Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Das angegebene Modul wurde nicht gefunden (https://www.trojaner-board.de/136571-angegebene-modul-wurde-gefunden.html)

luci4712 14.06.2013 10:47
Das angegebene Modul wurde nicht gefunden
 
Seit 2 Tagen erhalte ich nach dem Starten folgende Mitteilung:

Rundll
Problem beim Starten von c:/Program Files (x86)/HomeTab/tbupdater.dll
Das angegebene Modul wurde nicht gefunden

Das Programm Home Tab finde ich nicht auf dem PC.

Wie komme ich hier weiter.

Grüße

schrauber 14.06.2013 11:03
Du bist irgendwie im falschen Unter-Forum gelandet ;)

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop ( falls noch nicht vorhanden ).
  • Doppelklick auf die OTL.exe
  • Oben findest Du ein Kästchen mit Ausgabe. Wähle bitte Minimal Ausgabe
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.

luci4712 14.06.2013 14:49
beiliegend meine OTL-Logdateien:

OTLOTL Logfile:
Code:
OTL logfile created on: 14.06.2013 14:16:23 - Run 2
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\Admin\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16599)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,75 Gb Total Physical Memory | 1,90 Gb Available Physical Memory | 50,63% Memory free
4,44 Gb Paging File | 2,00 Gb Available in Paging File | 45,07% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 278,33 Gb Total Space | 30,24 Gb Free Space | 10,87% Space Free | Partition Type: NTFS
Drive D: | 19,76 Gb Total Space | 9,04 Gb Free Space | 45,77% Space Free | Partition Type: NTFS
 
Computer Name: ADMIN-PC | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Admin\Downloads\OTL(1).exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe (Uniblue Systems Ltd)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Classic Shell\ClassicShellService.exe (IvoSoft)
PRC - C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe (Microsoft Corp.)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG)
PRC - C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG)
PRC - C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (G Data Software AG)
PRC - C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG)
PRC - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe (G Data Software AG)
PRC - C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Program Files (x86)\Secunia\PSI\PSIA.exe (Secunia)
PRC - C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
PRC - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
PRC - C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe ()
PRC - C:\Windows\SysWOW64\PSIService.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (WMSVC) -- C:\Windows\SysNative\inetsrv\WMSvc.exe (Microsoft Corporation)
SRV:64bit: - (TlntSvr) -- C:\Windows\SysNative\tlntsvr.exe (Microsoft Corporation)
SRV:64bit: - (simptcp) -- C:\Windows\SysNative\TCPSVCS.EXE (Microsoft Corporation)
SRV:64bit: - (SNMP) -- C:\Windows\SysNative\snmp.exe (Microsoft Corporation)
SRV:64bit: - (MSMQTriggers) -- C:\Windows\SysNative\mqtgsvc.exe (Microsoft Corporation)
SRV:64bit: - (MSMQ) -- C:\Windows\SysNative\mqsvc.exe (Microsoft Corporation)
SRV:64bit: - (IISADMIN) -- C:\Windows\SysNative\inetsrv\inetinfo.exe (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (LPDSVC) -- C:\Windows\SysNative\lpdsvc.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (iprip) -- C:\Windows\SysNative\iprip.dll (Microsoft Corporation)
SRV:64bit: - (ftpsvc) -- C:\Windows\SysNative\inetsrv\ftpsvc.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (DsRoleSvc) -- C:\Windows\SysNative\dsrolesrv.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SystemStoreService) -- C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe ()
SRV - (NitroReaderDriverReadSpool3) -- C:\Programme\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe (Nitro PDF Software)
SRV - (AVKWCtl) -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe (G Data Software AG)
SRV - (ClassicShellService) -- C:\Programme\Classic Shell\ClassicShellService.exe (IvoSoft)
SRV - (BingDesktopUpdate) -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe (Microsoft Corp.)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (AVKProxy) -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG)
SRV - (GDFwSvc) -- C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe (G Data Software AG)
SRV - (GDScan) -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG)
SRV - (AVKService) -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe (G Data Software AG)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (RichVideo64) -- C:\Programme\CyberLink\Shared files\RichVideo64.exe ()
SRV - (simptcp) -- C:\Windows\SysWOW64\TCPSVCS.EXE (Microsoft Corporation)
SRV - (SNMP) -- C:\Windows\SysWOW64\snmp.exe (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (WAS) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (W3SVC) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (AppHostSvc) -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
SRV - (Secunia PSI Agent) -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe (Secunia)
SRV - (Secunia Update Agent) -- C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
SRV - (ForceWare Intelligent Application Manager (IAM) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe ()
SRV - (nSvcIp) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe ()
SRV - (osppsvc) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (ose64) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (DfSdkS) -- C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\DfsdkS.exe (mst software GmbH, Germany)
SRV - (AdobeActiveFileMonitor6.0) -- C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe ()
SRV - (ProtexisLicensing) -- C:\Windows\SysWOW64\PSIService.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (GRD) -- C:\Windows\SysNative\Drivers\GRD.sys (G Data Software)
DRV:64bit: - (gdwfpcd) -- C:\Windows\SysNative\Drivers\gdwfpcd64.sys (G Data Software AG)
DRV:64bit: - (GDMnIcpt) -- C:\Windows\SysNative\Drivers\MiniIcpt.sys (G Data Software AG)
DRV:64bit: - (HookCentre) -- C:\Windows\SysNative\Drivers\HookCentre.sys (G Data Software AG)
DRV:64bit: - (GDBehave) -- C:\Windows\SysNative\Drivers\GDBehave.sys (G Data Software AG)
DRV:64bit: - (GDPkIcpt) -- C:\Windows\SysNative\Drivers\PktIcpt.sys (G Data Software AG)
DRV:64bit: - (SWDUMon) -- C:\Windows\SysNative\Drivers\SWDUMon.sys ()
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\Drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\Drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\Drivers\sptd.sys (Duplex Secure Ltd.)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\Drivers\ETD.sys (ELAN Microelectronics Corp.)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\Drivers\athw8x.sys (Qualcomm Atheros Communications, Inc.)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\Drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\Drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV:64bit: - (NVNET) -- C:\Windows\SysNative\Drivers\nvmf6264.sys (NVIDIA Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (gfibto) -- C:\Windows\SysNative\Drivers\gfibto.sys (GFI Software)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\Drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (gfiark) -- C:\Windows\SysNative\Drivers\gfiark.sys (GFI Software)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (MQAC) -- C:\Windows\SysNative\Drivers\mqac.sys (Microsoft Corporation)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\Drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (Vid) -- C:\Windows\SysNative\Drivers\Vid.sys (Microsoft Corporation)
DRV:64bit: - (storvsp) -- C:\Windows\SysNative\Drivers\storvsp.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (vmbusr) -- C:\Windows\SysNative\Drivers\vmbusr.sys (Microsoft Corporation)
DRV:64bit: - (vpcivsp) -- C:\Windows\SysNative\Drivers\vpcivsp.sys (Microsoft Corporation)
DRV:64bit: - (RMCAST) -- C:\Windows\SysNative\Drivers\rmcast.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (andnetadb) -- C:\Windows\SysNative\Drivers\lgandnetadb.sys (Google Inc)
DRV:64bit: - (ANDNetModem) -- C:\Windows\SysNative\Drivers\lgandnetmodem64.sys (LG Electronics Inc.)
DRV:64bit: - (AndNetDiag) -- C:\Windows\SysNative\Drivers\lgandnetdiag64.sys (LG Electronics Inc.)
DRV:64bit: - (LPCFilter) -- C:\Windows\SysNative\Drivers\LPCFilter.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (USBModem) -- C:\Windows\SysNative\Drivers\lgx64modem.sys (LG Electronics Inc.)
DRV:64bit: - (UsbDiag) -- C:\Windows\SysNative\Drivers\lgx64diag.sys (LG Electronics Inc.)
DRV:64bit: - (usbbus) -- C:\Windows\SysNative\Drivers\lgx64bus.sys (LG Electronics Inc.)
DRV:64bit: - (MxEFUF) -- C:\Windows\SysNative\Drivers\MxEFUF64.sys (Matrox Graphics Inc.)
DRV:64bit: - (regi) -- C:\Windows\SysNative\Drivers\regi.sys (InterVideo)
DRV:64bit: - (PSI) -- C:\Windows\SysNative\Drivers\psi_mf.sys (Secunia)
DRV:64bit: - (XUIF) -- C:\Windows\SysNative\Drivers\x10ufx2.sys (X10 Wireless Technology, Inc.)
 
========== Standard Registry (All) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = about:newtab
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = about:newtab
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = about:newtab
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{83A37814-D9DF-4FBB-814C-6BE00D227B48}: "URL" = hxxp://search.certified-toolbar.com?si=46364&st=bs&tid=3869&ver=3.2&ts=1370707150399&tguid=46364-3869-1370707150399-65824477116CA2415AE5942F28A728D0&q={searchTerms}
IE - HKLM\..\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}: "URL" = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^HJ^xdm255^YY^de&si=CMOt7MuTk7cCFZLKtAodLiEA-w&ptb=1A1D9FAA-C908-4CD3-A27D-9D256F5C47C2&ind=2013051309&n=77fcb9ad&psa=&st=sb&searchfor={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 84 C7 E5 17 19 DF CD 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page =
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {83A37814-D9DF-4FBB-814C-6BE00D227B48}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\..\SearchScopes\{105C51F9-9778-4686-815B-9A845D78F82C}: "URL" = hxxp://blekko.com/ws/?source=5f97ddbe&tbp=rbox&u=5450479400000000000012224354fec1&q={searchTerms}&r=279
IE - HKCU\..\SearchScopes\{695A8050-B0AF-4395-8680-B169BEE78F03}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3282494&CUI=UN19012636752030930&UM=1
IE - HKCU\..\SearchScopes\{83A37814-D9DF-4FBB-814C-6BE00D227B48}: "URL" = hxxp://www.bing.com/search?FORM=UP93DF&PC=UP93&dt=061013&q={searchTerms}&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}: "URL" = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^HJ^xdm255^YY^de&si=CMOt7MuTk7cCFZLKtAodLiEA-w&ptb=1A1D9FAA-C908-4CD3-A27D-9D256F5C47C2&ind=2013051309&n=77fcb9ad&psa=&st=sb&searchfor={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://comcenter.netcologne.de/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Plus Web Player Plug-In,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013.05.31 09:07:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.05.14 17:28:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.06.12 16:52:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.05.18 18:08:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2013.06.12 16:52:04 | 000,000,000 | ---D | M]
 
[2013.05.04 09:34:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Extensions
[2013.06.11 13:15:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\3katwwvs.default\extensions
[2013.06.11 13:15:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\3katwwvs.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
[2013.05.14 17:28:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2013.05.14 17:28:25 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.05.16 01:44:28 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll
[2013.05.16 01:44:28 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll
[2013.05.16 01:44:28 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll
[2013.05.16 01:44:28 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll
[2013.05.16 01:44:28 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll
[2013.05.16 01:44:28 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll
[2013.05.16 01:44:28 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.msn.com/?pc=UP93&ocid=UP93DHP&dt=061013
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\pdf.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll
CHR - plugin: Error reading preferences file
CHR - Extension: Google Drive = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google-Suche = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Mehr Leistung und Videoformate fr dein HTML5 video = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0\
CHR - Extension: Google Mail = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2013.04.09 02:37:14 | 000,446,305 | R--- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O1 - Hosts: 127.0.0.1        www.007guard.com
O1 - Hosts: 127.0.0.1        007guard.com
O1 - Hosts: 127.0.0.1        008i.com
O1 - Hosts: 127.0.0.1        www.008k.com
O1 - Hosts: 127.0.0.1        008k.com
O1 - Hosts: 127.0.0.1        www.00hq.com
O1 - Hosts: 127.0.0.1        00hq.com
O1 - Hosts: 127.0.0.1        010402.com
O1 - Hosts: 127.0.0.1        www.032439.com
O1 - Hosts: 127.0.0.1        032439.com
O1 - Hosts: 127.0.0.1        www.0scan.com
O1 - Hosts: 127.0.0.1        0scan.com
O1 - Hosts: 127.0.0.1        www.1000gratisproben.com
O1 - Hosts: 127.0.0.1        1000gratisproben.com
O1 - Hosts: 127.0.0.1        1001namen.com
O1 - Hosts: 127.0.0.1        www.1001namen.com
O1 - Hosts: 127.0.0.1        100888290cs.com
O1 - Hosts: 127.0.0.1        www.100888290cs.com
O1 - Hosts: 127.0.0.1        www.100sexlinks.com
O1 - Hosts: 127.0.0.1        100sexlinks.com
O1 - Hosts: 127.0.0.1        www.10sek.com
O1 - Hosts: 127.0.0.1        10sek.com
O1 - Hosts: 127.0.0.1        www.1-2005-search.com
O1 - Hosts: 127.0.0.1        1-2005-search.com
O1 - Hosts: 127.0.0.1        www.123fporn.info
O1 - Hosts: 15324 more lines...
O2:64bit: - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Programme\Classic Shell\ClassicExplorer64.dll (IvoSoft)
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (ClassicIE9BHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Programme\Classic Shell\ClassicIE9DLL_64.dll (IvoSoft)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Programme\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (ClassicIE9BHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Programme\Classic Shell\ClassicIE9DLL_32.dll (IvoSoft)
O3:64bit: - HKLM\..\Toolbar: (no name) - {0124123D-61B4-456f-AF86-78C53A0790C5} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Programme\Classic Shell\ClassicExplorer64.dll (IvoSoft)
O3 - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Programme\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {5786D022-540E-4699-B350-B4BE0AE94B79} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\Alps\GlidePoint\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [MsmqIntCert] C:\WINDOWS\SysNative\mqrt.dll (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
O4 - HKLM..\Run: [BingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe (Microsoft Corp.)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [G Data AntiVirus Tray] C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG)
O4 - HKLM..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (G Data Software AG)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [Ulead AutoDetector v2] C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe (Ulead Systems, Inc.)
O4 - HKCU..\Run: [DriverMax] C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe (Innovative Solutions)
O4 - HKCU..\Run: [DriverMax_RESTART] C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe (Innovative Solutions)
O4 - HKCU..\Run: [FileHippo.com] C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKCU..\Run: [Spybot-S&D Cleaning] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [StartMenuX] C:\Programme\Start Menu X\StartMenuX.exe (OrdinarySoft)
O4 - Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk = C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O8:64bit: - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Classic IE9 Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Programme\Classic Shell\ClassicIE9_32.exe (IvoSoft)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Classic IE9 Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Programme\Classic Shell\ClassicIE9_32.exe (IvoSoft)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000013 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000014 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000015 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000016 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000017 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000018 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000019 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000020 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000021 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (NVIDIA Smart Scan)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9BB74F8C-7AA9-45FE-9694-463B95EB47C5}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~4\Wincert\WIN64C~1.DLL) - C:\ProgramData\Wincert\win64cert.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe) - c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe ()
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\WINDOWS\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\WINDOWS\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\WINDOWS\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\WINDOWS\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\WINDOWS\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\WINDOWS\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\WINDOWS\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\WINDOWS\SysNative\pku2u.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - C:\WINDOWS\SysNative\livessp.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\WINDOWS\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\WINDOWS\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) -  File not found
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{1cf985d4-a6b6-11e2-80af-00222002dc27}\Shell - "" = AutoRun
O33 - MountPoints2\{1cf985d4-a6b6-11e2-80af-00222002dc27}\Shell\AutoRun\command - "" = "F:\LGAutoRun.exe"
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: x64 - (C:\Program Files (x86)\Search Results Toolbar\Datamngr\x64\apcrtldr.dll) -  File not found
O36 - AppCertDlls: x86 - (C:\Program Files (x86)\Search Results Toolbar\Datamngr\apcrtldr.dll) -  File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.06.14 01:13:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Covus Freemium
[2013.06.14 01:13:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Covus Freemium
[2013.06.13 10:17:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013.06.13 10:17:38 | 000,000,000 | ---D | C] -- C:\JRT
[2013.06.13 01:43:35 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2013.06.13 01:10:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2013.06.12 22:51:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bing-Desktop
[2013.06.12 22:49:58 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptdlg.dll
[2013.06.12 22:49:58 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cryptdlg.dll
[2013.06.12 22:36:23 | 001,889,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\crypt32.dll
[2013.06.12 22:36:22 | 001,255,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\certutil.exe
[2013.06.12 22:36:22 | 001,013,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\certutil.exe
[2013.06.12 22:36:22 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptnet.dll
[2013.06.12 22:35:49 | 000,733,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32spl.dll
[2013.06.12 22:35:32 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2013.06.12 22:35:22 | 000,915,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uxtheme.dll
[2013.06.12 22:35:21 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2013.06.12 22:35:21 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2013.06.12 22:35:21 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2013.06.12 22:35:21 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2013.06.12 22:35:20 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UXInit.dll
[2013.06.12 22:35:20 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UXInit.dll
[2013.06.12 22:34:59 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tssdisai.dll
[2013.06.12 22:17:12 | 013,644,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2013.06.12 22:17:09 | 010,788,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2013.06.12 22:17:07 | 001,131,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2013.06.12 22:17:06 | 010,116,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2013.06.12 22:17:02 | 000,470,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netprofmsvc.dll
[2013.06.12 22:17:01 | 008,857,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2013.06.12 22:17:00 | 002,305,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2013.06.12 22:17:00 | 000,820,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gpprefcl.dll
[2013.06.12 22:17:00 | 000,760,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2013.06.12 22:16:59 | 002,035,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2013.06.12 22:16:59 | 000,014,848 | ---- | C] (Microsoft) -- C:\WINDOWS\SysWow64\rars.rs
[2013.06.12 22:16:59 | 000,014,848 | ---- | C] (Microsoft) -- C:\WINDOWS\SysNative\rars.rs
[2013.06.12 22:16:58 | 000,708,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.dll
[2013.06.12 22:16:58 | 000,621,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2013.06.12 22:16:58 | 000,446,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBHUB3.SYS
[2013.06.12 22:16:58 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BCP47Langs.dll
[2013.06.12 22:16:58 | 000,330,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\stobject.dll
[2013.06.12 22:16:58 | 000,328,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ubpm.dll
[2013.06.12 22:16:58 | 000,247,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ubpm.dll
[2013.06.12 22:16:56 | 000,812,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Magnify.exe
[2013.06.12 22:16:56 | 000,560,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll
[2013.06.12 22:16:56 | 000,213,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\UCX01000.SYS
[2013.06.12 22:16:56 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netplwiz.dll
[2013.06.12 22:16:56 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netplwiz.dll
[2013.06.12 22:16:56 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\psmsrv.dll
[2013.06.12 22:16:55 | 001,619,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll
[2013.06.12 22:16:55 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Magnify.exe
[2013.06.12 22:16:55 | 000,501,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevicePairing.dll
[2013.06.12 22:16:55 | 000,449,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DevicePairing.dll
[2013.06.12 22:16:55 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\intl.cpl
[2013.06.12 22:16:55 | 000,284,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2013.06.12 22:16:55 | 000,120,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AuthHost.exe
[2013.06.12 22:16:55 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hidclass.sys
[2013.06.12 22:16:55 | 000,058,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2013.06.12 22:16:54 | 000,582,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gpprefcl.dll
[2013.06.12 22:16:54 | 000,411,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
[2013.06.12 22:16:54 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\intl.cpl
[2013.06.12 22:16:54 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll
[2013.06.12 22:16:54 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bisrv.dll
[2013.06.12 22:16:54 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll
[2013.06.12 22:16:54 | 000,122,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\biwinrt.dll
[2013.06.12 22:16:54 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\biwinrt.dll
[2013.06.12 22:16:53 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BCP47Langs.dll
[2013.06.12 22:16:53 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuwebv.dll
[2013.06.12 22:16:53 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuwebv.dll
[2013.06.12 22:16:53 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2013.06.12 22:16:53 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2013.06.12 22:16:53 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapp.exe
[2013.06.12 22:16:53 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapp.exe
[2013.06.12 22:16:53 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\muifontsetup.dll
[2013.06.12 22:16:53 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\muifontsetup.dll
[2013.06.12 22:16:37 | 001,257,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel32.dll
[2013.06.12 22:16:31 | 001,300,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32.dll
[2013.06.12 22:16:29 | 000,888,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autochk.exe
[2013.06.12 22:16:29 | 000,793,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\autochk.exe
[2013.06.12 22:16:29 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\untfs.dll
[2013.06.12 22:16:29 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\untfs.dll
[2013.06.12 16:54:24 | 000,029,712 | ---- | C] (Nitro PDF Software) -- C:\WINDOWS\SysNative\nitrolocalmon2.dll
[2013.06.12 16:54:24 | 000,017,936 | ---- | C] (Nitro PDF Software) -- C:\WINDOWS\SysNative\nitrolocalui2.dll
[2013.06.12 16:54:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nitro
[2013.06.12 16:54:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nitro
[2013.06.12 16:54:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nitro
[2013.06.12 09:26:09 | 000,107,128 | ---- | C] (G Data Software) -- C:\WINDOWS\SysNative\drivers\GRD.sys
[2013.06.11 17:07:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data InternetSecurity 2014
[2013.06.11 16:57:03 | 000,064,824 | ---- | C] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\PktIcpt.sys
[2013.06.11 16:56:23 | 000,068,408 | ---- | C] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\gdwfpcd64.sys
[2013.06.11 16:56:19 | 000,130,392 | ---- | C] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\MiniIcpt.sys
[2013.06.11 16:56:19 | 000,065,368 | ---- | C] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\HookCentre.sys
[2013.06.11 16:56:19 | 000,060,248 | ---- | C] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\GDBehave.sys
[2013.06.11 16:52:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\G Data
[2013.06.11 13:00:51 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Corel
[2013.06.10 20:33:18 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Wise Registry Cleaner
[2013.06.10 20:32:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Registry Cleaner
[2013.06.10 20:32:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wise
[2013.06.08 18:04:01 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Freemium
[2013.06.08 17:58:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SoftwareUpdater
[2013.06.08 17:58:56 | 000,000,000 | ---D | C] -- C:\ProgramData\FreeSystemUtilities
[2013.06.08 17:58:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2013.06.06 21:13:32 | 000,524,016 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\drivers\SynTP.sys
[2013.06.06 21:13:32 | 000,264,432 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynTPAPI.dll
[2013.06.06 21:13:32 | 000,192,240 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynTPCo19.dll
[2013.06.06 21:13:32 | 000,151,280 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysWow64\SynTPCom.dll
[2013.06.06 21:13:26 | 000,351,984 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysWow64\SynCom.dll
[2013.06.06 11:54:34 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\MrJobs
[2013.05.29 11:00:32 | 002,802,760 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtPgEx64.dll
[2013.05.29 11:00:31 | 001,003,080 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtkApi64.dll
[2013.05.29 11:00:31 | 000,613,448 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtDataProc64.dll
[2013.05.29 11:00:30 | 022,429,696 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RCoRes64.dat
[2013.05.29 11:00:30 | 000,138,824 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RCoInstII64.dll
[2013.05.29 11:00:13 | 000,208,072 | ---- | C] (Andrea Electronics Corporation) -- C:\WINDOWS\SysNative\AERTAC64.dll
[2013.05.29 10:47:47 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2013.05.29 10:47:04 | 001,721,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WdfCoInstaller01009.dll
[2013.05.29 10:46:59 | 000,192,240 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynTPCo18.dll
[2013.05.28 11:39:19 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013.05.28 10:12:40 | 003,786,752 | ---- | C] (Qualcomm Atheros Communications, Inc.) -- C:\WINDOWS\SysNative\drivers\athw8x.sys
[2013.05.28 09:58:58 | 000,819,440 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynCOM.dll
[2013.05.28 09:43:02 | 013,403,168 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvwgf2um.dll
[2013.05.28 09:42:58 | 007,641,832 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvopencl.dll
[2013.05.28 09:42:58 | 006,324,360 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvopencl.dll
[2013.05.28 09:42:57 | 027,775,776 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvoglv64.dll
[2013.05.28 09:42:54 | 021,096,736 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvoglv32.dll
[2013.05.28 09:42:49 | 000,518,944 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFR64.dll
[2013.05.28 09:42:49 | 000,421,152 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFR.dll
[2013.05.28 09:42:48 | 000,550,176 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvFBC64.dll
[2013.05.28 09:42:48 | 000,443,168 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvFBC.dll
[2013.05.28 09:42:47 | 001,511,712 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispgenco6432018.dll
[2013.05.28 09:42:46 | 001,832,224 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispco6432018.dll
[2013.05.28 09:42:45 | 015,143,904 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvd3dumx.dll
[2013.05.28 09:42:44 | 002,942,240 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvid.dll
[2013.05.28 09:42:44 | 002,754,336 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvid.dll
[2013.05.28 09:42:43 | 007,682,960 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuda.dll
[2013.05.28 09:42:43 | 002,363,680 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvenc.dll
[2013.05.28 09:42:43 | 002,002,720 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvenc.dll
[2013.05.28 09:42:42 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcompiler.dll
[2013.05.28 09:42:42 | 009,233,688 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuda.dll
[2013.05.28 09:42:41 | 025,256,224 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcompiler.dll
[2013.05.28 09:42:40 | 002,597,344 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvapi.dll
[2013.05.28 09:36:48 | 000,031,520 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvhdap64.dll
[2013.05.28 09:36:47 | 000,194,848 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\drivers\nvhda64v.sys
[2013.05.28 09:36:47 | 000,072,992 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvapo64v.dll
[2013.05.26 21:01:39 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\elsterformular
[2013.05.26 21:00:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
[2013.05.26 21:00:51 | 000,000,000 | ---D | C] -- C:\ProgramData\elsterformular
[2013.05.26 21:00:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ElsterFormular
[2013.05.23 01:56:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2013.05.23 01:56:41 | 000,017,272 | ---- | C] (Safer Networking Limited) -- C:\WINDOWS\SysNative\sdnclean64.exe
[2013.05.21 21:08:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IsoBuster
[2013.05.21 21:08:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Smart Projects
[2013.05.18 18:08:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2013.05.17 18:31:40 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Ashampoo Slideshow Studio 2012
[2013.05.17 01:15:36 | 000,000,000 | -H-D | C] -- C:\ProgramData\{C9F60138-EDD0-4FE6-997C-6A42B5D7A85D}
[2013.05.17 01:13:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AquaSoft
[2013.05.17 01:13:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AquaSoft
[2013.05.16 11:42:40 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\VideoPad Projekte
[2013.05.15 15:51:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Related Programs
[2013.05.15 15:51:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
[2013.05.15 15:24:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foto2Avi
[2013.05.15 15:24:34 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Foto2Avi
[2013.05.15 15:24:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foto2Avi
[2013.05.12 17:32:48 | 007,760,687 | ---- | C] (Boraxsoft) -- C:\Users\Admin\AppData\Roaming\SetupGFD.exe
[2013.05.12 17:32:38 | 005,514,668 | ---- | C] (LIGHTNING UK!) -- C:\Users\Admin\AppData\Roaming\Imgburn.exe
[2013.05.12 17:32:35 | 005,082,084 | ---- | C] (The Public) -- C:\Users\Admin\AppData\Roaming\Avisynth.exe
[2012.12.22 08:13:42 | 002,174,976 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Program Files (x86)\Common Files\atimpenc.dll
[2 C:\Users\Admin\*.tmp files -> C:\Users\Admin\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.06.14 13:35:04 | 000,001,126 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.14 13:32:24 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.06.14 12:35:46 | 002,160,314 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2013.06.14 12:35:46 | 000,914,792 | ---- | M] () -- C:\WINDOWS\SysNative\perfh007.dat
[2013.06.14 12:35:46 | 000,844,608 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2013.06.14 12:35:46 | 000,217,756 | ---- | M] () -- C:\WINDOWS\SysNative\perfc007.dat
[2013.06.14 12:35:46 | 000,181,826 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2013.06.14 12:25:58 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.06.14 12:24:37 | 000,001,122 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.14 12:24:27 | 000,000,358 | ---- | M] () -- C:\WINDOWS\tasks\dsmonitor.job
[2013.06.14 12:23:52 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013.06.14 01:13:44 | 000,002,563 | ---- | M] () -- C:\Users\Public\Desktop\Free System Utilities.lnk
[2013.06.13 01:11:20 | 000,001,074 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013.06.12 22:40:22 | 000,477,288 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2013.06.12 16:54:23 | 000,002,007 | ---- | M] () -- C:\Users\Public\Desktop\Nitro Reader.lnk
[2013.06.12 15:59:19 | 000,000,308 | ---- | M] () -- C:\WINDOWS\tasks\AdvancedDriverUpdater_UPDATES.job
[2013.06.12 09:26:09 | 000,107,128 | ---- | M] (G Data Software) -- C:\WINDOWS\SysNative\drivers\GRD.sys
[2013.06.11 17:07:08 | 000,001,982 | ---- | M] () -- C:\Users\Public\Desktop\G Data InternetSecurity 2014.lnk
[2013.06.11 17:06:58 | 000,068,408 | ---- | M] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\gdwfpcd64.sys
[2013.06.11 17:06:57 | 000,130,392 | ---- | M] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\MiniIcpt.sys
[2013.06.11 17:06:57 | 000,065,368 | ---- | M] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\HookCentre.sys
[2013.06.11 17:06:57 | 000,060,248 | ---- | M] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\GDBehave.sys
[2013.06.11 16:57:03 | 000,064,824 | ---- | M] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\PktIcpt.sys
[2013.06.11 09:53:08 | 000,012,800 | ---- | M] () -- C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.06.10 20:39:35 | 000,003,628 | ---- | M] () -- C:\Users\Admin\Documents\cc_20130610_203842.reg
[2013.06.10 20:32:48 | 000,001,235 | ---- | M] () -- C:\Users\Public\Desktop\Wise Registry Cleaner.lnk
[2013.06.09 21:01:13 | 000,015,712 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\SWDUMon.sys
[2013.06.09 18:40:58 | 000,011,479 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2013.06.08 12:05:49 | 000,001,089 | ---- | M] () -- C:\Users\Public\Desktop\Advanced Driver Updater.lnk
[2013.06.06 21:13:32 | 000,524,016 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\drivers\SynTP.sys
[2013.06.06 21:13:32 | 000,264,432 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynTPAPI.dll
[2013.06.06 21:13:32 | 000,192,240 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynTPCo19.dll
[2013.06.06 21:13:32 | 000,151,280 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\SysWow64\SynTPCom.dll
[2013.06.06 21:13:26 | 000,351,984 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\SysWow64\SynCom.dll
[2013.06.06 21:13:25 | 000,819,440 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynCOM.dll
[2013.06.06 01:38:51 | 000,002,187 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.06.05 00:09:22 | 000,693,112 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2013.06.05 00:09:22 | 000,078,200 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2013.06.03 12:18:28 | 000,001,197 | ---- | M] () -- C:\Users\Public\Desktop\DriverScanner.lnk
[2013.05.31 09:07:15 | 000,001,579 | ---- | M] () -- C:\Users\Admin\Desktop\DivX Movies.lnk
[2013.05.31 09:06:55 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2013.05.31 09:06:37 | 000,001,160 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2013.05.31 01:24:29 | 001,257,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel32.dll
[2013.05.29 10:47:04 | 001,721,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WdfCoInstaller01009.dll
[2013.05.29 10:46:59 | 000,192,240 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynTPCo18.dll
[2013.05.28 18:49:26 | 000,029,712 | ---- | M] (Nitro PDF Software) -- C:\WINDOWS\SysNative\nitrolocalmon2.dll
[2013.05.28 18:49:26 | 000,017,936 | ---- | M] (Nitro PDF Software) -- C:\WINDOWS\SysNative\nitrolocalui2.dll
[2013.05.28 11:39:42 | 000,000,826 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.05.28 11:33:07 | 000,001,977 | ---- | M] () -- C:\Users\Admin\Desktop\Update Checker.lnk
[2013.05.28 10:06:59 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2013.05.28 09:50:04 | 000,020,536 | ---- | M] () -- C:\WINDOWS\SysNative\nvinfo.pb
[2013.05.28 09:43:07 | 015,910,736 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvwgf2umx.dll
[2013.05.28 09:43:05 | 013,403,168 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvwgf2um.dll
[2013.05.28 09:42:59 | 006,324,360 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvopencl.dll
[2013.05.28 09:42:58 | 027,775,776 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvoglv64.dll
[2013.05.28 09:42:58 | 007,641,832 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvopencl.dll
[2013.05.28 09:42:57 | 021,096,736 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvoglv32.dll
[2013.05.28 09:42:49 | 000,518,944 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFR64.dll
[2013.05.28 09:42:49 | 000,421,152 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFR.dll
[2013.05.28 09:42:48 | 000,550,176 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvFBC64.dll
[2013.05.28 09:42:48 | 000,443,168 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvFBC.dll
[2013.05.28 09:42:47 | 001,832,224 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispco6432018.dll
[2013.05.28 09:42:47 | 001,511,712 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispgenco6432018.dll
[2013.05.28 09:42:46 | 015,143,904 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvd3dumx.dll
[2013.05.28 09:42:45 | 012,426,216 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvd3dum.dll
[2013.05.28 09:42:44 | 002,942,240 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvid.dll
[2013.05.28 09:42:44 | 002,754,336 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvid.dll
[2013.05.28 09:42:44 | 002,363,680 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvenc.dll
[2013.05.28 09:42:43 | 009,233,688 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuda.dll
[2013.05.28 09:42:43 | 007,682,960 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuda.dll
[2013.05.28 09:42:43 | 002,002,720 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvenc.dll
[2013.05.28 09:42:42 | 025,256,224 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcompiler.dll
[2013.05.28 09:42:42 | 017,560,352 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcompiler.dll
[2013.05.28 09:42:41 | 002,935,696 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvapi64.dll
[2013.05.28 09:42:41 | 002,597,344 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvapi.dll
[2013.05.28 09:36:48 | 001,510,176 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvhdagenco6420103.dll
[2013.05.28 09:36:48 | 000,031,520 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvhdap64.dll
[2013.05.28 09:36:47 | 000,194,848 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\drivers\nvhda64v.sys
[2013.05.28 09:36:47 | 000,072,992 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvapo64v.dll
[2013.05.26 21:00:54 | 000,001,237 | ---- | M] () -- C:\Users\Public\Desktop\ElsterFormular.lnk
[2013.05.26 20:52:13 | 000,172,994 | ---- | M] () -- C:\Users\Admin\Documents\install_anleitung_elfo.pdf
[2013.05.24 01:01:46 | 001,300,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32.dll
[2013.05.23 01:56:46 | 000,001,387 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013.05.21 21:08:13 | 000,001,200 | ---- | M] () -- C:\Users\Admin\Desktop\IsoBuster.lnk
[2013.05.20 10:57:12 | 000,001,136 | ---- | M] () -- C:\Users\Public\Desktop\Prism Videodatei-Konverter.lnk
[2013.05.19 17:37:07 | 335,995,200 | ---- | M] () -- C:\Users\Admin\Documents\PowerDirector_2812_GM5.5_Patch_Patch_VDE130411-03.exe
[2013.05.18 11:04:46 | 000,000,959 | ---- | M] () -- C:\Users\Admin\Desktop\Diashow-Player.lnk
[2013.05.17 20:36:43 | 007,077,671 | ---- | M] () -- C:\Users\Admin\Meine Diashow.wmv
[2013.05.17 18:31:32 | 000,001,355 | ---- | M] () -- C:\Users\Public\Desktop\Ashampoo Slideshow Studio 2012.lnk
[2013.05.17 10:26:09 | 007,217,318 | ---- | M] () -- C:\Users\Admin\Documents\dvdr3570h_31_dfu_deu.pdf
[2013.05.17 01:28:59 | 009,687,294 | ---- | M] () -- C:\Users\Admin\Nilkreuzfahrt 2013.ads
[2013.05.17 01:15:33 | 000,001,087 | ---- | M] () -- C:\Users\Public\Desktop\DiaShow 8 Ultimate.lnk
[2013.05.17 01:13:26 | 001,640,788 | ---- | M] () -- C:\Users\Admin\Documents\DiaShowManager_de.pdf
[2013.05.16 00:37:03 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UXInit.dll
[2013.05.16 00:35:49 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UXInit.dll
[2013.05.16 00:35:47 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tssdisai.dll
[2013.05.15 15:51:55 | 000,001,162 | ---- | M] () -- C:\Users\Public\Desktop\WavePad Audiobearbeitungs-Software.lnk
[2013.05.15 15:51:49 | 000,001,162 | ---- | M] () -- C:\Users\Public\Desktop\PhotoPad Foto-Editor.lnk
[2013.05.15 15:51:40 | 000,001,178 | ---- | M] () -- C:\Users\Public\Desktop\VideoPad Videobearbeitungs-Software.lnk
[2013.05.15 15:51:03 | 000,001,184 | ---- | M] () -- C:\Users\Public\Desktop\PhotoStage Diashow-Ersteller.lnk
[2013.05.15 15:24:35 | 000,001,015 | ---- | M] () -- C:\Users\Admin\Desktop\Foto2Avi.lnk
[2 C:\Users\Admin\*.tmp files -> C:\Users\Admin\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.06.12 22:40:07 | 000,477,288 | ---- | C] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2013.06.12 22:16:53 | 000,386,646 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2013.06.12 16:54:23 | 000,002,007 | ---- | C] () -- C:\Users\Public\Desktop\Nitro Reader.lnk
[2013.06.12 16:54:22 | 000,002,499 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Reader 3.lnk
[2013.06.11 16:56:59 | 000,001,982 | ---- | C] () -- C:\Users\Public\Desktop\G Data InternetSecurity 2014.lnk
[2013.06.10 20:39:05 | 000,003,628 | ---- | C] () -- C:\Users\Admin\Documents\cc_20130610_203842.reg
[2013.06.10 20:32:48 | 000,001,235 | ---- | C] () -- C:\Users\Public\Desktop\Wise Registry Cleaner.lnk
[2013.06.08 17:59:53 | 000,023,624 | ---- | C] () -- C:\WINDOWS\Launcher.exe
[2013.06.08 17:58:57 | 000,002,563 | ---- | C] () -- C:\Users\Public\Desktop\Free System Utilities.lnk
[2013.05.29 11:00:30 | 000,465,645 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\RTAIODAT.DAT
[2013.05.28 10:06:59 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2013.05.26 21:00:54 | 000,001,237 | ---- | C] () -- C:\Users\Public\Desktop\ElsterFormular.lnk
[2013.05.26 20:52:13 | 000,172,994 | ---- | C] () -- C:\Users\Admin\Documents\install_anleitung_elfo.pdf
[2013.05.23 01:56:46 | 000,001,399 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2013.05.23 01:56:46 | 000,001,387 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013.05.21 21:08:13 | 000,001,200 | ---- | C] () -- C:\Users\Admin\Desktop\IsoBuster.lnk
[2013.05.20 10:57:12 | 000,001,148 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prism Videodatei-Konverter.lnk
[2013.05.20 10:57:12 | 000,001,136 | ---- | C] () -- C:\Users\Public\Desktop\Prism Videodatei-Konverter.lnk
[2013.05.19 14:46:25 | 335,995,200 | ---- | C] () -- C:\Users\Admin\Documents\PowerDirector_2812_GM5.5_Patch_Patch_VDE130411-03.exe
[2013.05.17 20:35:10 | 007,077,671 | ---- | C] () -- C:\Users\Admin\Meine Diashow.wmv
[2013.05.17 18:31:32 | 000,001,355 | ---- | C] () -- C:\Users\Public\Desktop\Ashampoo Slideshow Studio 2012.lnk
[2013.05.17 10:26:08 | 007,217,318 | ---- | C] () -- C:\Users\Admin\Documents\dvdr3570h_31_dfu_deu.pdf
[2013.05.17 01:28:56 | 009,687,294 | ---- | C] () -- C:\Users\Admin\Nilkreuzfahrt 2013.ads
[2013.05.17 01:15:33 | 000,001,087 | ---- | C] () -- C:\Users\Public\Desktop\DiaShow 8 Ultimate.lnk
[2013.05.17 01:13:25 | 001,640,788 | ---- | C] () -- C:\Users\Admin\Documents\DiaShowManager_de.pdf
[2013.05.15 15:51:55 | 000,001,174 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WavePad Audiobearbeitungs-Software.lnk
[2013.05.15 15:51:55 | 000,001,162 | ---- | C] () -- C:\Users\Public\Desktop\WavePad Audiobearbeitungs-Software.lnk
[2013.05.15 15:51:49 | 000,001,174 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoPad Foto-Editor.lnk
[2013.05.15 15:51:49 | 000,001,162 | ---- | C] () -- C:\Users\Public\Desktop\PhotoPad Foto-Editor.lnk
[2013.05.15 15:51:40 | 000,001,190 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoPad Videobearbeitungs-Software.lnk
[2013.05.15 15:51:40 | 000,001,178 | ---- | C] () -- C:\Users\Public\Desktop\VideoPad Videobearbeitungs-Software.lnk
[2013.05.15 15:51:03 | 000,001,196 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoStage Diashow-Ersteller.lnk
[2013.05.15 15:51:03 | 000,001,184 | ---- | C] () -- C:\Users\Public\Desktop\PhotoStage Diashow-Ersteller.lnk
[2013.05.15 15:24:35 | 000,001,015 | ---- | C] () -- C:\Users\Admin\Desktop\Foto2Avi.lnk
[2013.05.12 17:32:46 | 005,243,208 | ---- | C] (                                                            ) -- C:\Users\Admin\AppData\Roaming\AvsP.exe
[2013.05.12 17:32:43 | 001,357,348 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\MatroskaSplitter.exe
[2013.05.12 17:32:40 | 000,117,723 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\yuvcodecs-1.3.exe
[2013.05.11 19:30:23 | 000,000,196 | ---- | C] () -- C:\WINDOWS\ulead32.ini
[2013.04.09 02:32:45 | 000,011,479 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2013.03.17 18:21:19 | 000,012,800 | ---- | C] () -- C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.01.29 03:58:17 | 002,079,580 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2012.12.31 00:46:12 | 000,000,209 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012.12.27 18:56:29 | 000,000,026 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2012.12.24 01:15:29 | 001,035,321 | ---- | C] () -- C:\WINDOWS\SysWow64\sig.bin
[2012.12.22 12:53:43 | 000,020,992 | ---- | C] () -- C:\WINDOWS\SysWow64\NC_INST.DLL
[2012.12.21 04:20:35 | 000,246,862 | ---- | C] () -- C:\WINDOWS\hpoins40.dat
[2012.12.21 04:20:35 | 000,000,909 | ---- | C] () -- C:\WINDOWS\hpomdl40.dat
[2012.12.21 02:36:27 | 000,083,968 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2012.07.26 10:13:10 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2012.07.26 10:13:09 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2012.07.26 09:21:26 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012.07.26 03:17:42 | 000,043,520 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2012.07.25 22:37:29 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2012.07.25 22:28:31 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2012.06.02 16:31:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2011.10.08 13:02:40 | 000,001,024 | ---- | C] () -- C:\Users\Admin\.rnd
 
