefile: 23526.14 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:119.14 GB) (Free:67.81 GB) NTFS
Drive e: () (Fixed) (Total:1863.01 GB) (Free:778.2 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: FCA8B455)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: B568CEDA)
Partition 1: (Not Active) - (Size=-198631751680) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 153 GB) (Disk ID: 086BA0D6)

Partition: GPT Partition Type.

==================== End Of Log ============================
         
FRST.txt

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-05-2014 01
Ran by mco337 (administrator) on mco337-PC on 02-05-2014 18:22:50
Running from E:\Downloads
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Symantec Corporation) C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Trust) C:\Program Files (x86)\Trust Gaming Mouse GXT 34\Trust Gaming Mouse.exe
(Mozilla Corporation) E:\Programme\Thunderbird\thunderbird.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SmcGui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorIcon.exe
(Symantec Corporation) C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ASUSTeK Computer Inc.) E:\Program Files\Asus\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe
(ASUSTeK Computer Inc.) E:\Program Files\Asus\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.22\AsusFanControlService.exe
(Apple Inc.) E:\Program Files\Bonjour\mDNSResponder.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hercules®) E:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(ASUSTeK Computer Inc.) E:\Program Files\Asus\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
(ASUSTeK Computer Inc.) E:\Program Files\Asus\AI Suite II\EPU\EPUHelp.exe
(ASUSTeK Computer Inc.) E:\Program Files\Asus\AI Suite II\AI Suite II.exe
(ASUSTeK Computer Inc.) E:\Program Files\Asus\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe
(VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212048 2012-06-07] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorIcon.exe [294360 2013-03-05] (Intel Corporation)
HKLM-x32\...\Run: [ccApp] => C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe [115560 2008-12-18] (Symantec Corporation)
HKU\S-1-5-21-3451892716-2812237109-1527965601-1000\...\Run: [Trust Gaming Mouse] => C:\Program Files (x86)\Trust Gaming Mouse GXT 34\Trust Gaming Mouse.exe [961024 2012-01-06] (Trust)
HKU\S-1-5-21-3451892716-2812237109-1527965601-1000\...\MountPoints2: {2a311453-9b16-11e3-bd09-3085a996858c} - F:\USBAutoRun.exe
HKU\S-1-5-21-3451892716-2812237109-1527965601-1000\...\MountPoints2: {3fa76628-98b0-11e3-b06f-3085a996858c} - V:\setup.exe
HKU\S-1-5-21-3451892716-2812237109-1527965601-1000\...\MountPoints2: {57f1db55-b442-11e3-90ca-001167d09a9c} - V:\setup.exe
HKU\S-1-5-21-3451892716-2812237109-1527965601-1000\...\MountPoints2: {57f1db58-b442-11e3-90ca-001167d09a9c} - V:\setup.exe
HKU\S-1-5-21-3451892716-2812237109-1527965601-1000\...\MountPoints2: {cf2b173e-97d3-11e3-9291-3085a996858c} - V:\setup.exe
HKU\S-1-5-21-3451892716-2812237109-1527965601-1000\...\MountPoints2: {fa5f6728-0e77-11e3-8b49-9033dd89c11a} - D:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-3451892716-2812237109-1527965601-1000\...\MountPoints2: {fcf14241-bc03-11e3-b957-001167d09a9c} - V:\setup.exe
Startup: C:\Users\mco337\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Thunderbird.lnk
ShortcutTarget: Mozilla Thunderbird.lnk -> E:\Programme\Thunderbird\thunderbird.exe (Mozilla Corporation)

==================== Internet (Whitelisted) ====================

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java-\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java-\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\mco337\AppData\Roaming\Mozilla\Firefox\Profiles\6foyyyzj.default
FF Homepage: https://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @java.com/DTPlugin,version=10.5.0 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.0 - E:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - E:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - E:\Programme\Picasa\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java-\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java-\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\mco337\AppData\Roaming\Mozilla\Firefox\Profiles\6foyyyzj.default\searchplugins\youtube.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: WOT - C:\Users\mco337\AppData\Roaming\Mozilla\Firefox\Profiles\6foyyyzj.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-03-12]
FF Extension: NoScript - C:\Users\mco337\AppData\Roaming\Mozilla\Firefox\Profiles\6foyyyzj.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-05-01]
FF Extension: Adblock Plus - C:\Users\mco337\AppData\Roaming\Mozilla\Firefox\Profiles\6foyyyzj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-18]
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (YTBookMark) - C:\Users\mco337\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdilcmobnolgdlcefnobbeocmhnomfoe [2014-01-09]
CHR Extension: (Share the Wealth) - C:\Users\mco337\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgmhgfecnmeljhchgcjlfldjiepcfpea [2014-01-09]
CHR Extension: (No Name) - C:\Users\mco337\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfbmbkaibjonbodganofehckpoblklno [2014-01-09]
CHR Extension: (No Name) - C:\Users\mco337\AppData\Local\Google\Chrome\User Data\Default\Extensions\laafliklblchbimhiamcckkljmplcagp [2014-01-09]

==================== Services (Whitelisted) =================

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-09-17] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2013-09-17] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.22\AsusFanControlService.exe [399744 2012-11-07] (ASUSTeK Computer Inc.)
R2 Bonjour Service; E:\Program Files\Bonjour\mDNSResponder.exe [462184 2011-08-31] (Apple Inc.)
R2 ccEvtMgr; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [108392 2008-12-18] (Symantec Corporation)
R2 ccSetMgr; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [108392 2008-12-18] (Symantec Corporation)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [233328 2012-01-23] (DTS, Inc)
R2 HerculesDJControlMP3; E:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE [47104 2013-05-21] (Hercules®)
S3 iPod Service; E:\Program Files\iPod\bin\iPodService.exe [641352 2014-01-20] (Apple Inc.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-23] (Intel Corporation)
S3 LiveUpdate; C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_3.EXE [3093880 2009-01-30] (Symantec Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
S3 OpenVPNService; E:\Program Files\OpenVPN\bin\openvpnserv.exe [37176 2013-08-22] (The OpenVPN Project)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-04-27] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S2 SkypeUpdate; C:\Program Files (x86)\Updater\Updater.exe [172192 2013-10-23] (Skype Technologies)
R2 SmcService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe [3092296 2009-02-01] (Symantec Corporation)
S3 SNAC; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE [387400 2009-02-01] (Symantec Corporation)
R2 Symantec AntiVirus; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe [2440120 2009-02-01] (Symantec Corporation)