========== ZeroAccess Check ==========
 
[2012.12.24 01:21:30 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.03.06 08:31:28 | 019,758,592 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.03.06 07:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:DFC5A2B2

< End of report >
--- --- ---

schrauber 14.06.2013 16:17
Code:
C:\Windows\system32\tasks\*.*
Bitte in OTL in die Box kopieren und Quick Scan klicken. Log posten.

luci4712 15.06.2013 00:55
beiliegend gewünschtes Logfil:OTL Logfile:
Code:
OTL logfile created on: 15.06.2013 01:34:38 - Run 3
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\Admin\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16599)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,75 Gb Total Physical Memory | 2,07 Gb Available Physical Memory | 55,22% Memory free
4,44 Gb Paging File | 2,29 Gb Available in Paging File | 51,55% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 278,33 Gb Total Space | 29,59 Gb Free Space | 10,63% Space Free | Partition Type: NTFS
Drive D: | 19,76 Gb Total Space | 9,04 Gb Free Space | 45,77% Space Free | Partition Type: NTFS
 
Computer Name: ADMIN-PC | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\PROGRA~2\FROMDO~2\bar\1.bin\65barsvc.exe (COMPANYVERS_NAME)
PRC - C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65brmon.exe (VER_COMPANY_NAME)
PRC - C:\Users\Admin\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe (Uniblue Systems Ltd)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Classic Shell\ClassicShellService.exe (IvoSoft)
PRC - C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe (Microsoft Corp.)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG)
PRC - C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG)
PRC - C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (G Data Software AG)
PRC - C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG)
PRC - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe (G Data Software AG)
PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Program Files (x86)\Secunia\PSI\PSIA.exe (Secunia)
PRC - C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
PRC - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
PRC - C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe ()
PRC - C:\Windows\SysWOW64\PSIService.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (WMSVC) -- C:\Windows\SysNative\inetsrv\WMSvc.exe (Microsoft Corporation)
SRV:64bit: - (TlntSvr) -- C:\Windows\SysNative\tlntsvr.exe (Microsoft Corporation)
SRV:64bit: - (simptcp) -- C:\Windows\SysNative\TCPSVCS.EXE (Microsoft Corporation)
SRV:64bit: - (SNMP) -- C:\Windows\SysNative\snmp.exe (Microsoft Corporation)
SRV:64bit: - (MSMQTriggers) -- C:\Windows\SysNative\mqtgsvc.exe (Microsoft Corporation)
SRV:64bit: - (MSMQ) -- C:\Windows\SysNative\mqsvc.exe (Microsoft Corporation)
SRV:64bit: - (IISADMIN) -- C:\Windows\SysNative\inetsrv\inetinfo.exe (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (LPDSVC) -- C:\Windows\SysNative\lpdsvc.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (iprip) -- C:\Windows\SysNative\iprip.dll (Microsoft Corporation)
SRV:64bit: - (ftpsvc) -- C:\Windows\SysNative\inetsrv\ftpsvc.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (DsRoleSvc) -- C:\Windows\SysNative\dsrolesrv.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV - (FromDocToPDF_65Service) -- C:\PROGRA~2\FROMDO~2\bar\1.bin\65barsvc.exe (COMPANYVERS_NAME)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SystemStoreService) -- C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe ()
SRV - (NitroReaderDriverReadSpool3) -- C:\Programme\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe (Nitro PDF Software)
SRV - (AVKWCtl) -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe (G Data Software AG)
SRV - (ClassicShellService) -- C:\Programme\Classic Shell\ClassicShellService.exe (IvoSoft)
SRV - (BingDesktopUpdate) -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe (Microsoft Corp.)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (AVKProxy) -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG)
SRV - (GDFwSvc) -- C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe (G Data Software AG)
SRV - (GDScan) -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG)
SRV - (AVKService) -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe (G Data Software AG)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (RichVideo64) -- C:\Programme\CyberLink\Shared files\RichVideo64.exe ()
SRV - (simptcp) -- C:\Windows\SysWOW64\TCPSVCS.EXE (Microsoft Corporation)
SRV - (SNMP) -- C:\Windows\SysWOW64\snmp.exe (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (WAS) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (W3SVC) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (AppHostSvc) -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
SRV - (Secunia PSI Agent) -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe (Secunia)
SRV - (Secunia Update Agent) -- C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
SRV - (ForceWare Intelligent Application Manager (IAM) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe ()
SRV - (nSvcIp) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe ()
SRV - (osppsvc) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (ose64) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (DfSdkS) -- C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\DfsdkS.exe (mst software GmbH, Germany)
SRV - (AdobeActiveFileMonitor6.0) -- C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe ()
SRV - (ProtexisLicensing) -- C:\Windows\SysWOW64\PSIService.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (GRD) -- C:\Windows\SysNative\Drivers\GRD.sys (G Data Software)
DRV:64bit: - (gdwfpcd) -- C:\Windows\SysNative\Drivers\gdwfpcd64.sys (G Data Software AG)
DRV:64bit: - (GDMnIcpt) -- C:\Windows\SysNative\Drivers\MiniIcpt.sys (G Data Software AG)
DRV:64bit: - (HookCentre) -- C:\Windows\SysNative\Drivers\HookCentre.sys (G Data Software AG)
DRV:64bit: - (GDBehave) -- C:\Windows\SysNative\Drivers\GDBehave.sys (G Data Software AG)
DRV:64bit: - (GDPkIcpt) -- C:\Windows\SysNative\Drivers\PktIcpt.sys (G Data Software AG)
DRV:64bit: - (SWDUMon) -- C:\Windows\SysNative\Drivers\SWDUMon.sys ()
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\Drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\Drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\Drivers\sptd.sys (Duplex Secure Ltd.)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\Drivers\ETD.sys (ELAN Microelectronics Corp.)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\Drivers\athw8x.sys (Qualcomm Atheros Communications, Inc.)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\Drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\Drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV:64bit: - (NVNET) -- C:\Windows\SysNative\Drivers\nvmf6264.sys (NVIDIA Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (gfibto) -- C:\Windows\SysNative\Drivers\gfibto.sys (GFI Software)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\Drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (gfiark) -- C:\Windows\SysNative\Drivers\gfiark.sys (GFI Software)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (MQAC) -- C:\Windows\SysNative\Drivers\mqac.sys (Microsoft Corporation)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\Drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (Vid) -- C:\Windows\SysNative\Drivers\Vid.sys (Microsoft Corporation)
DRV:64bit: - (storvsp) -- C:\Windows\SysNative\Drivers\storvsp.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (vmbusr) -- C:\Windows\SysNative\Drivers\vmbusr.sys (Microsoft Corporation)
DRV:64bit: - (vpcivsp) -- C:\Windows\SysNative\Drivers\vpcivsp.sys (Microsoft Corporation)
DRV:64bit: - (RMCAST) -- C:\Windows\SysNative\Drivers\rmcast.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (andnetadb) -- C:\Windows\SysNative\Drivers\lgandnetadb.sys (Google Inc)
DRV:64bit: - (ANDNetModem) -- C:\Windows\SysNative\Drivers\lgandnetmodem64.sys (LG Electronics Inc.)
DRV:64bit: - (AndNetDiag) -- C:\Windows\SysNative\Drivers\lgandnetdiag64.sys (LG Electronics Inc.)
DRV:64bit: - (LPCFilter) -- C:\Windows\SysNative\Drivers\LPCFilter.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (USBModem) -- C:\Windows\SysNative\Drivers\lgx64modem.sys (LG Electronics Inc.)
DRV:64bit: - (UsbDiag) -- C:\Windows\SysNative\Drivers\lgx64diag.sys (LG Electronics Inc.)
DRV:64bit: - (usbbus) -- C:\Windows\SysNative\Drivers\lgx64bus.sys (LG Electronics Inc.)
DRV:64bit: - (MxEFUF) -- C:\Windows\SysNative\Drivers\MxEFUF64.sys (Matrox Graphics Inc.)
DRV:64bit: - (regi) -- C:\Windows\SysNative\Drivers\regi.sys (InterVideo)
DRV:64bit: - (PSI) -- C:\Windows\SysNative\Drivers\psi_mf.sys (Secunia)
DRV:64bit: - (XUIF) -- C:\Windows\SysNative\Drivers\x10ufx2.sys (X10 Wireless Technology, Inc.)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = about:newtab
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = about:newtab
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = about:newtab
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{83A37814-D9DF-4FBB-814C-6BE00D227B48}: "URL" = hxxp://search.certified-toolbar.com?si=46364&st=bs&tid=3869&ver=3.2&ts=1370707150399&tguid=46364-3869-1370707150399-65824477116CA2415AE5942F28A728D0&q={searchTerms}
IE - HKLM\..\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}: "URL" = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^HJ^xdm255^YY^de&si=CMOt7MuTk7cCFZLKtAodLiEA-w&ptb=1A1D9FAA-C908-4CD3-A27D-9D256F5C47C2&ind=2013051309&n=77fcb9ad&psa=&st=sb&searchfor={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 84 C7 E5 17 19 DF CD 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page =
IE - HKCU\..\URLSearchHook: {4c60e5ab-5c68-4c59-abaa-885010b24b32} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {83A37814-D9DF-4FBB-814C-6BE00D227B48}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\..\SearchScopes\{105C51F9-9778-4686-815B-9A845D78F82C}: "URL" = hxxp://blekko.com/ws/?source=5f97ddbe&tbp=rbox&u=5450479400000000000012224354fec1&q={searchTerms}&r=279
IE - HKCU\..\SearchScopes\{695A8050-B0AF-4395-8680-B169BEE78F03}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3282494&CUI=UN19012636752030930&UM=1
IE - HKCU\..\SearchScopes\{83A37814-D9DF-4FBB-814C-6BE00D227B48}: "URL" = hxxp://www.bing.com/search?FORM=UP93DF&PC=UP93&dt=061013&q={searchTerms}&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}: "URL" = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^HJ^xdm255^YY^de&si=CMOt7MuTk7cCFZLKtAodLiEA-w&ptb=1A1D9FAA-C908-4CD3-A27D-9D256F5C47C2&ind=2013051309&n=77fcb9ad&psa=&st=sb&searchfor={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://comcenter.netcologne.de/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Plus Web Player Plug-In,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013.05.31 09:07:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.05.14 17:28:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.06.12 16:52:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.05.18 18:08:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2013.06.12 16:52:04 | 000,000,000 | ---D | M]
 
[2013.05.04 09:34:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Extensions
[2013.06.11 13:15:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\3katwwvs.default\extensions
[2013.06.11 13:15:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\3katwwvs.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
[2013.05.14 17:28:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2013.05.14 17:28:25 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.msn.com/?pc=UP93&ocid=UP93DHP&dt=061013
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\pdf.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll
CHR - plugin: Error reading preferences file
CHR - Extension: Google Drive = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google-Suche = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Mehr Leistung und Videoformate fr dein HTML5 video = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0\
CHR - Extension: Google Mail = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2013.04.09 02:37:14 | 000,446,305 | R--- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O1 - Hosts: 127.0.0.1        www.007guard.com
O1 - Hosts: 127.0.0.1        007guard.com
O1 - Hosts: 127.0.0.1        008i.com
O1 - Hosts: 127.0.0.1        www.008k.com
O1 - Hosts: 127.0.0.1        008k.com
O1 - Hosts: 127.0.0.1        www.00hq.com
O1 - Hosts: 127.0.0.1        00hq.com
O1 - Hosts: 127.0.0.1        010402.com
O1 - Hosts: 127.0.0.1        www.032439.com
O1 - Hosts: 127.0.0.1        032439.com
O1 - Hosts: 127.0.0.1        www.0scan.com
O1 - Hosts: 127.0.0.1        0scan.com
O1 - Hosts: 127.0.0.1        www.1000gratisproben.com
O1 - Hosts: 127.0.0.1        1000gratisproben.com
O1 - Hosts: 127.0.0.1        1001namen.com
O1 - Hosts: 127.0.0.1        www.1001namen.com
O1 - Hosts: 127.0.0.1        100888290cs.com
O1 - Hosts: 127.0.0.1        www.100888290cs.com
O1 - Hosts: 127.0.0.1        www.100sexlinks.com
O1 - Hosts: 127.0.0.1        100sexlinks.com
O1 - Hosts: 127.0.0.1        www.10sek.com
O1 - Hosts: 127.0.0.1        10sek.com
O1 - Hosts: 127.0.0.1        www.1-2005-search.com
O1 - Hosts: 127.0.0.1        1-2005-search.com
O1 - Hosts: 127.0.0.1        www.123fporn.info
O1 - Hosts: 15324 more lines...
O2:64bit: - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Programme\Classic Shell\ClassicExplorer64.dll (IvoSoft)
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (ClassicIE9BHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Programme\Classic Shell\ClassicIE9DLL_64.dll (IvoSoft)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Programme\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Toolbar BHO) - {a235e1e3-6296-4710-af39-104a7faa6c7c} - C:\PROGRA~2\FROMDO~2\bar\1.bin\65bar.dll (MindSpark)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (ClassicIE9BHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Programme\Classic Shell\ClassicIE9DLL_32.dll (IvoSoft)
O2 - BHO: (Search Assistant BHO) - {f236ca79-3123-4afb-9f74-e98117ad5625} - C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65SrcAs.dll (MindSpark)
O3:64bit: - HKLM\..\Toolbar: (no name) - {0124123D-61B4-456f-AF86-78C53A0790C5} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Programme\Classic Shell\ClassicExplorer64.dll (IvoSoft)
O3 - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Programme\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O3 - HKLM\..\Toolbar: (FromDocToPDF) - {c66a678d-5e6c-4af9-8f57-c6192f42cf74} - C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65bar.dll (MindSpark)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {5786D022-540E-4699-B350-B4BE0AE94B79} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\Alps\GlidePoint\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [FromDocToPDF Home Page Guard 64 bit] "C:\PROGRA~2\FROMDO~2\bar\1.bin\AppIntegrator64.exe" File not found
O4:64bit: - HKLM..\Run: [MsmqIntCert] C:\WINDOWS\SysNative\mqrt.dll (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [BingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe (Microsoft Corp.)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [FromDocToPDF Search Scope Monitor] "C:\PROGRA~2\FROMDO~2\bar\1.bin\65srchmn.exe" /m=2 /w /h File not found
O4 - HKLM..\Run: [FromDocToPDF_65 Browser Plugin Loader] C:\PROGRA~2\FROMDO~2\bar\1.bin\65brmon.exe (VER_COMPANY_NAME)
O4 - HKLM..\Run: [G Data AntiVirus Tray] C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG)
O4 - HKLM..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (G Data Software AG)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [Ulead AutoDetector v2] C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe (Ulead Systems, Inc.)
O4 - HKCU..\Run: [DriverMax] C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe (Innovative Solutions)
O4 - HKCU..\Run: [DriverMax_RESTART] C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe (Innovative Solutions)
O4 - HKCU..\Run: [FileHippo.com] C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKCU..\Run: [Spybot-S&D Cleaning] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [StartMenuX] C:\Programme\Start Menu X\StartMenuX.exe (OrdinarySoft)
O4 - Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk = C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O8:64bit: - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Classic IE9 Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Programme\Classic Shell\ClassicIE9_32.exe (IvoSoft)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Classic IE9 Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Programme\Classic Shell\ClassicIE9_32.exe (IvoSoft)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000019 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000020 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (NVIDIA Smart Scan)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9BB74F8C-7AA9-45FE-9694-463B95EB47C5}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~4\Wincert\WIN64C~1.DLL) - C:\ProgramData\Wincert\win64cert.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe) - c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{1cf985d4-a6b6-11e2-80af-00222002dc27}\Shell - "" = AutoRun
O33 - MountPoints2\{1cf985d4-a6b6-11e2-80af-00222002dc27}\Shell\AutoRun\command - "" = "F:\LGAutoRun.exe"
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: x64 - (C:\Program Files (x86)\Search Results Toolbar\Datamngr\x64\apcrtldr.dll) -  File not found
O36 - AppCertDlls: x86 - (C:\Program Files (x86)\Search Results Toolbar\Datamngr\apcrtldr.dll) -  File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.06.14 15:58:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digeus
[2013.06.14 15:58:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Digeus
[2013.06.14 15:42:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FromDocToPDF_65
[2013.06.14 14:40:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartPCFixer
[2013.06.14 14:40:41 | 000,000,000 | ---D | C] -- C:\Program Files\SmartPCFixer
[2013.06.14 01:13:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Covus Freemium
[2013.06.14 01:13:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Covus Freemium
[2013.06.13 10:17:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013.06.13 10:17:38 | 000,000,000 | ---D | C] -- C:\JRT
[2013.06.13 01:43:35 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2013.06.13 01:10:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2013.06.12 22:51:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bing-Desktop
[2013.06.12 16:54:24 | 000,029,712 | ---- | C] (Nitro PDF Software) -- C:\WINDOWS\SysNative\nitrolocalmon2.dll
[2013.06.12 16:54:24 | 000,017,936 | ---- | C] (Nitro PDF Software) -- C:\WINDOWS\SysNative\nitrolocalui2.dll
[2013.06.12 16:54:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nitro
[2013.06.12 16:54:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nitro
[2013.06.12 16:54:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nitro
[2013.06.12 09:26:09 | 000,107,128 | ---- | C] (G Data Software) -- C:\WINDOWS\SysNative\drivers\GRD.sys
[2013.06.11 17:07:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data InternetSecurity 2014
[2013.06.11 16:57:03 | 000,064,824 | ---- | C] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\PktIcpt.sys
[2013.06.11 16:56:23 | 000,068,408 | ---- | C] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\gdwfpcd64.sys
[2013.06.11 16:56:19 | 000,130,392 | ---- | C] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\MiniIcpt.sys
[2013.06.11 16:56:19 | 000,065,368 | ---- | C] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\HookCentre.sys
[2013.06.11 16:56:19 | 000,060,248 | ---- | C] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\GDBehave.sys
[2013.06.11 16:52:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\G Data
[2013.06.11 13:00:51 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Corel
[2013.06.10 20:33:18 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Wise Registry Cleaner
[2013.06.10 20:32:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Registry Cleaner
[2013.06.10 20:32:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wise
[2013.06.08 18:04:01 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Freemium
[2013.06.08 17:58:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SoftwareUpdater
[2013.06.08 17:58:56 | 000,000,000 | ---D | C] -- C:\ProgramData\FreeSystemUtilities
[2013.06.08 17:58:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2013.06.06 21:13:32 | 000,524,016 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\drivers\SynTP.sys
[2013.06.06 21:13:32 | 000,264,432 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynTPAPI.dll
[2013.06.06 21:13:32 | 000,192,240 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynTPCo19.dll
[2013.06.06 21:13:32 | 000,151,280 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysWow64\SynTPCom.dll
[2013.06.06 21:13:26 | 000,351,984 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysWow64\SynCom.dll
[2013.06.06 11:54:34 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\MrJobs
[2013.05.29 10:47:47 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2013.05.29 10:46:59 | 000,192,240 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynTPCo18.dll
[2013.05.28 11:39:19 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013.05.28 10:12:40 | 003,786,752 | ---- | C] (Qualcomm Atheros Communications, Inc.) -- C:\WINDOWS\SysNative\drivers\athw8x.sys
[2013.05.28 09:58:58 | 000,819,440 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynCOM.dll
[2013.05.26 21:01:39 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\elsterformular
[2013.05.26 21:00:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
[2013.05.26 21:00:51 | 000,000,000 | ---D | C] -- C:\ProgramData\elsterformular
[2013.05.26 21:00:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ElsterFormular
[2013.05.23 01:56:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2013.05.23 01:56:41 | 000,017,272 | ---- | C] (Safer Networking Limited) -- C:\WINDOWS\SysNative\sdnclean64.exe
[2013.05.21 21:08:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IsoBuster
[2013.05.21 21:08:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Smart Projects
[2013.05.18 18:08:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2013.05.17 18:31:40 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Ashampoo Slideshow Studio 2012
[2013.05.17 01:15:36 | 000,000,000 | -H-D | C] -- C:\ProgramData\{C9F60138-EDD0-4FE6-997C-6A42B5D7A85D}
[2013.05.17 01:13:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AquaSoft
[2013.05.17 01:13:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AquaSoft
[2013.05.16 11:42:40 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\VideoPad Projekte
[2013.05.12 17:32:48 | 007,760,687 | ---- | C] (Boraxsoft) -- C:\Users\Admin\AppData\Roaming\SetupGFD.exe
[2013.05.12 17:32:38 | 005,514,668 | ---- | C] (LIGHTNING UK!) -- C:\Users\Admin\AppData\Roaming\Imgburn.exe
[2013.05.12 17:32:35 | 005,082,084 | ---- | C] (The Public) -- C:\Users\Admin\AppData\Roaming\Avisynth.exe
[2012.12.22 08:13:42 | 002,174,976 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Program Files (x86)\Common Files\atimpenc.dll
[2 C:\Users\Admin\*.tmp files -> C:\Users\Admin\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.06.15 01:35:02 | 000,001,126 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.15 01:32:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.06.15 01:30:47 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.06.15 01:29:37 | 000,001,122 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.15 01:29:24 | 000,000,358 | ---- | M] () -- C:\WINDOWS\tasks\dsmonitor.job
[2013.06.15 01:28:39 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013.06.14 15:58:02 | 000,002,795 | ---- | M] () -- C:\Users\Public\Desktop\Digeus Junk Files Cleaner.lnk
[2013.06.14 14:40:52 | 000,000,864 | ---- | M] () -- C:\Users\Public\Desktop\SmartPCFixer.lnk
[2013.06.14 12:35:46 | 002,160,314 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2013.06.14 12:35:46 | 000,914,792 | ---- | M] () -- C:\WINDOWS\SysNative\perfh007.dat
[2013.06.14 12:35:46 | 000,844,608 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2013.06.14 12:35:46 | 000,217,756 | ---- | M] () -- C:\WINDOWS\SysNative\perfc007.dat
[2013.06.14 12:35:46 | 000,181,826 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2013.06.14 01:13:44 | 000,002,563 | ---- | M] () -- C:\Users\Public\Desktop\Free System Utilities.lnk
[2013.06.13 01:11:20 | 000,001,074 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013.06.12 22:40:22 | 000,477,288 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2013.06.12 16:54:23 | 000,002,007 | ---- | M] () -- C:\Users\Public\Desktop\Nitro Reader.lnk
[2013.06.12 15:59:19 | 000,000,308 | ---- | M] () -- C:\WINDOWS\tasks\AdvancedDriverUpdater_UPDATES.job
[2013.06.12 09:26:09 | 000,107,128 | ---- | M] (G Data Software) -- C:\WINDOWS\SysNative\drivers\GRD.sys
[2013.06.11 17:07:08 | 000,001,982 | ---- | M] () -- C:\Users\Public\Desktop\G Data InternetSecurity 2014.lnk
[2013.06.11 17:06:58 | 000,068,408 | ---- | M] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\gdwfpcd64.sys
[2013.06.11 17:06:57 | 000,130,392 | ---- | M] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\MiniIcpt.sys
[2013.06.11 17:06:57 | 000,065,368 | ---- | M] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\HookCentre.sys
[2013.06.11 17:06:57 | 000,060,248 | ---- | M] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\GDBehave.sys
[2013.06.11 16:57:03 | 000,064,824 | ---- | M] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\PktIcpt.sys
[2013.06.11 09:53:08 | 000,012,800 | ---- | M] () -- C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.06.10 20:39:35 | 000,003,628 | ---- | M] () -- C:\Users\Admin\Documents\cc_20130610_203842.reg
[2013.06.10 20:32:48 | 000,001,235 | ---- | M] () -- C:\Users\Public\Desktop\Wise Registry Cleaner.lnk
[2013.06.09 21:01:13 | 000,015,712 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\SWDUMon.sys
[2013.06.09 18:40:58 | 000,011,479 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2013.06.08 12:05:49 | 000,001,089 | ---- | M] () -- C:\Users\Public\Desktop\Advanced Driver Updater.lnk
[2013.06.06 21:13:32 | 000,524,016 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\drivers\SynTP.sys
[2013.06.06 21:13:32 | 000,264,432 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynTPAPI.dll
[2013.06.06 21:13:32 | 000,192,240 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynTPCo19.dll
[2013.06.06 21:13:32 | 000,151,280 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\SysWow64\SynTPCom.dll
[2013.06.06 21:13:26 | 000,351,984 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\SysWow64\SynCom.dll
[2013.06.06 21:13:25 | 000,819,440 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynCOM.dll
[2013.06.06 01:38:51 | 000,002,187 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.06.03 12:18:28 | 000,001,197 | ---- | M] () -- C:\Users\Public\Desktop\DriverScanner.lnk
[2013.05.31 09:07:15 | 000,001,579 | ---- | M] () -- C:\Users\Admin\Desktop\DivX Movies.lnk
[2013.05.31 09:06:55 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2013.05.31 09:06:37 | 000,001,160 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2013.05.29 10:46:59 | 000,192,240 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynTPCo18.dll
[2013.05.28 18:49:26 | 000,029,712 | ---- | M] (Nitro PDF Software) -- C:\WINDOWS\SysNative\nitrolocalmon2.dll
[2013.05.28 18:49:26 | 000,017,936 | ---- | M] (Nitro PDF Software) -- C:\WINDOWS\SysNative\nitrolocalui2.dll
[2013.05.28 11:39:42 | 000,000,826 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.05.28 11:33:07 | 000,001,977 | ---- | M] () -- C:\Users\Admin\Desktop\Update Checker.lnk
[2013.05.28 10:06:59 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2013.05.28 09:50:04 | 000,020,536 | ---- | M] () -- C:\WINDOWS\SysNative\nvinfo.pb
[2013.05.26 21:00:54 | 000,001,237 | ---- | M] () -- C:\Users\Public\Desktop\ElsterFormular.lnk
[2013.05.26 20:52:13 | 000,172,994 | ---- | M] () -- C:\Users\Admin\Documents\install_anleitung_elfo.pdf
[2013.05.23 01:56:46 | 000,001,387 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013.05.21 21:08:13 | 000,001,200 | ---- | M] () -- C:\Users\Admin\Desktop\IsoBuster.lnk
[2013.05.20 10:57:12 | 000,001,136 | ---- | M] () -- C:\Users\Public\Desktop\Prism Videodatei-Konverter.lnk
[2013.05.19 17:37:07 | 335,995,200 | ---- | M] () -- C:\Users\Admin\Documents\PowerDirector_2812_GM5.5_Patch_Patch_VDE130411-03.exe
[2013.05.18 11:04:46 | 000,000,959 | ---- | M] () -- C:\Users\Admin\Desktop\Diashow-Player.lnk
[2013.05.17 20:36:43 | 007,077,671 | ---- | M] () -- C:\Users\Admin\Meine Diashow.wmv
[2013.05.17 18:31:32 | 000,001,355 | ---- | M] () -- C:\Users\Public\Desktop\Ashampoo Slideshow Studio 2012.lnk
[2013.05.17 10:26:09 | 007,217,318 | ---- | M] () -- C:\Users\Admin\Documents\dvdr3570h_31_dfu_deu.pdf
[2013.05.17 01:28:59 | 009,687,294 | ---- | M] () -- C:\Users\Admin\Nilkreuzfahrt 2013.ads
[2013.05.17 01:15:33 | 000,001,087 | ---- | M] () -- C:\Users\Public\Desktop\DiaShow 8 Ultimate.lnk
[2013.05.17 01:13:26 | 001,640,788 | ---- | M] () -- C:\Users\Admin\Documents\DiaShowManager_de.pdf
[2 C:\Users\Admin\*.tmp files -> C:\Users\Admin\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.06.14 15:58:02 | 000,002,795 | ---- | C] () -- C:\Users\Public\Desktop\Digeus Junk Files Cleaner.lnk
[2013.06.14 14:40:52 | 000,000,864 | ---- | C] () -- C:\Users\Public\Desktop\SmartPCFixer.lnk
[2013.06.12 22:40:07 | 000,477,288 | ---- | C] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2013.06.12 22:16:53 | 000,386,646 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2013.06.12 16:54:23 | 000,002,007 | ---- | C] () -- C:\Users\Public\Desktop\Nitro Reader.lnk
[2013.06.12 16:54:22 | 000,002,499 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Reader 3.lnk
[2013.06.11 16:56:59 | 000,001,982 | ---- | C] () -- C:\Users\Public\Desktop\G Data InternetSecurity 2014.lnk
[2013.06.10 20:39:05 | 000,003,628 | ---- | C] () -- C:\Users\Admin\Documents\cc_20130610_203842.reg
[2013.06.10 20:32:48 | 000,001,235 | ---- | C] () -- C:\Users\Public\Desktop\Wise Registry Cleaner.lnk
[2013.06.08 17:59:53 | 000,023,624 | ---- | C] () -- C:\WINDOWS\Launcher.exe
[2013.06.08 17:58:57 | 000,002,563 | ---- | C] () -- C:\Users\Public\Desktop\Free System Utilities.lnk
[2013.05.29 11:00:30 | 000,465,645 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\RTAIODAT.DAT
[2013.05.28 10:06:59 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2013.05.26 21:00:54 | 000,001,237 | ---- | C] () -- C:\Users\Public\Desktop\ElsterFormular.lnk
[2013.05.26 20:52:13 | 000,172,994 | ---- | C] () -- C:\Users\Admin\Documents\install_anleitung_elfo.pdf
[2013.05.23 01:56:46 | 000,001,399 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2013.05.23 01:56:46 | 000,001,387 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013.05.21 21:08:13 | 000,001,200 | ---- | C] () -- C:\Users\Admin\Desktop\IsoBuster.lnk
[2013.05.20 10:57:12 | 000,001,148 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prism Videodatei-Konverter.lnk
[2013.05.20 10:57:12 | 000,001,136 | ---- | C] () -- C:\Users\Public\Desktop\Prism Videodatei-Konverter.lnk
[2013.05.19 14:46:25 | 335,995,200 | ---- | C] () -- C:\Users\Admin\Documents\PowerDirector_2812_GM5.5_Patch_Patch_VDE130411-03.exe
[2013.05.17 20:35:10 | 007,077,671 | ---- | C] () -- C:\Users\Admin\Meine Diashow.wmv
[2013.05.17 18:31:32 | 000,001,355 | ---- | C] () -- C:\Users\Public\Desktop\Ashampoo Slideshow Studio 2012.lnk
[2013.05.17 10:26:08 | 007,217,318 | ---- | C] () -- C:\Users\Admin\Documents\dvdr3570h_31_dfu_deu.pdf
[2013.05.17 01:28:56 | 009,687,294 | ---- | C] () -- C:\Users\Admin\Nilkreuzfahrt 2013.ads
[2013.05.17 01:15:33 | 000,001,087 | ---- | C] () -- C:\Users\Public\Desktop\DiaShow 8 Ultimate.lnk
[2013.05.17 01:13:25 | 001,640,788 | ---- | C] () -- C:\Users\Admin\Documents\DiaShowManager_de.pdf
[2013.05.12 17:32:46 | 005,243,208 | ---- | C] (                                                            ) -- C:\Users\Admin\AppData\Roaming\AvsP.exe
[2013.05.12 17:32:43 | 001,357,348 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\MatroskaSplitter.exe
[2013.05.12 17:32:40 | 000,117,723 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\yuvcodecs-1.3.exe
[2013.05.11 19:30:23 | 000,000,196 | ---- | C] () -- C:\WINDOWS\ulead32.ini
[2013.04.09 02:32:45 | 000,011,479 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2013.03.17 18:21:19 | 000,012,800 | ---- | C] () -- C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.01.29 03:58:17 | 002,079,580 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2012.12.31 00:46:12 | 000,000,209 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012.12.27 18:56:29 | 000,000,026 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2012.12.24 01:15:29 | 001,035,321 | ---- | C] () -- C:\WINDOWS\SysWow64\sig.bin
[2012.12.22 12:53:43 | 000,020,992 | ---- | C] () -- C:\WINDOWS\SysWow64\NC_INST.DLL
[2012.12.21 04:20:35 | 000,246,862 | ---- | C] () -- C:\WINDOWS\hpoins40.dat
[2012.12.21 04:20:35 | 000,000,909 | ---- | C] () -- C:\WINDOWS\hpomdl40.dat
[2012.12.21 02:36:27 | 000,083,968 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2012.07.26 10:13:10 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2012.07.26 10:13:09 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2012.07.26 09:21:26 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012.07.26 03:17:42 | 000,043,520 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2012.07.25 22:37:29 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2012.07.25 22:28:31 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2012.06.02 16:31:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2011.10.08 13:02:40 | 000,001,024 | ---- | C] () -- C:\Users\Admin\.rnd
 