==================== Drivers (Whitelisted) ====================

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2013-01-15] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116480 2013-07-17] (AVM Berlin)
R3 BlueletAudio; C:\Windows\System32\DRIVERS\blueletaudio.sys [38160 2007-05-11] (IVT Corporation.)
R3 BlueletAudio; C:\Windows\SysWOW64\DRIVERS\blueletaudio.sys [38160 2007-05-11] (IVT Corporation.)
R3 BlueletSCOAudio; C:\Windows\System32\DRIVERS\BlueletSCOAudio.sys [37648 2007-03-05] (IVT Corporation.)
R3 BlueletSCOAudio; C:\Windows\SysWOW64\DRIVERS\BlueletSCOAudio.sys [37648 2007-03-05] (IVT Corporation.)
S3 BT; C:\Windows\System32\DRIVERS\btnetdrv.sys [19728 2007-05-23] (IVT Corporation.)
S3 BT; C:\Windows\SysWOW64\DRIVERS\btnetdrv.sys [19728 2007-05-23] (IVT Corporation.)
S3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [44688 2007-05-23] (IVT Corporation.)
S3 Btcsrusb; C:\Windows\SysWOW64\Drivers\btcusb.sys [44688 2007-05-23] (IVT Corporation.)
R0 BTHidEnum; C:\Windows\System32\Drivers\vbtenum.sys [24976 2007-03-05] (IVT Corporation.)
R0 BTHidEnum; C:\Windows\SysWOW64\Drivers\vbtenum.sys [24976 2007-03-05] (IVT Corporation.)
R0 BTHidMgr; C:\Windows\System32\Drivers\BTHidMgr.sys [49680 2007-03-05] (IVT Corporation.)
R0 BTHidMgr; C:\Windows\SysWOW64\Drivers\BTHidMgr.sys [49680 2007-03-05] (IVT Corporation.)
S3 BthMtpEnum; C:\Windows\System32\DRIVERS\BthMtpEnum.sys [64512 2009-07-14] (Microsoft Corporation)
S3 BTHprint; C:\Windows\System32\DRIVERS\bthprint.sys [67072 2009-07-14] (Microsoft Corporation)
S3 Bulk; C:\Windows\System32\Drivers\HDJBulk.sys [258352 2013-05-21] (© Guillemot R&D, 2013. All rights reserved.)
S3 COH_Mon; C:\Windows\system32\Drivers\COH_Mon.sys [25424 2008-11-18] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-21] (Symantec Corporation)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] ()
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-12-17] (Symantec Corporation)
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] ()
S3 HDJAsioK; C:\Windows\System32\Drivers\HDJAsioK.sys [320816 2013-05-21] (© Guillemot R&D, 2013. All rights reserved.)
S3 HDJMidi; C:\Windows\System32\DRIVERS\HDJMidi.sys [274736 2013-05-21] (© Guillemot R&D, 2013. All rights reserved.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [26072 2013-03-05] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-02] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
R3 NAVENG; C:\ProgramData\Symantec\Definitions\VirusDefs\20140501.003\ENG64.SYS [126040 2013-08-22] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Symantec\Definitions\VirusDefs\20140501.003\EX64.SYS [2099288 2013-08-22] (Symantec Corporation)
R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [61592 2013-12-17] (NetFilterSDK.com)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R1 SRTSP; C:\Windows\System32\Drivers\SRTSP64.SYS [441904 2008-12-19] (Symantec Corporation)
R1 SRTSP; C:\Windows\SysWOW64\Drivers\SRTSP64.SYS [441904 2008-12-19] (Symantec Corporation)
S3 SRTSPL; C:\Windows\System32\Drivers\SRTSPL64.SYS [480304 2008-12-19] (Symantec Corporation)
S3 SRTSPL; C:\Windows\SysWOW64\Drivers\SRTSPL64.SYS [480304 2008-12-19] (Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\Drivers\SRTSPX64.SYS [32304 2008-12-19] (Symantec Corporation)
R1 SRTSPX; C:\Windows\SysWOW64\Drivers\SRTSPX64.SYS [32304 2008-12-19] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [172080 2013-07-08] (Symantec Corporation)
R3 Teefer2; C:\Windows\System32\DRIVERS\teefer2.sys [62512 2008-10-14] (Symantec Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [115488 2014-03-26] (Oracle Corporation)
R3 VComm; C:\Windows\System32\DRIVERS\VComm.sys [47120 2007-03-05] (IVT Corporation.)
R3 VComm; C:\Windows\SysWOW64\DRIVERS\VComm.sys [47120 2007-03-05] (IVT Corporation.)
R3 VcommMgr; C:\Windows\System32\Drivers\VcommMgr.sys [63248 2007-03-05] (IVT Corporation.)
R3 VcommMgr; C:\Windows\SysWOW64\Drivers\VcommMgr.sys [63248 2007-03-05] (IVT Corporation.)
R1 WPS; C:\Windows\system32\drivers\wpsdrvnt.sys [52784 2009-02-01] (Symantec Corporation)
R3 WpsHelper; C:\Windows\system32\drivers\WpsHelper.sys [233120 2012-10-04] (Symantec Corporation)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-02 18:09 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-02 17:55 - 2014-05-02 17:55 - 00001072 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-02 17:55 - 2014-05-02 17:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-02 17:55 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-02 17:55 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-02 17:55 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-29 21:05 - 2014-05-02 18:22 - 00000000 ____D () C:\FRST
2014-04-29 20:56 - 2014-04-29 20:56 - 00000000 ____D () C:\Windows\ERUNT
2014-04-27 20:46 - 2014-04-27 20:46 - 00000872 _____ () C:\Users\mco337\Desktop\JDownloader.lnk
2014-04-27 20:45 - 2014-04-27 20:55 - 00000000 ____D () E:\Program Files\Jdownloader
2014-04-27 20:15 - 2014-04-27 20:15 - 00000000 ____D () C:\Users\mco337\.appwork
2014-04-27 17:40 - 2014-04-27 15:46 - 00000000 ____D () C:\.fseventsd
2014-04-27 15:06 - 2014-04-27 15:09 - 00000000 ____D () C:\ProgramData\WPM
2014-04-27 12:42 - 2014-04-27 12:42 - 00000668 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-04-26 22:21 - 2014-04-26 22:21 - 00000000 ____D () C:\Users\mco337\AppData\Local\Skype
2014-04-26 22:21 - 2014-04-26 22:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-04-26 21:59 - 2014-05-02 18:12 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-26 21:58 - 2014-04-26 21:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-26 21:30 - 2014-04-26 21:30 - 00000000 ____D () E:\Program Files\Ubisoft
2014-04-26 21:29 - 2014-04-26 21:29 - 00000332 _____ () C:\Users\mco337\Desktop\Ghost Recon Phantoms - EU.appref-ms
2014-04-19 13:32 - 2014-04-19 13:32 - 00000000 ____D () E:\Program Files\MDF to ISO
2014-04-19 13:32 - 2014-04-19 13:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MDF to ISO
2014-04-19 11:41 - 2014-04-19 11:41 - 00004032 _____ () C:\Windows\SysWOW64\gmon.out
2014-04-17 09:37 - 2014-04-17 09:37 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information
2014-04-17 09:37 - 2014-04-17 09:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP190 series
2014-04-17 09:37 - 2008-02-26 05:00 - 00279040 _____ (CANON INC.) C:\Windows\system32\CNMLM9I.DLL
2014-04-17 09:37 - 2008-02-08 15:38 - 00236032 _____ (CANON INC.) C:\Windows\system32\CNC190L.DLL
2014-04-17 09:37 - 2007-11-09 11:59 - 01335296 _____ (CANON INC.) C:\Windows\system32\CNC190C.DLL
2014-04-17 09:37 - 2007-11-09 11:59 - 00092672 _____ (CANON INC.) C:\Windows\system32\CNC190I.DLL
2014-04-17 09:37 - 2007-03-15 14:13 - 00229888 _____ (Canon Inc.) C:\Windows\system32\CNC190O.DLL
2014-04-17 09:34 - 2014-04-17 09:34 - 00000000 ___HD () E:\Program Files\CanonBJ
2014-04-16 21:03 - 2014-04-16 21:03 - 00000000 __SHD () C:\found.000
2014-04-16 17:38 - 2014-04-16 17:38 - 00000000 ____D () C:\Users\Default\AppData\Local\Symantec
2014-04-16 17:38 - 2014-04-16 17:38 - 00000000 ____D () C:\Users\Default User\AppData\Local\Symantec
2014-04-15 00:45 - 2014-03-06 12:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-15 00:45 - 2014-03-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-15 00:45 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-15 00:45 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-15 00:45 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-15 00:45 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-15 00:45 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-15 00:45 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-15 00:45 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-15 00:45 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-15 00:45 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-15 00:45 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-15 00:45 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-15 00:45 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-15 00:45 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-15 00:45 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-15 00:45 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-15 00:45 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-15 00:45 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-15 00:45 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-15 00:45 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-15 00:45 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-15 00:45 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-15 00:45 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-15 00:45 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-15 00:45 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-15 00:45 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-15 00:45 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-15 00:45 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-15 00:45 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-15 00:45 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-15 00:45 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-15 00:45 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-15 00:45 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-15 00:45 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-15 00:45 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-15 00:45 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-15 00:45 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-15 00:45 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-15 00:45 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-15 00:45 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-15 00:45 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-15 00:45 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-15 00:45 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-15 00:45 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-15 00:45 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-15 00:45 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-15 00:45 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-13 23:34 - 2014-04-13 23:39 - 00000088 _____ () C:\Users\mco337\Documents\*******.txt
2014-04-09 10:29 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 10:29 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-09 10:29 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-09 10:29 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-09 10:29 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-09 10:29 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-09 10:29 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-09 10:29 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-09 10:29 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-09 10:29 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-09 10:29 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-09 10:29 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-09 10:29 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-09 10:29 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-09 10:29 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-09 10:29 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-09 10:28 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys

==================== One Month Modified Files and Folders =======

2014-05-02 18:22 - 2014-04-29 21:05 - 00000000 ____D () C:\FRST
2014-05-02 18:19 - 2009-07-14 06:45 - 00033136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-02 18:19 - 2009-07-14 06:45 - 00033136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-02 18:18 - 2011-04-12 09:43 - 00700454 _____ () C:\Windows\system32\perfh007.dat
2014-05-02 18:18 - 2011-04-12 09:43 - 00150092 _____ () C:\Windows\system32\perfc007.dat
2014-05-02 18:18 - 2009-07-14 07:13 - 01624034 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-02 18:16 - 2013-07-08 20:29 - 01620877 _____ () C:\Windows\WindowsUpdate.log
2014-05-02 18:12 - 2014-04-26 21:59 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-02 18:12 - 2014-02-17 20:06 - 00156426 _____ () C:\Windows\PFRO.log
2014-05-02 18:12 - 2014-02-17 20:06 - 00017745 _____ () C:\Windows\setupact.log
2014-05-02 18:12 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-02 18:11 - 2014-02-17 21:33 - 00000000 ____D () C:\AdwCleaner
2014-05-02 18:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Speech
2014-05-02 17:55 - 2014-05-02 17:55 - 00001072 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-02 17:55 - 2014-05-02 17:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-02 17:50 - 2013-07-20 18:23 - 00000000 ____D () C:\Users\mco337\.VirtualBox
2014-05-02 17:50 - 2013-07-10 16:47 - 00291488 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-05-02 17:50 - 2013-07-09 12:53 - 00291488 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-05-02 17:49 - 2013-07-17 21:15 - 00000000 ____D () C:\Users\mco337\AppData\Local\Deployment
2014-05-02 17:28 - 2013-07-08 20:45 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-02 16:33 - 2013-07-08 20:31 - 00000000 ____D () C:\Users\mco337\AppData\Roaming\vlc
2014-05-02 14:37 - 2013-07-09 12:53 - 00291760 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-05-02 11:53 - 2013-07-08 21:15 - 00000000 ____D () C:\Users\mco337\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-05-02 08:27 - 2013-09-04 14:33 - 00000000 ____D () C:\Users\mco337\AppData\Roaming\Thunderbird
2014-05-02 00:54 - 2013-09-03 19:10 - 00000000 ____D () C:\Users\mco337\AppData\Roaming\Mipony
2014-05-01 21:29 - 2014-02-24 19:35 - 00000000 ____D () C:\Users\mco337\AppData\Roaming\Notepad++
2014-05-01 21:15 - 2013-07-08 21:38 - 00103376 _____ () C:\Users\mco337\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-01 21:15 - 2009-07-14 06:45 - 05094168 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-01 21:14 - 2014-02-21 18:44 - 00000000 ____D () E:\Program Files\LG Suite II
2014-05-01 21:05 - 2013-11-16 15:37 - 00000000 ____D () E:\Program Files\Adobe
2014-05-01 21:05 - 2013-07-09 15:00 - 00000000 ____D () C:\ProgramData\Adobe
2014-05-01 21:05 - 2013-07-08 20:49 - 00000000 ____D () C:\Users\mco337\AppData\Roaming\Adobe
2014-05-01 21:00 - 2013-07-08 20:28 - 00000000 ____D () C:\Users\mco337
2014-05-01 20:51 - 2013-07-08 20:45 - 00000000 ____D () C:\Users\mco337\AppData\Local\Adobe
2014-05-01 01:46 - 2014-02-09 22:42 - 00000000 ____D () C:\Users\mco337\Desktop\Programme
2014-04-30 16:47 - 2013-08-30 16:47 - 00000328 _____ () C:\Windows\Tasks\SuperEasyDriverUpdater_UPDATES.job
2014-04-29 20:56 - 2014-04-29 20:56 - 00000000 ____D () C:\Windows\ERUNT
2014-04-29 19:46 - 2014-01-08 00:41 - 00000000 ____D () C:\Users\mco337\AppData\Roaming\Skype
2014-04-28 23:29 - 2013-07-08 20:45 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-28 23:29 - 2013-07-08 20:45 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-28 23:29 - 2013-07-08 20:45 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-27 20:55 - 2014-04-27 20:45 - 00000000 ____D () E:\Program Files\Jdownloader
2014-04-27 20:46 - 2014-04-27 20:46 - 00000872 _____ () C:\Users\mco337\Desktop\JDownloader.lnk
2014-04-27 20:46 - 2013-11-01 23:31 - 00000836 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
2014-04-27 20:46 - 2013-11-01 23:31 - 00000796 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
2014-04-27 20:46 - 2013-11-01 23:31 - 00000781 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
2014-04-27 20:15 - 2014-04-27 20:15 - 00000000 ____D () C:\Users\mco337\.appwork
2014-04-27 15:46 - 2014-04-27 17:40 - 00000000 ____D () C:\.fseventsd
2014-04-27 15:46 - 2014-03-29 16:25 - 00000000 ___HD () C:\.Trashes
2014-04-27 15:21 - 2013-07-08 20:30 - 00001031 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-27 15:21 - 2013-07-08 20:30 - 00001019 _____ () C:\Users\mco337\Desktop\Mozilla Firefox.lnk
2014-04-27 15:21 - 2013-07-08 20:29 - 00000813 _____ () C:\Users\mco337\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-27 15:09 - 2014-04-27 15:06 - 00000000 ____D () C:\ProgramData\WPM
2014-04-27 12:45 - 2014-03-27 10:06 - 00000000 ____D () C:\Users\mco337\AppData\Roaming\uTorrent
2014-04-27 12:45 - 2014-02-21 18:43 - 00000000 ____D () C:\Users\mco337\AppData\Local\CrashDumps
2014-04-27 12:45 - 2013-08-30 16:47 - 00000000 ____D () C:\Users\mco337\AppData\Roaming\FileZilla
2014-04-27 12:42 - 2014-04-27 12:42 - 00000668 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-04-27 02:16 - 2011-04-12 09:54 - 00000000 ____D () C:\Windows\ShellNew
2014-04-27 01:10 - 2013-07-10 16:47 - 00000000 ____D () C:\Users\mco337\AppData\Local\PunkBuster
2014-04-27 01:03 - 2013-07-09 12:53 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-04-26 22:21 - 2014-04-26 22:21 - 00000000 ____D () C:\Users\mco337\AppData\Local\Skype
2014-04-26 22:21 - 2014-04-26 22:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-04-26 22:21 - 2014-01-08 00:41 - 00000000 ____D () C:\ProgramData\Skype
2014-04-26 21:58 - 2014-04-26 21:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-26 21:30 - 2014-04-26 21:30 - 00000000 ____D () E:\Program Files\Ubisoft
2014-04-26 21:29 - 2014-04-26 21:29 - 00000332 _____ () C:\Users\mco337\Desktop\Ghost Recon Phantoms - EU.appref-ms
2014-04-23 20:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-19 13:32 - 2014-04-19 13:32 - 00000000 ____D () E:\Program Files\MDF to ISO
2014-04-19 13:32 - 2014-04-19 13:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MDF to ISO
2014-04-19 11:41 - 2014-04-19 11:41 - 00004032 _____ () C:\Windows\SysWOW64\gmon.out
2014-04-18 13:37 - 2013-11-01 23:33 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-17 12:00 - 2009-07-14 05:20 - 00000000 __RSD () C:\Windows\Media
2014-04-17 09:37 - 2014-04-17 09:37 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information
2014-04-17 09:37 - 2014-04-17 09:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP190 series
2014-04-17 09:34 - 2014-04-17 09:34 - 00000000 ___HD () E:\Program Files\CanonBJ
2014-04-16 21:03 - 2014-04-16 21:03 - 00000000 __SHD () C:\found.000
2014-04-16 20:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-16 17:41 - 2013-07-08 21:16 - 00000000 ____D () C:\ProgramData\Origin
2014-04-16 17:38 - 2014-04-16 17:38 - 00000000 ____D () C:\Users\Default\AppData\Local\Symantec
2014-04-16 17:38 - 2014-04-16 17:38 - 00000000 ____D () C:\Users\Default User\AppData\Local\Symantec
2014-04-14 20:13 - 2014-02-21 20:55 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-14 20:05 - 2014-02-21 20:55 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-14 20:05 - 2014-02-21 20:55 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-14 20:04 - 2014-02-21 20:55 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-13 23:39 - 2014-04-13 23:34 - 00000088 _____ () C:\Users\mco337\Documents\Daniela.txt
2014-04-09 11:38 - 2013-08-14 14:38 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-09 11:37 - 2013-07-22 12:28 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-03 09:51 - 2014-05-02 17:55 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-05-02 17:55 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-05-02 17:55 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