========== ZeroAccess Check ==========
 
[2012.12.24 01:21:30 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.03.06 08:31:28 | 019,758,592 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.03.06 07:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013.01.28 17:46:45 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\6Wunderkinder
[2012.12.23 01:26:17 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\ACD Systems
[2013.05.10 17:56:29 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Anvsoft
[2013.05.10 18:36:53 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\AquaSoft
[2012.12.27 09:14:31 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Ashampoo
[2013.05.17 18:31:40 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Ashampoo Slideshow Studio 2012
[2012.12.25 12:11:23 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Audacity
[2012.12.27 09:27:07 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Canneverbe Limited
[2012.12.31 01:25:12 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013.06.12 16:53:51 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Downloaded Installations
[2013.02.18 12:00:55 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\driveridentifier
[2013.02.19 02:57:53 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Drivers For Free
[2013.02.17 21:05:18 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DriverSleuth
[2013.03.15 18:13:09 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DriverTurbo
[2012.12.21 06:20:27 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DVDVideoSoft
[2013.02.18 06:03:45 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Easeware
[2013.05.26 21:01:41 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\elsterformular
[2012.12.22 21:05:20 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\FileOpen
[2013.02.25 10:43:36 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\GHISLER
[2013.01.12 02:10:00 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\GlarySoft
[2012.12.28 17:45:18 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\hdbADS
[2013.05.13 11:23:46 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\IN-MEDIAKG
[2013.05.14 10:30:31 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\IrfanView
[2013.04.09 18:20:11 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\K-Pacs-Lite
[2013.02.05 18:32:20 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Leadertech
[2013.04.16 19:54:56 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\LG Electronics
[2012.12.30 12:34:34 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\MOVAVI
[2013.05.14 12:37:07 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\mresreg
[2013.06.06 11:54:34 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\MrJobs
[2012.12.22 21:05:20 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Nitro
[2013.05.12 21:22:21 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Nitro PDF
[2012.12.30 15:40:50 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\No Company Name
[2012.12.21 02:45:03 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Opera
[2012.12.22 12:19:23 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\RoboForm
[2013.01.21 12:11:24 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\StartMenuX
[2013.02.21 16:59:01 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Systweak
[2012.12.22 17:32:02 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\TestApp
[2012.12.21 06:05:02 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Thunderbird
[2012.12.23 03:00:10 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\TuneUp Software
[2013.05.11 19:32:43 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Ulead Systems
[2013.06.07 00:42:44 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Uniblue
[2013.05.14 17:29:11 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\uTorrent
[2013.06.10 20:54:38 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Wise Registry Cleaner
[2012.12.30 12:50:45 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Xilisoft
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< C:\Windows\system32\tasks\*.* >
[2012.07.26 09:22:10 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2012.12.21 06:08:56 | 000,001,122 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2012.12.21 06:08:59 | 000,001,126 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2012.12.23 03:27:46 | 000,000,884 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2013.02.21 16:59:17 | 000,000,308 | ---- | C] () -- C:\WINDOWS\Tasks\AdvancedDriverUpdater_UPDATES.job
[2013.03.11 04:55:04 | 000,000,358 | ---- | C] () -- C:\WINDOWS\Tasks\dsmonitor.job
[2013.03.26 04:23:13 | 000,000,424 | ---- | C] () -- C:\WINDOWS\Tasks\DriverEasy Scheduled Scan.job
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:DFC5A2B2

< End of report >
--- --- ---

schrauber 15.06.2013 09:28
Gleiches bitte nochmal mit

Zitat:
C:\Windows\tasks\*.*

luci4712 15.06.2013 10:58
beiliegend das gewünschte (C:\Windows\tasks\*.* )OTL Logfile:
Code:
OTL logfile created on: 15.06.2013 11:35:47 - Run 4
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\Admin\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16599)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,75 Gb Total Physical Memory | 1,57 Gb Available Physical Memory | 41,98% Memory free
4,44 Gb Paging File | 1,88 Gb Available in Paging File | 42,35% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 278,33 Gb Total Space | 32,68 Gb Free Space | 11,74% Space Free | Partition Type: NTFS
Drive D: | 19,76 Gb Total Space | 9,04 Gb Free Space | 45,77% Space Free | Partition Type: NTFS
 
Computer Name: ADMIN-PC | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\PROGRA~2\FROMDO~2\bar\1.bin\65barsvc.exe (COMPANYVERS_NAME)
PRC - C:\Users\Admin\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Classic Shell\ClassicShellService.exe (IvoSoft)
PRC - C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe (Microsoft Corp.)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG)
PRC - C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG)
PRC - C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG)
PRC - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe (G Data Software AG)
PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Programme\SmartPCFixer\SmartPcFixer.exe ()
PRC - C:\Program Files (x86)\ACD Systems\ACDSee\14.0\ACDSeeInTouch2.exe (ACD Systems)
PRC - C:\Program Files (x86)\Secunia\PSI\PSIA.exe (Secunia)
PRC - C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
PRC - C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe ()
PRC - C:\Windows\SysWOW64\PSIService.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Programme\SmartPCFixer\SmartPcFixer.exe ()
MOD - C:\Programme\SmartPCFixer\WindowsUpdateDll.dll ()
MOD - C:\Programme\SmartPCFixer\sysTool.dll ()
MOD - C:\Programme\SmartPCFixer\sysFix.dll ()
MOD - C:\Programme\SmartPCFixer\sysback.dll ()
MOD - C:\Programme\SmartPCFixer\RegMan.dll ()
MOD - C:\Programme\SmartPCFixer\RegisterLib.dll ()
MOD - C:\Programme\SmartPCFixer\RegisterCleanDll.dll ()
MOD - C:\Programme\SmartPCFixer\IEMan.dll ()
MOD - C:\Programme\SmartPCFixer\EvidenceMan.dll ()
MOD - C:\Programme\SmartPCFixer\DiskDefrag.dll ()
MOD - C:\Programme\SmartPCFixer\Common.dll ()
MOD - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (WMSVC) -- C:\Windows\SysNative\inetsrv\WMSvc.exe (Microsoft Corporation)
SRV:64bit: - (TlntSvr) -- C:\Windows\SysNative\tlntsvr.exe (Microsoft Corporation)
SRV:64bit: - (simptcp) -- C:\Windows\SysNative\TCPSVCS.EXE (Microsoft Corporation)
SRV:64bit: - (SNMP) -- C:\Windows\SysNative\snmp.exe (Microsoft Corporation)
SRV:64bit: - (MSMQTriggers) -- C:\Windows\SysNative\mqtgsvc.exe (Microsoft Corporation)
SRV:64bit: - (MSMQ) -- C:\Windows\SysNative\mqsvc.exe (Microsoft Corporation)
SRV:64bit: - (IISADMIN) -- C:\Windows\SysNative\inetsrv\inetinfo.exe (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (LPDSVC) -- C:\Windows\SysNative\lpdsvc.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (iprip) -- C:\Windows\SysNative\iprip.dll (Microsoft Corporation)
SRV:64bit: - (ftpsvc) -- C:\Windows\SysNative\inetsrv\ftpsvc.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (DsRoleSvc) -- C:\Windows\SysNative\dsrolesrv.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV - (FromDocToPDF_65Service) -- C:\PROGRA~2\FROMDO~2\bar\1.bin\65barsvc.exe (COMPANYVERS_NAME)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SystemStoreService) -- C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe ()
SRV - (NitroReaderDriverReadSpool3) -- C:\Programme\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe (Nitro PDF Software)
SRV - (AVKWCtl) -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe (G Data Software AG)
SRV - (ClassicShellService) -- C:\Programme\Classic Shell\ClassicShellService.exe (IvoSoft)
SRV - (BingDesktopUpdate) -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe (Microsoft Corp.)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (AVKProxy) -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG)
SRV - (GDFwSvc) -- C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe (G Data Software AG)
SRV - (GDScan) -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG)
SRV - (AVKService) -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe (G Data Software AG)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (RichVideo64) -- C:\Programme\CyberLink\Shared files\RichVideo64.exe ()
SRV - (simptcp) -- C:\Windows\SysWOW64\TCPSVCS.EXE (Microsoft Corporation)
SRV - (SNMP) -- C:\Windows\SysWOW64\snmp.exe (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (WAS) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (W3SVC) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (AppHostSvc) -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
SRV - (Secunia PSI Agent) -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe (Secunia)
SRV - (Secunia Update Agent) -- C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
SRV - (ForceWare Intelligent Application Manager (IAM) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe ()
SRV - (nSvcIp) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe ()
SRV - (osppsvc) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (ose64) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (DfSdkS) -- C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\DfsdkS.exe (mst software GmbH, Germany)
SRV - (AdobeActiveFileMonitor6.0) -- C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe ()
SRV - (ProtexisLicensing) -- C:\Windows\SysWOW64\PSIService.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (GRD) -- C:\Windows\SysNative\Drivers\GRD.sys (G Data Software)
DRV:64bit: - (gdwfpcd) -- C:\Windows\SysNative\Drivers\gdwfpcd64.sys (G Data Software AG)
DRV:64bit: - (GDMnIcpt) -- C:\Windows\SysNative\Drivers\MiniIcpt.sys (G Data Software AG)
DRV:64bit: - (HookCentre) -- C:\Windows\SysNative\Drivers\HookCentre.sys (G Data Software AG)
DRV:64bit: - (GDBehave) -- C:\Windows\SysNative\Drivers\GDBehave.sys (G Data Software AG)
DRV:64bit: - (GDPkIcpt) -- C:\Windows\SysNative\Drivers\PktIcpt.sys (G Data Software AG)
DRV:64bit: - (SWDUMon) -- C:\Windows\SysNative\Drivers\SWDUMon.sys ()
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\Drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\Drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\Drivers\sptd.sys (Duplex Secure Ltd.)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\Drivers\ETD.sys (ELAN Microelectronics Corp.)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\Drivers\athw8x.sys (Qualcomm Atheros Communications, Inc.)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\Drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\Drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV:64bit: - (NVNET) -- C:\Windows\SysNative\Drivers\nvmf6264.sys (NVIDIA Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (gfibto) -- C:\Windows\SysNative\Drivers\gfibto.sys (GFI Software)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\Drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (gfiark) -- C:\Windows\SysNative\Drivers\gfiark.sys (GFI Software)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (MQAC) -- C:\Windows\SysNative\Drivers\mqac.sys (Microsoft Corporation)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\Drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (Vid) -- C:\Windows\SysNative\Drivers\Vid.sys (Microsoft Corporation)
DRV:64bit: - (storvsp) -- C:\Windows\SysNative\Drivers\storvsp.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (vmbusr) -- C:\Windows\SysNative\Drivers\vmbusr.sys (Microsoft Corporation)
DRV:64bit: - (vpcivsp) -- C:\Windows\SysNative\Drivers\vpcivsp.sys (Microsoft Corporation)
DRV:64bit: - (RMCAST) -- C:\Windows\SysNative\Drivers\rmcast.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (andnetadb) -- C:\Windows\SysNative\Drivers\lgandnetadb.sys (Google Inc)
DRV:64bit: - (ANDNetModem) -- C:\Windows\SysNative\Drivers\lgandnetmodem64.sys (LG Electronics Inc.)
DRV:64bit: - (AndNetDiag) -- C:\Windows\SysNative\Drivers\lgandnetdiag64.sys (LG Electronics Inc.)
DRV:64bit: - (LPCFilter) -- C:\Windows\SysNative\Drivers\LPCFilter.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (USBModem) -- C:\Windows\SysNative\Drivers\lgx64modem.sys (LG Electronics Inc.)
DRV:64bit: - (UsbDiag) -- C:\Windows\SysNative\Drivers\lgx64diag.sys (LG Electronics Inc.)
DRV:64bit: - (usbbus) -- C:\Windows\SysNative\Drivers\lgx64bus.sys (LG Electronics Inc.)
DRV:64bit: - (MxEFUF) -- C:\Windows\SysNative\Drivers\MxEFUF64.sys (Matrox Graphics Inc.)
DRV:64bit: - (regi) -- C:\Windows\SysNative\Drivers\regi.sys (InterVideo)
DRV:64bit: - (PSI) -- C:\Windows\SysNative\Drivers\psi_mf.sys (Secunia)
DRV:64bit: - (XUIF) -- C:\Windows\SysNative\Drivers\x10ufx2.sys (X10 Wireless Technology, Inc.)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = about:newtab
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = about:newtab
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = about:newtab
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{83A37814-D9DF-4FBB-814C-6BE00D227B48}: "URL" = hxxp://search.certified-toolbar.com?si=46364&st=bs&tid=3869&ver=3.2&ts=1370707150399&tguid=46364-3869-1370707150399-65824477116CA2415AE5942F28A728D0&q={searchTerms}
IE - HKLM\..\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}: "URL" = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^HJ^xdm255^YY^de&si=CMOt7MuTk7cCFZLKtAodLiEA-w&ptb=1A1D9FAA-C908-4CD3-A27D-9D256F5C47C2&ind=2013051309&n=77fcb9ad&psa=&st=sb&searchfor={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 84 C7 E5 17 19 DF CD 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page =
IE - HKCU\..\URLSearchHook: {4c60e5ab-5c68-4c59-abaa-885010b24b32} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {83A37814-D9DF-4FBB-814C-6BE00D227B48}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\..\SearchScopes\{105C51F9-9778-4686-815B-9A845D78F82C}: "URL" = hxxp://blekko.com/ws/?source=5f97ddbe&tbp=rbox&u=5450479400000000000012224354fec1&q={searchTerms}&r=279
IE - HKCU\..\SearchScopes\{695A8050-B0AF-4395-8680-B169BEE78F03}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3282494&CUI=UN19012636752030930&UM=1
IE - HKCU\..\SearchScopes\{83A37814-D9DF-4FBB-814C-6BE00D227B48}: "URL" = hxxp://www.bing.com/search?FORM=UP93DF&PC=UP93&dt=061013&q={searchTerms}&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}: "URL" = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^HJ^xdm255^YY^de&si=CMOt7MuTk7cCFZLKtAodLiEA-w&ptb=1A1D9FAA-C908-4CD3-A27D-9D256F5C47C2&ind=2013051309&n=77fcb9ad&psa=&st=sb&searchfor={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://comcenter.netcologne.de/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Plus Web Player Plug-In,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013.05.31 09:07:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.05.14 17:28:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.06.12 16:52:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.05.18 18:08:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2013.06.12 16:52:04 | 000,000,000 | ---D | M]
 
[2013.05.04 09:34:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Extensions
[2013.06.11 13:15:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\3katwwvs.default\extensions
[2013.06.11 13:15:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\3katwwvs.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
[2013.05.14 17:28:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2013.05.14 17:28:25 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.msn.com/?pc=UP93&ocid=UP93DHP&dt=061013
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\pdf.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll
CHR - plugin: Error reading preferences file
CHR - Extension: Google Drive = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google-Suche = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Mehr Leistung und Videoformate fr dein HTML5 video = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0\
CHR - Extension: Google Mail = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2013.04.09 02:37:14 | 000,446,305 | R--- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O1 - Hosts: 127.0.0.1        www.007guard.com
O1 - Hosts: 127.0.0.1        007guard.com
O1 - Hosts: 127.0.0.1        008i.com
O1 - Hosts: 127.0.0.1        www.008k.com
O1 - Hosts: 127.0.0.1        008k.com
O1 - Hosts: 127.0.0.1        www.00hq.com
O1 - Hosts: 127.0.0.1        00hq.com
O1 - Hosts: 127.0.0.1        010402.com
O1 - Hosts: 127.0.0.1        www.032439.com
O1 - Hosts: 127.0.0.1        032439.com
O1 - Hosts: 127.0.0.1        www.0scan.com
O1 - Hosts: 127.0.0.1        0scan.com
O1 - Hosts: 127.0.0.1        www.1000gratisproben.com
O1 - Hosts: 127.0.0.1        1000gratisproben.com
O1 - Hosts: 127.0.0.1        1001namen.com
O1 - Hosts: 127.0.0.1        www.1001namen.com
O1 - Hosts: 127.0.0.1        100888290cs.com
O1 - Hosts: 127.0.0.1        www.100888290cs.com
O1 - Hosts: 127.0.0.1        www.100sexlinks.com
O1 - Hosts: 127.0.0.1        100sexlinks.com
O1 - Hosts: 127.0.0.1        www.10sek.com
O1 - Hosts: 127.0.0.1        10sek.com
O1 - Hosts: 127.0.0.1        www.1-2005-search.com
O1 - Hosts: 127.0.0.1        1-2005-search.com
O1 - Hosts: 127.0.0.1        www.123fporn.info
O1 - Hosts: 15324 more lines...
O2:64bit: - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Programme\Classic Shell\ClassicExplorer64.dll (IvoSoft)
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (ClassicIE9BHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Programme\Classic Shell\ClassicIE9DLL_64.dll (IvoSoft)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Programme\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Toolbar BHO) - {a235e1e3-6296-4710-af39-104a7faa6c7c} - C:\PROGRA~2\FROMDO~2\bar\1.bin\65bar.dll File not found
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (ClassicIE9BHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Programme\Classic Shell\ClassicIE9DLL_32.dll (IvoSoft)
O2 - BHO: (Search Assistant BHO) - {f236ca79-3123-4afb-9f74-e98117ad5625} - C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65SrcAs.dll (MindSpark)
O3:64bit: - HKLM\..\Toolbar: (no name) - {0124123D-61B4-456f-AF86-78C53A0790C5} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Programme\Classic Shell\ClassicExplorer64.dll (IvoSoft)
O3 - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Programme\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O3 - HKLM\..\Toolbar: (FromDocToPDF) - {c66a678d-5e6c-4af9-8f57-c6192f42cf74} - C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65bar.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {5786D022-540E-4699-B350-B4BE0AE94B79} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\Alps\GlidePoint\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [FromDocToPDF Home Page Guard 64 bit] "C:\PROGRA~2\FROMDO~2\bar\1.bin\AppIntegrator64.exe" File not found
O4:64bit: - HKLM..\Run: [MsmqIntCert] C:\WINDOWS\SysNative\mqrt.dll (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [BingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe (Microsoft Corp.)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [FromDocToPDF Search Scope Monitor] "C:\PROGRA~2\FROMDO~2\bar\1.bin\65srchmn.exe" /m=2 /w /h File not found
O4 - HKLM..\Run: [FromDocToPDF_65 Browser Plugin Loader] C:\PROGRA~2\FROMDO~2\bar\1.bin\65brmon.exe (VER_COMPANY_NAME)
O4 - HKLM..\Run: [G Data AntiVirus Tray] C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG)
O4 - HKLM..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (G Data Software AG)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [Ulead AutoDetector v2] C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe (Ulead Systems, Inc.)
O4 - HKCU..\Run: [DriverMax] C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe (Innovative Solutions)
O4 - HKCU..\Run: [DriverMax_RESTART] C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe (Innovative Solutions)
O4 - HKCU..\Run: [FileHippo.com] C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKCU..\Run: [Spybot-S&D Cleaning] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [StartMenuX] C:\Programme\Start Menu X\StartMenuX.exe (OrdinarySoft)
O4 - Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk = C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O8:64bit: - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Classic IE9 Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Programme\Classic Shell\ClassicIE9_32.exe (IvoSoft)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Classic IE9 Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Programme\Classic Shell\ClassicIE9_32.exe (IvoSoft)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000019 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000020 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (NVIDIA Smart Scan)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9BB74F8C-7AA9-45FE-9694-463B95EB47C5}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~4\Wincert\WIN64C~1.DLL) - C:\ProgramData\Wincert\win64cert.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe) - c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{1cf985d4-a6b6-11e2-80af-00222002dc27}\Shell - "" = AutoRun
O33 - MountPoints2\{1cf985d4-a6b6-11e2-80af-00222002dc27}\Shell\AutoRun\command - "" = "F:\LGAutoRun.exe"
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: x64 - (C:\Program Files (x86)\Search Results Toolbar\Datamngr\x64\apcrtldr.dll) -  File not found
O36 - AppCertDlls: x86 - (C:\Program Files (x86)\Search Results Toolbar\Datamngr\apcrtldr.dll) -  File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.06.14 15:58:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digeus
[2013.06.14 15:58:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Digeus
[2013.06.14 15:42:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FromDocToPDF_65
[2013.06.14 14:40:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartPCFixer
[2013.06.14 14:40:41 | 000,000,000 | ---D | C] -- C:\Program Files\SmartPCFixer
[2013.06.13 10:17:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013.06.13 10:17:38 | 000,000,000 | ---D | C] -- C:\JRT
[2013.06.13 01:43:35 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2013.06.13 01:10:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2013.06.12 22:51:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bing-Desktop
[2013.06.12 16:54:24 | 000,029,712 | ---- | C] (Nitro PDF Software) -- C:\WINDOWS\SysNative\nitrolocalmon2.dll
[2013.06.12 16:54:24 | 000,017,936 | ---- | C] (Nitro PDF Software) -- C:\WINDOWS\SysNative\nitrolocalui2.dll
[2013.06.12 16:54:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nitro
[2013.06.12 16:54:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nitro
[2013.06.12 16:54:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nitro
[2013.06.12 09:26:09 | 000,107,128 | ---- | C] (G Data Software) -- C:\WINDOWS\SysNative\drivers\GRD.sys
[2013.06.11 17:07:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data InternetSecurity 2014
[2013.06.11 16:57:03 | 000,064,824 | ---- | C] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\PktIcpt.sys
[2013.06.11 16:56:23 | 000,068,408 | ---- | C] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\gdwfpcd64.sys
[2013.06.11 16:56:19 | 000,130,392 | ---- | C] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\MiniIcpt.sys
[2013.06.11 16:56:19 | 000,065,368 | ---- | C] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\HookCentre.sys
[2013.06.11 16:56:19 | 000,060,248 | ---- | C] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\GDBehave.sys
[2013.06.11 16:52:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\G Data
[2013.06.11 13:00:51 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Corel
[2013.06.10 20:33:18 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Wise Registry Cleaner
[2013.06.10 20:32:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Registry Cleaner
[2013.06.10 20:32:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wise
[2013.06.08 18:04:01 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Freemium
[2013.06.08 17:58:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SoftwareUpdater
[2013.06.08 17:58:56 | 000,000,000 | ---D | C] -- C:\ProgramData\FreeSystemUtilities
[2013.06.08 17:58:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2013.06.06 21:13:32 | 000,524,016 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\drivers\SynTP.sys
[2013.06.06 21:13:32 | 000,264,432 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynTPAPI.dll
[2013.06.06 21:13:32 | 000,192,240 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynTPCo19.dll
[2013.06.06 21:13:32 | 000,151,280 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysWow64\SynTPCom.dll
[2013.06.06 21:13:26 | 000,351,984 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysWow64\SynCom.dll
[2013.06.06 11:54:34 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\MrJobs
[2013.05.29 10:47:47 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2013.05.29 10:46:59 | 000,192,240 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynTPCo18.dll
[2013.05.28 11:39:19 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013.05.28 10:12:40 | 003,786,752 | ---- | C] (Qualcomm Atheros Communications, Inc.) -- C:\WINDOWS\SysNative\drivers\athw8x.sys
[2013.05.28 09:58:58 | 000,819,440 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynCOM.dll
[2013.05.26 21:01:39 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\elsterformular
[2013.05.26 21:00:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
[2013.05.26 21:00:51 | 000,000,000 | ---D | C] -- C:\ProgramData\elsterformular
[2013.05.26 21:00:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ElsterFormular
[2013.05.23 01:56:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2013.05.23 01:56:41 | 000,017,272 | ---- | C] (Safer Networking Limited) -- C:\WINDOWS\SysNative\sdnclean64.exe
[2013.05.21 21:08:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IsoBuster
[2013.05.21 21:08:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Smart Projects
[2013.05.18 18:08:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2013.05.17 18:31:40 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Ashampoo Slideshow Studio 2012
[2013.05.17 01:15:36 | 000,000,000 | -H-D | C] -- C:\ProgramData\{C9F60138-EDD0-4FE6-997C-6A42B5D7A85D}
[2013.05.17 01:13:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AquaSoft
[2013.05.17 01:13:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AquaSoft
[2013.05.16 11:42:40 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\VideoPad Projekte
[2013.05.12 17:32:48 | 007,760,687 | ---- | C] (Boraxsoft) -- C:\Users\Admin\AppData\Roaming\SetupGFD.exe
[2013.05.12 17:32:38 | 005,514,668 | ---- | C] (LIGHTNING UK!) -- C:\Users\Admin\AppData\Roaming\Imgburn.exe
[2013.05.12 17:32:35 | 005,082,084 | ---- | C] (The Public) -- C:\Users\Admin\AppData\Roaming\Avisynth.exe
[2012.12.22 08:13:42 | 002,174,976 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Program Files (x86)\Common Files\atimpenc.dll
[2 C:\Users\Admin\*.tmp files -> C:\Users\Admin\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.06.15 11:35:00 | 000,001,126 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.15 11:32:08 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.06.15 11:10:43 | 000,000,054 | ---- | M] () -- C:\WINDOWS\DeleteOnReboot.bat
[2013.06.15 11:10:31 | 000,000,358 | ---- | M] () -- C:\WINDOWS\tasks\dsmonitor.job
[2013.06.15 11:02:07 | 000,000,864 | ---- | M] () -- C:\Users\Public\Desktop\SmartPCFixer.lnk
[2013.06.15 10:51:41 | 000,001,122 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.15 10:50:18 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.06.15 10:48:11 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013.06.15 10:34:40 | 002,160,314 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2013.06.15 10:34:40 | 000,914,792 | ---- | M] () -- C:\WINDOWS\SysNative\perfh007.dat
[2013.06.15 10:34:40 | 000,844,608 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2013.06.15 10:34:40 | 000,217,756 | ---- | M] () -- C:\WINDOWS\SysNative\perfc007.dat
[2013.06.15 10:34:40 | 000,181,826 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2013.06.14 15:58:02 | 000,002,795 | ---- | M] () -- C:\Users\Public\Desktop\Digeus Junk Files Cleaner.lnk
[2013.06.14 01:13:44 | 000,002,563 | ---- | M] () -- C:\Users\Public\Desktop\Free System Utilities.lnk
[2013.06.13 01:11:20 | 000,001,074 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013.06.12 22:40:22 | 000,477,288 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2013.06.12 16:54:23 | 000,002,007 | ---- | M] () -- C:\Users\Public\Desktop\Nitro Reader.lnk
[2013.06.12 15:59:19 | 000,000,308 | ---- | M] () -- C:\WINDOWS\tasks\AdvancedDriverUpdater_UPDATES.job
[2013.06.12 09:26:09 | 000,107,128 | ---- | M] (G Data Software) -- C:\WINDOWS\SysNative\drivers\GRD.sys
[2013.06.11 17:07:08 | 000,001,982 | ---- | M] () -- C:\Users\Public\Desktop\G Data InternetSecurity 2014.lnk
[2013.06.11 17:06:58 | 000,068,408 | ---- | M] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\gdwfpcd64.sys
[2013.06.11 17:06:57 | 000,130,392 | ---- | M] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\MiniIcpt.sys
[2013.06.11 17:06:57 | 000,065,368 | ---- | M] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\HookCentre.sys
[2013.06.11 17:06:57 | 000,060,248 | ---- | M] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\GDBehave.sys
[2013.06.11 16:57:03 | 000,064,824 | ---- | M] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\PktIcpt.sys
[2013.06.11 09:53:08 | 000,012,800 | ---- | M] () -- C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.06.10 20:39:35 | 000,003,628 | ---- | M] () -- C:\Users\Admin\Documents\cc_20130610_203842.reg
[2013.06.10 20:32:48 | 000,001,235 | ---- | M] () -- C:\Users\Public\Desktop\Wise Registry Cleaner.lnk
[2013.06.09 21:01:13 | 000,015,712 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\SWDUMon.sys
[2013.06.09 18:40:58 | 000,011,479 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2013.06.08 12:05:49 | 000,001,089 | ---- | M] () -- C:\Users\Public\Desktop\Advanced Driver Updater.lnk
[2013.06.06 21:13:32 | 000,524,016 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\drivers\SynTP.sys
[2013.06.06 21:13:32 | 000,264,432 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynTPAPI.dll
[2013.06.06 21:13:32 | 000,192,240 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynTPCo19.dll
[2013.06.06 21:13:32 | 000,151,280 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\SysWow64\SynTPCom.dll
[2013.06.06 21:13:26 | 000,351,984 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\SysWow64\SynCom.dll
[2013.06.06 21:13:25 | 000,819,440 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynCOM.dll
[2013.06.06 01:38:51 | 000,002,187 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.06.03 12:18:28 | 000,001,197 | ---- | M] () -- C:\Users\Public\Desktop\DriverScanner.lnk
[2013.05.31 09:07:15 | 000,001,579 | ---- | M] () -- C:\Users\Admin\Desktop\DivX Movies.lnk
[2013.05.31 09:06:55 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2013.05.31 09:06:37 | 000,001,160 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2013.05.29 10:46:59 | 000,192,240 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynTPCo18.dll
[2013.05.28 18:49:26 | 000,029,712 | ---- | M] (Nitro PDF Software) -- C:\WINDOWS\SysNative\nitrolocalmon2.dll
[2013.05.28 18:49:26 | 000,017,936 | ---- | M] (Nitro PDF Software) -- C:\WINDOWS\SysNative\nitrolocalui2.dll
[2013.05.28 11:39:42 | 000,000,826 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.05.28 11:33:07 | 000,001,977 | ---- | M] () -- C:\Users\Admin\Desktop\Update Checker.lnk
[2013.05.28 10:06:59 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2013.05.28 09:50:04 | 000,020,536 | ---- | M] () -- C:\WINDOWS\SysNative\nvinfo.pb
[2013.05.26 21:00:54 | 000,001,237 | ---- | M] () -- C:\Users\Public\Desktop\ElsterFormular.lnk
[2013.05.26 20:52:13 | 000,172,994 | ---- | M] () -- C:\Users\Admin\Documents\install_anleitung_elfo.pdf
[2013.05.23 01:56:46 | 000,001,387 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013.05.21 21:08:13 | 000,001,200 | ---- | M] () -- C:\Users\Admin\Desktop\IsoBuster.lnk
[2013.05.20 10:57:12 | 000,001,136 | ---- | M] () -- C:\Users\Public\Desktop\Prism Videodatei-Konverter.lnk
[2013.05.19 17:37:07 | 335,995,200 | ---- | M] () -- C:\Users\Admin\Documents\PowerDirector_2812_GM5.5_Patch_Patch_VDE130411-03.exe
[2013.05.18 11:04:46 | 000,000,959 | ---- | M] () -- C:\Users\Admin\Desktop\Diashow-Player.lnk
[2013.05.17 20:36:43 | 007,077,671 | ---- | M] () -- C:\Users\Admin\Meine Diashow.wmv
[2013.05.17 18:31:32 | 000,001,355 | ---- | M] () -- C:\Users\Public\Desktop\Ashampoo Slideshow Studio 2012.lnk
[2013.05.17 10:26:09 | 007,217,318 | ---- | M] () -- C:\Users\Admin\Documents\dvdr3570h_31_dfu_deu.pdf
[2013.05.17 01:28:59 | 009,687,294 | ---- | M] () -- C:\Users\Admin\Nilkreuzfahrt 2013.ads
[2013.05.17 01:15:33 | 000,001,087 | ---- | M] () -- C:\Users\Public\Desktop\DiaShow 8 Ultimate.lnk
[2013.05.17 01:13:26 | 001,640,788 | ---- | M] () -- C:\Users\Admin\Documents\DiaShowManager_de.pdf
[2 C:\Users\Admin\*.tmp files -> C:\Users\Admin\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.06.15 11:10:43 | 000,000,054 | ---- | C] () -- C:\WINDOWS\DeleteOnReboot.bat
[2013.06.14 15:58:02 | 000,002,795 | ---- | C] () -- C:\Users\Public\Desktop\Digeus Junk Files Cleaner.lnk
[2013.06.14 14:40:52 | 000,000,864 | ---- | C] () -- C:\Users\Public\Desktop\SmartPCFixer.lnk
[2013.06.12 22:40:07 | 000,477,288 | ---- | C] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2013.06.12 22:16:53 | 000,386,646 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2013.06.12 16:54:23 | 000,002,007 | ---- | C] () -- C:\Users\Public\Desktop\Nitro Reader.lnk
[2013.06.12 16:54:22 | 000,002,499 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Reader 3.lnk
[2013.06.11 16:56:59 | 000,001,982 | ---- | C] () -- C:\Users\Public\Desktop\G Data InternetSecurity 2014.lnk
[2013.06.10 20:39:05 | 000,003,628 | ---- | C] () -- C:\Users\Admin\Documents\cc_20130610_203842.reg
[2013.06.10 20:32:48 | 000,001,235 | ---- | C] () -- C:\Users\Public\Desktop\Wise Registry Cleaner.lnk
[2013.06.08 17:59:53 | 000,023,624 | ---- | C] () -- C:\WINDOWS\Launcher.exe
[2013.06.08 17:58:57 | 000,002,563 | ---- | C] () -- C:\Users\Public\Desktop\Free System Utilities.lnk
[2013.05.29 11:00:30 | 000,465,645 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\RTAIODAT.DAT
[2013.05.28 10:06:59 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2013.05.26 21:00:54 | 000,001,237 | ---- | C] () -- C:\Users\Public\Desktop\ElsterFormular.lnk
[2013.05.26 20:52:13 | 000,172,994 | ---- | C] () -- C:\Users\Admin\Documents\install_anleitung_elfo.pdf
[2013.05.23 01:56:46 | 000,001,399 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2013.05.23 01:56:46 | 000,001,387 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013.05.21 21:08:13 | 000,001,200 | ---- | C] () -- C:\Users\Admin\Desktop\IsoBuster.lnk
[2013.05.20 10:57:12 | 000,001,148 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prism Videodatei-Konverter.lnk
[2013.05.20 10:57:12 | 000,001,136 | ---- | C] () -- C:\Users\Public\Desktop\Prism Videodatei-Konverter.lnk
[2013.05.19 14:46:25 | 335,995,200 | ---- | C] () -- C:\Users\Admin\Documents\PowerDirector_2812_GM5.5_Patch_Patch_VDE130411-03.exe
[2013.05.17 20:35:10 | 007,077,671 | ---- | C] () -- C:\Users\Admin\Meine Diashow.wmv
[2013.05.17 18:31:32 | 000,001,355 | ---- | C] () -- C:\Users\Public\Desktop\Ashampoo Slideshow Studio 2012.lnk
[2013.05.17 10:26:08 | 007,217,318 | ---- | C] () -- C:\Users\Admin\Documents\dvdr3570h_31_dfu_deu.pdf
[2013.05.17 01:28:56 | 009,687,294 | ---- | C] () -- C:\Users\Admin\Nilkreuzfahrt 2013.ads
[2013.05.17 01:15:33 | 000,001,087 | ---- | C] () -- C:\Users\Public\Desktop\DiaShow 8 Ultimate.lnk
[2013.05.17 01:13:25 | 001,640,788 | ---- | C] () -- C:\Users\Admin\Documents\DiaShowManager_de.pdf
[2013.05.12 17:32:46 | 005,243,208 | ---- | C] (                                                            ) -- C:\Users\Admin\AppData\Roaming\AvsP.exe
[2013.05.12 17:32:43 | 001,357,348 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\MatroskaSplitter.exe
[2013.05.12 17:32:40 | 000,117,723 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\yuvcodecs-1.3.exe
[2013.05.11 19:30:23 | 000,000,196 | ---- | C] () -- C:\WINDOWS\ulead32.ini
[2013.04.09 02:32:45 | 000,011,479 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2013.03.17 18:21:19 | 000,012,800 | ---- | C] () -- C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.01.29 03:58:17 | 002,079,580 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2012.12.31 00:46:12 | 000,000,209 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012.12.27 18:56:29 | 000,000,026 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2012.12.24 01:15:29 | 001,035,321 | ---- | C] () -- C:\WINDOWS\SysWow64\sig.bin
[2012.12.22 12:53:43 | 000,020,992 | ---- | C] () -- C:\WINDOWS\SysWow64\NC_INST.DLL
[2012.12.21 04:20:35 | 000,246,862 | ---- | C] () -- C:\WINDOWS\hpoins40.dat
[2012.12.21 04:20:35 | 000,000,909 | ---- | C] () -- C:\WINDOWS\hpomdl40.dat
[2012.12.21 02:36:27 | 000,083,968 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2012.07.26 10:13:10 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2012.07.26 10:13:09 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2012.07.26 09:21:26 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012.07.26 03:17:42 | 000,043,520 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2012.07.25 22:37:29 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2012.07.25 22:28:31 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2012.06.02 16:31:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2011.10.08 13:02:40 | 000,001,024 | ---- | C] () -- C:\Users\Admin\.rnd
 
========== ZeroAccess Check ==========
 
[2012.12.24 01:21:30 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.03.06 08:31:28 | 019,758,592 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.03.06 07:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013.01.28 17:46:45 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\6Wunderkinder
[2012.12.23 01:26:17 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\ACD Systems
[2013.05.10 17:56:29 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Anvsoft
[2013.05.10 18:36:53 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\AquaSoft
[2012.12.27 09:14:31 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Ashampoo
[2013.05.17 18:31:40 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Ashampoo Slideshow Studio 2012
[2012.12.25 12:11:23 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Audacity
[2012.12.27 09:27:07 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Canneverbe Limited
[2012.12.31 01:25:12 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013.06.12 16:53:51 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Downloaded Installations
[2013.02.18 12:00:55 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\driveridentifier
[2013.02.19 02:57:53 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Drivers For Free
[2013.02.17 21:05:18 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DriverSleuth
[2013.03.15 18:13:09 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DriverTurbo
[2012.12.21 06:20:27 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DVDVideoSoft
[2013.02.18 06:03:45 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Easeware
[2013.05.26 21:01:41 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\elsterformular
[2012.12.22 21:05:20 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\FileOpen
[2013.02.25 10:43:36 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\GHISLER
[2013.01.12 02:10:00 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\GlarySoft
[2012.12.28 17:45:18 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\hdbADS
[2013.05.13 11:23:46 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\IN-MEDIAKG
[2013.05.14 10:30:31 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\IrfanView
[2013.04.09 18:20:11 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\K-Pacs-Lite
[2013.02.05 18:32:20 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Leadertech
[2013.04.16 19:54:56 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\LG Electronics
[2012.12.30 12:34:34 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\MOVAVI
[2013.05.14 12:37:07 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\mresreg
[2013.06.06 11:54:34 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\MrJobs
[2012.12.22 21:05:20 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Nitro
[2013.05.12 21:22:21 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Nitro PDF
[2012.12.30 15:40:50 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\No Company Name
[2012.12.21 02:45:03 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Opera
[2012.12.22 12:19:23 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\RoboForm
[2013.01.21 12:11:24 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\StartMenuX
[2013.02.21 16:59:01 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Systweak
[2012.12.22 17:32:02 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\TestApp
[2012.12.21 06:05:02 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Thunderbird
[2012.12.23 03:00:10 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\TuneUp Software
[2013.05.11 19:32:43 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Ulead Systems
[2013.06.07 00:42:44 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Uniblue
[2013.05.14 17:29:11 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\uTorrent
[2013.06.10 20:54:38 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Wise Registry Cleaner
[2012.12.30 12:50:45 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Xilisoft
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< C:\Windows\tasks\*.* >
[2013.06.15 11:32:08 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.06.12 15:59:19 | 000,000,308 | ---- | M] () -- C:\Windows\tasks\AdvancedDriverUpdater_UPDATES.job
[2013.03.26 11:09:15 | 000,000,424 | ---- | M] () -- C:\Windows\tasks\DriverEasy Scheduled Scan.job
[2013.06.15 11:10:31 | 000,000,358 | ---- | M] () -- C:\Windows\tasks\dsmonitor.job
[2013.06.15 10:51:41 | 000,001,122 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.15 11:35:00 | 000,001,126 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.15 10:48:26 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2012.07.26 09:22:10 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2012.12.21 06:08:56 | 000,001,122 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2012.12.21 06:08:59 | 000,001,126 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2012.12.23 03:27:46 | 000,000,884 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2013.02.21 16:59:17 | 000,000,308 | ---- | C] () -- C:\WINDOWS\Tasks\AdvancedDriverUpdater_UPDATES.job
[2013.03.11 04:55:04 | 000,000,358 | ---- | C] () -- C:\WINDOWS\Tasks\dsmonitor.job
[2013.03.26 04:23:13 | 000,000,424 | ---- | C] () -- C:\WINDOWS\Tasks\DriverEasy Scheduled Scan.job
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:DFC5A2B2

< End of report >
--- --- ---

schrauber 15.06.2013 11:06

Fixen mit OTL

  • Starte bitte die OTL.exe.
  • Kopiere nun den Inhalt aus der Codebox in die Textbox.
Code:
:files
[2013.02.21 16:59:17 | 000,000,308 | ---- | C] () -- C:\WINDOWS\Tasks\AdvancedDriverUpdater_UPDATES.job
[2013.03.11 04:55:04 | 000,000,358 | ---- | C] () -- C:\WINDOWS\Tasks\dsmonitor.job
[2013.03.26 04:23:13 | 000,000,424 | ---- | C] () -- C:\WINDOWS\Tasks\DriverEasy Scheduled Scan.job
[2013.06.12 15:59:19 | 000,000,308 | ---- | M] () -- C:\Windows\tasks\AdvancedDriverUpdater_UPDATES.job
[2013.03.26 11:09:15 | 000,000,424 | ---- | M] () -- C:\Windows\tasks\DriverEasy Scheduled Scan.job
[2013.06.15 11:10:31 | 000,000,358 | ---- | M] () -- C:\Windows\tasks\dsmonitor.job
  • Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
  • Schließe bitte nun alle Programme.
  • Klicke nun bitte auf den Fix Button.
  • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
  • Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
    ( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
    Kopiere nun den Inhalt hier in Deinen Thread


Reboot. Meldung weg? :)

luci4712 15.06.2013 11:18
Log nach dem Fix

========== FILES ==========
File\Folder [2013.02.21 16:59:17 | 000,000,308 | ---- | C] () -- C:\WINDOWS\Tasks\AdvancedDriverUpdater_UPDATES.job not found.
File\Folder [2013.03.11 04:55:04 | 000,000,358 | ---- | C] () -- C:\WINDOWS\Tasks\dsmonitor.job not found.
File\Folder [2013.03.26 04:23:13 | 000,000,424 | ---- | C] () -- C:\WINDOWS\Tasks\DriverEasy Scheduled Scan.job not found.
File\Folder [2013.06.12 15:59:19 | 000,000,308 | ---- | M] () -- C:\Windows\tasks\AdvancedDriverUpdater_UPDATES.job not found.
File\Folder [2013.03.26 11:09:15 | 000,000,424 | ---- | M] () -- C:\Windows\tasks\DriverEasy Scheduled Scan.job not found.
File\Folder [2013.06.15 11:10:31 | 000,000,358 | ---- | M] () -- C:\Windows\tasks\dsmonitor.job not found.

OTL by OldTimer - Version 3.2.69.0 log created on 06152013_121553

schrauber 15.06.2013 14:30
Kommt die Meldung noch beim Starten?

luci4712 15.06.2013 14:49
Ja , die Meldung kommt noch beim starten.

Ich suche die Anwendung HomeTab/tbupdater.dll.

Im Internet bekomme ich hierzu keine Hinweise. Sonst würde ich diese einmal installieren und da deinstallieren.

schrauber 15.06.2013 14:55
Da gibt es nichts zu deinstallieren, das Teil versteckt sich und wir müssen es suchen :)

Zitat:
c:\windows\Tasks\* /s
c:\windows\system32\Tasks\* /s
Das in OTL und nochmal nen Quick Scan bitte.

luci4712 15.06.2013 15:08
Ich habe nach langem suchen im Internet folgenden Eintrag gefunden:

"Manual Removal Guide for SimplyTech.HomeTab - Safer-Networking Foru"

Kann persönlich damit nichts anfangen.

Qick Scan läuft - kommt gleich.

Beiliegend gewünschter QuickscanOTL Logfile:
Code:
OTL logfile created on: 15.06.2013 16:04:17 - Run 5
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\Admin\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16599)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,75 Gb Total Physical Memory | 1,70 Gb Available Physical Memory | 45,30% Memory free
4,44 Gb Paging File | 1,78 Gb Available in Paging File | 40,07% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 278,33 Gb Total Space | 32,41 Gb Free Space | 11,65% Space Free | Partition Type: NTFS
Drive D: | 19,76 Gb Total Space | 9,04 Gb Free Space | 45,77% Space Free | Partition Type: NTFS
 
Computer Name: ADMIN-PC | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\PROGRA~2\FROMDO~2\bar\1.bin\65barsvc.exe (COMPANYVERS_NAME)
PRC - C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65brmon.exe (VER_COMPANY_NAME)
PRC - C:\Users\Admin\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe (Uniblue Systems Ltd)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)
PRC - C:\Programme\Classic Shell\ClassicShellService.exe (IvoSoft)
PRC - C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe (Microsoft Corp.)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG)
PRC - C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG)
PRC - C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (G Data Software AG)
PRC - C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG)
PRC - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe (G Data Software AG)
PRC - C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Program Files (x86)\Secunia\PSI\PSIA.exe (Secunia)
PRC - C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
PRC - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
PRC - C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe ()
PRC - C:\Windows\SysWOW64\PSIService.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ffmpegsumo.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (WMSVC) -- C:\Windows\SysNative\inetsrv\WMSvc.exe (Microsoft Corporation)
SRV:64bit: - (TlntSvr) -- C:\Windows\SysNative\tlntsvr.exe (Microsoft Corporation)
SRV:64bit: - (simptcp) -- C:\Windows\SysNative\TCPSVCS.EXE (Microsoft Corporation)
SRV:64bit: - (SNMP) -- C:\Windows\SysNative\snmp.exe (Microsoft Corporation)
SRV:64bit: - (MSMQTriggers) -- C:\Windows\SysNative\mqtgsvc.exe (Microsoft Corporation)
SRV:64bit: - (MSMQ) -- C:\Windows\SysNative\mqsvc.exe (Microsoft Corporation)
SRV:64bit: - (IISADMIN) -- C:\Windows\SysNative\inetsrv\inetinfo.exe (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (LPDSVC) -- C:\Windows\SysNative\lpdsvc.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (iprip) -- C:\Windows\SysNative\iprip.dll (Microsoft Corporation)
SRV:64bit: - (ftpsvc) -- C:\Windows\SysNative\inetsrv\ftpsvc.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (DsRoleSvc) -- C:\Windows\SysNative\dsrolesrv.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV - (FromDocToPDF_65Service) -- C:\PROGRA~2\FROMDO~2\bar\1.bin\65barsvc.exe (COMPANYVERS_NAME)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SystemStoreService) -- C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe ()
SRV - (NitroReaderDriverReadSpool3) -- C:\Programme\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe (Nitro PDF Software)
SRV - (AVKWCtl) -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe (G Data Software AG)
SRV - (ClassicShellService) -- C:\Programme\Classic Shell\ClassicShellService.exe (IvoSoft)
SRV - (BingDesktopUpdate) -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe (Microsoft Corp.)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (AVKProxy) -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG)
SRV - (GDFwSvc) -- C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe (G Data Software AG)
SRV - (GDScan) -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG)
SRV - (AVKService) -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe (G Data Software AG)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (RichVideo64) -- C:\Programme\CyberLink\Shared files\RichVideo64.exe ()
SRV - (simptcp) -- C:\Windows\SysWOW64\TCPSVCS.EXE (Microsoft Corporation)
SRV - (SNMP) -- C:\Windows\SysWOW64\snmp.exe (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (WAS) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (W3SVC) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (AppHostSvc) -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
SRV - (Secunia PSI Agent) -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe (Secunia)
SRV - (Secunia Update Agent) -- C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
SRV - (ForceWare Intelligent Application Manager (IAM) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe ()
SRV - (nSvcIp) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe ()
SRV - (osppsvc) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (ose64) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (DfSdkS) -- C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\DfsdkS.exe (mst software GmbH, Germany)
SRV - (AdobeActiveFileMonitor6.0) -- C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe ()
SRV - (ProtexisLicensing) -- C:\Windows\SysWOW64\PSIService.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (GRD) -- C:\Windows\SysNative\Drivers\GRD.sys (G Data Software)
DRV:64bit: - (gdwfpcd) -- C:\Windows\SysNative\Drivers\gdwfpcd64.sys (G Data Software AG)
DRV:64bit: - (GDMnIcpt) -- C:\Windows\SysNative\Drivers\MiniIcpt.sys (G Data Software AG)
DRV:64bit: - (HookCentre) -- C:\Windows\SysNative\Drivers\HookCentre.sys (G Data Software AG)
DRV:64bit: - (GDBehave) -- C:\Windows\SysNative\Drivers\GDBehave.sys (G Data Software AG)
DRV:64bit: - (GDPkIcpt) -- C:\Windows\SysNative\Drivers\PktIcpt.sys (G Data Software AG)
DRV:64bit: - (SWDUMon) -- C:\Windows\SysNative\Drivers\SWDUMon.sys ()
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\Drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\Drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\Drivers\sptd.sys (Duplex Secure Ltd.)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\Drivers\ETD.sys (ELAN Microelectronics Corp.)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\Drivers\athw8x.sys (Qualcomm Atheros Communications, Inc.)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\Drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\Drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV:64bit: - (NVNET) -- C:\Windows\SysNative\Drivers\nvmf6264.sys (NVIDIA Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (gfibto) -- C:\Windows\SysNative\Drivers\gfibto.sys (GFI Software)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\Drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (gfiark) -- C:\Windows\SysNative\Drivers\gfiark.sys (GFI Software)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (MQAC) -- C:\Windows\SysNative\Drivers\mqac.sys (Microsoft Corporation)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\Drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (Vid) -- C:\Windows\SysNative\Drivers\Vid.sys (Microsoft Corporation)
DRV:64bit: - (storvsp) -- C:\Windows\SysNative\Drivers\storvsp.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (vmbusr) -- C:\Windows\SysNative\Drivers\vmbusr.sys (Microsoft Corporation)
DRV:64bit: - (vpcivsp) -- C:\Windows\SysNative\Drivers\vpcivsp.sys (Microsoft Corporation)
DRV:64bit: - (RMCAST) -- C:\Windows\SysNative\Drivers\rmcast.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (andnetadb) -- C:\Windows\SysNative\Drivers\lgandnetadb.sys (Google Inc)
DRV:64bit: - (ANDNetModem) -- C:\Windows\SysNative\Drivers\lgandnetmodem64.sys (LG Electronics Inc.)
DRV:64bit: - (AndNetDiag) -- C:\Windows\SysNative\Drivers\lgandnetdiag64.sys (LG Electronics Inc.)
DRV:64bit: - (LPCFilter) -- C:\Windows\SysNative\Drivers\LPCFilter.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (USBModem) -- C:\Windows\SysNative\Drivers\lgx64modem.sys (LG Electronics Inc.)
DRV:64bit: - (UsbDiag) -- C:\Windows\SysNative\Drivers\lgx64diag.sys (LG Electronics Inc.)
DRV:64bit: - (usbbus) -- C:\Windows\SysNative\Drivers\lgx64bus.sys (LG Electronics Inc.)
DRV:64bit: - (MxEFUF) -- C:\Windows\SysNative\Drivers\MxEFUF64.sys (Matrox Graphics Inc.)
DRV:64bit: - (regi) -- C:\Windows\SysNative\Drivers\regi.sys (InterVideo)
DRV:64bit: - (PSI) -- C:\Windows\SysNative\Drivers\psi_mf.sys (Secunia)
DRV:64bit: - (XUIF) -- C:\Windows\SysNative\Drivers\x10ufx2.sys (X10 Wireless Technology, Inc.)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = about:newtab
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = about:newtab
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = about:newtab
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{83A37814-D9DF-4FBB-814C-6BE00D227B48}: "URL" = hxxp://search.certified-toolbar.com?si=46364&st=bs&tid=3869&ver=3.2&ts=1370707150399&tguid=46364-3869-1370707150399-65824477116CA2415AE5942F28A728D0&q={searchTerms}
IE - HKLM\..\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}: "URL" = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^HJ^xdm255^YY^de&si=CMOt7MuTk7cCFZLKtAodLiEA-w&ptb=1A1D9FAA-C908-4CD3-A27D-9D256F5C47C2&ind=2013051309&n=77fcb9ad&psa=&st=sb&searchfor={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 84 C7 E5 17 19 DF CD 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page =
IE - HKCU\..\URLSearchHook: {4c60e5ab-5c68-4c59-abaa-885010b24b32} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {83A37814-D9DF-4FBB-814C-6BE00D227B48}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\..\SearchScopes\{105C51F9-9778-4686-815B-9A845D78F82C}: "URL" = hxxp://blekko.com/ws/?source=5f97ddbe&tbp=rbox&u=5450479400000000000012224354fec1&q={searchTerms}&r=279
IE - HKCU\..\SearchScopes\{695A8050-B0AF-4395-8680-B169BEE78F03}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3282494&CUI=UN19012636752030930&UM=1
IE - HKCU\..\SearchScopes\{83A37814-D9DF-4FBB-814C-6BE00D227B48}: "URL" = hxxp://www.bing.com/search?FORM=UP93DF&PC=UP93&dt=061013&q={searchTerms}&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}: "URL" = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^HJ^xdm255^YY^de&si=CMOt7MuTk7cCFZLKtAodLiEA-w&ptb=1A1D9FAA-C908-4CD3-A27D-9D256F5C47C2&ind=2013051309&n=77fcb9ad&psa=&st=sb&searchfor={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://comcenter.netcologne.de/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Plus Web Player Plug-In,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013.05.31 09:07:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.05.14 17:28:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.06.12 16:52:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.05.18 18:08:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2013.06.12 16:52:04 | 000,000,000 | ---D | M]
 
[2013.05.04 09:34:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Extensions
[2013.06.11 13:15:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\3katwwvs.default\extensions
[2013.06.11 13:15:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\3katwwvs.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
[2013.05.14 17:28:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2013.05.14 17:28:25 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - default_search_provider: Bing (Enabled)
CHR - default_search_provider: search_url = hxxp://www.bing.com/search?FORM=UP93DF&PC=UP93&dt=061013&q={searchTerms}&src=IE-SearchBox
CHR - default_search_provider: suggest_url = hxxp://api.bing.com/qsml.aspx?query={searchTerms}&market={Language}&form=UP93DF&dt=061013&maxwidth={ie:maxWidth}&rowheight={ie:rowHeight}&sectionHeight={ie:sectionHeight}
CHR - homepage: hxxp://www.msn.com/?pc=UP93&ocid=UP93DHP&dt=061013
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\pdf.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll
CHR - Extension: Google Drive = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google-Suche = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Mehr Leistung und Videoformate fr dein HTML5 video = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0\
CHR - Extension: Google Mail = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2013.04.09 02:37:14 | 000,446,305 | R--- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O1 - Hosts: 127.0.0.1        www.007guard.com
O1 - Hosts: 127.0.0.1        007guard.com
O1 - Hosts: 127.0.0.1        008i.com
O1 - Hosts: 127.0.0.1        www.008k.com
O1 - Hosts: 127.0.0.1        008k.com
O1 - Hosts: 127.0.0.1        www.00hq.com
O1 - Hosts: 127.0.0.1        00hq.com
O1 - Hosts: 127.0.0.1        010402.com
O1 - Hosts: 127.0.0.1        www.032439.com
O1 - Hosts: 127.0.0.1        032439.com
O1 - Hosts: 127.0.0.1        www.0scan.com
O1 - Hosts: 127.0.0.1        0scan.com
O1 - Hosts: 127.0.0.1        www.1000gratisproben.com
O1 - Hosts: 127.0.0.1        1000gratisproben.com
O1 - Hosts: 127.0.0.1        1001namen.com
O1 - Hosts: 127.0.0.1        www.1001namen.com
O1 - Hosts: 127.0.0.1        100888290cs.com
O1 - Hosts: 127.0.0.1        www.100888290cs.com
O1 - Hosts: 127.0.0.1        www.100sexlinks.com
O1 - Hosts: 127.0.0.1        100sexlinks.com
O1 - Hosts: 127.0.0.1        www.10sek.com
O1 - Hosts: 127.0.0.1        10sek.com
O1 - Hosts: 127.0.0.1        www.1-2005-search.com
O1 - Hosts: 127.0.0.1        1-2005-search.com
O1 - Hosts: 127.0.0.1        www.123fporn.info
O1 - Hosts: 15324 more lines...
O2:64bit: - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Programme\Classic Shell\ClassicExplorer64.dll (IvoSoft)
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (ClassicIE9BHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Programme\Classic Shell\ClassicIE9DLL_64.dll (IvoSoft)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Programme\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Toolbar BHO) - {a235e1e3-6296-4710-af39-104a7faa6c7c} - C:\PROGRA~2\FROMDO~2\bar\1.bin\65bar.dll File not found
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (ClassicIE9BHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Programme\Classic Shell\ClassicIE9DLL_32.dll (IvoSoft)
O2 - BHO: (Search Assistant BHO) - {f236ca79-3123-4afb-9f74-e98117ad5625} - C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65SrcAs.dll (MindSpark)
O3:64bit: - HKLM\..\Toolbar: (no name) - {0124123D-61B4-456f-AF86-78C53A0790C5} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Programme\Classic Shell\ClassicExplorer64.dll (IvoSoft)
O3 - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Programme\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O3 - HKLM\..\Toolbar: (FromDocToPDF) - {c66a678d-5e6c-4af9-8f57-c6192f42cf74} - C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65bar.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {5786D022-540E-4699-B350-B4BE0AE94B79} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\Alps\GlidePoint\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [FromDocToPDF Home Page Guard 64 bit] "C:\PROGRA~2\FROMDO~2\bar\1.bin\AppIntegrator64.exe" File not found
O4:64bit: - HKLM..\Run: [MsmqIntCert] C:\WINDOWS\SysNative\mqrt.dll (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [BingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe (Microsoft Corp.)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [FromDocToPDF Search Scope Monitor] "C:\PROGRA~2\FROMDO~2\bar\1.bin\65srchmn.exe" /m=2 /w /h File not found
O4 - HKLM..\Run: [FromDocToPDF_65 Browser Plugin Loader] C:\PROGRA~2\FROMDO~2\bar\1.bin\65brmon.exe (VER_COMPANY_NAME)
O4 - HKLM..\Run: [G Data AntiVirus Tray] C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG)
O4 - HKLM..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (G Data Software AG)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [Ulead AutoDetector v2] C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe (Ulead Systems, Inc.)
O4 - HKCU..\Run: [DriverMax] C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe (Innovative Solutions)
O4 - HKCU..\Run: [DriverMax_RESTART] C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe (Innovative Solutions)
O4 - HKCU..\Run: [FileHippo.com] C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKCU..\Run: [Spybot-S&D Cleaning] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [StartMenuX] C:\Programme\Start Menu X\StartMenuX.exe (OrdinarySoft)
O4 - Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk = C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O8:64bit: - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Classic IE9 Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Programme\Classic Shell\ClassicIE9_32.exe (IvoSoft)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Classic IE9 Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Programme\Classic Shell\ClassicIE9_32.exe (IvoSoft)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000019 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000020 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (NVIDIA Smart Scan)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9BB74F8C-7AA9-45FE-9694-463B95EB47C5}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~4\Wincert\WIN64C~1.DLL) - C:\ProgramData\Wincert\win64cert.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe) - c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{1cf985d4-a6b6-11e2-80af-00222002dc27}\Shell - "" = AutoRun
O33 - MountPoints2\{1cf985d4-a6b6-11e2-80af-00222002dc27}\Shell\AutoRun\command - "" = "F:\LGAutoRun.exe"
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: x64 - (C:\Program Files (x86)\Search Results Toolbar\Datamngr\x64\apcrtldr.dll) -  File not found
O36 - AppCertDlls: x86 - (C:\Program Files (x86)\Search Results Toolbar\Datamngr\apcrtldr.dll) -  File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.06.14 15:58:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Digeus
[2013.06.14 15:42:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FromDocToPDF_65
[2013.06.13 10:17:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013.06.13 10:17:38 | 000,000,000 | ---D | C] -- C:\JRT
[2013.06.13 01:43:35 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2013.06.13 01:10:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2013.06.12 22:51:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bing-Desktop
[2013.06.12 16:54:24 | 000,029,712 | ---- | C] (Nitro PDF Software) -- C:\WINDOWS\SysNative\nitrolocalmon2.dll
[2013.06.12 16:54:24 | 000,017,936 | ---- | C] (Nitro PDF Software) -- C:\WINDOWS\SysNative\nitrolocalui2.dll
[2013.06.12 16:54:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nitro
[2013.06.12 16:54:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nitro
[2013.06.12 16:54:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nitro
[2013.06.12 09:26:09 | 000,107,128 | ---- | C] (G Data Software) -- C:\WINDOWS\SysNative\drivers\GRD.sys
[2013.06.11 17:07:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data InternetSecurity 2014
[2013.06.11 16:57:03 | 000,064,824 | ---- | C] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\PktIcpt.sys
[2013.06.11 16:56:23 | 000,068,408 | ---- | C] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\gdwfpcd64.sys
[2013.06.11 16:56:19 | 000,130,392 | ---- | C] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\MiniIcpt.sys
[2013.06.11 16:56:19 | 000,065,368 | ---- | C] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\HookCentre.sys
[2013.06.11 16:56:19 | 000,060,248 | ---- | C] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\GDBehave.sys
[2013.06.11 16:52:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\G Data
[2013.06.11 13:00:51 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Corel
[2013.06.10 20:33:18 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Wise Registry Cleaner
[2013.06.10 20:32:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Registry Cleaner
[2013.06.10 20:32:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wise
[2013.06.08 18:04:01 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Freemium
[2013.06.08 17:58:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SoftwareUpdater
[2013.06.08 17:58:56 | 000,000,000 | ---D | C] -- C:\ProgramData\FreeSystemUtilities
[2013.06.08 17:58:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2013.06.06 21:13:32 | 000,524,016 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\drivers\SynTP.sys
[2013.06.06 21:13:32 | 000,264,432 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynTPAPI.dll
[2013.06.06 21:13:32 | 000,192,240 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynTPCo19.dll
[2013.06.06 21:13:32 | 000,151,280 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysWow64\SynTPCom.dll
[2013.06.06 21:13:26 | 000,351,984 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysWow64\SynCom.dll
[2013.06.06 11:54:34 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\MrJobs
[2013.05.29 10:47:47 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2013.05.29 10:46:59 | 000,192,240 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynTPCo18.dll
[2013.05.28 11:39:19 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013.05.28 10:12:40 | 003,786,752 | ---- | C] (Qualcomm Atheros Communications, Inc.) -- C:\WINDOWS\SysNative\drivers\athw8x.sys
[2013.05.28 09:58:58 | 000,819,440 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynCOM.dll
[2013.05.26 21:01:39 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\elsterformular
[2013.05.26 21:00:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
[2013.05.26 21:00:51 | 000,000,000 | ---D | C] -- C:\ProgramData\elsterformular
[2013.05.26 21:00:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ElsterFormular
[2013.05.23 01:56:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2013.05.23 01:56:41 | 000,017,272 | ---- | C] (Safer Networking Limited) -- C:\WINDOWS\SysNative\sdnclean64.exe
[2013.05.21 21:08:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IsoBuster
[2013.05.21 21:08:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Smart Projects
[2013.05.18 18:08:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2013.05.17 18:31:40 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Ashampoo Slideshow Studio 2012
[2013.05.17 01:15:36 | 000,000,000 | -H-D | C] -- C:\ProgramData\{C9F60138-EDD0-4FE6-997C-6A42B5D7A85D}
[2013.05.17 01:13:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AquaSoft
[2013.05.17 01:13:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AquaSoft
[2013.05.12 17:32:48 | 007,760,687 | ---- | C] (Boraxsoft) -- C:\Users\Admin\AppData\Roaming\SetupGFD.exe
[2013.05.12 17:32:38 | 005,514,668 | ---- | C] (LIGHTNING UK!) -- C:\Users\Admin\AppData\Roaming\Imgburn.exe
[2013.05.12 17:32:35 | 005,082,084 | ---- | C] (The Public) -- C:\Users\Admin\AppData\Roaming\Avisynth.exe
[2012.12.22 08:13:42 | 002,174,976 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Program Files (x86)\Common Files\atimpenc.dll
[2 C:\Users\Admin\*.tmp files -> C:\Users\Admin\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.06.15 15:42:05 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.06.15 15:41:28 | 000,001,122 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.15 15:40:58 | 000,000,358 | ---- | M] () -- C:\WINDOWS\tasks\dsmonitor.job
[2013.06.15 15:39:58 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013.06.15 13:35:00 | 000,001,126 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.15 11:32:08 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.06.15 11:10:43 | 000,000,054 | ---- | M] () -- C:\WINDOWS\DeleteOnReboot.bat
[2013.06.15 10:34:40 | 002,160,314 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2013.06.15 10:34:40 | 000,914,792 | ---- | M] () -- C:\WINDOWS\SysNative\perfh007.dat
[2013.06.15 10:34:40 | 000,844,608 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2013.06.15 10:34:40 | 000,217,756 | ---- | M] () -- C:\WINDOWS\SysNative\perfc007.dat
[2013.06.15 10:34:40 | 000,181,826 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2013.06.14 01:13:44 | 000,002,563 | ---- | M] () -- C:\Users\Public\Desktop\Free System Utilities.lnk
[2013.06.13 01:11:20 | 000,001,074 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013.06.12 22:40:22 | 000,477,288 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2013.06.12 16:54:23 | 000,002,007 | ---- | M] () -- C:\Users\Public\Desktop\Nitro Reader.lnk
[2013.06.12 15:59:19 | 000,000,308 | ---- | M] () -- C:\WINDOWS\tasks\AdvancedDriverUpdater_UPDATES.job
[2013.06.12 09:26:09 | 000,107,128 | ---- | M] (G Data Software) -- C:\WINDOWS\SysNative\drivers\GRD.sys
[2013.06.11 17:07:08 | 000,001,982 | ---- | M] () -- C:\Users\Public\Desktop\G Data InternetSecurity 2014.lnk
[2013.06.11 17:06:58 | 000,068,408 | ---- | M] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\gdwfpcd64.sys
[2013.06.11 17:06:57 | 000,130,392 | ---- | M] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\MiniIcpt.sys
[2013.06.11 17:06:57 | 000,065,368 | ---- | M] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\HookCentre.sys
[2013.06.11 17:06:57 | 000,060,248 | ---- | M] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\GDBehave.sys
[2013.06.11 16:57:03 | 000,064,824 | ---- | M] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\PktIcpt.sys
[2013.06.11 09:53:08 | 000,012,800 | ---- | M] () -- C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.06.10 20:39:35 | 000,003,628 | ---- | M] () -- C:\Users\Admin\Documents\cc_20130610_203842.reg
[2013.06.10 20:32:48 | 000,001,235 | ---- | M] () -- C:\Users\Public\Desktop\Wise Registry Cleaner.lnk
[2013.06.09 21:01:13 | 000,015,712 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\SWDUMon.sys
[2013.06.09 18:40:58 | 000,011,479 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2013.06.08 12:05:49 | 000,001,089 | ---- | M] () -- C:\Users\Public\Desktop\Advanced Driver Updater.lnk
[2013.06.06 21:13:32 | 000,524,016 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\drivers\SynTP.sys
[2013.06.06 21:13:32 | 000,264,432 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynTPAPI.dll
[2013.06.06 21:13:32 | 000,192,240 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynTPCo19.dll
[2013.06.06 21:13:32 | 000,151,280 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\SysWow64\SynTPCom.dll
[2013.06.06 21:13:26 | 000,351,984 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\SysWow64\SynCom.dll
[2013.06.06 21:13:25 | 000,819,440 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynCOM.dll
[2013.06.06 01:38:51 | 000,002,187 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.06.03 12:18:28 | 000,001,197 | ---- | M] () -- C:\Users\Public\Desktop\DriverScanner.lnk
[2013.05.31 09:07:15 | 000,001,579 | ---- | M] () -- C:\Users\Admin\Desktop\DivX Movies.lnk
[2013.05.31 09:06:55 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2013.05.31 09:06:37 | 000,001,160 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2013.05.29 10:46:59 | 000,192,240 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynTPCo18.dll
[2013.05.28 18:49:26 | 000,029,712 | ---- | M] (Nitro PDF Software) -- C:\WINDOWS\SysNative\nitrolocalmon2.dll
[2013.05.28 18:49:26 | 000,017,936 | ---- | M] (Nitro PDF Software) -- C:\WINDOWS\SysNative\nitrolocalui2.dll
[2013.05.28 11:39:42 | 000,000,826 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.05.28 11:33:07 | 000,001,977 | ---- | M] () -- C:\Users\Admin\Desktop\Update Checker.lnk
[2013.05.28 10:06:59 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2013.05.28 09:50:04 | 000,020,536 | ---- | M] () -- C:\WINDOWS\SysNative\nvinfo.pb
[2013.05.26 21:00:54 | 000,001,237 | ---- | M] () -- C:\Users\Public\Desktop\ElsterFormular.lnk
[2013.05.26 20:52:13 | 000,172,994 | ---- | M] () -- C:\Users\Admin\Documents\install_anleitung_elfo.pdf
[2013.05.23 01:56:46 | 000,001,387 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013.05.21 21:08:13 | 000,001,200 | ---- | M] () -- C:\Users\Admin\Desktop\IsoBuster.lnk
[2013.05.20 10:57:12 | 000,001,136 | ---- | M] () -- C:\Users\Public\Desktop\Prism Videodatei-Konverter.lnk
[2013.05.19 17:37:07 | 335,995,200 | ---- | M] () -- C:\Users\Admin\Documents\PowerDirector_2812_GM5.5_Patch_Patch_VDE130411-03.exe
[2013.05.18 11:04:46 | 000,000,959 | ---- | M] () -- C:\Users\Admin\Desktop\Diashow-Player.lnk
[2013.05.17 20:36:43 | 007,077,671 | ---- | M] () -- C:\Users\Admin\Meine Diashow.wmv
[2013.05.17 18:31:32 | 000,001,355 | ---- | M] () -- C:\Users\Public\Desktop\Ashampoo Slideshow Studio 2012.lnk
[2013.05.17 10:26:09 | 007,217,318 | ---- | M] () -- C:\Users\Admin\Documents\dvdr3570h_31_dfu_deu.pdf
[2013.05.17 01:28:59 | 009,687,294 | ---- | M] () -- C:\Users\Admin\Nilkreuzfahrt 2013.ads
[2013.05.17 01:15:33 | 000,001,087 | ---- | M] () -- C:\Users\Public\Desktop\DiaShow 8 Ultimate.lnk
[2013.05.17 01:13:26 | 001,640,788 | ---- | M] () -- C:\Users\Admin\Documents\DiaShowManager_de.pdf
[2 C:\Users\Admin\*.tmp files -> C:\Users\Admin\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.06.15 11:10:43 | 000,000,054 | ---- | C] () -- C:\WINDOWS\DeleteOnReboot.bat
[2013.06.12 22:40:07 | 000,477,288 | ---- | C] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2013.06.12 22:16:53 | 000,386,646 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2013.06.12 16:54:23 | 000,002,007 | ---- | C] () -- C:\Users\Public\Desktop\Nitro Reader.lnk
[2013.06.12 16:54:22 | 000,002,499 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Reader 3.lnk
[2013.06.11 16:56:59 | 000,001,982 | ---- | C] () -- C:\Users\Public\Desktop\G Data InternetSecurity 2014.lnk
[2013.06.10 20:39:05 | 000,003,628 | ---- | C] () -- C:\Users\Admin\Documents\cc_20130610_203842.reg
[2013.06.10 20:32:48 | 000,001,235 | ---- | C] () -- C:\Users\Public\Desktop\Wise Registry Cleaner.lnk
[2013.06.08 17:59:53 | 000,023,624 | ---- | C] () -- C:\WINDOWS\Launcher.exe
[2013.06.08 17:58:57 | 000,002,563 | ---- | C] () -- C:\Users\Public\Desktop\Free System Utilities.lnk
[2013.05.29 11:00:30 | 000,465,645 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\RTAIODAT.DAT
[2013.05.28 10:06:59 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2013.05.26 21:00:54 | 000,001,237 | ---- | C] () -- C:\Users\Public\Desktop\ElsterFormular.lnk
[2013.05.26 20:52:13 | 000,172,994 | ---- | C] () -- C:\Users\Admin\Documents\install_anleitung_elfo.pdf
[2013.05.23 01:56:46 | 000,001,399 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2013.05.23 01:56:46 | 000,001,387 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013.05.21 21:08:13 | 000,001,200 | ---- | C] () -- C:\Users\Admin\Desktop\IsoBuster.lnk
[2013.05.20 10:57:12 | 000,001,148 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prism Videodatei-Konverter.lnk
[2013.05.20 10:57:12 | 000,001,136 | ---- | C] () -- C:\Users\Public\Desktop\Prism Videodatei-Konverter.lnk
[2013.05.19 14:46:25 | 335,995,200 | ---- | C] () -- C:\Users\Admin\Documents\PowerDirector_2812_GM5.5_Patch_Patch_VDE130411-03.exe
[2013.05.17 20:35:10 | 007,077,671 | ---- | C] () -- C:\Users\Admin\Meine Diashow.wmv
[2013.05.17 18:31:32 | 000,001,355 | ---- | C] () -- C:\Users\Public\Desktop\Ashampoo Slideshow Studio 2012.lnk
[2013.05.17 10:26:08 | 007,217,318 | ---- | C] () -- C:\Users\Admin\Documents\dvdr3570h_31_dfu_deu.pdf
[2013.05.17 01:28:56 | 009,687,294 | ---- | C] () -- C:\Users\Admin\Nilkreuzfahrt 2013.ads
[2013.05.17 01:15:33 | 000,001,087 | ---- | C] () -- C:\Users\Public\Desktop\DiaShow 8 Ultimate.lnk
[2013.05.17 01:13:25 | 001,640,788 | ---- | C] () -- C:\Users\Admin\Documents\DiaShowManager_de.pdf
[2013.05.12 17:32:46 | 005,243,208 | ---- | C] (                                                            ) -- C:\Users\Admin\AppData\Roaming\AvsP.exe
[2013.05.12 17:32:43 | 001,357,348 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\MatroskaSplitter.exe
[2013.05.12 17:32:40 | 000,117,723 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\yuvcodecs-1.3.exe
[2013.05.11 19:30:23 | 000,000,196 | ---- | C] () -- C:\WINDOWS\ulead32.ini
[2013.04.09 02:32:45 | 000,011,479 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2013.03.17 18:21:19 | 000,012,800 | ---- | C] () -- C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.01.29 03:58:17 | 002,079,580 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2012.12.31 00:46:12 | 000,000,209 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012.12.27 18:56:29 | 000,000,026 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2012.12.24 01:15:29 | 001,035,321 | ---- | C] () -- C:\WINDOWS\SysWow64\sig.bin
[2012.12.22 12:53:43 | 000,020,992 | ---- | C] () -- C:\WINDOWS\SysWow64\NC_INST.DLL
[2012.12.21 04:20:35 | 000,246,862 | ---- | C] () -- C:\WINDOWS\hpoins40.dat
[2012.12.21 04:20:35 | 000,000,909 | ---- | C] () -- C:\WINDOWS\hpomdl40.dat
[2012.12.21 02:36:27 | 000,083,968 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2012.07.26 10:13:10 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2012.07.26 10:13:09 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2012.07.26 09:21:26 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012.07.26 03:17:42 | 000,043,520 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2012.07.25 22:37:29 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2012.07.25 22:28:31 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2012.06.02 16:31:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2011.10.08 13:02:40 | 000,001,024 | ---- | C] () -- C:\Users\Admin\.rnd
 