Some content of TEMP:
====================
C:\Users\mco337\AppData\Local\Temp\JDSetup130430979024980518.exe
C:\Users\mco337\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\mco337\AppData\Local\Temp\proxy_vole8926367741149586.dll
C:\Users\mco337\AppData\Local\Temp\pyl2E8F.tmp.exe
C:\Users\mco337\AppData\Local\Temp\pyl9C2F.tmp.exe
C:\Users\mco337\AppData\Local\Temp\Quarantine.exe
C:\Users\mco337\AppData\Local\Temp\sdanircmdc.exe
C:\Users\mco337\AppData\Local\Temp\sdapskill.exe
C:\Users\mco337\AppData\Local\Temp\sdaspwn.exe
C:\Users\mco337\AppData\Local\Temp\sonarinst.exe
C:\Users\mco337\AppData\Local\Temp\vlc-2.1.3-win32.exe
C:\Users\mco337\AppData\Local\Temp\xmlUpdater.exe
C:\Users\mco337\AppData\Local\Temp\_is897A.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-29 14:49

==================== End Of Log ============================
         
--- --- ---


Hey,
hier das müsste alles sein ich hab noch zusätzlich die Addition.txt hochgeladen. Mal ne frage was hälst du von von den Add-ons: Wot, NoScript und Adblock Plus? Hab mir NoScript in der hoffnung geholt sicherer zu surfen , was benutzt du so für add-ons?

Alt 04.05.2014, 07:11   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7: PC ist langsamer als sonst nach mehreren Programm installationen (genauere beschreibung im Thema) - Standard

Windows 7: PC ist langsamer als sonst nach mehreren Programm installationen (genauere beschreibung im Thema)



sind alles top Addons


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 05.05.2014, 21:37   #11
mco337
 
Windows 7: PC ist langsamer als sonst nach mehreren Programm installationen (genauere beschreibung im Thema) - Standard

Windows 7: PC ist langsamer als sonst nach mehreren Programm installationen (genauere beschreibung im Thema)



Code:
ATTFilter
 Results of screen317's Security Check version 0.99.82  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Java 7 Update 55  
 Adobe Flash Player 10 Flash Player out of Date! 
 Adobe Flash Player 13.0.0.206  
 Adobe Reader XI  
 Mozilla Firefox (28.0) 
 Mozilla Thunderbird (17.0.8) 
````````Process Check: objlist.exe by Laurent````````  
 Norton ccSvcHst.exe 
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         
FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-05-2014 02
Ran by mco337 (administrator) on mco337-PC on 05-05-2014 22:27:24
Running from E:\Downloads\TrojanerBoard
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe
(Symantec Corporation) C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(ASUSTeK Computer Inc.) E:\Program Files\Asus\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe
(ASUSTeK Computer Inc.) E:\Program Files\Asus\AI Suite II\AsRoutineController.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SmcGui.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.22\AsusFanControlService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Trust) C:\Program Files (x86)\Trust Gaming Mouse GXT 34\Trust Gaming Mouse.exe
(Apple Inc.) E:\Program Files\Bonjour\mDNSResponder.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorIcon.exe
(Hercules®) E:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE
(Mozilla Corporation) E:\Programme\Thunderbird\thunderbird.exe
(Symantec Corporation) C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ASUSTeK Computer Inc.) E:\Program Files\Asus\AI Suite II\EPU\EPUHelp.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(ASUSTeK Computer Inc.) E:\Program Files\Asus\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
(ASUSTeK Computer Inc.) E:\Program Files\Asus\AI Suite II\AI Suite II.exe
(ASUSTeK Computer Inc.) E:\Program Files\Asus\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212048 2012-06-07] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorIcon.exe [294360 2013-03-05] (Intel Corporation)
HKLM-x32\...\Run: [ccApp] => C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe [115560 2008-12-18] (Symantec Corporation)
HKU\S-1-5-21-3451892716-2812237109-1527965601-1000\...\Run: [Trust Gaming Mouse] => C:\Program Files (x86)\Trust Gaming Mouse GXT 34\Trust Gaming Mouse.exe [961024 2012-01-06] (Trust)
HKU\S-1-5-21-3451892716-2812237109-1527965601-1000\...\MountPoints2: {2a311453-9b16-11e3-bd09-3085a996858c} - F:\USBAutoRun.exe
HKU\S-1-5-21-3451892716-2812237109-1527965601-1000\...\MountPoints2: {3fa76628-98b0-11e3-b06f-3085a996858c} - V:\setup.exe
HKU\S-1-5-21-3451892716-2812237109-1527965601-1000\...\MountPoints2: {57f1db55-b442-11e3-90ca-001167d09a9c} - V:\setup.exe
HKU\S-1-5-21-3451892716-2812237109-1527965601-1000\...\MountPoints2: {57f1db58-b442-11e3-90ca-001167d09a9c} - V:\setup.exe
HKU\S-1-5-21-3451892716-2812237109-1527965601-1000\...\MountPoints2: {8d012771-90a7-11e3-89ec-806e6f6e6963} - Explorer.exe monitor.htm
HKU\S-1-5-21-3451892716-2812237109-1527965601-1000\...\MountPoints2: {cf2b173e-97d3-11e3-9291-3085a996858c} - V:\setup.exe
HKU\S-1-5-21-3451892716-2812237109-1527965601-1000\...\MountPoints2: {fa5f6728-0e77-11e3-8b49-9033dd89c11a} - D:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-3451892716-2812237109-1527965601-1000\...\MountPoints2: {fcf14241-bc03-11e3-b957-001167d09a9c} - V:\setup.exe
Startup: C:\Users\mco337\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Thunderbird.lnk
ShortcutTarget: Mozilla Thunderbird.lnk -> E:\Programme\Thunderbird\thunderbird.exe (Mozilla Corporation)

==================== Internet (Whitelisted) ====================

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java-\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java-\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\mco337\AppData\Roaming\Mozilla\Firefox\Profiles\6foyyyzj.default
FF Homepage: https://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @java.com/DTPlugin,version=10.5.0 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.0 - E:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - E:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - E:\Programme\Picasa\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java-\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java-\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\mco337\AppData\Roaming\Mozilla\Firefox\Profiles\6foyyyzj.default\searchplugins\youtube.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: WOT - C:\Users\mco337\AppData\Roaming\Mozilla\Firefox\Profiles\6foyyyzj.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-03-12]
FF Extension: NoScript - C:\Users\mco337\AppData\Roaming\Mozilla\Firefox\Profiles\6foyyyzj.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-05-01]
FF Extension: Adblock Plus - C:\Users\mco337\AppData\Roaming\Mozilla\Firefox\Profiles\6foyyyzj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-18]
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (YTBookMark) - C:\Users\mco337\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdilcmobnolgdlcefnobbeocmhnomfoe [2014-01-09]
CHR Extension: (Share the Wealth) - C:\Users\mco337\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgmhgfecnmeljhchgcjlfldjiepcfpea [2014-01-09]
CHR Extension: (No Name) - C:\Users\mco337\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfbmbkaibjonbodganofehckpoblklno [2014-01-09]
CHR Extension: (No Name) - C:\Users\mco337\AppData\Local\Google\Chrome\User Data\Default\Extensions\laafliklblchbimhiamcckkljmplcagp [2014-01-09]

==================== Services (Whitelisted) =================

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-09-17] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2013-09-17] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.22\AsusFanControlService.exe [399744 2012-11-07] (ASUSTeK Computer Inc.)
R2 Bonjour Service; E:\Program Files\Bonjour\mDNSResponder.exe [462184 2011-08-31] (Apple Inc.)
R2 ccEvtMgr; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [108392 2008-12-18] (Symantec Corporation)
R2 ccSetMgr; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [108392 2008-12-18] (Symantec Corporation)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [233328 2012-01-23] (DTS, Inc)
R2 HerculesDJControlMP3; E:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE [47104 2013-05-21] (Hercules®)
S3 iPod Service; E:\Program Files\iPod\bin\iPodService.exe [641352 2014-01-20] (Apple Inc.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-23] (Intel Corporation)
S3 LiveUpdate; C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_3.EXE [3093880 2009-01-30] (Symantec Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
S3 OpenVPNService; E:\Program Files\OpenVPN\bin\openvpnserv.exe [37176 2013-08-22] (The OpenVPN Project)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-04-27] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S2 SkypeUpdate; C:\Program Files (x86)\Updater\Updater.exe [172192 2013-10-23] (Skype Technologies)
R2 SmcService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe [3092296 2009-02-01] (Symantec Corporation)
S3 SNAC; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE [387400 2009-02-01] (Symantec Corporation)
R2 Symantec AntiVirus; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe [2440120 2009-02-01] (Symantec Corporation)

==================== Drivers (Whitelisted) ====================

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2013-01-15] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116480 2013-07-17] (AVM Berlin)
R3 BlueletAudio; C:\Windows\System32\DRIVERS\blueletaudio.sys [38160 2007-05-11] (IVT Corporation.)
R3 BlueletAudio; C:\Windows\SysWOW64\DRIVERS\blueletaudio.sys [38160 2007-05-11] (IVT Corporation.)
R3 BlueletSCOAudio; C:\Windows\System32\DRIVERS\BlueletSCOAudio.sys [37648 2007-03-05] (IVT Corporation.)
R3 BlueletSCOAudio; C:\Windows\SysWOW64\DRIVERS\BlueletSCOAudio.sys [37648 2007-03-05] (IVT Corporation.)
S3 BT; C:\Windows\System32\DRIVERS\btnetdrv.sys [19728 2007-05-23] (IVT Corporation.)
S3 BT; C:\Windows\SysWOW64\DRIVERS\btnetdrv.sys [19728 2007-05-23] (IVT Corporation.)
S3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [44688 2007-05-23] (IVT Corporation.)
S3 Btcsrusb; C:\Windows\SysWOW64\Drivers\btcusb.sys [44688 2007-05-23] (IVT Corporation.)
R0 BTHidEnum; C:\Windows\System32\Drivers\vbtenum.sys [24976 2007-03-05] (IVT Corporation.)