========== ZeroAccess Check ==========
 
[2012.12.24 01:21:30 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.03.06 08:31:28 | 019,758,592 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.03.06 07:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013.01.28 17:46:45 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\6Wunderkinder
[2012.12.23 01:26:17 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\ACD Systems
[2013.05.10 17:56:29 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Anvsoft
[2013.05.10 18:36:53 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\AquaSoft
[2012.12.27 09:14:31 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Ashampoo
[2013.05.17 18:31:40 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Ashampoo Slideshow Studio 2012
[2012.12.25 12:11:23 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Audacity
[2012.12.27 09:27:07 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Canneverbe Limited
[2012.12.31 01:25:12 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013.06.12 16:53:51 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Downloaded Installations
[2013.02.18 12:00:55 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\driveridentifier
[2013.02.19 02:57:53 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Drivers For Free
[2013.02.17 21:05:18 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DriverSleuth
[2013.03.15 18:13:09 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DriverTurbo
[2012.12.21 06:20:27 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DVDVideoSoft
[2013.02.18 06:03:45 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Easeware
[2013.05.26 21:01:41 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\elsterformular
[2012.12.22 21:05:20 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\FileOpen
[2013.02.25 10:43:36 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\GHISLER
[2013.01.12 02:10:00 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\GlarySoft
[2012.12.28 17:45:18 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\hdbADS
[2013.05.13 11:23:46 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\IN-MEDIAKG
[2013.05.14 10:30:31 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\IrfanView
[2013.04.09 18:20:11 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\K-Pacs-Lite
[2013.02.05 18:32:20 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Leadertech
[2013.04.16 19:54:56 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\LG Electronics
[2012.12.30 12:34:34 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\MOVAVI
[2013.05.14 12:37:07 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\mresreg
[2013.06.06 11:54:34 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\MrJobs
[2012.12.22 21:05:20 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Nitro
[2013.05.12 21:22:21 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Nitro PDF
[2012.12.30 15:40:50 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\No Company Name
[2012.12.21 02:45:03 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Opera
[2012.12.22 12:19:23 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\RoboForm
[2013.01.21 12:11:24 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\StartMenuX
[2013.02.21 16:59:01 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Systweak
[2012.12.22 17:32:02 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\TestApp
[2012.12.21 06:05:02 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Thunderbird
[2012.12.23 03:00:10 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\TuneUp Software
[2013.05.11 19:32:43 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Ulead Systems
[2013.06.07 00:42:44 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Uniblue
[2013.05.14 17:29:11 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\uTorrent
[2013.06.10 20:54:38 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Wise Registry Cleaner
[2012.12.30 12:50:45 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Xilisoft
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< c:\windows\Tasks\* /s >
[2013.06.15 11:32:08 | 000,000,884 | ---- | M] () -- c:\windows\Tasks\Adobe Flash Player Updater.job
[2013.06.12 15:59:19 | 000,000,308 | ---- | M] () -- c:\windows\Tasks\AdvancedDriverUpdater_UPDATES.job
[2013.03.26 11:09:15 | 000,000,424 | ---- | M] () -- c:\windows\Tasks\DriverEasy Scheduled Scan.job
[2013.06.15 15:40:58 | 000,000,358 | ---- | M] () -- c:\windows\Tasks\dsmonitor.job
[2013.06.15 15:41:28 | 000,001,122 | ---- | M] () -- c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.06.15 13:35:00 | 000,001,126 | ---- | M] () -- c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013.06.15 15:40:20 | 000,000,006 | -H-- | M] () -- c:\windows\Tasks\SA.DAT
[2012.07.26 09:22:10 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2012.12.21 06:08:56 | 000,001,122 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2012.12.21 06:08:59 | 000,001,126 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2012.12.23 03:27:46 | 000,000,884 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2013.02.21 16:59:17 | 000,000,308 | ---- | C] () -- C:\WINDOWS\Tasks\AdvancedDriverUpdater_UPDATES.job
[2013.03.11 04:55:04 | 000,000,358 | ---- | C] () -- C:\WINDOWS\Tasks\dsmonitor.job
[2013.03.26 04:23:13 | 000,000,424 | ---- | C] () -- C:\WINDOWS\Tasks\DriverEasy Scheduled Scan.job
 
< c:\windows\system32\Tasks\* /s  >
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:DFC5A2B2

< End of report >
--- --- ---

schrauber 15.06.2013 16:08

Fixen mit OTL

  • Starte bitte die OTL.exe.
  • Kopiere nun den Inhalt aus der Codebox in die Textbox.
Code:
:OTL
[2013.06.12 15:59:19 | 000,000,308 | ---- | M] () -- c:\windows\Tasks\AdvancedDriverUpdater_UPDATES.job
[2013.03.26 11:09:15 | 000,000,424 | ---- | M] () -- c:\windows\Tasks\DriverEasy Scheduled Scan.job
[2013.06.15 15:40:58 | 000,000,358 | ---- | M] () -- c:\windows\Tasks\dsmonitor.job
[2013.02.21 16:59:17 | 000,000,308 | ---- | C] () -- C:\WINDOWS\Tasks\AdvancedDriverUpdater_UPDATES.job
[2013.03.11 04:55:04 | 000,000,358 | ---- | C] () -- C:\WINDOWS\Tasks\dsmonitor.job
[2013.03.26 04:23:13 | 000,000,424 | ---- | C] () -- C:\WINDOWS\Tasks\DriverEasy Scheduled Scan.job
  • Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
  • Schließe bitte nun alle Programme.
  • Klicke nun bitte auf den Fix Button.
  • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
  • Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
    ( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
    Kopiere nun den Inhalt hier in Deinen Thread

luci4712 16.06.2013 09:12
Hier das nächste Log:

Error: Unable to interpret <[2013.06.12 15:59:19 | 000,000,308 | ---- | M] () -- c:\windows\Tasks\AdvancedDriverUpdater_UPDATES.job> in the current context!
Error: Unable to interpret <[2013.03.26 11:09:15 | 000,000,424 | ---- | M] () -- c:\windows\Tasks\DriverEasy Scheduled Scan.job> in the current context!
Error: Unable to interpret <[2013.06.15 15:40:58 | 000,000,358 | ---- | M] () -- c:\windows\Tasks\dsmonitor.job> in the current context!
Error: Unable to interpret <[2013.02.21 16:59:17 | 000,000,308 | ---- | C] () -- C:\WINDOWS\Tasks\AdvancedDriverUpdater_UPDATES.job> in the current context!
Error: Unable to interpret <[2013.03.11 04:55:04 | 000,000,358 | ---- | C] () -- C:\WINDOWS\Tasks\dsmonitor.job> in the current context!
Error: Unable to interpret <[2013.03.26 04:23:13 | 000,000,424 | ---- | C] () -- C:\WINDOWS\Tasks\DriverEasy Scheduled Scan.job> in the current context!
Error: Unable to interpret < > in the current context!

OTL by OldTimer - Version 3.2.69.0 log created on 06162013_100921

schrauber 16.06.2013 09:15
Hi,

Du hast :OTL im Fix vergessen, bitte nochmal den Fix, dann reboot und Check ob die Meldung noch kommt.

luci4712 16.06.2013 09:34
Sorry. Neues Log anbei. Meldung erscheint noch immer beim Neustart.

========== OTL ==========
c:\Windows\Tasks\AdvancedDriverUpdater_UPDATES.job moved successfully.
c:\Windows\Tasks\DriverEasy Scheduled Scan.job moved successfully.
c:\Windows\Tasks\dsmonitor.job moved successfully.
File C:\WINDOWS\Tasks\AdvancedDriverUpdater_UPDATES.job not found.
File C:\WINDOWS\Tasks\dsmonitor.job not found.
File C:\WINDOWS\Tasks\DriverEasy Scheduled Scan.job not found.

OTL by OldTimer - Version 3.2.69.0 log created on 06162013_102435

schrauber 16.06.2013 09:53
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


Lade SystemLook von jpshortstuff von einem der folgenden Spiegel herunter und speichere das Tool auf dem Desktop.
SystemLook (64 bit)
  • Doppelklicke auf die SystemLook_x64.exe, um das Tool zu starten.
  • Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:
    Code:
    :folderfind
    *HomeTab*
    :filefind
    *HomeTab*
    :regfind
    HomeTab
  • Klicke nun auf den Button Look, um den Scan zu starten.
  • Der Suchlauf kann einige Zeit dauern.
  • Wenn der Suchlauf beendet ist, wird sich Dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
  • Die Ergebnisse werden auf dem Desktop als SystemLook.txt gespeichert.

luci4712 16.06.2013 10:53
Textdatei AdwCleaner:AdwCleaner Logfile:
Code:
# AdwCleaner v2.303 - Datei am 16/06/2013 um 11:41:21 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 8 Pro with Media Center  (64 bits)
# Benutzer : Admin - ADMIN-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Admin\Downloads\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Gelöscht mit Neustart : C:\Program Files (x86)\FromDocToPDF_65

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C66A678D-5E6C-4AF9-8F57-C6192F42CF74}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C66A678D-5E6C-4AF9-8F57-C6192F42CF74}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{13119113-0854-469D-807A-171568457991}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{33119133-0854-469D-807A-171568457991}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C66A678D-5E6C-4AF9-8F57-C6192F42CF74}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{C66A678D-5E6C-4AF9-8F57-C6192F42CF74}]

***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16537

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v21.0 (de)

Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\boyttrw8.default-1370988776258\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v27.0.1453.110

Datei : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

-\\ Opera v12.15.1748.0

Datei : C:\Users\Admin\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [15467 octets] - [13/06/2013 10:04:40]
AdwCleaner[R2].txt - [2449 octets] - [15/06/2013 11:07:31]
AdwCleaner[R3].txt - [2388 octets] - [16/06/2013 11:39:27]
AdwCleaner[S1].txt - [15530 octets] - [13/06/2013 10:08:16]
AdwCleaner[S2].txt - [653 octets] - [15/06/2013 11:10:19]
AdwCleaner[S3].txt - [2329 octets] - [16/06/2013 11:41:21]

########## EOF - C:\AdwCleaner[S3].txt - [2389 octets] ##########
--- --- ---

schrauber 16.06.2013 10:55
und weiter :)

luci4712 16.06.2013 14:07
Beiliegend Log

SystemLook 30.07.11 by jpshortstuff
Log created at 14:54 on 16/06/2013 by Admin
Administrator - Elevation successful

========== folderfind ==========

Searching for "*HomeTab*"
No folders found.

========== filefind ==========

Searching for "*HomeTab*"
C:\Users\Admin\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\hometab.tmp.log --a---- 1122 bytes [16:00 08/06/2013] [16:00 08/06/2013] 12A82280E14075A5249BB3AF152888D9
C:\Windows\Prefetch\HOMETAB.TMP-C25FCAA6.pf --a---- 92526 bytes [15:59 08/06/2013] [15:59 08/06/2013] 5BE837AA1E16EE75C7EDBC1AC3F553D8

========== regfind ==========

Searching for "HomeTab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fgibjgmnimooanbagcfpnkmngejcojaf]
"path"="C:\Program Files (x86)\HomeTab\chrome\HomeTab.crx"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\hometab_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\hometab_RASMANCS]

Searching for " "
[HKEY_CURRENT_USER\Software\Innovative Solutions\DriverMax\Dump\167]
"Desc"="U2 "
[HKEY_CURRENT_USER\Software\Innovative Solutions\DriverMax\Dump\170]
"Desc"="DSC "
[HKEY_LOCAL_MACHINE\HARDWARE\DEVICEMAP\Scsi\Scsi Port 0\Scsi Bus 0\Target Id 0\Logical Unit Id 0]
"Identifier"="SAMSUNG HM321HI 2AJ1"
[HKEY_LOCAL_MACHINE\SOFTWARE\DivX\Install\ASPEncoder]
"Description"="
<h3>Das Kernstück Ihres HD-Videoerlebnisses</h3>
<p>Der Codec, der die Videowelt revolutioniert hat, wurde weiter optimiert. Wir bezeichnen diese Version als „Pro“, da sie zudem fantastische fortschrittliche Encoding-Einstellungen bietet, mit denen Sie mit Drittanbietersoftware hochwertige DivX-Video generieren können, die auf jedem beliebigen DivX Certified®-Gerät wiedergegeben werden können.</p>
<h3>Gute Gründe für den DivX Codec</h3>
<ul>
<li>Erstellen Sie mit Drittanbietersoftware oder mit dem DivX Converter hochwertige, stark komprimierte DivX-Videos.</li>
<li>Wir garantieren, dass Ihre Videos abgesehen von Deinem PC auch auf DivX Certified-DVD-Playern, Mobiltelefonen, Spielekonsolen uvm. abgespielt werden können.</li>
<li>Optimieren Sie Ihre Videos mit den fortschrittlichen Encoding-Einstellungen, um hochwertigere Dateien zu erhalten.</li>
</ul>"
[HKEY_LOCAL_MACHINE\SOFTWARE\DivX\Install\Converter]
"Description"="
<p>DivX Plus® Converter konvertiert im Handumdrehen gängige Formate in DivX-, MKV- und MP4-Videos in hoher Qualität – für eine reibungslose, zuverlässige Wiedergabe auf einer ganzen Reihe von Unterhaltungselektronikgeräten</p>
<ul>
<li>Konvertieren einer ganzen Reihe von Formaten in DivX- und DivX Plus – zur Wiedergabe auf DivX Certified-Geräten</li>
<li>Zwei neue MP4-Profile zum einfachen Erstellen von Videos für iPhone® und iPad®</li>
<li>Erstellen erweiterter Funktionen wie reibungslosem Vor- und Rücklauf und Kombination mehrerer Dateien in einem Video</li>
<li>Videos in einer einzigen Sitzung gleichzeitig konvertieren – sogar bei verschiedenen Formaten</li>
<li>15-Tage-Testversion des MPEG-2/DVD-Plug-Ins um Deine DVDs zu konvertieren.</li>
</ul>
"
[HKEY_LOCAL_MACHINE\SOFTWARE\DivX\Install\Player]
"Description"="
<p>Der DivX Plus® Player bietet beeindruckende HD-Videowiedergabe</p>
<ul>
<li>Hochwertiges DivX (.avi und .divX), DivX Plus (.mkv) und andere gängige Videoformate auf dem PC ansehen</li>
<li>Einfache Übertragung von Videos mit DivX to Go® auf beliebige DivX Certified®-Geräte oder Streaming auf DLNA-kompatible Geräte bei Dir zu Hause</li>
<li>Erweiterte Funktionen wie reibungsloser Vor- und Rücklauf, mehrere Untertitel und mehrere Audiospuren</li>
</ul>
"
[HKEY_LOCAL_MACHINE\SOFTWARE\DivX\Install\Setup\BundleGroups\divx.com]
"BundleGroupDescription"="
<p>DivX Plus®-Software bietet alles, was Du für ein echtes Kinoerlebnis brauchst – auf dem Computer, zu Hause und unterwegs. Das beste DivX® Video-Erlebnis erhältst Du, wenn Du alle Komponenten installierst. <a href="hxxp://go.divx.com/WhatsNew/de" target="_blank">Neu in dieser Version.</a></p>
<ul>
<li>Konvertieren in DivX und MKV mithilfe von DivX Converter und Tools von Drittanbietern – unbegrenzt und kostenlos</li>
<li>Zwei neue MP4-Profile zum Erstellen von Videos für iPhone®, iPad® und mehr </li>
<li>Streaming auf DLNA-kompatible Geräte bei Dir zu Hause</li>
<li>15-Tage-Testversion des MPEG-2/DVD-Plug-Ins um Deine DVDs zu konvertieren.</li>
</ul>
"
[HKEY_LOCAL_MACHINE\SOFTWARE\DivX\Install\Setup\InstallGroups\FiltersAndCodecs]
"Description"="
<p>Mit dem DivX Plus® Codec Pack kannst Du DivX®-Videos mit Deinen Lieblingsanwendungen abspielen und erstellen.</p>
<ul>
<li>DivX- und DivX Plus-Videos auf jedem beliebigen Media-Player abspielen (wie beispielsweise Windows Media Player, QuickTime, Media Player Classic)</li>
<li>Ausgabe von AVI-Videos mit Deiner Lieblingsbearbeitungssoftware (z. B. Sony Vegas, Virtual Dub)</li>
<li>Konvertieren in DivX und MKV mithilfe von DivX Converter und Tools von Drittanbietern – unbegrenzt und kostenlos</li>
</ul>
"
[HKEY_LOCAL_MACHINE\SOFTWARE\DivX\Install\Setup\InstallGroups\SharedLibraries]
"Description"="
<ul>
<li>Das DivX VOD-Plug-in sorgt für besseres Erlebnis für Kunden, die Filme von DivX VOD - Shops beziehen.</li>
</ul>
"
[HKEY_LOCAL_MACHINE\SOFTWARE\DivX\Install\WebPlayer]
"Description"="
<p>Der DivX Plus® Web Player bietet hochwertiges HD-Videostreaming in Deinem Lieblingsbrowser.</p>
<ul>
<li>Unterstützt*DivX Plus Streaming™*(adaptives Streaming von H.264/MKV-Video mit Features).</li>
<li>Streaming der gängigsten Formate im Internet (.divx, .avi, .mkv, .mp4, .mov)</li>
<li>Weniger CPU- und Akkuverbrauch mit H.264-DXVA-Hardwarebeschleunigung</li>
</ul>
"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\S-1-5-21-4293325158-2762499305-3726567904-1001\{2FAB747C-F1A5-4158-AFC1-6BC3FF1227F5}]
"RatingsInfo"="<Ratings xmlns="urn:schemas-microsoft-com:GameDescription.v1">
<Rating ratingSystemID="{0933BE9E-EEA2-404c-8754-F766905FF34D}" ratingID="{DC21B59B-64D9-4972-A522-5FC32DF45DE1}"/>
<Rating ratingSystemID="{36798944-B235-48ac-BF21-E25671F597EE}" ratingID="{464299D0-6D57-47e8-AA53-A849CBEA12CB}"/>
<Rating ratingSystemID="{768BD93D-63BE-46A9-8994-0B53C4B5248F}" ratingID="{7A53B0BE-B92D-4e8a-A11F-8E6F9F3C575B}"/>
<Rating ratingSystemID="{E4143A43-A09E-44DB-9CB9-D1C96F7203F2}" ratingID="{928E6439-F692-406A-AF38-E9E31B81CF46}"/>
<Rating ratingSystemID="{B305AB16-9FF2-40f5-A658-C014566500DE}" ratingID="{56DAFE1F-E267-476d-8E69-CB56652CC3D8}"/>
<Rating ratingSystemID="{48FADB07-3DF2-4B2C-9D01-EEE9FC102290}" ratingID="{FF84D920-1385-4069-B1CB-12474E8234B6}"/>
<R
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\S-1-5-21-4293325158-2762499305-3726567904-1001\{43251954-2BE7-4D4F-BACD-86379C660357}]
"RatingsInfo"="<Ratings xmlns="urn:schemas-microsoft-com:GameDescription.v1">
<Rating ratingSystemID="{0933BE9E-EEA2-404c-8754-F766905FF34D}" ratingID="{DC21B59B-64D9-4972-A522-5FC32DF45DE1}"/>
<Rating ratingSystemID="{36798944-B235-48ac-BF21-E25671F597EE}" ratingID="{464299D0-6D57-47e8-AA53-A849CBEA12CB}"/>
<Rating ratingSystemID="{768BD93D-63BE-46A9-8994-0B53C4B5248F}" ratingID="{7A53B0BE-B92D-4e8a-A11F-8E6F9F3C575B}"/>
<Rating ratingSystemID="{E4143A43-A09E-44DB-9CB9-D1C96F7203F2}" ratingID="{928E6439-F692-406A-AF38-E9E31B81CF46}"/>
<Rating ratingSystemID="{B305AB16-9FF2-40f5-A658-C014566500DE}" ratingID="{56DAFE1F-E267-476d-8E69-CB56652CC3D8}"/>
<Rating ratingSystemID="{30d34abd-c6b3-4802-924e-f0c9fc65022b}" ratingID="{24D81953-37B6-4e5e-B7DF-2B7D7AA6E53B}"/>
<R
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\GameUX\S-1-5-21-4293325158-2762499305-3726567904-1001\{7AD9EFDC-9318-4BAA-A88E-B7B96B5AD95B}]
"RatingsInfo"="<Ratings xmlns="urn:schemas-microsoft-com:GameDescription.v1">
<Rating ratingSystemID="{48FADB07-3DF2-4B2C-9D01-EEE9FC102290}" ratingID="{FF84D920-1385-4069-B1CB-12474E8234B6}"/>
</Ratings>"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell]
"ConfigXML"=" <PlugInConfiguration xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Name="microsoft.powershell" Filename="%windir%\system32\pwrshplugin.dll" SDKVersion="2" XmlRenderingType="text" Enabled="true" > <InitializationParameters> <Param Name="PSVersion" Value="3.0"/> </InitializationParameters> <Resources> <Resource ResourceUri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell" SupportsOptions="true" ExactMatch="true"> <Security xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Uri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell" ExactMatch="true" Sddl="O:NSG:BAD:P(A;;GA;;;BA)(A;;GA;;;RM)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)"/> <Capability Type="Shell"/> </Reso
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell.Workflow]
"ConfigXML"=" <PlugInConfiguration xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Name="microsoft.powershell.workflow" Filename="%windir%\system32\pwrshplugin.dll" SDKVersion="2" XmlRenderingType="text" UseSharedProcess="true" ProcessIdleTimeoutSec="28800" RunAsUser="" RunAsPassword="" AutoRestart="false" Enabled="true" > <InitializationParameters> <Param Name="PSVersion" Value="3.0"/> <Param Name="AssemblyName" Value="Microsoft.PowerShell.Workflow.ServiceCore, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL"/> <Param Name="PSSessionConfigurationTypeName" Value="Microsoft.PowerShell.Workflow.PSWorkflowSessionConfiguration"/> <Param Name="SessionConfigurationData" Value="
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell32]
"ConfigXML"="<PlugInConfiguration xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Name="microsoft.powershell32" Filename="%windir%\system32\pwrshplugin.dll" SDKVersion="2" XmlRenderingType="text" Architecture="32" Enabled="true" > <InitializationParameters> <Param Name="PSVersion" Value="3.0"/> </InitializationParameters> <Resources> <Resource ResourceUri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell32" SupportsOptions="true" ExactMatch="true"> <Security xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Uri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell32" ExactMatch="true" Sddl="O:NSG:BAD:P(A;;GA;;;BA)(A;;GA;;;RM)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)"/>
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_LGE&PROD_U2&REV_0000#7&1B67F62B&0&2604 000600000001015D93321600B010&0#]
"DeviceDesc"="U2 "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_LGE&PROD_U2&REV_0000#7&3A2C657B&0&2604 000600000001015D93321600B010&0#]
"DeviceDesc"="U2 "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_LGE&PROD_U2&REV_0000#9&DA4FF87&0&26040 00600000001015D93321600B010&0#]
"DeviceDesc"="U2 "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_SONY&PROD_DSC&REV_1.00#D357207374A9&0#]
"DeviceDesc"="DSC "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_LGE&PROD_U2&REV_0000#7&1B67F62B&0& 2604000600000001015D93321600B010&0#]
"DeviceDesc"="U2 "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_LGE&PROD_U2&REV_0000#7&3A2C657B&0& 2604000600000001015D93321600B010&0#]
"DeviceDesc"="U2 "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_LGE&PROD_U2&REV_0000#9&DA4FF87&0&2 604000600000001015D93321600B010&0#]
"DeviceDesc"="U2 "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_SONY&PROD_DSC&REV_1.00#D357207374A 9&0#]
"DeviceDesc"="DSC "
[HKEY_USERS\S-1-5-21-4293325158-2762499305-3726567904-1001\Software\Innovative Solutions\DriverMax\Dump\167]
"Desc"="U2 "
[HKEY_USERS\S-1-5-21-4293325158-2762499305-3726567904-1001\Software\Innovative Solutions\DriverMax\Dump\170]
"Desc"="DSC "

-= EOF =-

Log "Junkware Removal Tool" bekomme ich nicht.

Das System geht immer bis "Prozesse" und schaltet dann ab. Ein Log habe ich nicht bekommen.

Log "Junkware Removal Tool" bekomme ich immer noch nicht.

Das System geht immer bis "Prozesse" und schaltet dann ab. Ein Log habe ich nicht bekommen.

schrauber 16.06.2013 18:20

Fixen mit OTL

  • Starte bitte die OTL.exe.
  • Kopiere nun den Inhalt aus der Codebox in die Textbox.
Code:
:files
C:\Windows\Prefetch\HOMETAB.TMP-C25FCAA6.pf
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fgibjgmnimooanbagcfpnkmngejcojaf]
  • Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
  • Schließe bitte nun alle Programme.
  • Klicke nun bitte auf den Fix Button.
  • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
  • Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
    ( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
    Kopiere nun den Inhalt hier in Deinen Thread


dann bitte nen neuen Custom Scan mit OTl mit dem hier:

Code:
c:\windows\Tasks\* /s
c:\windows\system32\Tasks\* /s

luci4712 16.06.2013 19:18
der OTL Fix Log

========== FILES ==========
C:\Windows\Prefetch\HOMETAB.TMP-C25FCAA6.pf moved successfully.
File\Folder [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fgibjgmnimooanbagcfpnkmngejcojaf] not found.

OTL by OldTimer - Version 3.2.69.0 log created on 06162013_201608

Die Meldung erscheint immer noch beim Start.

Beiliegend Log OtlOTL Logfile:
Code:
OTL logfile created on: 16.06.2013 20:20:02 - Run 6
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\Admin\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16599)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,75 Gb Total Physical Memory | 2,09 Gb Available Physical Memory | 55,84% Memory free
4,44 Gb Paging File | 2,25 Gb Available in Paging File | 50,66% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 278,33 Gb Total Space | 36,69 Gb Free Space | 13,18% Space Free | Partition Type: NTFS
Drive D: | 19,76 Gb Total Space | 9,04 Gb Free Space | 45,77% Space Free | Partition Type: NTFS
 
Computer Name: ADMIN-PC | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\PROGRA~2\FROMDO~2\bar\1.bin\65barsvc.exe (COMPANYVERS_NAME)
PRC - C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65brmon.exe (VER_COMPANY_NAME)
PRC - C:\Users\Admin\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe (Uniblue Systems Ltd)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)
PRC - C:\Programme\Classic Shell\ClassicShellService.exe (IvoSoft)
PRC - C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe (Microsoft Corp.)
PRC - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG)
PRC - C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG)
PRC - C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (G Data Software AG)
PRC - C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG)
PRC - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe (G Data Software AG)
PRC - C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Program Files (x86)\Secunia\PSI\PSIA.exe (Secunia)
PRC - C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
PRC - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
PRC - C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe ()
PRC - C:\Windows\SysWOW64\PSIService.exe ()
 
 
========== Modules (No Company Name) ==========
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (WMSVC) -- C:\Windows\SysNative\inetsrv\WMSvc.exe (Microsoft Corporation)
SRV:64bit: - (TlntSvr) -- C:\Windows\SysNative\tlntsvr.exe (Microsoft Corporation)
SRV:64bit: - (simptcp) -- C:\Windows\SysNative\TCPSVCS.EXE (Microsoft Corporation)
SRV:64bit: - (SNMP) -- C:\Windows\SysNative\snmp.exe (Microsoft Corporation)
SRV:64bit: - (MSMQTriggers) -- C:\Windows\SysNative\mqtgsvc.exe (Microsoft Corporation)
SRV:64bit: - (MSMQ) -- C:\Windows\SysNative\mqsvc.exe (Microsoft Corporation)
SRV:64bit: - (IISADMIN) -- C:\Windows\SysNative\inetsrv\inetinfo.exe (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (LPDSVC) -- C:\Windows\SysNative\lpdsvc.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (iprip) -- C:\Windows\SysNative\iprip.dll (Microsoft Corporation)
SRV:64bit: - (ftpsvc) -- C:\Windows\SysNative\inetsrv\ftpsvc.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (DsRoleSvc) -- C:\Windows\SysNative\dsrolesrv.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV - (FromDocToPDF_65Service) -- C:\PROGRA~2\FROMDO~2\bar\1.bin\65barsvc.exe (COMPANYVERS_NAME)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SystemStoreService) -- C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe ()
SRV - (NitroReaderDriverReadSpool3) -- C:\Programme\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe (Nitro PDF Software)
SRV - (AVKWCtl) -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe (G Data Software AG)
SRV - (ClassicShellService) -- C:\Programme\Classic Shell\ClassicShellService.exe (IvoSoft)
SRV - (BingDesktopUpdate) -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe (Microsoft Corp.)
SRV - (AVKProxy) -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG)
SRV - (GDFwSvc) -- C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe (G Data Software AG)
SRV - (GDScan) -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG)
SRV - (AVKService) -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe (G Data Software AG)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (RichVideo64) -- C:\Programme\CyberLink\Shared files\RichVideo64.exe ()
SRV - (simptcp) -- C:\Windows\SysWOW64\TCPSVCS.EXE (Microsoft Corporation)
SRV - (SNMP) -- C:\Windows\SysWOW64\snmp.exe (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (WAS) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (W3SVC) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (AppHostSvc) -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
SRV - (Secunia PSI Agent) -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe (Secunia)
SRV - (Secunia Update Agent) -- C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
SRV - (ForceWare Intelligent Application Manager (IAM) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe ()
SRV - (nSvcIp) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe ()
SRV - (osppsvc) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (ose64) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (DfSdkS) -- C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\DfsdkS.exe (mst software GmbH, Germany)
SRV - (AdobeActiveFileMonitor6.0) -- C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe ()
SRV - (ProtexisLicensing) -- C:\Windows\SysWOW64\PSIService.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (GRD) -- C:\Windows\SysNative\Drivers\GRD.sys (G Data Software)
DRV:64bit: - (gdwfpcd) -- C:\Windows\SysNative\Drivers\gdwfpcd64.sys (G Data Software AG)
DRV:64bit: - (GDMnIcpt) -- C:\Windows\SysNative\Drivers\MiniIcpt.sys (G Data Software AG)
DRV:64bit: - (HookCentre) -- C:\Windows\SysNative\Drivers\HookCentre.sys (G Data Software AG)
DRV:64bit: - (GDBehave) -- C:\Windows\SysNative\Drivers\GDBehave.sys (G Data Software AG)
DRV:64bit: - (GDPkIcpt) -- C:\Windows\SysNative\Drivers\PktIcpt.sys (G Data Software AG)
DRV:64bit: - (SWDUMon) -- C:\Windows\SysNative\Drivers\SWDUMon.sys ()
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\Drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\Drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\Drivers\sptd.sys (Duplex Secure Ltd.)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\Drivers\ETD.sys (ELAN Microelectronics Corp.)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\Drivers\athw8x.sys (Qualcomm Atheros Communications, Inc.)
DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\Drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV:64bit: - (NVNET) -- C:\Windows\SysNative\Drivers\nvmf6264.sys (NVIDIA Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (gfibto) -- C:\Windows\SysNative\Drivers\gfibto.sys (GFI Software)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\Drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (gfiark) -- C:\Windows\SysNative\Drivers\gfiark.sys (GFI Software)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (MQAC) -- C:\Windows\SysNative\Drivers\mqac.sys (Microsoft Corporation)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\Drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (Vid) -- C:\Windows\SysNative\Drivers\Vid.sys (Microsoft Corporation)
DRV:64bit: - (storvsp) -- C:\Windows\SysNative\Drivers\storvsp.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (vmbusr) -- C:\Windows\SysNative\Drivers\vmbusr.sys (Microsoft Corporation)
DRV:64bit: - (vpcivsp) -- C:\Windows\SysNative\Drivers\vpcivsp.sys (Microsoft Corporation)
DRV:64bit: - (RMCAST) -- C:\Windows\SysNative\Drivers\rmcast.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (andnetadb) -- C:\Windows\SysNative\Drivers\lgandnetadb.sys (Google Inc)
DRV:64bit: - (ANDNetModem) -- C:\Windows\SysNative\Drivers\lgandnetmodem64.sys (LG Electronics Inc.)
DRV:64bit: - (AndNetDiag) -- C:\Windows\SysNative\Drivers\lgandnetdiag64.sys (LG Electronics Inc.)
DRV:64bit: - (LPCFilter) -- C:\Windows\SysNative\Drivers\LPCFilter.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (USBModem) -- C:\Windows\SysNative\Drivers\lgx64modem.sys (LG Electronics Inc.)
DRV:64bit: - (UsbDiag) -- C:\Windows\SysNative\Drivers\lgx64diag.sys (LG Electronics Inc.)
DRV:64bit: - (usbbus) -- C:\Windows\SysNative\Drivers\lgx64bus.sys (LG Electronics Inc.)
DRV:64bit: - (MxEFUF) -- C:\Windows\SysNative\Drivers\MxEFUF64.sys (Matrox Graphics Inc.)
DRV:64bit: - (regi) -- C:\Windows\SysNative\Drivers\regi.sys (InterVideo)
DRV:64bit: - (PSI) -- C:\Windows\SysNative\Drivers\psi_mf.sys (Secunia)
DRV:64bit: - (XUIF) -- C:\Windows\SysNative\Drivers\x10ufx2.sys (X10 Wireless Technology, Inc.)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = about:newtab
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = about:newtab
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = about:newtab
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{83A37814-D9DF-4FBB-814C-6BE00D227B48}: "URL" = hxxp://search.certified-toolbar.com?si=46364&st=bs&tid=3869&ver=3.2&ts=1370707150399&tguid=46364-3869-1370707150399-65824477116CA2415AE5942F28A728D0&q={searchTerms}
IE - HKLM\..\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}: "URL" = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^HJ^xdm255^YY^de&si=CMOt7MuTk7cCFZLKtAodLiEA-w&ptb=1A1D9FAA-C908-4CD3-A27D-9D256F5C47C2&ind=2013051309&n=77fcb9ad&psa=&st=sb&searchfor={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 84 C7 E5 17 19 DF CD 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page =
IE - HKCU\..\URLSearchHook: {4c60e5ab-5c68-4c59-abaa-885010b24b32} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {83A37814-D9DF-4FBB-814C-6BE00D227B48}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\..\SearchScopes\{105C51F9-9778-4686-815B-9A845D78F82C}: "URL" = hxxp://blekko.com/ws/?source=5f97ddbe&tbp=rbox&u=5450479400000000000012224354fec1&q={searchTerms}&r=279
IE - HKCU\..\SearchScopes\{695A8050-B0AF-4395-8680-B169BEE78F03}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3282494&CUI=UN19012636752030930&UM=1
IE - HKCU\..\SearchScopes\{83A37814-D9DF-4FBB-814C-6BE00D227B48}: "URL" = hxxp://www.bing.com/search?FORM=UP93DF&PC=UP93&dt=061013&q={searchTerms}&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}: "URL" = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^HJ^xdm255^YY^de&si=CMOt7MuTk7cCFZLKtAodLiEA-w&ptb=1A1D9FAA-C908-4CD3-A27D-9D256F5C47C2&ind=2013051309&n=77fcb9ad&psa=&st=sb&searchfor={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://comcenter.netcologne.de/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Plus Web Player Plug-In,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013.05.31 09:07:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.05.14 17:28:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.06.12 16:52:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.05.18 18:08:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2013.06.12 16:52:04 | 000,000,000 | ---D | M]
 