R0 BTHidEnum; C:\Windows\SysWOW64\Drivers\vbtenum.sys [24976 2007-03-05] (IVT Corporation.)
R0 BTHidMgr; C:\Windows\System32\Drivers\BTHidMgr.sys [49680 2007-03-05] (IVT Corporation.)
R0 BTHidMgr; C:\Windows\SysWOW64\Drivers\BTHidMgr.sys [49680 2007-03-05] (IVT Corporation.)
S3 BthMtpEnum; C:\Windows\System32\DRIVERS\BthMtpEnum.sys [64512 2009-07-14] (Microsoft Corporation)
S3 BTHprint; C:\Windows\System32\DRIVERS\bthprint.sys [67072 2009-07-14] (Microsoft Corporation)
S3 Bulk; C:\Windows\System32\Drivers\HDJBulk.sys [258352 2013-05-21] (© Guillemot R&D, 2013. All rights reserved.)
S3 COH_Mon; C:\Windows\system32\Drivers\COH_Mon.sys [25424 2008-11-18] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-21] (Symantec Corporation)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] ()
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-12-17] (Symantec Corporation)
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] ()
S3 HDJAsioK; C:\Windows\System32\Drivers\HDJAsioK.sys [320816 2013-05-21] (© Guillemot R&D, 2013. All rights reserved.)
S3 HDJMidi; C:\Windows\System32\DRIVERS\HDJMidi.sys [274736 2013-05-21] (© Guillemot R&D, 2013. All rights reserved.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [26072 2013-03-05] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-05] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
R3 NAVENG; C:\ProgramData\Symantec\Definitions\VirusDefs\20140503.033\ENG64.SYS [126040 2013-08-22] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Symantec\Definitions\VirusDefs\20140503.033\EX64.SYS [2099288 2013-08-22] (Symantec Corporation)
R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [61592 2013-12-17] (NetFilterSDK.com)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R1 SRTSP; C:\Windows\System32\Drivers\SRTSP64.SYS [441904 2008-12-19] (Symantec Corporation)
R1 SRTSP; C:\Windows\SysWOW64\Drivers\SRTSP64.SYS [441904 2008-12-19] (Symantec Corporation)
S3 SRTSPL; C:\Windows\System32\Drivers\SRTSPL64.SYS [480304 2008-12-19] (Symantec Corporation)
S3 SRTSPL; C:\Windows\SysWOW64\Drivers\SRTSPL64.SYS [480304 2008-12-19] (Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\Drivers\SRTSPX64.SYS [32304 2008-12-19] (Symantec Corporation)
R1 SRTSPX; C:\Windows\SysWOW64\Drivers\SRTSPX64.SYS [32304 2008-12-19] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [172080 2013-07-08] (Symantec Corporation)
R3 Teefer2; C:\Windows\System32\DRIVERS\teefer2.sys [62512 2008-10-14] (Symantec Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [115488 2014-03-26] (Oracle Corporation)
R3 VComm; C:\Windows\System32\DRIVERS\VComm.sys [47120 2007-03-05] (IVT Corporation.)
R3 VComm; C:\Windows\SysWOW64\DRIVERS\VComm.sys [47120 2007-03-05] (IVT Corporation.)
R3 VcommMgr; C:\Windows\System32\Drivers\VcommMgr.sys [63248 2007-03-05] (IVT Corporation.)
R3 VcommMgr; C:\Windows\SysWOW64\Drivers\VcommMgr.sys [63248 2007-03-05] (IVT Corporation.)
R1 WPS; C:\Windows\system32\drivers\wpsdrvnt.sys [52784 2009-02-01] (Symantec Corporation)
R3 WpsHelper; C:\Windows\system32\drivers\WpsHelper.sys [233120 2012-10-04] (Symantec Corporation)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-05 02:15 - 2014-05-05 00:32 - 00000000 ____D () C:\.fseventsd
2014-05-04 23:43 - 2014-04-29 16:01 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-04 23:43 - 2014-04-29 15:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-04 23:43 - 2014-04-29 14:48 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-04 23:43 - 2014-04-29 14:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-03 11:25 - 2014-05-03 11:25 - 00000210 _____ () C:\Users\mco337\Desktop\Call of Duty 4 Modern Warfare.url
2014-05-02 19:14 - 2014-05-02 19:14 - 00001123 _____ () C:\Users\mco337\Desktop\Testware.lnk
2014-05-02 18:09 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-02 17:55 - 2014-05-02 17:55 - 00001072 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-02 17:55 - 2014-05-02 17:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-02 17:55 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-02 17:55 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-02 17:55 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-29 21:05 - 2014-05-05 22:27 - 00000000 ____D () C:\FRST
2014-04-29 20:56 - 2014-04-29 20:56 - 00000000 ____D () C:\Windows\ERUNT
2014-04-27 20:46 - 2014-04-27 20:46 - 00000872 _____ () C:\Users\mco337\Desktop\JDownloader.lnk
2014-04-27 20:45 - 2014-04-27 20:55 - 00000000 ____D () E:\Program Files\Jdownloader
2014-04-27 20:15 - 2014-04-27 20:15 - 00000000 ____D () C:\Users\mco337\.appwork
2014-04-27 15:06 - 2014-04-27 15:09 - 00000000 ____D () C:\ProgramData\WPM
2014-04-27 12:42 - 2014-04-27 12:42 - 00000668 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-04-26 22:21 - 2014-04-26 22:21 - 00000000 ____D () C:\Users\mco337\AppData\Local\Skype
2014-04-26 22:21 - 2014-04-26 22:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-04-26 21:59 - 2014-05-05 22:21 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-26 21:58 - 2014-04-26 21:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-26 21:30 - 2014-04-26 21:30 - 00000000 ____D () E:\Program Files\Ubisoft
2014-04-26 21:29 - 2014-04-26 21:29 - 00000332 _____ () C:\Users\mco337\Desktop\Ghost Recon Phantoms - EU.appref-ms
2014-04-19 13:32 - 2014-04-19 13:32 - 00000000 ____D () E:\Program Files\MDF to ISO
2014-04-19 13:32 - 2014-04-19 13:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MDF to ISO
2014-04-19 11:41 - 2014-04-19 11:41 - 00004032 _____ () C:\Windows\SysWOW64\gmon.out
2014-04-17 09:37 - 2014-04-17 09:37 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information
2014-04-17 09:37 - 2014-04-17 09:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP190 series
2014-04-17 09:37 - 2008-02-26 05:00 - 00279040 _____ (CANON INC.) C:\Windows\system32\CNMLM9I.DLL
2014-04-17 09:37 - 2008-02-08 15:38 - 00236032 _____ (CANON INC.) C:\Windows\system32\CNC190L.DLL
2014-04-17 09:37 - 2007-11-09 11:59 - 01335296 _____ (CANON INC.) C:\Windows\system32\CNC190C.DLL
2014-04-17 09:37 - 2007-11-09 11:59 - 00092672 _____ (CANON INC.) C:\Windows\system32\CNC190I.DLL
2014-04-17 09:37 - 2007-03-15 14:13 - 00229888 _____ (Canon Inc.) C:\Windows\system32\CNC190O.DLL
2014-04-17 09:34 - 2014-04-17 09:34 - 00000000 ___HD () E:\Program Files\CanonBJ
2014-04-16 21:03 - 2014-04-16 21:03 - 00000000 __SHD () C:\found.000
2014-04-16 17:38 - 2014-04-16 17:38 - 00000000 ____D () C:\Users\Default\AppData\Local\Symantec
2014-04-16 17:38 - 2014-04-16 17:38 - 00000000 ____D () C:\Users\Default User\AppData\Local\Symantec
2014-04-15 00:45 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-15 00:45 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-15 00:45 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-15 00:45 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-15 00:45 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-15 00:45 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-15 00:45 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-15 00:45 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-15 00:45 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-15 00:45 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-15 00:45 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-15 00:45 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-15 00:45 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-15 00:45 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-15 00:45 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-15 00:45 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-15 00:45 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-15 00:45 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-15 00:45 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-15 00:45 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-15 00:45 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-15 00:45 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-15 00:45 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-15 00:45 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-15 00:45 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-15 00:45 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-15 00:45 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-15 00:45 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-15 00:45 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-15 00:45 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-15 00:45 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-15 00:45 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-15 00:45 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-15 00:45 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-15 00:45 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-15 00:45 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-15 00:45 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-15 00:45 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-15 00:45 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-15 00:45 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-15 00:45 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-15 00:45 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-15 00:45 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-15 00:45 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-13 23:34 - 2014-04-13 23:39 - 00000088 _____ () C:\Users\mco337\Documents\Daniela.txt
2014-04-09 10:29 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 10:29 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-09 10:29 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-09 10:29 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-09 10:29 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-09 10:29 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-09 10:29 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-09 10:29 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-09 10:29 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-09 10:29 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-09 10:29 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-09 10:29 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-09 10:29 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-09 10:29 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-09 10:29 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-09 10:29 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-09 10:28 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys

==================== One Month Modified Files and Folders =======

2014-05-05 22:27 - 2014-04-29 21:05 - 00000000 ____D () C:\FRST
2014-05-05 22:26 - 2011-04-12 09:43 - 00700454 _____ () C:\Windows\system32\perfh007.dat
2014-05-05 22:26 - 2011-04-12 09:43 - 00150092 _____ () C:\Windows\system32\perfc007.dat
2014-05-05 22:26 - 2009-07-14 07:13 - 01624034 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-05 22:24 - 2013-07-08 20:29 - 01756403 _____ () C:\Windows\WindowsUpdate.log
2014-05-05 22:21 - 2014-04-26 21:59 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-05 22:21 - 2014-02-17 20:06 - 00018697 _____ () C:\Windows\setupact.log
2014-05-05 22:21 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-05 20:28 - 2013-07-08 20:45 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-05 16:02 - 2009-07-14 06:45 - 00033136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-05 16:02 - 2009-07-14 06:45 - 00033136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-05 13:57 - 2014-03-27 10:06 - 00000000 ____D () C:\Users\mco337\AppData\Roaming\uTorrent
2014-05-05 00:32 - 2014-05-05 02:15 - 00000000 ____D () C:\.fseventsd
2014-05-05 00:32 - 2014-03-29 16:25 - 00000000 ___HD () C:\.Trashes
2014-05-05 00:14 - 2013-08-30 16:47 - 00000000 ____D () C:\Users\mco337\AppData\Roaming\FileZilla
2014-05-04 21:42 - 2014-02-18 18:10 - 00207202 _____ () C:\Windows\DirectX.log
2014-05-03 14:09 - 2013-09-03 19:10 - 00000000 ____D () C:\Users\mco337\AppData\Roaming\Mipony
2014-05-03 14:06 - 2013-07-10 16:47 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-05-03 14:06 - 2013-07-09 12:53 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-05-03 13:46 - 2013-07-09 12:53 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-05-03 13:10 - 2013-07-08 20:31 - 00000000 ____D () C:\Users\mco337\AppData\Roaming\vlc
2014-05-03 13:09 - 2013-07-17 21:15 - 00000000 ____D () C:\Users\mco337\AppData\Local\Deployment
2014-05-03 13:06 - 2013-07-08 21:15 - 00000000 ____D () C:\Users\mco337\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-05-03 13:03 - 2013-08-22 02:48 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-03 11:25 - 2014-05-03 11:25 - 00000210 _____ () C:\Users\mco337\Desktop\Call of Duty 4 Modern Warfare.url
2014-05-03 11:25 - 2013-07-09 17:38 - 00000000 ____D () C:\Users\mco337\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-05-02 19:23 - 2013-07-08 20:49 - 00000000 ____D () C:\Users\mco337\AppData\Roaming\Adobe
2014-05-02 19:14 - 2014-05-02 19:14 - 00001123 _____ () C:\Users\mco337\Desktop\Testware.lnk
2014-05-02 19:14 - 2013-07-20 18:23 - 00000000 ____D () C:\Users\mco337\.VirtualBox
2014-05-02 18:12 - 2014-02-17 20:06 - 00156426 _____ () C:\Windows\PFRO.log
2014-05-02 18:11 - 2014-02-17 21:33 - 00000000 ____D () C:\AdwCleaner
2014-05-02 18:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Speech
2014-05-02 17:55 - 2014-05-02 17:55 - 00001072 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-02 17:55 - 2014-05-02 17:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-02 08:27 - 2013-09-04 14:33 - 00000000 ____D () C:\Users\mco337\AppData\Roaming\Thunderbird
2014-05-01 21:29 - 2014-02-24 19:35 - 00000000 ____D () C:\Users\mco337\AppData\Roaming\Notepad++
2014-05-01 21:15 - 2013-07-08 21:38 - 00103376 _____ () C:\Users\mco337\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-01 21:15 - 2009-07-14 06:45 - 05094168 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-01 21:14 - 2014-02-21 18:44 - 00000000 ____D () E:\Program Files\LG Suite II
2014-05-01 21:05 - 2013-11-16 15:37 - 00000000 ____D () E:\Program Files\Adobe
2014-05-01 21:05 - 2013-07-09 15:00 - 00000000 ____D () C:\ProgramData\Adobe
2014-05-01 21:00 - 2013-07-08 20:28 - 00000000 ____D () C:\Users\mco337
2014-05-01 20:51 - 2013-07-08 20:45 - 00000000 ____D () C:\Users\mco337\AppData\Local\Adobe
2014-05-01 01:46 - 2014-02-09 22:42 - 00000000 ____D () C:\Users\mco337\Desktop\Programme
2014-04-30 16:47 - 2013-08-30 16:47 - 00000328 _____ () C:\Windows\Tasks\SuperEasyDriverUpdater_UPDATES.job
2014-04-29 20:56 - 2014-04-29 20:56 - 00000000 ____D () C:\Windows\ERUNT
2014-04-29 19:46 - 2014-01-08 00:41 - 00000000 ____D () C:\Users\mco337\AppData\Roaming\Skype
2014-04-29 16:01 - 2014-05-04 23:43 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-29 15:40 - 2014-05-04 23:43 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-29 14:48 - 2014-05-04 23:43 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-29 14:34 - 2014-05-04 23:43 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-28 23:29 - 2013-07-08 20:45 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-28 23:29 - 2013-07-08 20:45 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-28 23:29 - 2013-07-08 20:45 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-27 20:55 - 2014-04-27 20:45 - 00000000 ____D () E:\Program Files\Jdownloader
2014-04-27 20:46 - 2014-04-27 20:46 - 00000872 _____ () C:\Users\mco337\Desktop\JDownloader.lnk
2014-04-27 20:46 - 2013-11-01 23:31 - 00000836 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
2014-04-27 20:46 - 2013-11-01 23:31 - 00000796 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
2014-04-27 20:46 - 2013-11-01 23:31 - 00000781 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
2014-04-27 20:15 - 2014-04-27 20:15 - 00000000 ____D () C:\Users\mco337\.appwork
2014-04-27 15:21 - 2013-07-08 20:30 - 00001031 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-27 15:21 - 2013-07-08 20:30 - 00001019 _____ () C:\Users\mco337\Desktop\Mozilla Firefox.lnk
2014-04-27 15:21 - 2013-07-08 20:29 - 00000813 _____ () C:\Users\mco337\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-27 15:09 - 2014-04-27 15:06 - 00000000 ____D () C:\ProgramData\WPM
2014-04-27 12:45 - 2014-02-21 18:43 - 00000000 ____D () C:\Users\mco337\AppData\Local\CrashDumps
2014-04-27 12:42 - 2014-04-27 12:42 - 00000668 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-04-27 02:16 - 2011-04-12 09:54 - 00000000 ____D () C:\Windows\ShellNew
2014-04-27 01:10 - 2013-07-10 16:47 - 00000000 ____D () C:\Users\mco337\AppData\Local\PunkBuster
2014-04-27 01:03 - 2013-07-09 12:53 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-04-26 22:21 - 2014-04-26 22:21 - 00000000 ____D () C:\Users\mco337\AppData\Local\Skype
2014-04-26 22:21 - 2014-04-26 22:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-04-26 22:21 - 2014-01-08 00:41 - 00000000 ____D () C:\ProgramData\Skype