[2013.05.04 09:34:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Extensions
[2013.06.11 13:15:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\3katwwvs.default\extensions
[2013.06.11 13:15:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\3katwwvs.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
[2013.05.14 17:28:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2013.05.14 17:28:25 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - default_search_provider: Bing (Enabled)
CHR - default_search_provider: search_url = hxxp://www.bing.com/search?FORM=UP93DF&PC=UP93&dt=061013&q={searchTerms}&src=IE-SearchBox
CHR - default_search_provider: suggest_url = hxxp://api.bing.com/qsml.aspx?query={searchTerms}&market={Language}&form=UP93DF&dt=061013&maxwidth={ie:maxWidth}&rowheight={ie:rowHeight}&sectionHeight={ie:sectionHeight}
CHR - homepage: hxxp://www.msn.com/?pc=UP93&ocid=UP93DHP&dt=061013
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\pdf.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll
CHR - Extension: Google Drive = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google-Suche = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Mehr Leistung und Videoformate fr dein HTML5 video = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0\
CHR - Extension: Google Mail = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2013.04.09 02:37:14 | 000,446,305 | R--- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O1 - Hosts: 127.0.0.1        www.007guard.com
O1 - Hosts: 127.0.0.1        007guard.com
O1 - Hosts: 127.0.0.1        008i.com
O1 - Hosts: 127.0.0.1        www.008k.com
O1 - Hosts: 127.0.0.1        008k.com
O1 - Hosts: 127.0.0.1        www.00hq.com
O1 - Hosts: 127.0.0.1        00hq.com
O1 - Hosts: 127.0.0.1        010402.com
O1 - Hosts: 127.0.0.1        www.032439.com
O1 - Hosts: 127.0.0.1        032439.com
O1 - Hosts: 127.0.0.1        www.0scan.com
O1 - Hosts: 127.0.0.1        0scan.com
O1 - Hosts: 127.0.0.1        www.1000gratisproben.com
O1 - Hosts: 127.0.0.1        1000gratisproben.com
O1 - Hosts: 127.0.0.1        1001namen.com
O1 - Hosts: 127.0.0.1        www.1001namen.com
O1 - Hosts: 127.0.0.1        100888290cs.com
O1 - Hosts: 127.0.0.1        www.100888290cs.com
O1 - Hosts: 127.0.0.1        www.100sexlinks.com
O1 - Hosts: 127.0.0.1        100sexlinks.com
O1 - Hosts: 127.0.0.1        www.10sek.com
O1 - Hosts: 127.0.0.1        10sek.com
O1 - Hosts: 127.0.0.1        www.1-2005-search.com
O1 - Hosts: 127.0.0.1        1-2005-search.com
O1 - Hosts: 127.0.0.1        www.123fporn.info
O1 - Hosts: 15324 more lines...
O2:64bit: - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Programme\Classic Shell\ClassicExplorer64.dll (IvoSoft)
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (ClassicIE9BHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Programme\Classic Shell\ClassicIE9DLL_64.dll (IvoSoft)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Programme\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Toolbar BHO) - {a235e1e3-6296-4710-af39-104a7faa6c7c} - C:\PROGRA~2\FROMDO~2\bar\1.bin\65bar.dll File not found
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (ClassicIE9BHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Programme\Classic Shell\ClassicIE9DLL_32.dll (IvoSoft)
O2 - BHO: (Search Assistant BHO) - {f236ca79-3123-4afb-9f74-e98117ad5625} - C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65SrcAs.dll (MindSpark)
O3:64bit: - HKLM\..\Toolbar: (no name) - {0124123D-61B4-456f-AF86-78C53A0790C5} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Programme\Classic Shell\ClassicExplorer64.dll (IvoSoft)
O3 - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Programme\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {5786D022-540E-4699-B350-B4BE0AE94B79} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\Alps\GlidePoint\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [FromDocToPDF Home Page Guard 64 bit] "C:\PROGRA~2\FROMDO~2\bar\1.bin\AppIntegrator64.exe" File not found
O4:64bit: - HKLM..\Run: [MsmqIntCert] C:\WINDOWS\SysNative\mqrt.dll (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [BingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe (Microsoft Corp.)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [FromDocToPDF Search Scope Monitor] "C:\PROGRA~2\FROMDO~2\bar\1.bin\65srchmn.exe" /m=2 /w /h File not found
O4 - HKLM..\Run: [FromDocToPDF_65 Browser Plugin Loader] C:\PROGRA~2\FROMDO~2\bar\1.bin\65brmon.exe (VER_COMPANY_NAME)
O4 - HKLM..\Run: [G Data AntiVirus Tray] C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG)
O4 - HKLM..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (G Data Software AG)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [Ulead AutoDetector v2] C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe (Ulead Systems, Inc.)
O4 - HKCU..\Run: [DriverMax] C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe (Innovative Solutions)
O4 - HKCU..\Run: [DriverMax_RESTART] C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe (Innovative Solutions)
O4 - HKCU..\Run: [FileHippo.com] C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKCU..\Run: [Spybot-S&D Cleaning] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [StartMenuX] C:\Programme\Start Menu X\StartMenuX.exe (OrdinarySoft)
O4 - Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk = C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O8:64bit: - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Classic IE9 Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Programme\Classic Shell\ClassicIE9_32.exe (IvoSoft)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Classic IE9 Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Programme\Classic Shell\ClassicIE9_32.exe (IvoSoft)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000019 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000020 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp64.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (NVIDIA Smart Scan)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9BB74F8C-7AA9-45FE-9694-463B95EB47C5}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~4\Wincert\WIN64C~1.DLL) - C:\ProgramData\Wincert\win64cert.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe) - c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{1cf985d4-a6b6-11e2-80af-00222002dc27}\Shell - "" = AutoRun
O33 - MountPoints2\{1cf985d4-a6b6-11e2-80af-00222002dc27}\Shell\AutoRun\command - "" = "F:\LGAutoRun.exe"
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: x64 - (C:\Program Files (x86)\Search Results Toolbar\Datamngr\x64\apcrtldr.dll) -  File not found
O36 - AppCertDlls: x86 - (C:\Program Files (x86)\Search Results Toolbar\Datamngr\apcrtldr.dll) -  File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.06.15 17:00:13 | 000,000,000 | ---D | C] -- C:\Stinger_Quarantine
[2013.06.15 16:58:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\stinger
[2013.06.14 15:58:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Digeus
[2013.06.14 15:42:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FromDocToPDF_65
[2013.06.13 10:17:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013.06.13 10:17:38 | 000,000,000 | ---D | C] -- C:\JRT
[2013.06.13 01:43:35 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2013.06.13 01:10:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2013.06.12 22:51:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bing-Desktop
[2013.06.12 22:49:58 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptdlg.dll
[2013.06.12 22:49:58 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cryptdlg.dll
[2013.06.12 22:36:23 | 001,889,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\crypt32.dll
[2013.06.12 22:36:22 | 001,255,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\certutil.exe
[2013.06.12 22:36:22 | 001,013,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\certutil.exe
[2013.06.12 22:36:22 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptnet.dll
[2013.06.12 22:35:49 | 000,733,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32spl.dll
[2013.06.12 22:35:32 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2013.06.12 22:35:22 | 000,915,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uxtheme.dll
[2013.06.12 22:35:21 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2013.06.12 22:35:21 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2013.06.12 22:35:21 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2013.06.12 22:35:21 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2013.06.12 22:35:20 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UXInit.dll
[2013.06.12 22:35:20 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UXInit.dll
[2013.06.12 22:34:59 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tssdisai.dll
[2013.06.12 22:17:12 | 013,644,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2013.06.12 22:17:09 | 010,788,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2013.06.12 22:17:07 | 001,131,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2013.06.12 22:17:06 | 010,116,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2013.06.12 22:17:02 | 000,470,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netprofmsvc.dll
[2013.06.12 22:17:01 | 008,857,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2013.06.12 22:17:00 | 002,305,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2013.06.12 22:17:00 | 000,820,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gpprefcl.dll
[2013.06.12 22:17:00 | 000,760,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2013.06.12 22:16:59 | 002,035,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2013.06.12 22:16:59 | 000,014,848 | ---- | C] (Microsoft) -- C:\WINDOWS\SysWow64\rars.rs
[2013.06.12 22:16:59 | 000,014,848 | ---- | C] (Microsoft) -- C:\WINDOWS\SysNative\rars.rs
[2013.06.12 22:16:58 | 000,708,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.dll
[2013.06.12 22:16:58 | 000,621,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2013.06.12 22:16:58 | 000,446,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBHUB3.SYS
[2013.06.12 22:16:58 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BCP47Langs.dll
[2013.06.12 22:16:58 | 000,330,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\stobject.dll
[2013.06.12 22:16:58 | 000,328,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ubpm.dll
[2013.06.12 22:16:58 | 000,247,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ubpm.dll
[2013.06.12 22:16:56 | 000,812,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Magnify.exe
[2013.06.12 22:16:56 | 000,560,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll
[2013.06.12 22:16:56 | 000,213,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\UCX01000.SYS
[2013.06.12 22:16:56 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netplwiz.dll
[2013.06.12 22:16:56 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netplwiz.dll
[2013.06.12 22:16:56 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\psmsrv.dll
[2013.06.12 22:16:55 | 001,619,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll
[2013.06.12 22:16:55 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Magnify.exe
[2013.06.12 22:16:55 | 000,501,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevicePairing.dll
[2013.06.12 22:16:55 | 000,449,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DevicePairing.dll
[2013.06.12 22:16:55 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\intl.cpl
[2013.06.12 22:16:55 | 000,284,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2013.06.12 22:16:55 | 000,120,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AuthHost.exe
[2013.06.12 22:16:55 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hidclass.sys
[2013.06.12 22:16:55 | 000,058,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2013.06.12 22:16:54 | 000,582,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gpprefcl.dll
[2013.06.12 22:16:54 | 000,411,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
[2013.06.12 22:16:54 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\intl.cpl
[2013.06.12 22:16:54 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll
[2013.06.12 22:16:54 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bisrv.dll
[2013.06.12 22:16:54 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll
[2013.06.12 22:16:54 | 000,122,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\biwinrt.dll
[2013.06.12 22:16:54 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\biwinrt.dll
[2013.06.12 22:16:53 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BCP47Langs.dll
[2013.06.12 22:16:53 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuwebv.dll
[2013.06.12 22:16:53 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuwebv.dll
[2013.06.12 22:16:53 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2013.06.12 22:16:53 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2013.06.12 22:16:53 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapp.exe
[2013.06.12 22:16:53 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapp.exe
[2013.06.12 22:16:53 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\muifontsetup.dll
[2013.06.12 22:16:53 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\muifontsetup.dll
[2013.06.12 22:16:37 | 001,257,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel32.dll
[2013.06.12 22:16:31 | 001,300,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32.dll
[2013.06.12 22:16:29 | 000,888,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autochk.exe
[2013.06.12 22:16:29 | 000,793,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\autochk.exe
[2013.06.12 22:16:29 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\untfs.dll
[2013.06.12 22:16:29 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\untfs.dll
[2013.06.12 16:54:24 | 000,029,712 | ---- | C] (Nitro PDF Software) -- C:\WINDOWS\SysNative\nitrolocalmon2.dll
[2013.06.12 16:54:24 | 000,017,936 | ---- | C] (Nitro PDF Software) -- C:\WINDOWS\SysNative\nitrolocalui2.dll
[2013.06.12 16:54:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nitro
[2013.06.12 16:54:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nitro
[2013.06.12 16:54:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nitro
[2013.06.12 09:26:09 | 000,107,128 | ---- | C] (G Data Software) -- C:\WINDOWS\SysNative\drivers\GRD.sys
[2013.06.11 17:07:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data InternetSecurity 2014
[2013.06.11 16:57:03 | 000,064,824 | ---- | C] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\PktIcpt.sys
[2013.06.11 16:56:23 | 000,068,408 | ---- | C] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\gdwfpcd64.sys
[2013.06.11 16:56:19 | 000,130,392 | ---- | C] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\MiniIcpt.sys
[2013.06.11 16:56:19 | 000,065,368 | ---- | C] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\HookCentre.sys
[2013.06.11 16:56:19 | 000,060,248 | ---- | C] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\GDBehave.sys
[2013.06.11 16:52:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\G Data
[2013.06.11 13:00:51 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Corel
[2013.06.10 20:33:18 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Wise Registry Cleaner
[2013.06.10 20:32:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Registry Cleaner
[2013.06.10 20:32:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wise
[2013.06.08 18:04:01 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Freemium
[2013.06.08 17:58:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SoftwareUpdater
[2013.06.08 17:58:56 | 000,000,000 | ---D | C] -- C:\ProgramData\FreeSystemUtilities
[2013.06.08 17:58:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2013.06.06 21:13:32 | 000,524,016 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\drivers\SynTP.sys
[2013.06.06 21:13:32 | 000,264,432 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynTPAPI.dll
[2013.06.06 21:13:32 | 000,192,240 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynTPCo19.dll
[2013.06.06 21:13:32 | 000,151,280 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysWow64\SynTPCom.dll
[2013.06.06 21:13:26 | 000,351,984 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysWow64\SynCom.dll
[2013.06.06 11:54:34 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\MrJobs
[2013.05.29 11:00:32 | 002,802,760 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtPgEx64.dll
[2013.05.29 11:00:31 | 001,003,080 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtkApi64.dll
[2013.05.29 11:00:31 | 000,613,448 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtDataProc64.dll
[2013.05.29 11:00:30 | 022,429,696 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RCoRes64.dat
[2013.05.29 11:00:30 | 000,138,824 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RCoInstII64.dll
[2013.05.29 11:00:13 | 000,208,072 | ---- | C] (Andrea Electronics Corporation) -- C:\WINDOWS\SysNative\AERTAC64.dll
[2013.05.29 10:47:47 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2013.05.29 10:47:04 | 001,721,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WdfCoInstaller01009.dll
[2013.05.29 10:46:59 | 000,192,240 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynTPCo18.dll
[2013.05.28 11:39:19 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013.05.28 10:12:40 | 003,786,752 | ---- | C] (Qualcomm Atheros Communications, Inc.) -- C:\WINDOWS\SysNative\drivers\athw8x.sys
[2013.05.28 09:58:58 | 000,819,440 | ---- | C] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynCOM.dll
[2013.05.28 09:43:02 | 013,403,168 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvwgf2um.dll
[2013.05.28 09:42:58 | 007,641,832 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvopencl.dll
[2013.05.28 09:42:58 | 006,324,360 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvopencl.dll
[2013.05.28 09:42:57 | 027,775,776 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvoglv64.dll
[2013.05.28 09:42:54 | 021,096,736 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvoglv32.dll
[2013.05.28 09:42:49 | 000,518,944 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFR64.dll
[2013.05.28 09:42:49 | 000,421,152 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFR.dll
[2013.05.28 09:42:48 | 000,550,176 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvFBC64.dll
[2013.05.28 09:42:48 | 000,443,168 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvFBC.dll
[2013.05.28 09:42:47 | 001,511,712 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispgenco6432018.dll
[2013.05.28 09:42:46 | 001,832,224 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispco6432018.dll
[2013.05.28 09:42:45 | 015,143,904 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvd3dumx.dll
[2013.05.28 09:42:44 | 002,942,240 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvid.dll
[2013.05.28 09:42:44 | 002,754,336 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvid.dll
[2013.05.28 09:42:43 | 007,682,960 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuda.dll
[2013.05.28 09:42:43 | 002,363,680 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvenc.dll
[2013.05.28 09:42:43 | 002,002,720 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvenc.dll
[2013.05.28 09:42:42 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcompiler.dll
[2013.05.28 09:42:42 | 009,233,688 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuda.dll
[2013.05.28 09:42:41 | 025,256,224 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcompiler.dll
[2013.05.28 09:42:40 | 002,597,344 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvapi.dll
[2013.05.28 09:36:48 | 000,031,520 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvhdap64.dll
[2013.05.28 09:36:47 | 000,194,848 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\drivers\nvhda64v.sys
[2013.05.28 09:36:47 | 000,072,992 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvapo64v.dll
[2013.05.26 21:01:39 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\elsterformular
[2013.05.26 21:00:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
[2013.05.26 21:00:51 | 000,000,000 | ---D | C] -- C:\ProgramData\elsterformular
[2013.05.26 21:00:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ElsterFormular
[2013.05.23 01:56:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2013.05.23 01:56:41 | 000,017,272 | ---- | C] (Safer Networking Limited) -- C:\WINDOWS\SysNative\sdnclean64.exe
[2013.05.21 21:08:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IsoBuster
[2013.05.21 21:08:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Smart Projects
[2013.05.18 18:08:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2013.05.12 17:32:48 | 007,760,687 | ---- | C] (Boraxsoft) -- C:\Users\Admin\AppData\Roaming\SetupGFD.exe
[2013.05.12 17:32:38 | 005,514,668 | ---- | C] (LIGHTNING UK!) -- C:\Users\Admin\AppData\Roaming\Imgburn.exe
[2013.05.12 17:32:35 | 005,082,084 | ---- | C] (The Public) -- C:\Users\Admin\AppData\Roaming\Avisynth.exe
[2012.12.22 08:13:42 | 002,174,976 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Program Files (x86)\Common Files\atimpenc.dll
[2 C:\Users\Admin\*.tmp files -> C:\Users\Admin\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.06.16 19:35:00 | 000,001,126 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.16 19:32:04 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.06.16 18:40:54 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.06.16 18:39:32 | 000,001,122 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.16 18:38:46 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013.06.16 12:57:38 | 002,160,314 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2013.06.16 12:57:38 | 000,914,792 | ---- | M] () -- C:\WINDOWS\SysNative\perfh007.dat
[2013.06.16 12:57:38 | 000,844,608 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2013.06.16 12:57:38 | 000,217,756 | ---- | M] () -- C:\WINDOWS\SysNative\perfc007.dat
[2013.06.16 12:57:38 | 000,181,826 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2013.06.16 11:43:01 | 000,000,160 | ---- | M] () -- C:\WINDOWS\DeleteOnReboot.bat
[2013.06.14 01:13:44 | 000,002,563 | ---- | M] () -- C:\Users\Public\Desktop\Free System Utilities.lnk
[2013.06.13 01:11:20 | 000,001,074 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013.06.12 22:40:22 | 000,477,288 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2013.06.12 16:54:23 | 000,002,007 | ---- | M] () -- C:\Users\Public\Desktop\Nitro Reader.lnk
[2013.06.12 09:26:09 | 000,107,128 | ---- | M] (G Data Software) -- C:\WINDOWS\SysNative\drivers\GRD.sys
[2013.06.11 17:07:08 | 000,001,982 | ---- | M] () -- C:\Users\Public\Desktop\G Data InternetSecurity 2014.lnk
[2013.06.11 17:06:58 | 000,068,408 | ---- | M] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\gdwfpcd64.sys
[2013.06.11 17:06:57 | 000,130,392 | ---- | M] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\MiniIcpt.sys
[2013.06.11 17:06:57 | 000,065,368 | ---- | M] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\HookCentre.sys
[2013.06.11 17:06:57 | 000,060,248 | ---- | M] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\GDBehave.sys
[2013.06.11 16:57:03 | 000,064,824 | ---- | M] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\PktIcpt.sys
[2013.06.11 09:53:08 | 000,012,800 | ---- | M] () -- C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.06.10 20:39:35 | 000,003,628 | ---- | M] () -- C:\Users\Admin\Documents\cc_20130610_203842.reg
[2013.06.10 20:32:48 | 000,001,235 | ---- | M] () -- C:\Users\Public\Desktop\Wise Registry Cleaner.lnk
[2013.06.09 21:01:13 | 000,015,712 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\SWDUMon.sys
[2013.06.09 18:40:58 | 000,011,479 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2013.06.08 12:05:49 | 000,001,089 | ---- | M] () -- C:\Users\Public\Desktop\Advanced Driver Updater.lnk
[2013.06.06 21:13:32 | 000,524,016 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\drivers\SynTP.sys
[2013.06.06 21:13:32 | 000,264,432 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynTPAPI.dll
[2013.06.06 21:13:32 | 000,192,240 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynTPCo19.dll
[2013.06.06 21:13:32 | 000,151,280 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\SysWow64\SynTPCom.dll
[2013.06.06 21:13:26 | 000,351,984 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\SysWow64\SynCom.dll
[2013.06.06 21:13:25 | 000,819,440 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynCOM.dll
[2013.06.06 01:38:51 | 000,002,187 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.06.05 00:09:22 | 000,693,112 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2013.06.05 00:09:22 | 000,078,200 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2013.06.03 12:18:28 | 000,001,197 | ---- | M] () -- C:\Users\Public\Desktop\DriverScanner.lnk
[2013.05.31 09:07:15 | 000,001,579 | ---- | M] () -- C:\Users\Admin\Desktop\DivX Movies.lnk
[2013.05.31 09:06:55 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2013.05.31 09:06:37 | 000,001,160 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2013.05.31 01:24:29 | 001,257,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel32.dll
[2013.05.29 10:47:04 | 001,721,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WdfCoInstaller01009.dll
[2013.05.29 10:46:59 | 000,192,240 | ---- | M] (Synaptics Incorporated) -- C:\WINDOWS\SysNative\SynTPCo18.dll
[2013.05.28 18:49:26 | 000,029,712 | ---- | M] (Nitro PDF Software) -- C:\WINDOWS\SysNative\nitrolocalmon2.dll
[2013.05.28 18:49:26 | 000,017,936 | ---- | M] (Nitro PDF Software) -- C:\WINDOWS\SysNative\nitrolocalui2.dll
[2013.05.28 11:39:42 | 000,000,826 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.05.28 11:33:07 | 000,001,977 | ---- | M] () -- C:\Users\Admin\Desktop\Update Checker.lnk
[2013.05.28 10:06:59 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2013.05.28 09:50:04 | 000,020,536 | ---- | M] () -- C:\WINDOWS\SysNative\nvinfo.pb
[2013.05.28 09:43:07 | 015,910,736 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvwgf2umx.dll
[2013.05.28 09:43:05 | 013,403,168 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvwgf2um.dll
[2013.05.28 09:42:59 | 006,324,360 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvopencl.dll
[2013.05.28 09:42:58 | 027,775,776 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvoglv64.dll
[2013.05.28 09:42:58 | 007,641,832 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvopencl.dll
[2013.05.28 09:42:57 | 021,096,736 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvoglv32.dll
[2013.05.28 09:42:49 | 000,518,944 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFR64.dll
[2013.05.28 09:42:49 | 000,421,152 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFR.dll
[2013.05.28 09:42:48 | 000,550,176 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvFBC64.dll
[2013.05.28 09:42:48 | 000,443,168 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvFBC.dll
[2013.05.28 09:42:47 | 001,832,224 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispco6432018.dll
[2013.05.28 09:42:47 | 001,511,712 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispgenco6432018.dll
[2013.05.28 09:42:46 | 015,143,904 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvd3dumx.dll
[2013.05.28 09:42:45 | 012,426,216 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvd3dum.dll
[2013.05.28 09:42:44 | 002,942,240 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvid.dll
[2013.05.28 09:42:44 | 002,754,336 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvid.dll
[2013.05.28 09:42:44 | 002,363,680 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvenc.dll
[2013.05.28 09:42:43 | 009,233,688 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuda.dll
[2013.05.28 09:42:43 | 007,682,960 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuda.dll
[2013.05.28 09:42:43 | 002,002,720 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvenc.dll
[2013.05.28 09:42:42 | 025,256,224 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcompiler.dll
[2013.05.28 09:42:42 | 017,560,352 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcompiler.dll
[2013.05.28 09:42:41 | 002,935,696 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvapi64.dll
[2013.05.28 09:42:41 | 002,597,344 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvapi.dll
[2013.05.28 09:36:48 | 001,510,176 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvhdagenco6420103.dll
[2013.05.28 09:36:48 | 000,031,520 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvhdap64.dll
[2013.05.28 09:36:47 | 000,194,848 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\drivers\nvhda64v.sys
[2013.05.28 09:36:47 | 000,072,992 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvapo64v.dll
[2013.05.26 21:00:54 | 000,001,237 | ---- | M] () -- C:\Users\Public\Desktop\ElsterFormular.lnk
[2013.05.26 20:52:13 | 000,172,994 | ---- | M] () -- C:\Users\Admin\Documents\install_anleitung_elfo.pdf
[2013.05.24 01:01:46 | 001,300,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32.dll
[2013.05.23 01:56:46 | 000,001,387 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013.05.21 21:08:13 | 000,001,200 | ---- | M] () -- C:\Users\Admin\Desktop\IsoBuster.lnk
[2013.05.20 10:57:12 | 000,001,136 | ---- | M] () -- C:\Users\Public\Desktop\Prism Videodatei-Konverter.lnk
[2013.05.19 17:37:07 | 335,995,200 | ---- | M] () -- C:\Users\Admin\Documents\PowerDirector_2812_GM5.5_Patch_Patch_VDE130411-03.exe
[2013.05.18 11:04:46 | 000,000,959 | ---- | M] () -- C:\Users\Admin\Desktop\Diashow-Player.lnk
[2013.05.17 20:36:43 | 007,077,671 | ---- | M] () -- C:\Users\Admin\Meine Diashow.wmv
[2 C:\Users\Admin\*.tmp files -> C:\Users\Admin\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.06.15 11:10:43 | 000,000,160 | ---- | C] () -- C:\WINDOWS\DeleteOnReboot.bat
[2013.06.12 22:40:07 | 000,477,288 | ---- | C] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2013.06.12 22:16:53 | 000,386,646 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2013.06.12 16:54:23 | 000,002,007 | ---- | C] () -- C:\Users\Public\Desktop\Nitro Reader.lnk
[2013.06.12 16:54:22 | 000,002,499 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Reader 3.lnk
[2013.06.11 16:56:59 | 000,001,982 | ---- | C] () -- C:\Users\Public\Desktop\G Data InternetSecurity 2014.lnk
[2013.06.10 20:39:05 | 000,003,628 | ---- | C] () -- C:\Users\Admin\Documents\cc_20130610_203842.reg
[2013.06.10 20:32:48 | 000,001,235 | ---- | C] () -- C:\Users\Public\Desktop\Wise Registry Cleaner.lnk
[2013.06.08 17:59:53 | 000,023,624 | ---- | C] () -- C:\WINDOWS\Launcher.exe
[2013.06.08 17:58:57 | 000,002,563 | ---- | C] () -- C:\Users\Public\Desktop\Free System Utilities.lnk
[2013.05.29 11:00:30 | 000,465,645 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\RTAIODAT.DAT
[2013.05.28 10:06:59 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2013.05.26 21:00:54 | 000,001,237 | ---- | C] () -- C:\Users\Public\Desktop\ElsterFormular.lnk
[2013.05.26 20:52:13 | 000,172,994 | ---- | C] () -- C:\Users\Admin\Documents\install_anleitung_elfo.pdf
[2013.05.23 01:56:46 | 000,001,399 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2013.05.23 01:56:46 | 000,001,387 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013.05.21 21:08:13 | 000,001,200 | ---- | C] () -- C:\Users\Admin\Desktop\IsoBuster.lnk
[2013.05.20 10:57:12 | 000,001,148 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prism Videodatei-Konverter.lnk
[2013.05.20 10:57:12 | 000,001,136 | ---- | C] () -- C:\Users\Public\Desktop\Prism Videodatei-Konverter.lnk
[2013.05.19 14:46:25 | 335,995,200 | ---- | C] () -- C:\Users\Admin\Documents\PowerDirector_2812_GM5.5_Patch_Patch_VDE130411-03.exe
[2013.05.17 20:35:10 | 007,077,671 | ---- | C] () -- C:\Users\Admin\Meine Diashow.wmv
[2013.05.17 01:28:56 | 009,687,294 | ---- | C] () -- C:\Users\Admin\Nilkreuzfahrt 2013.ads
[2013.05.12 17:32:46 | 005,243,208 | ---- | C] (                                                            ) -- C:\Users\Admin\AppData\Roaming\AvsP.exe
[2013.05.12 17:32:43 | 001,357,348 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\MatroskaSplitter.exe
[2013.05.12 17:32:40 | 000,117,723 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\yuvcodecs-1.3.exe
[2013.05.11 19:30:23 | 000,000,196 | ---- | C] () -- C:\WINDOWS\ulead32.ini
[2013.04.09 02:32:45 | 000,011,479 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2013.03.17 18:21:19 | 000,012,800 | ---- | C] () -- C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.01.29 03:58:17 | 002,079,580 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2012.12.31 00:46:12 | 000,000,209 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012.12.27 18:56:29 | 000,000,026 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2012.12.24 01:15:29 | 001,035,321 | ---- | C] () -- C:\WINDOWS\SysWow64\sig.bin
[2012.12.22 12:53:43 | 000,020,992 | ---- | C] () -- C:\WINDOWS\SysWow64\NC_INST.DLL
[2012.12.21 04:20:35 | 000,246,862 | ---- | C] () -- C:\WINDOWS\hpoins40.dat
[2012.12.21 04:20:35 | 000,000,909 | ---- | C] () -- C:\WINDOWS\hpomdl40.dat
[2012.12.21 02:36:27 | 000,083,968 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2012.07.26 10:13:10 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2012.07.26 10:13:09 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2012.07.26 09:21:26 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012.07.26 03:17:42 | 000,043,520 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2012.07.25 22:37:29 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2012.07.25 22:28:31 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2012.06.02 16:31:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2011.10.08 13:02:40 | 000,001,024 | ---- | C] () -- C:\Users\Admin\.rnd
 
========== ZeroAccess Check ==========
 
[2012.12.24 01:21:30 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.03.06 08:31:28 | 019,758,592 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.03.06 07:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Custom Scans ==========
 
< c:\windows\Tasks\* /s >
[2013.06.16 20:32:09 | 000,000,884 | ---- | M] () -- c:\windows\Tasks\Adobe Flash Player Updater.job
[2013.06.16 18:39:32 | 000,001,122 | ---- | M] () -- c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.06.16 19:35:00 | 000,001,126 | ---- | M] () -- c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013.06.16 18:39:02 | 000,000,006 | -H-- | M] () -- c:\windows\Tasks\SA.DAT
 
< c:\windows\system32\Tasks\* /s >
 
<          >
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:DFC5A2B2

< End of report >
--- --- ---

schrauber 17.06.2013 08:17
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

luci4712 17.06.2013 14:05
Log

Combofix Logfile:
Code:
ComboFix 13-06-17.01 - Admin 17.06.2013  14:29:00.1.2 - x64
Microsoft Windows 8 Pro with Media Center  6.2.9200.0.1252.49.1031.18.3838.2269 [GMT 2:00]
ausgeführt von:: c:\users\Admin\Downloads\ComboFix.exe
AV: G Data InternetSecurity 2014 *Disabled/Updated* {39B780B4-63C2-05B0-3B40-8F7A21E4F496}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G Data Personal Firewall *Disabled* {018C0191-29AD-04E8-101F-264FDF37B3ED}
SP: G Data InternetSecurity 2014 *Disabled/Updated* {82D66150-45F8-0A3E-01F0-B4085A63BE2B}
SP: Spybot - Search and Destroy *Disabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Wincert\WIN32C~1.DLL
c:\users\Admin\AppData\Roaming\Avisynth.exe
c:\users\Admin\AppData\Roaming\AvsP.exe
c:\users\Admin\AppData\Roaming\ImgBurn.exe
c:\users\Admin\AppData\Roaming\MatroskaSplitter.exe
c:\users\Admin\AppData\Roaming\SetupGFD.exe
c:\users\Admin\AppData\Roaming\yuvcodecs-1.3.exe
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((  Dateien erstellt von 2013-05-17 bis 2013-06-17  ))))))))))))))))))))))))))))))
.
.
2013-06-17 12:42 . 2013-06-17 12:42        --------        d-----w-        c:\users\DefaultAppPool\AppData\Local\temp
2013-06-17 12:42 . 2013-06-17 12:42        --------        d-----w-        c:\users\Default\AppData\Local\temp
2013-06-17 12:42 . 2013-06-17 12:42        --------        d-----w-        c:\users\Classic .NET AppPool\AppData\Local\temp
2013-06-17 12:42 . 2013-06-17 12:42        --------        d-----w-        c:\users\.NET v4.5\AppData\Local\temp
2013-06-17 12:42 . 2013-06-17 12:42        --------        d-----w-        c:\users\.NET v4.5 Classic\AppData\Local\temp
2013-06-16 20:26 . 2013-06-16 20:26        --------        d-----w-        c:\program files\ESET
2013-06-15 15:00 . 2013-06-16 08:02        --------        d-----w-        C:\Stinger_Quarantine
2013-06-14 13:58 . 2013-06-17 09:03        --------        d-----w-        c:\program files (x86)\Digeus
2013-06-14 13:42 . 2013-06-14 13:42        --------        d-----w-        c:\program files (x86)\FromDocToPDF_65
2013-06-14 12:40 . 2013-06-17 10:07        --------        d-----w-        c:\program files\SmartPCFixer
2013-06-13 23:13 . 2013-06-17 09:03        --------        d-----w-        c:\program files (x86)\Covus Freemium
2013-06-13 08:17 . 2013-06-13 08:17        --------        d-----w-        c:\windows\ERUNT
2013-06-13 08:17 . 2013-06-17 10:05        --------        d-----w-        C:\JRT
2013-06-12 23:10 . 2013-06-12 23:10        --------        d-----w-        c:\program files (x86)\VideoLAN
2013-06-12 21:06 . 2013-03-26 15:59        92256        ----a-w-        c:\programdata\Microsoft\BingDesktop\Updater\BingDesktopRestarter.exe
2013-06-12 20:50 . 2013-05-10 02:42        17271808        ----a-w-        c:\program files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-06-12 20:50 . 2013-05-10 02:21        16642560        ----a-w-        c:\program files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-06-12 20:49 . 2013-04-02 23:37        25088        ----a-w-        c:\windows\SysWow64\cryptdlg.dll
2013-06-12 20:49 . 2013-04-02 23:12        30720        ----a-w-        c:\windows\system32\cryptdlg.dll
2013-06-12 20:36 . 2013-04-23 23:12        1569792        ----a-w-        c:\windows\SysWow64\crypt32.dll
2013-06-12 20:36 . 2013-04-23 22:55        1889280        ----a-w-        c:\windows\system32\crypt32.dll
2013-06-12 20:36 . 2013-04-23 23:13        1013248        ----a-w-        c:\windows\SysWow64\certutil.exe
2013-06-12 20:36 . 2013-04-23 23:12        109056        ----a-w-        c:\windows\SysWow64\cryptnet.dll
2013-06-12 20:36 . 2013-04-23 22:56        1255936        ----a-w-        c:\windows\system32\certutil.exe
2013-06-12 20:36 . 2013-04-23 22:55        68096        ----a-w-        c:\windows\system32\cryptsvc.dll
2013-06-12 20:36 . 2013-04-23 22:55        141312        ----a-w-        c:\windows\system32\cryptnet.dll
2013-06-12 20:36 . 2013-05-04 07:45        2233600        ----a-w-        c:\windows\system32\drivers\tcpip.sys
2013-06-12 20:34 . 2013-05-15 22:35        144384        ----a-w-        c:\windows\system32\tssdisai.dll
2013-06-12 20:16 . 2013-05-04 04:57        1637376        ----a-w-        c:\program files (x86)\Windows Photo Viewer\PhotoViewer.dll
2013-06-12 14:54 . 2013-05-28 16:49        29712        ----a-w-        c:\windows\system32\nitrolocalmon2.dll
2013-06-12 14:54 . 2013-05-28 16:49        17936        ----a-w-        c:\windows\system32\nitrolocalui2.dll
2013-06-12 14:54 . 2013-06-12 14:54        --------        d-----w-        c:\program files\Common Files\Nitro
2013-06-12 14:54 . 2013-06-12 14:54        --------        d-----w-        c:\program files (x86)\Nitro
2013-06-12 14:54 . 2013-06-12 14:54        --------        d-----w-        c:\program files (x86)\Common Files\Nitro
2013-06-12 07:26 . 2013-06-12 07:26        107128        ----a-w-        c:\windows\system32\drivers\GRD.sys
2013-06-11 21:57 . 2013-06-11 21:57        893552        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2013-06-11 21:57 . 2013-06-11 21:57        42776        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2013-06-11 15:37 . 2013-06-11 15:37        --------        d-----w-        c:\windows\SysWow64\wbem\Logs
2013-06-11 14:57 . 2013-06-11 14:57        64824        ----a-w-        c:\windows\system32\drivers\PktIcpt.sys
2013-06-11 14:56 . 2013-06-11 15:06        68408        ----a-w-        c:\windows\system32\drivers\gdwfpcd64.sys
2013-06-11 14:56 . 2013-06-11 15:06        65368        ----a-w-        c:\windows\system32\drivers\HookCentre.sys
2013-06-11 14:56 . 2013-06-11 15:06        60248        ----a-w-        c:\windows\system32\drivers\GDBehave.sys
2013-06-11 14:56 . 2013-06-11 15:06        130392        ----a-w-        c:\windows\system32\drivers\MiniIcpt.sys
2013-06-11 14:52 . 2013-06-11 14:53        --------        d-----w-        c:\program files (x86)\Common Files\G Data
2013-06-11 11:00 . 2013-06-11 11:00        --------        d-----w-        c:\users\Admin\AppData\Roaming\Corel
2013-06-10 18:33 . 2013-06-17 10:07        --------        d-----w-        c:\users\Admin\AppData\Roaming\Wise Registry Cleaner
2013-06-10 18:32 . 2013-06-10 18:32        --------        d-----w-        c:\program files (x86)\Wise
2013-06-08 16:04 . 2013-06-08 16:04        --------        d-----w-        c:\users\Admin\AppData\Local\Freemium
2013-06-08 15:59 . 2013-05-13 03:52        23624        ----a-w-        c:\windows\Launcher.exe
2013-06-08 15:58 . 2013-06-08 15:59        --------        d-----w-        c:\program files (x86)\SoftwareUpdater
2013-06-08 15:58 . 2013-06-08 15:58        --------        d-----w-        c:\programdata\FreeSystemUtilities
2013-06-08 15:58 . 2013-06-08 15:58        --------        d-----w-        c:\programdata\Package Cache
2013-06-06 19:13 . 2013-06-06 19:13        524016        ----a-w-        c:\windows\system32\drivers\SynTP.sys
2013-06-06 19:13 . 2013-06-06 19:13        264432        ----a-w-        c:\windows\system32\SynTPAPI.dll
2013-06-06 19:13 . 2013-06-06 19:13        192240        ----a-w-        c:\windows\system32\SynTPCo19.dll
2013-06-06 19:13 . 2013-06-06 19:13        151280        ----a-w-        c:\windows\SysWow64\SynTPCom.dll
2013-06-06 19:13 . 2013-06-06 19:13        351984        ----a-w-        c:\windows\SysWow64\SynCom.dll
2013-06-06 09:54 . 2013-06-06 09:54        --------        d-----w-        c:\users\Admin\AppData\Roaming\MrJobs
2013-05-29 09:00 . 2013-04-17 18:11        3355336        ----a-w-        c:\windows\system32\drivers\RTKVHD64.sys
2013-05-29 09:00 . 2013-04-10 15:22        2802760        ----a-w-        c:\windows\system32\RtPgEx64.dll
2013-05-29 09:00 . 2013-04-16 14:21        1003080        ----a-w-        c:\windows\system32\RtkApi64.dll
2013-05-29 09:00 . 2013-04-03 20:02        613448        ----a-w-        c:\windows\system32\RtDataProc64.dll
2013-05-29 09:00 . 2013-04-17 11:30        22429696        ----a-w-        c:\windows\system32\RCoRes64.dat
2013-05-29 09:00 . 2013-04-11 12:35        138824        ----a-w-        c:\windows\system32\RCoInstII64.dll
2013-05-29 09:00 . 2013-03-23 01:43        208072        ----a-w-        c:\windows\system32\AERTAC64.dll
2013-05-29 08:47 . 2013-05-29 08:47        --------        d-----w-        c:\program files\Synaptics
2013-05-29 08:47 . 2013-05-29 08:47        1721576        ----a-w-        c:\windows\system32\WdfCoInstaller01009.dll
2013-05-29 08:46 . 2013-05-29 08:46        192240        ----a-w-        c:\windows\system32\SynTPCo18.dll
2013-05-28 09:39 . 2013-05-28 10:00        --------        d-----w-        c:\program files\Google
2013-05-28 08:12 . 2013-04-22 16:52        3786752        ----a-w-        c:\windows\system32\drivers\athw8x.sys
2013-05-28 07:58 . 2013-06-06 19:13        819440        ----a-w-        c:\windows\system32\SynCOM.dll
2013-05-28 07:43 . 2013-05-28 07:43        13403168        ----a-w-        c:\windows\SysWow64\nvwgf2um.dll
2013-05-28 07:36 . 2013-05-28 07:36        31520        ----a-w-        c:\windows\system32\nvhdap64.dll
2013-05-28 07:36 . 2013-05-28 07:36        72992        ----a-w-        c:\windows\system32\nvapo64v.dll
2013-05-28 07:36 . 2013-05-28 07:36        194848        ----a-w-        c:\windows\system32\drivers\nvhda64v.sys
2013-05-26 19:01 . 2013-05-26 19:01        --------        d-----w-        c:\users\Admin\AppData\Roaming\elsterformular
2013-05-26 19:00 . 2013-05-26 19:01        --------        d-----w-        c:\programdata\elsterformular
2013-05-26 19:00 . 2013-05-26 19:04        --------        d-----w-        c:\program files (x86)\ElsterFormular
2013-05-22 23:56 . 2009-01-25 11:14        17272        ----a-w-        c:\windows\system32\sdnclean64.exe
2013-05-21 19:08 . 2013-05-21 19:08        --------        d-----w-        c:\program files (x86)\Smart Projects
2013-05-18 16:08 . 2013-05-18 16:09        --------        d-----w-        c:\program files (x86)\Mozilla Thunderbird
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-17 10:38 . 2013-01-27 02:40        4194304        ----a-w-        c:\windows\ServiceProfiles\NetworkService\msmqlog.bin
2013-06-12 20:17 . 2012-12-21 01:32        75825640        ----a-w-        c:\windows\system32\MRT.exe
2013-06-09 19:01 . 2013-05-07 20:17        15712        ----a-w-        c:\windows\system32\drivers\SWDUMon.sys
2013-06-04 22:09 . 2013-04-10 01:13        78200        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-04 22:09 . 2013-04-10 01:13        693112        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-28 07:43 . 2012-07-25 20:22        15910736        ----a-w-        c:\windows\system32\nvwgf2umx.dll
2013-05-28 07:42 . 2013-02-21 01:08        12426216        ----a-w-        c:\windows\SysWow64\nvd3dum.dll
2013-05-28 07:42 . 2013-01-26 20:19        2935696        ----a-w-        c:\windows\system32\nvapi64.dll
2013-05-28 07:36 . 2013-01-26 20:19        1510176        ----a-w-        c:\windows\system32\nvhdagenco6420103.dll
2013-05-12 20:34 . 2013-01-26 20:24        3514656        ----a-w-        c:\windows\system32\nvsvc64.dll
2013-05-12 20:34 . 2013-01-26 20:24        6491936        ----a-w-        c:\windows\system32\nvcpl.dll
2013-05-12 20:34 . 2013-01-26 20:24        884512        ----a-w-        c:\windows\system32\nvvsvc.exe
2013-05-12 20:34 . 2013-01-26 20:24        63776        ----a-w-        c:\windows\system32\nvshext.dll
2013-05-12 20:34 . 2013-01-26 20:24        2555680        ----a-w-        c:\windows\system32\nvsvcr.dll
2013-05-12 20:34 . 2013-01-26 20:24        237856        ----a-w-        c:\windows\system32\nvmctray.dll
2013-05-10 13:36 . 2013-05-10 13:36        564824        ----a-w-        c:\windows\system32\drivers\sptd.sys
2013-05-08 16:32 . 2012-07-26 08:13        22240        ----a-w-        c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-06 03:32 . 2013-05-06 03:32        364944        ----a-w-        c:\windows\system32\drivers\ETD.sys
2013-04-16 02:34 . 2013-05-15 06:54        1455368        ----a-w-        c:\windows\system32\drivers\dxgkrnl.sys
2013-04-13 05:56 . 2013-05-15 06:46        444416        ----a-w-        c:\windows\apppatch\AcSpecfc.dll
2013-04-13 02:59 . 2012-12-23 11:40        16944        ----a-w-        c:\windows\system32\drivers\GdPhyMem.sys
2013-04-11 06:40 . 2013-05-15 00:32        6987528        ----a-w-        c:\windows\system32\ntoskrnl.exe
2013-04-09 05:33 . 2013-05-14 23:41        446792        ----a-w-        c:\windows\system32\AudioSes.dll
2013-04-09 05:33 . 2013-05-14 23:41        489576        ----a-w-        c:\windows\system32\AudioEng.dll
2013-04-09 05:33 . 2013-05-14 23:41        253544        ----a-w-        c:\windows\system32\audiodg.exe
2013-04-09 05:20 . 2013-05-14 23:41        306952        ----a-w-        c:\windows\system32\kd_02_10ec.dll
2013-04-09 05:20 . 2013-05-14 23:41        86280        ----a-w-        c:\windows\system32\kdnet.dll
2013-04-09 05:18 . 2013-05-14 23:41        77960        ----a-w-        c:\windows\system32\kdvm.dll
2013-04-09 05:17 . 2013-05-14 23:41        1829408        ----a-w-        c:\windows\system32\ntdll.dll
2013-04-09 04:52 . 2013-05-14 23:41        816128        ----a-w-        c:\windows\system32\SearchIndexer.exe
2013-04-09 04:52 . 2013-05-14 23:41        373760        ----a-w-        c:\windows\system32\SearchProtocolHost.exe
2013-04-09 04:52 . 2013-05-14 23:41        197120        ----a-w-        c:\windows\system32\SearchFilterHost.exe
2013-04-09 04:52 . 2013-05-14 23:41        126464        ----a-w-        c:\windows\system32\Robocopy.exe
2013-04-09 04:52 . 2013-05-14 23:41        804352        ----a-w-        c:\windows\system32\RecoveryDrive.exe
2013-04-09 04:51 . 2013-05-14 23:41        367616        ----a-w-        c:\windows\system32\conhost.exe
2013-04-09 04:51 . 2013-05-14 23:41        523264        ----a-w-        c:\windows\system32\XpsGdiConverter.dll
2013-04-09 04:51 . 2013-05-14 23:41        456704        ----a-w-        c:\windows\system32\wpncore.dll
2013-04-09 04:51 . 2013-05-14 23:41        99840        ----a-w-        c:\windows\system32\wscsvc.dll
2013-04-09 04:51 . 2013-05-14 23:41        14267904        ----a-w-        c:\windows\system32\wmp.dll
2013-04-09 04:51 . 2013-05-14 23:41        595456        ----a-w-        c:\windows\system32\Windows.Networking.dll
2013-04-09 04:51 . 2013-05-14 23:41        391168        ----a-w-        c:\windows\system32\Windows.Networking.BackgroundTransfer.dll
2013-04-09 04:51 . 2013-05-14 23:41        3552768        ----a-w-        c:\windows\system32\tquery.dll
2013-04-09 04:50 . 2013-05-14 23:40        414720        ----a-w-        c:\windows\system32\GenuineCenter.dll
2013-04-09 04:50 . 2013-05-14 23:41        1285632        ----a-w-        c:\windows\system32\schedsvc.dll
2013-04-09 04:50 . 2013-05-14 23:41        422400        ----a-w-        c:\windows\system32\schannel.dll
2013-04-09 04:50 . 2013-05-14 23:41        2107904        ----a-w-        c:\windows\system32\mssrch.dll
2013-04-09 04:50 . 2013-05-14 23:40        745984        ----a-w-        c:\windows\system32\mssvp.dll
2013-04-09 04:50 . 2013-05-14 23:40        96256        ----a-w-        c:\windows\system32\mssprxy.dll
2013-04-09 04:50 . 2013-05-14 23:41        435200        ----a-w-        c:\windows\system32\mssph.dll
2013-04-09 04:50 . 2013-05-14 23:40        65024        ----a-w-        c:\windows\system32\msscntrs.dll
2013-04-09 04:50 . 2013-05-14 23:40        13824        ----a-w-        c:\windows\system32\msshooks.dll
2013-04-09 04:49 . 2013-05-14 23:41        1444864        ----a-w-        c:\windows\system32\MSAudDecMFT.dll
2013-04-09 04:49 . 2013-05-14 23:41        468992        ----a-w-        c:\windows\system32\MFMediaEngine.dll
2013-04-09 04:49 . 2013-05-14 23:41        281088        ----a-w-        c:\windows\system32\mfreadwrite.dll
2013-04-09 04:49 . 2013-05-14 23:41        817152        ----a-w-        c:\windows\system32\kerberos.dll
2013-04-09 04:49 . 2013-05-14 23:41        210432        ----a-w-        c:\windows\system32\iuilp.dll
2013-04-09 04:49 . 2013-05-14 23:41        231936        ----a-w-        c:\windows\system32\fhengine.dll
2013-04-09 04:49 . 2013-05-14 23:40        50176        ----a-w-        c:\windows\system32\fmifs.dll
2013-04-09 04:49 . 2013-05-14 23:41        172544        ----a-w-        c:\windows\system32\dwmredir.dll
2013-04-09 04:49 . 2013-05-14 23:41        196096        ----a-w-        c:\windows\system32\dmvdsitf.dll
2013-04-09 04:48 . 2013-05-14 23:41        785408        ----a-w-        c:\windows\system32\audiosrv.dll
2013-04-09 04:48 . 2013-05-14 23:41        169472        ----a-w-        c:\windows\system32\AudioEndpointBuilder.dll
2013-04-09 02:35 . 2013-05-14 23:41        4038144        ----a-w-        c:\windows\system32\win32k.sys
2013-04-09 02:34 . 2013-05-14 23:41        95744        ----a-w-        c:\windows\system32\drivers\hidbth.sys
2013-04-09 02:33 . 2013-05-14 23:40        60416        ----a-w-        c:\windows\system32\drivers\ndproxy.sys
2013-04-09 02:33 . 2013-05-14 23:41        623104        ----a-w-        c:\windows\system32\drivers\srv2.sys
2013-04-09 02:32 . 2013-05-14 23:41        805376        ----a-w-        c:\windows\system32\drivers\PEAuth.sys
2013-04-09 02:31 . 2013-05-14 23:41        247808        ----a-w-        c:\windows\system32\drivers\srvnet.sys
2013-04-09 02:31 . 2013-05-14 23:40        83456        ----a-w-        c:\windows\system32\drivers\wanarp.sys
2013-04-08 23:44 . 2013-05-14 23:41        123880        ----a-w-        c:\windows\SysWow64\wscapi.dll
2013-04-08 23:39 . 2013-05-14 23:41        1408896        ----a-w-        c:\windows\SysWow64\ntdll.dll
2013-04-08 23:37 . 2013-05-14 23:41        426024        ----a-w-        c:\windows\SysWow64\AudioEng.dll
2013-04-08 23:37 . 2013-05-14 23:41        324368        ----a-w-        c:\windows\SysWow64\AudioSes.dll
2013-04-08 21:52 . 2013-05-14 23:41        302592        ----a-w-        c:\windows\SysWow64\SearchProtocolHost.exe
2013-04-08 21:52 . 2013-05-14 23:41        670208        ----a-w-        c:\windows\SysWow64\SearchIndexer.exe
2013-04-08 21:52 . 2013-05-14 23:41        171008        ----a-w-        c:\windows\SysWow64\SearchFilterHost.exe
2013-04-08 21:52 . 2013-05-14 23:41        106496        ----a-w-        c:\windows\SysWow64\Robocopy.exe
2013-04-08 21:52 . 2013-05-14 23:41        364544        ----a-w-        c:\windows\SysWow64\XpsGdiConverter.dll
2013-04-08 21:51 . 2013-05-14 23:41        411136        ----a-w-        c:\windows\SysWow64\Windows.Networking.dll
2013-04-08 21:51 . 2013-05-14 23:41        268800        ----a-w-        c:\windows\SysWow64\Windows.Networking.BackgroundTransfer.dll
2013-04-08 21:51 . 2013-05-14 23:41        2767360        ----a-w-        c:\windows\SysWow64\tquery.dll
2013-04-08 21:51 . 2013-05-14 23:41        324096        ----a-w-        c:\windows\SysWow64\schannel.dll
2013-04-08 21:51 . 2013-05-14 23:41        1593344        ----a-w-        c:\windows\SysWow64\mssrch.dll
2013-04-08 21:51 . 2013-05-14 23:41        403968        ----a-w-        c:\windows\SysWow64\mssph.dll
2013-04-08 21:51 . 2013-05-14 23:41        659456        ----a-w-        c:\windows\SysWow64\mssvp.dll
2013-04-08 21:51 . 2013-05-14 23:40        35328        ----a-w-        c:\windows\SysWow64\mssprxy.dll
2013-04-08 21:51 . 2013-05-14 23:40        186880        ----a-w-        c:\windows\SysWow64\mssphtb.dll
2013-04-08 21:51 . 2013-05-14 23:40        10752        ----a-w-        c:\windows\SysWow64\msshooks.dll
2013-04-08 21:51 . 2013-05-14 23:41        1113600        ----a-w-        c:\windows\SysWow64\MSAudDecMFT.dll
2013-04-08 21:51 . 2013-05-14 23:41        214528        ----a-w-        c:\windows\SysWow64\mfreadwrite.dll
2013-04-08 21:51 . 2013-05-14 23:40        361984        ----a-w-        c:\windows\SysWow64\MFMediaEngine.dll
2013-04-08 21:51 . 2013-05-14 23:41        656896        ----a-w-        c:\windows\SysWow64\kerberos.dll
2013-04-08 21:51 . 2013-05-14 23:40        41984        ----a-w-        c:\windows\SysWow64\fmifs.dll
2013-04-08 21:51 . 2013-05-14 23:41        155648        ----a-w-        c:\windows\SysWow64\dmvdsitf.dll
2013-04-04 23:30 . 2013-05-14 23:41        503080        ----a-w-        c:\windows\system32\ci.dll
2013-04-04 12:50 . 2013-01-14 14:21        25928        ----a-w-        c:\windows\system32\drivers\mbam.sys
2013-04-01 12:06 . 2012-12-21 03:38        2079816        ----a-w-        c:\windows\RtlExUpd.dll
2013-03-31 16:10 . 2013-03-31 16:10        1807136        ----a-w-        c:\windows\system32\nvdispco6431422.dll
2013-03-31 16:10 . 2013-03-31 16:10        1510176        ----a-w-        c:\windows\system32\nvdispgenco6431422.dll
2013-03-30 18:16 . 2013-05-14 23:41        1403784        ----a-w-        c:\windows\system32\winload.efi
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{a235e1e3-6296-4710-af39-104a7faa6c7c}]
2013-06-14 13:42        708168        ----a-w-        c:\progra~2\FROMDO~2\bar\1.bin\65bar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{f236ca79-3123-4afb-9f74-e98117ad5625}]
2013-06-14 13:42        62864        ----a-w-        c:\program files (x86)\FromDocToPDF_65\bar\1.bin\65SrcAs.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{c66a678d-5e6c-4af9-8f57-c6192f42cf74}"= "c:\program files (x86)\FromDocToPDF_65\bar\1.bin\65bar.dll" [2013-06-14 708168]
.
[HKEY_CLASSES_ROOT\clsid\{c66a678d-5e6c-4af9-8f57-c6192f42cf74}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2013-04-12 21:28        611840        ----a-w-        c:\program files\Classic Shell\ClassicExplorer32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FileHippo.com"="c:\program files (x86)\FileHippo.com\UpdateChecker.exe" [2012-11-23 307712]
"StartMenuX"="c:\program files\Start Menu X\StartMenuX.exe" [2012-08-09 6708656]
"DriverMax"="c:\program files (x86)\Innovative Solutions\DriverMax\drivermax.exe" [2013-04-26 7162232]
"DriverMax_RESTART"="c:\program files (x86)\Innovative Solutions\DriverMax\drivermax.exe" [2013-04-26 7162232]
"Spybot-S&D Cleaning"="c:\program files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" [2013-05-16 3642312]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2013-05-20 450560]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2013-02-13 1263952]
"Ulead AutoDetector v2"="c:\program files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe" [2007-08-02 95504]
"SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2013-05-16 3830224]
"G Data AntiVirus Tray"="c:\program files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe" [2013-03-22 1444304]
"GDFirewallTray"="c:\program files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe" [2013-03-22 1854928]
"BingDesktop"="c:\program files (x86)\Microsoft\BingDesktop\BingDesktop.exe" [2013-04-10 2387088]
"FromDocToPDF Search Scope Monitor"="c:\progra~2\FROMDO~2\bar\1.bin\65srchmn.exe" [2013-06-14 44784]
"FromDocToPDF_65 Browser Plugin Loader"="c:\progra~2\FROMDO~2\bar\1.bin\65brmon.exe" [2013-06-14 30096]
.
c:\users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech . Produktregistrierung.lnk - c:\program files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe /remind /language=DEU /_WFM="." [2009-11-16 517384]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2011-4-19 291896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute        REG_MULTI_SZ          autocheck autochk *\0\0sdnclean64.exe
.
3;3 GDPkIcpt;GDPkIcpt;c:\windows\system32\drivers\PktIcpt.sys;c:\windows\SYSNATIVE\drivers\PktIcpt.sys [x]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x]
R2 SystemStoreService;System Store;c:\program files (x86)\SoftwareUpdater\SystemStore.exe  -displayname System Store -servicename SystemStoreService;c:\program files (x86)\SoftwareUpdater\SystemStore.exe  -displayname System Store -servicename SystemStoreService [x]
R3 andnetadb;ADB Interface DriverNet;c:\windows\System32\Drivers\lgandnetadb.sys;c:\windows\SYSNATIVE\Drivers\lgandnetadb.sys [x]
R3 AndNetDiag;LGE AndroidNet USB Serial Port;c:\windows\system32\DRIVERS\lgandnetdiag64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetdiag64.sys [x]
R3 ANDNetModem;LGE AndroidNet USB Modem;c:\windows\system32\DRIVERS\lgandnetmodem64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetmodem64.sys [x]
R3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys;c:\windows\SYSNATIVE\DRIVERS\avfsfilter.sys [x]
R3 c2wts;Claims to Windows Token Service;c:\program files\Windows Identity Foundation\v3.5\c2wtshost.exe;c:\program files\Windows Identity Foundation\v3.5\c2wtshost.exe [x]
R3 DsRoleSvc;DS-Rollenserver;c:\windows\System32\lsass.exe;c:\windows\SYSNATIVE\lsass.exe [x]
R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
R3 gfiark;gfiark;c:\windows\system32\drivers\gfiark.sys;c:\windows\SYSNATIVE\drivers\gfiark.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]
R3 WMSVC;Webverwaltungsdienst;c:\windows\system32\inetsrv\wmsvc.exe;c:\windows\SYSNATIVE\inetsrv\wmsvc.exe [x]
S0 GDBehave;GDBehave;c:\windows\system32\drivers\GDBehave.sys;c:\windows\SYSNATIVE\drivers\GDBehave.sys [x]
S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys;c:\windows\SYSNATIVE\drivers\gfibto.sys [x]
S0 MxEFUF;Matrox Extio Upper Function Filter;c:\windows\system32\DRIVERS\MxEFUF64.sys;c:\windows\SYSNATIVE\DRIVERS\MxEFUF64.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys;c:\windows\SYSNATIVE\drivers\MiniIcpt.sys [x]
S1 gdwfpcd;G Data WFP CD;c:\windows\system32\drivers\gdwfpcd64.sys;c:\windows\SYSNATIVE\drivers\gdwfpcd64.sys [x]
S1 GRD;G Data Rootkit Detector Driver;c:\windows\system32\drivers\GRD.sys;c:\windows\SYSNATIVE\drivers\GRD.sys [x]
S1 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys;c:\windows\SYSNATIVE\drivers\HookCentre.sys [x]
S2 AVKProxy;G Data AntiVirus Proxy;c:\program files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe;c:\program files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [x]
S2 AVKService;G Data Scheduler;c:\program files (x86)\G Data\InternetSecurity\AVK\AVKService.exe;c:\program files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [x]
S2 AVKWCtl;G Data Dateisystem Wächter;c:\program files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe;c:\program files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [x]
S2 BingDesktopUpdate;Bing Desktop Update service;c:\program files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe;c:\program files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [x]
S2 DfSdkS;Defragmentation-Service;c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 6\DfsdkS.exe;c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 6\DfsdkS.exe [x]
S2 FromDocToPDF_65Service;FromDocToPDFService;c:\progra~2\FROMDO~2\bar\1.bin\65barsvc.exe;c:\progra~2\FROMDO~2\bar\1.bin\65barsvc.exe [x]
S2 ftpsvc;Microsoft-FTP-Dienst;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 iprip;RIP-Überwachung;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3;c:\program files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe;c:\program files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [x]
S2 regi;regi;c:\windows\system32\drivers\regi.sys;c:\windows\SYSNATIVE\drivers\regi.sys [x]
S2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);c:\program files\CyberLink\Shared files\RichVideo64.exe;c:\program files\CyberLink\Shared files\RichVideo64.exe [x]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe [x]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe;c:\program files (x86)\Secunia\PSI\sua.exe [x]
S3 GDFwSvc;G Data Personal Firewall;c:\program files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe;c:\program files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [x]
S3 GDScan;G Data Scanner;c:\program files (x86)\Common Files\G Data\GDScan\GDScan.exe;c:\program files (x86)\Common Files\G Data\GDScan\GDScan.exe [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf.sys [x]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
S3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt        REG_MULTI_SZ          hpqcxs08 hpqddsvc
apphost        REG_MULTI_SZ          apphostsvc
iissvcs        REG_MULTI_SZ          w3svc was
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-05 23:35        1165776        ----a-w-        c:\program files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-06-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-23 21:32]
.
2013-06-12 c:\windows\Tasks\AdvancedDriverUpdater_UPDATES.job
- c:\program files (x86)\Advanced Driver Updater\adu.exe [2013-02-21 13:23]
.
2013-03-26 c:\windows\Tasks\DriverEasy Scheduled Scan.job
- c:\program files\Easeware\DriverEasy\DriverEasy.exe [2013-02-25 13:29]
.
2013-06-17 c:\windows\Tasks\dsmonitor.job
- c:\program files (x86)\Uniblue\DriverScanner\dsmonitor.exe [2013-03-11 09:00]
.
2013-06-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-21 04:08]
.
2013-06-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-21 04:08]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-04-16 14:10        776144        ----a-w-        c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-04-16 14:10        776144        ----a-w-        c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-04-16 14:10        776144        ----a-w-        c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-04-16 14:10        776144        ----a-w-        c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2013-04-12 21:28        742400        ----a-w-        c:\program files\Classic Shell\ClassicExplorer64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsmqIntCert"="c:\windows\System32\mqrt.dll" [2012-07-26 237056]
"Apoint"="c:\program files\Alps\GlidePoint\Apoint.exe" [2013-03-13 670040]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-04-10 13519432]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2000-01-01 1278024]
"FromDocToPDF Home Page Guard 64 bit"="c:\progra~2\FROMDO~2\bar\1.bin\AppIntegrator64.exe" [2013-06-14 548936]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
uDefault_Search_URL = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Bar = about:blank
IE: An OneNote s&enden - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
LSP: c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\boyttrw8.default-1370988776258\
FF - prefs.js: browser.startup.homepage - hxxp://comcenter.netcologne.de/
FF - ExtSQL: 2013-05-31 09:07; {23fcfd51-4958-4f00-80a3-ae97e717ed8b}; c:\program files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
WebBrowser-{5786D022-540E-4699-B350-B4BE0AE94B79} - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\SysWOW64\\Macromed\\Flash\\FlashUtil10zi_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\SysWOW64\\Macromed\\Flash\\FlashUtil10zi_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Zeit der Fertigstellung: 2013-06-17  14:48:09
ComboFix-quarantined-files.txt  2013-06-17 12:48
.
Vor Suchlauf: 31 Verzeichnis(se), 34.384.445.440 Bytes frei
Nach Suchlauf: 39 Verzeichnis(se), 36.035.330.048 Bytes frei
.
- - End Of File - - F4462BFD11995E64C10C99C267B3FAEB
--- --- ---
A36C5E4F47E84449FF07ED3517B43A31

HTML-Code:
Die Meldung zum Start ist immer noch da. Das System wird unruhiger.

schrauber 17.06.2013 16:44
Combofix-Skript
WARNUNG für die MITLESER:
Folgendes ComboFix Skript ist ausschließlich für diesen User in dieser Situtation erstellt worden.
Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!

  • Lösche die vorhandene Combofix.exe von deinem Desktop und lade das Programm von folgenden Download-Spiegel neu herunter: Link
  • Speichere es erneut auf dem Desktop (nicht woanders hin, das ist wichtig)!
  • Drücke die Windows + R Taste --> notepad (hinein schreiben) --> OK
  • Kopiere nun den Text aus der folgenden Codebox komplett in das leere Textdokument.
    Code:
    File::
    c:\windows\Tasks\DriverEasy Scheduled Scan.job
    c:\windows\Tasks\AdvancedDriverUpdater_UPDATES.job
    c:\windows\Tasks\dsmonitor.job
  • Speichere dies als CFScript.txt auf deinem Desktop.
  • Wichtig: Stelle deine Anti Viren Software temporär ab. Dies kann ComboFix nämlich bei der Arbeit behindern.
    Danach wieder anstellen nicht vergessen!
  • Schließe alle laufenden Programme damit ComboFix ungehindert arbeiten kann.
  • Ziehe CFScript.txt in die ComboFix.exe wie in diesem Bild:
  • Mache nichts am Computer, bewege nicht die Maus über das ComboFix-Fenster oder klicke in dieses hinein. Dies kann dazu führen, dass ComboFix sich aufhängt.
  • Wenn ComboFix fertig ist wird es ein Log erstellen: C:\ComboFix.txt
    Bitte füge es hier als Antwort (in CODE-Tags mit dem #-Button des Editors) ein.

Hinweis:
Suspect:: und Collect::
Falls im Skript diese Anweisungen enthalten sind, sollen Dateien zur Analyse eingeschickt werden. Es erscheint eine Message-Box, nachdem Combofix fertig ist. Klicke OK und folge den Aufforderungen/Anweisungen, um die Dateien hochzuladen. Teile mir unbedingt mit, ob der Upload geklappt hat!



mach mal bitte nen Screenshot von der Meldung.