2014-04-26 21:58 - 2014-04-26 21:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-26 21:30 - 2014-04-26 21:30 - 00000000 ____D () E:\Program Files\Ubisoft
2014-04-26 21:29 - 2014-04-26 21:29 - 00000332 _____ () C:\Users\mco337\Desktop\Ghost Recon Phantoms - EU.appref-ms
2014-04-23 20:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-19 13:32 - 2014-04-19 13:32 - 00000000 ____D () E:\Program Files\MDF to ISO
2014-04-19 13:32 - 2014-04-19 13:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MDF to ISO
2014-04-19 11:41 - 2014-04-19 11:41 - 00004032 _____ () C:\Windows\SysWOW64\gmon.out
2014-04-18 13:37 - 2013-11-01 23:33 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-17 12:00 - 2009-07-14 05:20 - 00000000 __RSD () C:\Windows\Media
2014-04-17 09:37 - 2014-04-17 09:37 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information
2014-04-17 09:37 - 2014-04-17 09:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP190 series
2014-04-17 09:34 - 2014-04-17 09:34 - 00000000 ___HD () E:\Program Files\CanonBJ
2014-04-16 21:03 - 2014-04-16 21:03 - 00000000 __SHD () C:\found.000
2014-04-16 20:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-16 17:41 - 2013-07-08 21:16 - 00000000 ____D () C:\ProgramData\Origin
2014-04-16 17:38 - 2014-04-16 17:38 - 00000000 ____D () C:\Users\Default\AppData\Local\Symantec
2014-04-16 17:38 - 2014-04-16 17:38 - 00000000 ____D () C:\Users\Default User\AppData\Local\Symantec
2014-04-14 20:13 - 2014-02-21 20:55 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-14 20:05 - 2014-02-21 20:55 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-14 20:05 - 2014-02-21 20:55 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-14 20:04 - 2014-02-21 20:55 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-13 23:39 - 2014-04-13 23:34 - 00000088 _____ () C:\Users\mco337\Documents\Daniela.txt
2014-04-09 11:38 - 2013-08-14 14:38 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-09 11:37 - 2013-07-22 12:28 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Some content of TEMP:
====================
C:\Users\mco337\AppData\Local\Temp\JDSetup130430979024980518.exe
C:\Users\mco337\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\mco337\AppData\Local\Temp\proxy_vole8926367741149586.dll
C:\Users\mco337\AppData\Local\Temp\pyl2E8F.tmp.exe
C:\Users\mco337\AppData\Local\Temp\pyl9C2F.tmp.exe
C:\Users\mco337\AppData\Local\Temp\Quarantine.exe
C:\Users\mco337\AppData\Local\Temp\sdanircmdc.exe
C:\Users\mco337\AppData\Local\Temp\sdapskill.exe
C:\Users\mco337\AppData\Local\Temp\sdaspwn.exe
C:\Users\mco337\AppData\Local\Temp\sonarinst.exe
C:\Users\mco337\AppData\Local\Temp\vlc-2.1.3-win32.exe
C:\Users\mco337\AppData\Local\Temp\xmlUpdater.exe
C:\Users\mco337\AppData\Local\Temp\_is897A.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-29 14:49

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=f9df9e1c8509e043bb3526598183d512
# engine=18141
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-05-05 06:38:08
# local_time=2014-05-05 08:38:08 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776637 100 52 1652261 29690577 0 0
# scanned=384814
# found=2
# cleaned=0
# scan_time=14484
sh=AFF6026DD64A6AD95B73CD2D1EE61EAEBA192C4E ft=0 fh=0000000000000000 vn="Win32/AdWare.Adpeak.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SavingsBull\bootstrap.js.old.vir"
sh=C2C0B0FA478304393B6B5224ABF6DDEEBC90FFC7 ft=0 fh=0000000000000000 vn="Win32/AdWare.Adpeak.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SavingsBull\bootstrap.js.vir"
         
Soll ich mbam wieder deinstallieren?

Alt 06.05.2014, 16:34   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7: PC ist langsamer als sonst nach mehreren Programm installationen (genauere beschreibung im Thema) - Standard

Windows 7: PC ist langsamer als sonst nach mehreren Programm installationen (genauere beschreibung im Thema)



Flash updaten.

MBAM kannste auch behalten.

Fertig

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 06.05.2014, 18:23   #13
mco337
 
Windows 7: PC ist langsamer als sonst nach mehreren Programm installationen (genauere beschreibung im Thema) - Standard

Windows 7: PC ist langsamer als sonst nach mehreren Programm installationen (genauere beschreibung im Thema)



Also nur DelFix ausführen und fertig? Hab noch ne log datei davon. Auf jedenfall will ich mich dafür bedanken, dass du sich meinen Problemen angenommen hast, auch noch gut finde ich, dass du danach Tips zur sauberhaltung gibst. Nur ist mein System nun wirklich clean? kann man das sicher sagen?

Alt 07.05.2014, 11:14   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7: PC ist langsamer als sonst nach mehreren Programm installationen (genauere beschreibung im Thema) - Standard

Windows 7: PC ist langsamer als sonst nach mehreren Programm installationen (genauere beschreibung im Thema)



Genau, einfach delfix.
Zitat:
Nur ist mein System nun wirklich clean? kann man das sicher sagen?
ja.


Gern Geschehen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 08.05.2014, 14:46   #15
mco337
 
Windows 7: PC ist langsamer als sonst nach mehreren Programm installationen (genauere beschreibung im Thema) - Standard

Windows 7: PC ist langsamer als sonst nach mehreren Programm installationen (genauere beschreibung im Thema)



Thema kann geschlossen werden.

Antwort

Themen zu Windows 7: PC ist langsamer als sonst nach mehreren Programm installationen (genauere beschreibung im Thema)
100%, anleitung, beenden, beendet, ccleaner, cookie, datei, download, entfernen, file, gmer, hilfe, langsamer, log, log file, programm, programme, scan, scanner, seite, startseite, suche, trojaner, viren, virenscanner, windows, windows 7



Ähnliche Themen: Windows 7: PC ist langsamer als sonst nach mehreren Programm installationen (genauere beschreibung im Thema)


  1. Ausstattung von mehreren PCs mit AV Programm
    Antiviren-, Firewall- und andere Schutzprogramme - 22.08.2015 (12)
  2. PC ist seit langsamer als sonst Virenproblem?
    Plagegeister aller Art und deren Bekämpfung - 09.07.2015 (1)
  3. Nach neu Aufsetzen des Systems, Installationen durch Windows Installer erfolglos
    Alles rund um Windows - 14.04.2015 (19)
  4. PC langsamer als sonst - Virus?
    Log-Analyse und Auswertung - 03.02.2015 (9)
  5. PC bootet langsam, bzw. Programme starten langsamer als sonst
    Alles rund um Windows - 26.05.2014 (4)
  6. Windows 7 (SSD) -AutostartProgramme laden langsamer als sonst.
    Alles rund um Windows - 15.01.2014 (12)
  7. Virus verdacht: Computer langsamer als sonst!
    Plagegeister aller Art und deren Bekämpfung - 30.12.2013 (9)
  8. Spiele und Leistung langsamer als sonst
    Plagegeister aller Art und deren Bekämpfung - 01.09.2013 (28)
  9. Mir ist es nicht mehr möglich in meinem Thema wie sonst zu antworten, warum?
    Lob, Kritik und Wünsche - 28.06.2013 (3)
  10. unerwünschte updates, programm und Systemänderungen/installationen, etc
    Log-Analyse und Auswertung - 23.11.2012 (10)
  11. fakeAlert-REP tojan found UND Programm(de)installationen gehen auch nicht (mehr)
    Log-Analyse und Auswertung - 11.05.2011 (3)
  12. actxprxyr.exe und digiwet.dll -> genauere beschreibung?!
    Plagegeister aller Art und deren Bekämpfung - 21.05.2009 (0)
  13. Internet ist langsamer als sonst... Virus?
    Log-Analyse und Auswertung - 13.02.2009 (0)
  14. Windows scheint langsamer als sonst
    Log-Analyse und Auswertung - 06.01.2009 (5)
  15. Spionage-Programm oder was sonst?
    Plagegeister aller Art und deren Bekämpfung - 24.07.2007 (14)
  16. Internet viel langsamer als sonst
    Log-Analyse und Auswertung - 22.04.2007 (1)
  17. pc langsamer als sonst..
    Plagegeister aller Art und deren Bekämpfung - 19.06.2004 (1)

Zum Thema Windows 7: PC ist langsamer als sonst nach mehreren Programm installationen (genauere beschreibung im Thema) - Ich habe einen "guten" PC, der Aufgrund mehrerer Programminstallationen langsamer ist. Es handete sich um kostenlose Programme, die defekte Bilder wiederherstellen sollten. Jedoch hat keins ansatzweise Funktioniert. Nach der installation - Windows 7: PC ist langsamer als sonst nach mehreren Programm installationen (genauere beschreibung im Thema)...
Archiv
Du betrachtest: Windows 7: PC ist langsamer als sonst nach mehreren Programm installationen (genauere beschreibung im Thema) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.