luci4712 17.06.2013 19:19
Combofix Log


Combofix Logfile:
Code:
ComboFix 13-06-17.01 - Admin 17.06.2013  19:22:05.2.2 - x64
Microsoft Windows 8 Pro with Media Center  6.2.9200.0.1252.49.1031.18.3838.2458 [GMT 2:00]
ausgeführt von:: c:\users\Admin\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\Admin\Desktop\CFScript.txt
AV: G Data InternetSecurity 2014 *Disabled/Updated* {39B780B4-63C2-05B0-3B40-8F7A21E4F496}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G Data Personal Firewall *Enabled* {018C0191-29AD-04E8-101F-264FDF37B3ED}
SP: G Data InternetSecurity 2014 *Disabled/Updated* {82D66150-45F8-0A3E-01F0-B4085A63BE2B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\AdvancedDriverUpdater_UPDATES.job"
"c:\windows\Tasks\DriverEasy Scheduled Scan.job"
"c:\windows\Tasks\dsmonitor.job"
.
.
(((((((((((((((((((((((  Dateien erstellt von 2013-05-17 bis 2013-06-17  ))))))))))))))))))))))))))))))
.
.
2013-06-17 17:32 . 2013-06-17 17:32        --------        d-----w-        c:\users\Lucian\AppData\Local\temp
2013-06-17 17:32 . 2013-06-17 17:32        --------        d-----w-        c:\users\DefaultAppPool\AppData\Local\temp
2013-06-17 17:32 . 2013-06-17 17:32        --------        d-----w-        c:\users\Default\AppData\Local\temp
2013-06-17 17:32 . 2013-06-17 17:32        --------        d-----w-        c:\users\Classic .NET AppPool\AppData\Local\temp
2013-06-17 17:32 . 2013-06-17 17:32        --------        d-----w-        c:\users\.NET v4.5\AppData\Local\temp
2013-06-17 17:32 . 2013-06-17 17:32        --------        d-----w-        c:\users\.NET v4.5 Classic\AppData\Local\temp
2013-06-17 17:32 . 2013-06-17 17:32        --------        d-----w-        c:\users\.NET v2.0\AppData\Local\temp
2013-06-17 17:32 . 2013-06-17 17:32        --------        d-----w-        c:\users\.NET v2.0 Classic\AppData\Local\temp
2013-06-17 16:03 . 2013-06-17 16:03        --------        d-----w-        C:\_OTL
2013-06-16 20:26 . 2013-06-16 20:26        --------        d-----w-        c:\program files\ESET
2013-06-15 15:00 . 2013-06-16 08:02        --------        d-----w-        C:\Stinger_Quarantine
2013-06-14 13:58 . 2013-06-17 09:03        --------        d-----w-        c:\program files (x86)\Digeus
2013-06-14 12:40 . 2013-06-17 10:07        --------        d-----w-        c:\program files\SmartPCFixer
2013-06-13 23:13 . 2013-06-17 09:03        --------        d-----w-        c:\program files (x86)\Covus Freemium
2013-06-13 08:17 . 2013-06-13 08:17        --------        d-----w-        c:\windows\ERUNT
2013-06-13 08:17 . 2013-06-17 10:05        --------        d-----w-        C:\JRT
2013-06-12 23:10 . 2013-06-17 13:18        --------        d-----w-        c:\program files (x86)\VideoLAN
2013-06-12 20:50 . 2013-05-10 02:42        17271808        ----a-w-        c:\program files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-06-12 20:50 . 2013-05-10 02:21        16642560        ----a-w-        c:\program files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-06-12 20:49 . 2013-04-02 23:37        25088        ----a-w-        c:\windows\SysWow64\cryptdlg.dll
2013-06-12 20:49 . 2013-04-02 23:12        30720        ----a-w-        c:\windows\system32\cryptdlg.dll
2013-06-12 20:36 . 2013-04-23 23:12        1569792        ----a-w-        c:\windows\SysWow64\crypt32.dll
2013-06-12 20:36 . 2013-04-23 22:55        1889280        ----a-w-        c:\windows\system32\crypt32.dll
2013-06-12 20:36 . 2013-04-23 23:13        1013248        ----a-w-        c:\windows\SysWow64\certutil.exe
2013-06-12 20:36 . 2013-04-23 23:12        109056        ----a-w-        c:\windows\SysWow64\cryptnet.dll
2013-06-12 20:36 . 2013-04-23 22:56        1255936        ----a-w-        c:\windows\system32\certutil.exe
2013-06-12 20:36 . 2013-04-23 22:55        68096        ----a-w-        c:\windows\system32\cryptsvc.dll
2013-06-12 20:36 . 2013-04-23 22:55        141312        ----a-w-        c:\windows\system32\cryptnet.dll
2013-06-12 20:36 . 2013-05-04 07:45        2233600        ----a-w-        c:\windows\system32\drivers\tcpip.sys
2013-06-12 20:34 . 2013-05-15 22:35        144384        ----a-w-        c:\windows\system32\tssdisai.dll
2013-06-12 20:16 . 2013-05-04 04:57        1637376        ----a-w-        c:\program files (x86)\Windows Photo Viewer\PhotoViewer.dll
2013-06-12 14:54 . 2013-05-28 16:49        29712        ----a-w-        c:\windows\system32\nitrolocalmon2.dll
2013-06-12 14:54 . 2013-05-28 16:49        17936        ----a-w-        c:\windows\system32\nitrolocalui2.dll
2013-06-12 14:54 . 2013-06-12 14:54        --------        d-----w-        c:\program files\Common Files\Nitro
2013-06-12 14:54 . 2013-06-12 14:54        --------        d-----w-        c:\program files (x86)\Nitro
2013-06-12 14:54 . 2013-06-12 14:54        --------        d-----w-        c:\program files (x86)\Common Files\Nitro
2013-06-12 07:26 . 2013-06-12 07:26        107128        ----a-w-        c:\windows\system32\drivers\GRD.sys
2013-06-11 21:57 . 2013-06-11 21:57        893552        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2013-06-11 21:57 . 2013-06-11 21:57        42776        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2013-06-11 15:37 . 2013-06-11 15:37        --------        d-----w-        c:\windows\SysWow64\wbem\Logs
2013-06-11 14:57 . 2013-06-11 14:57        64824        ----a-w-        c:\windows\system32\drivers\PktIcpt.sys
2013-06-11 14:56 . 2013-06-11 15:06        68408        ----a-w-        c:\windows\system32\drivers\gdwfpcd64.sys
2013-06-11 14:56 . 2013-06-11 15:06        65368        ----a-w-        c:\windows\system32\drivers\HookCentre.sys
2013-06-11 14:56 . 2013-06-11 15:06        60248        ----a-w-        c:\windows\system32\drivers\GDBehave.sys
2013-06-11 14:56 . 2013-06-11 15:06        130392        ----a-w-        c:\windows\system32\drivers\MiniIcpt.sys
2013-06-11 14:52 . 2013-06-11 14:53        --------        d-----w-        c:\program files (x86)\Common Files\G Data
2013-06-11 11:00 . 2013-06-11 11:00        --------        d-----w-        c:\users\Admin\AppData\Roaming\Corel
2013-06-10 18:33 . 2013-06-17 10:07        --------        d-----w-        c:\users\Admin\AppData\Roaming\Wise Registry Cleaner
2013-06-10 18:32 . 2013-06-10 18:32        --------        d-----w-        c:\program files (x86)\Wise
2013-06-08 16:04 . 2013-06-08 16:04        --------        d-----w-        c:\users\Admin\AppData\Local\Freemium
2013-06-08 15:59 . 2013-05-13 03:52        23624        ----a-w-        c:\windows\Launcher.exe
2013-06-08 15:58 . 2013-06-08 15:59        --------        d-----w-        c:\program files (x86)\SoftwareUpdater
2013-06-08 15:58 . 2013-06-08 15:58        --------        d-----w-        c:\programdata\FreeSystemUtilities
2013-06-08 15:58 . 2013-06-08 15:58        --------        d-----w-        c:\programdata\Package Cache
2013-06-06 19:13 . 2013-06-06 19:13        524016        ----a-w-        c:\windows\system32\drivers\SynTP.sys
2013-06-06 19:13 . 2013-06-06 19:13        264432        ----a-w-        c:\windows\system32\SynTPAPI.dll
2013-06-06 19:13 . 2013-06-06 19:13        192240        ----a-w-        c:\windows\system32\SynTPCo19.dll
2013-06-06 19:13 . 2013-06-06 19:13        151280        ----a-w-        c:\windows\SysWow64\SynTPCom.dll
2013-06-06 19:13 . 2013-06-06 19:13        351984        ----a-w-        c:\windows\SysWow64\SynCom.dll
2013-06-06 09:54 . 2013-06-06 09:54        --------        d-----w-        c:\users\Admin\AppData\Roaming\MrJobs
2013-05-29 09:00 . 2013-04-17 18:11        3355336        ----a-w-        c:\windows\system32\drivers\RTKVHD64.sys
2013-05-29 09:00 . 2013-04-10 15:22        2802760        ----a-w-        c:\windows\system32\RtPgEx64.dll
2013-05-29 09:00 . 2013-04-16 14:21        1003080        ----a-w-        c:\windows\system32\RtkApi64.dll
2013-05-29 09:00 . 2013-04-03 20:02        613448        ----a-w-        c:\windows\system32\RtDataProc64.dll
2013-05-29 09:00 . 2013-04-17 11:30        22429696        ----a-w-        c:\windows\system32\RCoRes64.dat
2013-05-29 09:00 . 2013-04-11 12:35        138824        ----a-w-        c:\windows\system32\RCoInstII64.dll
2013-05-29 09:00 . 2013-03-23 01:43        208072        ----a-w-        c:\windows\system32\AERTAC64.dll
2013-05-29 08:47 . 2013-05-29 08:47        --------        d-----w-        c:\program files\Synaptics
2013-05-29 08:47 . 2013-05-29 08:47        1721576        ----a-w-        c:\windows\system32\WdfCoInstaller01009.dll
2013-05-29 08:46 . 2013-05-29 08:46        192240        ----a-w-        c:\windows\system32\SynTPCo18.dll
2013-05-28 09:39 . 2013-05-28 10:00        --------        d-----w-        c:\program files\Google
2013-05-28 08:12 . 2013-04-22 16:52        3786752        ----a-w-        c:\windows\system32\drivers\athw8x.sys
2013-05-28 07:58 . 2013-06-06 19:13        819440        ----a-w-        c:\windows\system32\SynCOM.dll
2013-05-28 07:43 . 2013-05-28 07:43        13403168        ----a-w-        c:\windows\SysWow64\nvwgf2um.dll
2013-05-28 07:36 . 2013-05-28 07:36        31520        ----a-w-        c:\windows\system32\nvhdap64.dll
2013-05-28 07:36 . 2013-05-28 07:36        72992        ----a-w-        c:\windows\system32\nvapo64v.dll
2013-05-28 07:36 . 2013-05-28 07:36        194848        ----a-w-        c:\windows\system32\drivers\nvhda64v.sys
2013-05-26 19:01 . 2013-05-26 19:01        --------        d-----w-        c:\users\Admin\AppData\Roaming\elsterformular
2013-05-26 19:00 . 2013-05-26 19:01        --------        d-----w-        c:\programdata\elsterformular
2013-05-26 19:00 . 2013-05-26 19:04        --------        d-----w-        c:\program files (x86)\ElsterFormular
2013-05-21 19:08 . 2013-05-21 19:08        --------        d-----w-        c:\program files (x86)\Smart Projects
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-17 17:01 . 2013-01-27 02:40        4194304        ----a-w-        c:\windows\ServiceProfiles\NetworkService\msmqlog.bin
2013-06-12 20:17 . 2012-12-21 01:32        75825640        ----a-w-        c:\windows\system32\MRT.exe
2013-06-09 19:01 . 2013-05-07 20:17        15712        ----a-w-        c:\windows\system32\drivers\SWDUMon.sys
2013-06-04 22:09 . 2013-04-10 01:13        78200        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-04 22:09 . 2013-04-10 01:13        693112        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-28 07:43 . 2012-07-25 20:22        15910736        ----a-w-        c:\windows\system32\nvwgf2umx.dll
2013-05-28 07:42 . 2013-02-21 01:08        12426216        ----a-w-        c:\windows\SysWow64\nvd3dum.dll
2013-05-28 07:42 . 2013-01-26 20:19        2935696        ----a-w-        c:\windows\system32\nvapi64.dll
2013-05-28 07:36 . 2013-01-26 20:19        1510176        ----a-w-        c:\windows\system32\nvhdagenco6420103.dll
2013-05-12 20:34 . 2013-01-26 20:24        3514656        ----a-w-        c:\windows\system32\nvsvc64.dll
2013-05-12 20:34 . 2013-01-26 20:24        6491936        ----a-w-        c:\windows\system32\nvcpl.dll
2013-05-12 20:34 . 2013-01-26 20:24        884512        ----a-w-        c:\windows\system32\nvvsvc.exe
2013-05-12 20:34 . 2013-01-26 20:24        63776        ----a-w-        c:\windows\system32\nvshext.dll
2013-05-12 20:34 . 2013-01-26 20:24        2555680        ----a-w-        c:\windows\system32\nvsvcr.dll
2013-05-12 20:34 . 2013-01-26 20:24        237856        ----a-w-        c:\windows\system32\nvmctray.dll
2013-05-10 13:36 . 2013-05-10 13:36        564824        ----a-w-        c:\windows\system32\drivers\sptd.sys
2013-05-08 16:32 . 2012-07-26 08:13        22240        ----a-w-        c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-06 03:32 . 2013-05-06 03:32        364944        ----a-w-        c:\windows\system32\drivers\ETD.sys
2013-04-16 02:34 . 2013-05-15 06:54        1455368        ----a-w-        c:\windows\system32\drivers\dxgkrnl.sys
2013-04-13 05:56 . 2013-05-15 06:46        444416        ----a-w-        c:\windows\apppatch\AcSpecfc.dll
2013-04-13 02:59 . 2012-12-23 11:40        16944        ----a-w-        c:\windows\system32\drivers\GdPhyMem.sys
2013-04-11 06:40 . 2013-05-15 00:32        6987528        ----a-w-        c:\windows\system32\ntoskrnl.exe
2013-04-09 05:33 . 2013-05-14 23:41        446792        ----a-w-        c:\windows\system32\AudioSes.dll
2013-04-09 05:33 . 2013-05-14 23:41        489576        ----a-w-        c:\windows\system32\AudioEng.dll
2013-04-09 05:33 . 2013-05-14 23:41        253544        ----a-w-        c:\windows\system32\audiodg.exe
2013-04-09 05:20 . 2013-05-14 23:41        306952        ----a-w-        c:\windows\system32\kd_02_10ec.dll
2013-04-09 05:20 . 2013-05-14 23:41        86280        ----a-w-        c:\windows\system32\kdnet.dll
2013-04-09 05:18 . 2013-05-14 23:41        77960        ----a-w-        c:\windows\system32\kdvm.dll
2013-04-09 05:17 . 2013-05-14 23:41        1829408        ----a-w-        c:\windows\system32\ntdll.dll
2013-04-09 04:52 . 2013-05-14 23:41        816128        ----a-w-        c:\windows\system32\SearchIndexer.exe
2013-04-09 04:52 . 2013-05-14 23:41        373760        ----a-w-        c:\windows\system32\SearchProtocolHost.exe
2013-04-09 04:52 . 2013-05-14 23:41        197120        ----a-w-        c:\windows\system32\SearchFilterHost.exe
2013-04-09 04:52 . 2013-05-14 23:41        126464        ----a-w-        c:\windows\system32\Robocopy.exe
2013-04-09 04:52 . 2013-05-14 23:41        804352        ----a-w-        c:\windows\system32\RecoveryDrive.exe
2013-04-09 04:51 . 2013-05-14 23:41        367616        ----a-w-        c:\windows\system32\conhost.exe
2013-04-09 04:51 . 2013-05-14 23:41        523264        ----a-w-        c:\windows\system32\XpsGdiConverter.dll
2013-04-09 04:51 . 2013-05-14 23:41        456704        ----a-w-        c:\windows\system32\wpncore.dll
2013-04-09 04:51 . 2013-05-14 23:41        99840        ----a-w-        c:\windows\system32\wscsvc.dll
2013-04-09 04:51 . 2013-05-14 23:41        14267904        ----a-w-        c:\windows\system32\wmp.dll
2013-04-09 04:51 . 2013-05-14 23:41        595456        ----a-w-        c:\windows\system32\Windows.Networking.dll
2013-04-09 04:51 . 2013-05-14 23:41        391168        ----a-w-        c:\windows\system32\Windows.Networking.BackgroundTransfer.dll
2013-04-09 04:51 . 2013-05-14 23:41        3552768        ----a-w-        c:\windows\system32\tquery.dll
2013-04-09 04:50 . 2013-05-14 23:40        414720        ----a-w-        c:\windows\system32\GenuineCenter.dll
2013-04-09 04:50 . 2013-05-14 23:41        1285632        ----a-w-        c:\windows\system32\schedsvc.dll
2013-04-09 04:50 . 2013-05-14 23:41        422400        ----a-w-        c:\windows\system32\schannel.dll
2013-04-09 04:50 . 2013-05-14 23:41        2107904        ----a-w-        c:\windows\system32\mssrch.dll
2013-04-09 04:50 . 2013-05-14 23:40        745984        ----a-w-        c:\windows\system32\mssvp.dll
2013-04-09 04:50 . 2013-05-14 23:40        96256        ----a-w-        c:\windows\system32\mssprxy.dll
2013-04-09 04:50 . 2013-05-14 23:41        435200        ----a-w-        c:\windows\system32\mssph.dll
2013-04-09 04:50 . 2013-05-14 23:40        65024        ----a-w-        c:\windows\system32\msscntrs.dll
2013-04-09 04:50 . 2013-05-14 23:40        13824        ----a-w-        c:\windows\system32\msshooks.dll
2013-04-09 04:49 . 2013-05-14 23:41        1444864        ----a-w-        c:\windows\system32\MSAudDecMFT.dll
2013-04-09 04:49 . 2013-05-14 23:41        468992        ----a-w-        c:\windows\system32\MFMediaEngine.dll
2013-04-09 04:49 . 2013-05-14 23:41        281088        ----a-w-        c:\windows\system32\mfreadwrite.dll
2013-04-09 04:49 . 2013-05-14 23:41        817152        ----a-w-        c:\windows\system32\kerberos.dll
2013-04-09 04:49 . 2013-05-14 23:41        210432        ----a-w-        c:\windows\system32\iuilp.dll
2013-04-09 04:49 . 2013-05-14 23:41        231936        ----a-w-        c:\windows\system32\fhengine.dll
2013-04-09 04:49 . 2013-05-14 23:40        50176        ----a-w-        c:\windows\system32\fmifs.dll
2013-04-09 04:49 . 2013-05-14 23:41        172544        ----a-w-        c:\windows\system32\dwmredir.dll
2013-04-09 04:49 . 2013-05-14 23:41        196096        ----a-w-        c:\windows\system32\dmvdsitf.dll
2013-04-09 04:48 . 2013-05-14 23:41        785408        ----a-w-        c:\windows\system32\audiosrv.dll
2013-04-09 04:48 . 2013-05-14 23:41        169472        ----a-w-        c:\windows\system32\AudioEndpointBuilder.dll
2013-04-09 02:35 . 2013-05-14 23:41        4038144        ----a-w-        c:\windows\system32\win32k.sys
2013-04-09 02:34 . 2013-05-14 23:41        95744        ----a-w-        c:\windows\system32\drivers\hidbth.sys
2013-04-09 02:33 . 2013-05-14 23:40        60416        ----a-w-        c:\windows\system32\drivers\ndproxy.sys
2013-04-09 02:33 . 2013-05-14 23:41        623104        ----a-w-        c:\windows\system32\drivers\srv2.sys
2013-04-09 02:32 . 2013-05-14 23:41        805376        ----a-w-        c:\windows\system32\drivers\PEAuth.sys
2013-04-09 02:31 . 2013-05-14 23:41        247808        ----a-w-        c:\windows\system32\drivers\srvnet.sys
2013-04-09 02:31 . 2013-05-14 23:40        83456        ----a-w-        c:\windows\system32\drivers\wanarp.sys
2013-04-08 23:44 . 2013-05-14 23:41        123880        ----a-w-        c:\windows\SysWow64\wscapi.dll
2013-04-08 23:39 . 2013-05-14 23:41        1408896        ----a-w-        c:\windows\SysWow64\ntdll.dll
2013-04-08 23:37 . 2013-05-14 23:41        426024        ----a-w-        c:\windows\SysWow64\AudioEng.dll
2013-04-08 23:37 . 2013-05-14 23:41        324368        ----a-w-        c:\windows\SysWow64\AudioSes.dll
2013-04-08 21:52 . 2013-05-14 23:41        302592        ----a-w-        c:\windows\SysWow64\SearchProtocolHost.exe
2013-04-08 21:52 . 2013-05-14 23:41        670208        ----a-w-        c:\windows\SysWow64\SearchIndexer.exe
2013-04-08 21:52 . 2013-05-14 23:41        171008        ----a-w-        c:\windows\SysWow64\SearchFilterHost.exe
2013-04-08 21:52 . 2013-05-14 23:41        106496        ----a-w-        c:\windows\SysWow64\Robocopy.exe
2013-04-08 21:52 . 2013-05-14 23:41        364544        ----a-w-        c:\windows\SysWow64\XpsGdiConverter.dll
2013-04-08 21:51 . 2013-05-14 23:41        411136        ----a-w-        c:\windows\SysWow64\Windows.Networking.dll
2013-04-08 21:51 . 2013-05-14 23:41        268800        ----a-w-        c:\windows\SysWow64\Windows.Networking.BackgroundTransfer.dll
2013-04-08 21:51 . 2013-05-14 23:41        2767360        ----a-w-        c:\windows\SysWow64\tquery.dll
2013-04-08 21:51 . 2013-05-14 23:41        324096        ----a-w-        c:\windows\SysWow64\schannel.dll
2013-04-08 21:51 . 2013-05-14 23:41        1593344        ----a-w-        c:\windows\SysWow64\mssrch.dll
2013-04-08 21:51 . 2013-05-14 23:41        403968        ----a-w-        c:\windows\SysWow64\mssph.dll
2013-04-08 21:51 . 2013-05-14 23:41        659456        ----a-w-        c:\windows\SysWow64\mssvp.dll
2013-04-08 21:51 . 2013-05-14 23:40        35328        ----a-w-        c:\windows\SysWow64\mssprxy.dll
2013-04-08 21:51 . 2013-05-14 23:40        186880        ----a-w-        c:\windows\SysWow64\mssphtb.dll
2013-04-08 21:51 . 2013-05-14 23:40        10752        ----a-w-        c:\windows\SysWow64\msshooks.dll
2013-04-08 21:51 . 2013-05-14 23:41        1113600        ----a-w-        c:\windows\SysWow64\MSAudDecMFT.dll
2013-04-08 21:51 . 2013-05-14 23:41        214528        ----a-w-        c:\windows\SysWow64\mfreadwrite.dll
2013-04-08 21:51 . 2013-05-14 23:40        361984        ----a-w-        c:\windows\SysWow64\MFMediaEngine.dll
2013-04-08 21:51 . 2013-05-14 23:41        656896        ----a-w-        c:\windows\SysWow64\kerberos.dll
2013-04-08 21:51 . 2013-05-14 23:40        41984        ----a-w-        c:\windows\SysWow64\fmifs.dll
2013-04-08 21:51 . 2013-05-14 23:41        155648        ----a-w-        c:\windows\SysWow64\dmvdsitf.dll
2013-04-04 23:30 . 2013-05-14 23:41        503080        ----a-w-        c:\windows\system32\ci.dll
2013-04-04 12:50 . 2013-01-14 14:21        25928        ----a-w-        c:\windows\system32\drivers\mbam.sys
2013-04-01 12:06 . 2012-12-21 03:38        2079816        ----a-w-        c:\windows\RtlExUpd.dll
2013-03-31 16:10 . 2013-03-31 16:10        1807136        ----a-w-        c:\windows\system32\nvdispco6431422.dll
2013-03-31 16:10 . 2013-03-31 16:10        1510176        ----a-w-        c:\windows\system32\nvdispgenco6431422.dll
2013-03-30 18:16 . 2013-05-14 23:41        1403784        ----a-w-        c:\windows\system32\winload.efi
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2013-04-12 21:28        611840        ----a-w-        c:\program files\Classic Shell\ClassicExplorer32.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"GDFirewallTray"="c:\program files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe" [2013-03-22 1854928]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute        REG_MULTI_SZ          autocheck autochk *\0\0sdnclean64.exe
.
3;3 GDPkIcpt;GDPkIcpt;c:\windows\system32\drivers\PktIcpt.sys;c:\windows\SYSNATIVE\drivers\PktIcpt.sys [x]
R2 SystemStoreService;System Store;c:\program files (x86)\SoftwareUpdater\SystemStore.exe  -displayname System Store -servicename SystemStoreService;c:\program files (x86)\SoftwareUpdater\SystemStore.exe  -displayname System Store -servicename SystemStoreService [x]
R3 andnetadb;ADB Interface DriverNet;c:\windows\System32\Drivers\lgandnetadb.sys;c:\windows\SYSNATIVE\Drivers\lgandnetadb.sys [x]
R3 AndNetDiag;LGE AndroidNet USB Serial Port;c:\windows\system32\DRIVERS\lgandnetdiag64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetdiag64.sys [x]
R3 ANDNetModem;LGE AndroidNet USB Modem;c:\windows\system32\DRIVERS\lgandnetmodem64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetmodem64.sys [x]
R3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys;c:\windows\SYSNATIVE\DRIVERS\avfsfilter.sys [x]
R3 c2wts;Claims to Windows Token Service;c:\program files\Windows Identity Foundation\v3.5\c2wtshost.exe;c:\program files\Windows Identity Foundation\v3.5\c2wtshost.exe [x]
R3 DsRoleSvc;DS-Rollenserver;c:\windows\System32\lsass.exe;c:\windows\SYSNATIVE\lsass.exe [x]
R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
R3 gfiark;gfiark;c:\windows\system32\drivers\gfiark.sys;c:\windows\SYSNATIVE\drivers\gfiark.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]
R3 WMSVC;Webverwaltungsdienst;c:\windows\system32\inetsrv\wmsvc.exe;c:\windows\SYSNATIVE\inetsrv\wmsvc.exe [x]
S0 GDBehave;GDBehave;c:\windows\system32\drivers\GDBehave.sys;c:\windows\SYSNATIVE\drivers\GDBehave.sys [x]
S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys;c:\windows\SYSNATIVE\drivers\gfibto.sys [x]
S0 MxEFUF;Matrox Extio Upper Function Filter;c:\windows\system32\DRIVERS\MxEFUF64.sys;c:\windows\SYSNATIVE\DRIVERS\MxEFUF64.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys;c:\windows\SYSNATIVE\drivers\MiniIcpt.sys [x]
S1 gdwfpcd;G Data WFP CD;c:\windows\system32\drivers\gdwfpcd64.sys;c:\windows\SYSNATIVE\drivers\gdwfpcd64.sys [x]
S1 GRD;G Data Rootkit Detector Driver;c:\windows\system32\drivers\GRD.sys;c:\windows\SYSNATIVE\drivers\GRD.sys [x]
S1 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys;c:\windows\SYSNATIVE\drivers\HookCentre.sys [x]
S2 AVKProxy;G Data AntiVirus Proxy;c:\program files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe;c:\program files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [x]
S2 AVKService;G Data Scheduler;c:\program files (x86)\G Data\InternetSecurity\AVK\AVKService.exe;c:\program files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [x]
S2 AVKWCtl;G Data Dateisystem Wächter;c:\program files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe;c:\program files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [x]
S2 DfSdkS;Defragmentation-Service;c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 6\DfsdkS.exe;c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 6\DfsdkS.exe [x]
S2 ftpsvc;Microsoft-FTP-Dienst;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 iprip;RIP-Überwachung;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3;c:\program files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe;c:\program files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [x]
S2 regi;regi;c:\windows\system32\drivers\regi.sys;c:\windows\SYSNATIVE\drivers\regi.sys [x]
S2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);c:\program files\CyberLink\Shared files\RichVideo64.exe;c:\program files\CyberLink\Shared files\RichVideo64.exe [x]
S3 GDFwSvc;G Data Personal Firewall;c:\program files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe;c:\program files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [x]
S3 GDScan;G Data Scanner;c:\program files (x86)\Common Files\G Data\GDScan\GDScan.exe;c:\program files (x86)\Common Files\G Data\GDScan\GDScan.exe [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
S3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt        REG_MULTI_SZ          hpqcxs08 hpqddsvc
apphost        REG_MULTI_SZ          apphostsvc
iissvcs        REG_MULTI_SZ          w3svc was
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-05 23:35        1165776        ----a-w-        c:\program files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-06-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-23 21:32]
.
2013-06-12 c:\windows\Tasks\AdvancedDriverUpdater_UPDATES.job
- c:\program files (x86)\Advanced Driver Updater\adu.exe [2013-02-21 13:23]
.
2013-03-26 c:\windows\Tasks\DriverEasy Scheduled Scan.job
- c:\program files\Easeware\DriverEasy\DriverEasy.exe [2013-02-25 13:29]
.
2013-06-17 c:\windows\Tasks\dsmonitor.job
- c:\program files (x86)\Uniblue\DriverScanner\dsmonitor.exe [2013-03-11 09:00]
.
2013-06-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-21 04:08]
.
2013-06-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-21 04:08]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-04-16 14:10        776144        ----a-w-        c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-04-16 14:10        776144        ----a-w-        c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-04-16 14:10        776144        ----a-w-        c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-04-16 14:10        776144        ----a-w-        c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2013-04-12 21:28        742400        ----a-w-        c:\program files\Classic Shell\ClassicExplorer64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsmqIntCert"="c:\windows\System32\mqrt.dll" [2012-07-26 237056]
"Apoint"="c:\program files\Alps\GlidePoint\Apoint.exe" [2013-03-13 670040]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-04-10 13519432]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2000-01-01 1278024]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
uDefault_Search_URL = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Bar = about:blank
IE: An OneNote s&enden - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
LSP: c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\boyttrw8.default-1370988776258\
FF - prefs.js: browser.startup.homepage - hxxp://comcenter.netcologne.de/
FF - ExtSQL: 2013-05-31 09:07; {23fcfd51-4958-4f00-80a3-ae97e717ed8b}; c:\program files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
WebBrowser-{5786D022-540E-4699-B350-B4BE0AE94B79} - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\SysWOW64\\Macromed\\Flash\\FlashUtil10zi_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\SysWOW64\\Macromed\\Flash\\FlashUtil10zi_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Zeit der Fertigstellung: 2013-06-17  19:38:03
ComboFix-quarantined-files.txt  2013-06-17 17:38
.
Vor Suchlauf: 38 Verzeichnis(se), 53.838.061.568 Bytes frei
Nach Suchlauf: 39 Verzeichnis(se), 53.504.450.560 Bytes frei
.
- - End Of File - - 717ECD2C63BE34CC6D7B3022FF0C36CE
--- --- ---
A36C5E4F47E84449FF07ED3517B43A31

schrauber 17.06.2013 19:19
Dann den Screenshot bitte.

luci4712 17.06.2013 20:49
HTML-Code:
Ich habe keinen zu sendenden Screenshut gesehen? Bitte um nähere Information.

schrauber 18.06.2013 06:32
Du sollst mir bitte einen Screenshot von der Meldung machen damit ich ihn sehe :)

luci4712 18.06.2013 12:46
Liste der Anhänge anzeigen (Anzahl: 1)
Meine Drucktaste funktioniert nicht. Deshalb ein Foto.

Anbei nochmal ein Log

Combofix Logfile:
Code:
ComboFix 13-06-18.02 - Admin 18.06.2013  13:12:08.3.2 - x64
Microsoft Windows 8 Pro with Media Center  6.2.9200.0.1252.49.1031.18.3838.2486 [GMT 2:00]
ausgeführt von:: c:\users\Admin\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\Admin\Desktop\CFScript.txt
AV: ESET Smart Security 6.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal Firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 6.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\AdvancedDriverUpdater_UPDATES.job"
"c:\windows\Tasks\DriverEasy Scheduled Scan.job"
"c:\windows\Tasks\dsmonitor.job"
.
.
(((((((((((((((((((((((  Dateien erstellt von 2013-05-18 bis 2013-06-18  ))))))))))))))))))))))))))))))
.
.
2013-06-18 11:22 . 2013-06-18 11:22        --------        d-----w-        c:\users\Lucian\AppData\Local\temp
2013-06-18 11:22 . 2013-06-18 11:22        --------        d-----w-        c:\users\DefaultAppPool\AppData\Local\temp
2013-06-18 11:22 . 2013-06-18 11:22        --------        d-----w-        c:\users\Default\AppData\Local\temp
2013-06-18 11:22 . 2013-06-18 11:22        --------        d-----w-        c:\users\Classic .NET AppPool\AppData\Local\temp
2013-06-18 11:22 . 2013-06-18 11:22        --------        d-----w-        c:\users\.NET v4.5\AppData\Local\temp
2013-06-18 11:22 . 2013-06-18 11:22        --------        d-----w-        c:\users\.NET v4.5 Classic\AppData\Local\temp
2013-06-18 11:22 . 2013-06-18 11:22        --------        d-----w-        c:\users\.NET v2.0\AppData\Local\temp
2013-06-18 11:22 . 2013-06-18 11:22        --------        d-----w-        c:\users\.NET v2.0 Classic\AppData\Local\temp
2013-06-17 20:19 . 2013-06-17 20:19        --------        d-----w-        c:\users\Admin\AppData\Local\GHISLER
2013-06-17 20:15 . 2013-06-17 20:15        --------        d-----w-        c:\windows\SysWow64\wbem\Logs
2013-06-17 16:03 . 2013-06-17 16:03        --------        d-----w-        C:\_OTL
2013-06-16 20:26 . 2013-06-17 19:58        --------        d-----w-        c:\program files\ESET
2013-06-15 15:00 . 2013-06-16 08:02        --------        d-----w-        C:\Stinger_Quarantine
2013-06-14 13:58 . 2013-06-17 09:03        --------        d-----w-        c:\program files (x86)\Digeus
2013-06-14 12:40 . 2013-06-17 10:07        --------        d-----w-        c:\program files\SmartPCFixer
2013-06-13 23:13 . 2013-06-17 09:03        --------        d-----w-        c:\program files (x86)\Covus Freemium
2013-06-13 08:17 . 2013-06-13 08:17        --------        d-----w-        c:\windows\ERUNT
2013-06-13 08:17 . 2013-06-17 10:05        --------        d-----w-        C:\JRT
2013-06-12 23:10 . 2013-06-17 13:18        --------        d-----w-        c:\program files (x86)\VideoLAN
2013-06-12 20:50 . 2013-05-10 02:42        17271808        ----a-w-        c:\program files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-06-12 20:50 . 2013-05-10 02:21        16642560        ----a-w-        c:\program files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-06-12 20:49 . 2013-04-02 23:37        25088        ----a-w-        c:\windows\SysWow64\cryptdlg.dll
2013-06-12 20:49 . 2013-04-02 23:12        30720        ----a-w-        c:\windows\system32\cryptdlg.dll
2013-06-12 20:36 . 2013-04-23 23:12        1569792        ----a-w-        c:\windows\SysWow64\crypt32.dll
2013-06-12 20:36 . 2013-04-23 22:55        1889280        ----a-w-        c:\windows\system32\crypt32.dll
2013-06-12 20:36 . 2013-04-23 23:13        1013248        ----a-w-        c:\windows\SysWow64\certutil.exe
2013-06-12 20:36 . 2013-04-23 23:12        109056        ----a-w-        c:\windows\SysWow64\cryptnet.dll
2013-06-12 20:36 . 2013-04-23 22:56        1255936        ----a-w-        c:\windows\system32\certutil.exe
2013-06-12 20:36 . 2013-04-23 22:55        68096        ----a-w-        c:\windows\system32\cryptsvc.dll
2013-06-12 20:36 . 2013-04-23 22:55        141312        ----a-w-        c:\windows\system32\cryptnet.dll
2013-06-12 20:36 . 2013-05-04 07:45        2233600        ----a-w-        c:\windows\system32\drivers\tcpip.sys
2013-06-12 20:34 . 2013-05-15 22:35        144384        ----a-w-        c:\windows\system32\tssdisai.dll
2013-06-12 20:16 . 2013-05-04 04:57        1637376        ----a-w-        c:\program files (x86)\Windows Photo Viewer\PhotoViewer.dll
2013-06-11 21:57 . 2013-06-17 18:33        893552        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2013-06-11 21:57 . 2013-06-17 18:33        42776        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2013-06-11 14:52 . 2013-06-18 06:23        --------        d-----w-        c:\program files (x86)\Common Files\G Data
2013-06-11 11:00 . 2013-06-11 11:00        --------        d-----w-        c:\users\Admin\AppData\Roaming\Corel
2013-06-10 18:33 . 2013-06-17 10:07        --------        d-----w-        c:\users\Admin\AppData\Roaming\Wise Registry Cleaner
2013-06-10 18:32 . 2013-06-10 18:32        --------        d-----w-        c:\program files (x86)\Wise
2013-06-08 16:04 . 2013-06-08 16:04        --------        d-----w-        c:\users\Admin\AppData\Local\Freemium
2013-06-08 15:59 . 2013-05-13 03:52        23624        ----a-w-        c:\windows\Launcher.exe
2013-06-08 15:58 . 2013-06-08 15:59        --------        d-----w-        c:\program files (x86)\SoftwareUpdater
2013-06-08 15:58 . 2013-06-08 15:58        --------        d-----w-        c:\programdata\FreeSystemUtilities
2013-06-08 15:58 . 2013-06-08 15:58        --------        d-----w-        c:\programdata\Package Cache
2013-05-28 07:43 . 2013-05-28 07:43        13403168        ----a-w-        c:\windows\SysWow64\nvwgf2um.dll
2013-05-28 07:36 . 2013-05-28 07:36        31520        ----a-w-        c:\windows\system32\nvhdap64.dll
2013-05-28 07:36 . 2013-05-28 07:36        72992        ----a-w-        c:\windows\system32\nvapo64v.dll
2013-05-28 07:36 . 2013-05-28 07:36        194848        ----a-w-        c:\windows\system32\drivers\nvhda64v.sys
2013-05-26 19:01 . 2013-05-26 19:01        --------        d-----w-        c:\users\Admin\AppData\Roaming\elsterformular
2013-05-26 19:00 . 2013-05-26 19:01        --------        d-----w-        c:\programdata\elsterformular
2013-05-26 19:00 . 2013-05-26 19:04        --------        d-----w-        c:\program files (x86)\ElsterFormular
2013-05-21 19:08 . 2013-05-21 19:08        --------        d-----w-        c:\program files (x86)\Smart Projects
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-18 10:42 . 2013-01-27 02:40        4194304        ----a-w-        c:\windows\ServiceProfiles\NetworkService\msmqlog.bin
2013-06-12 20:17 . 2012-12-21 01:32        75825640        ----a-w-        c:\windows\system32\MRT.exe
2013-06-09 19:01 . 2013-05-07 20:17        15712        ----a-w-        c:\windows\system32\drivers\SWDUMon.sys
2013-06-04 22:09 . 2013-04-10 01:13        78200        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-04 22:09 . 2013-04-10 01:13        693112        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-28 07:43 . 2012-07-25 20:22        15910736        ----a-w-        c:\windows\system32\nvwgf2umx.dll
2013-05-28 07:42 . 2013-02-21 01:08        12426216        ----a-w-        c:\windows\SysWow64\nvd3dum.dll
2013-05-28 07:42 . 2013-01-26 20:19        2935696        ----a-w-        c:\windows\system32\nvapi64.dll
2013-05-28 07:36 . 2013-01-26 20:19        1510176        ----a-w-        c:\windows\system32\nvhdagenco6420103.dll
2013-05-12 20:34 . 2013-01-26 20:24        3514656        ----a-w-        c:\windows\system32\nvsvc64.dll
2013-05-12 20:34 . 2013-01-26 20:24        6491936        ----a-w-        c:\windows\system32\nvcpl.dll
2013-05-12 20:34 . 2013-01-26 20:24        884512        ----a-w-        c:\windows\system32\nvvsvc.exe
2013-05-12 20:34 . 2013-01-26 20:24        63776        ----a-w-        c:\windows\system32\nvshext.dll
2013-05-12 20:34 . 2013-01-26 20:24        2555680        ----a-w-        c:\windows\system32\nvsvcr.dll
2013-05-12 20:34 . 2013-01-26 20:24        237856        ----a-w-        c:\windows\system32\nvmctray.dll
2013-05-10 13:36 . 2013-05-10 13:36        564824        ----a-w-        c:\windows\system32\drivers\sptd.sys
2013-05-08 16:32 . 2012-07-26 08:13        22240        ----a-w-        c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-06 03:32 . 2013-05-06 03:32        364944        ----a-w-        c:\windows\system32\drivers\ETD.sys
2013-04-16 02:34 . 2013-05-15 06:54        1455368        ----a-w-        c:\windows\system32\drivers\dxgkrnl.sys
2013-04-13 05:56 . 2013-05-15 06:46        444416        ----a-w-        c:\windows\apppatch\AcSpecfc.dll
2013-04-13 02:59 . 2012-12-23 11:40        16944        ----a-w-        c:\windows\system32\drivers\GdPhyMem.sys
2013-04-11 06:40 . 2013-05-15 00:32        6987528        ----a-w-        c:\windows\system32\ntoskrnl.exe
2013-04-09 05:33 . 2013-05-14 23:41        446792        ----a-w-        c:\windows\system32\AudioSes.dll
2013-04-09 05:33 . 2013-05-14 23:41        489576        ----a-w-        c:\windows\system32\AudioEng.dll
2013-04-09 05:33 . 2013-05-14 23:41        253544        ----a-w-        c:\windows\system32\audiodg.exe
2013-04-09 05:20 . 2013-05-14 23:41        306952        ----a-w-        c:\windows\system32\kd_02_10ec.dll
2013-04-09 05:20 . 2013-05-14 23:41        86280        ----a-w-        c:\windows\system32\kdnet.dll
2013-04-09 05:18 . 2013-05-14 23:41        77960        ----a-w-        c:\windows\system32\kdvm.dll
2013-04-09 05:17 . 2013-05-14 23:41        1829408        ----a-w-        c:\windows\system32\ntdll.dll
2013-04-09 04:52 . 2013-05-14 23:41        816128        ----a-w-        c:\windows\system32\SearchIndexer.exe
2013-04-09 04:52 . 2013-05-14 23:41        373760        ----a-w-        c:\windows\system32\SearchProtocolHost.exe
2013-04-09 04:52 . 2013-05-14 23:41        197120        ----a-w-        c:\windows\system32\SearchFilterHost.exe
2013-04-09 04:52 . 2013-05-14 23:41        126464        ----a-w-        c:\windows\system32\Robocopy.exe
2013-04-09 04:52 . 2013-05-14 23:41        804352        ----a-w-        c:\windows\system32\RecoveryDrive.exe
2013-04-09 04:51 . 2013-05-14 23:41        367616        ----a-w-        c:\windows\system32\conhost.exe
2013-04-09 04:51 . 2013-05-14 23:41        523264        ----a-w-        c:\windows\system32\XpsGdiConverter.dll
2013-04-09 04:51 . 2013-05-14 23:41        456704        ----a-w-        c:\windows\system32\wpncore.dll
2013-04-09 04:51 . 2013-05-14 23:41        99840        ----a-w-        c:\windows\system32\wscsvc.dll
2013-04-09 04:51 . 2013-05-14 23:41        14267904        ----a-w-        c:\windows\system32\wmp.dll
2013-04-09 04:51 . 2013-05-14 23:41        595456        ----a-w-        c:\windows\system32\Windows.Networking.dll
2013-04-09 04:51 . 2013-05-14 23:41        391168        ----a-w-        c:\windows\system32\Windows.Networking.BackgroundTransfer.dll
2013-04-09 04:51 . 2013-05-14 23:41        3552768        ----a-w-        c:\windows\system32\tquery.dll
2013-04-09 04:50 . 2013-05-14 23:40        414720        ----a-w-        c:\windows\system32\GenuineCenter.dll
2013-04-09 04:50 . 2013-05-14 23:41        1285632        ----a-w-        c:\windows\system32\schedsvc.dll
2013-04-09 04:50 . 2013-05-14 23:41        422400        ----a-w-        c:\windows\system32\schannel.dll
2013-04-09 04:50 . 2013-05-14 23:41        2107904        ----a-w-        c:\windows\system32\mssrch.dll
2013-04-09 04:50 . 2013-05-14 23:40        745984        ----a-w-        c:\windows\system32\mssvp.dll
2013-04-09 04:50 . 2013-05-14 23:40        96256        ----a-w-        c:\windows\system32\mssprxy.dll
2013-04-09 04:50 . 2013-05-14 23:41        435200        ----a-w-        c:\windows\system32\mssph.dll
2013-04-09 04:50 . 2013-05-14 23:40        65024        ----a-w-        c:\windows\system32\msscntrs.dll
2013-04-09 04:50 . 2013-05-14 23:40        13824        ----a-w-        c:\windows\system32\msshooks.dll
2013-04-09 04:49 . 2013-05-14 23:41        1444864        ----a-w-        c:\windows\system32\MSAudDecMFT.dll
2013-04-09 04:49 . 2013-05-14 23:41        468992        ----a-w-        c:\windows\system32\MFMediaEngine.dll
2013-04-09 04:49 . 2013-05-14 23:41        281088        ----a-w-        c:\windows\system32\mfreadwrite.dll
2013-04-09 04:49 . 2013-05-14 23:41        817152        ----a-w-        c:\windows\system32\kerberos.dll
2013-04-09 04:49 . 2013-05-14 23:41        210432        ----a-w-        c:\windows\system32\iuilp.dll
2013-04-09 04:49 . 2013-05-14 23:41        231936        ----a-w-        c:\windows\system32\fhengine.dll
2013-04-09 04:49 . 2013-05-14 23:40        50176        ----a-w-        c:\windows\system32\fmifs.dll
2013-04-09 04:49 . 2013-05-14 23:41        172544        ----a-w-        c:\windows\system32\dwmredir.dll
2013-04-09 04:49 . 2013-05-14 23:41        196096        ----a-w-        c:\windows\system32\dmvdsitf.dll
2013-04-09 04:48 . 2013-05-14 23:41        785408        ----a-w-        c:\windows\system32\audiosrv.dll
2013-04-09 04:48 . 2013-05-14 23:41        169472        ----a-w-        c:\windows\system32\AudioEndpointBuilder.dll
2013-04-09 02:35 . 2013-05-14 23:41        4038144        ----a-w-        c:\windows\system32\win32k.sys
2013-04-09 02:34 . 2013-05-14 23:41        95744        ----a-w-        c:\windows\system32\drivers\hidbth.sys
2013-04-09 02:33 . 2013-05-14 23:40        60416        ----a-w-        c:\windows\system32\drivers\ndproxy.sys
2013-04-09 02:33 . 2013-05-14 23:41        623104        ----a-w-        c:\windows\system32\drivers\srv2.sys
2013-04-09 02:32 . 2013-05-14 23:41        805376        ----a-w-        c:\windows\system32\drivers\PEAuth.sys
2013-04-09 02:31 . 2013-05-14 23:41        247808        ----a-w-        c:\windows\system32\drivers\srvnet.sys
2013-04-09 02:31 . 2013-05-14 23:40        83456        ----a-w-        c:\windows\system32\drivers\wanarp.sys
2013-04-08 23:44 . 2013-05-14 23:41        123880        ----a-w-        c:\windows\SysWow64\wscapi.dll
2013-04-08 23:39 . 2013-05-14 23:41        1408896        ----a-w-        c:\windows\SysWow64\ntdll.dll
2013-04-08 23:37 . 2013-05-14 23:41        426024        ----a-w-        c:\windows\SysWow64\AudioEng.dll
2013-04-08 23:37 . 2013-05-14 23:41        324368        ----a-w-        c:\windows\SysWow64\AudioSes.dll
2013-04-08 21:52 . 2013-05-14 23:41        302592        ----a-w-        c:\windows\SysWow64\SearchProtocolHost.exe
2013-04-08 21:52 . 2013-05-14 23:41        670208        ----a-w-        c:\windows\SysWow64\SearchIndexer.exe
2013-04-08 21:52 . 2013-05-14 23:41        171008        ----a-w-        c:\windows\SysWow64\SearchFilterHost.exe
2013-04-08 21:52 . 2013-05-14 23:41        106496        ----a-w-        c:\windows\SysWow64\Robocopy.exe
2013-04-08 21:52 . 2013-05-14 23:41        364544        ----a-w-        c:\windows\SysWow64\XpsGdiConverter.dll
2013-04-08 21:51 . 2013-05-14 23:41        411136        ----a-w-        c:\windows\SysWow64\Windows.Networking.dll
2013-04-08 21:51 . 2013-05-14 23:41        268800        ----a-w-        c:\windows\SysWow64\Windows.Networking.BackgroundTransfer.dll
2013-04-08 21:51 . 2013-05-14 23:41        2767360        ----a-w-        c:\windows\SysWow64\tquery.dll
2013-04-08 21:51 . 2013-05-14 23:41        324096        ----a-w-        c:\windows\SysWow64\schannel.dll
2013-04-08 21:51 . 2013-05-14 23:41        1593344        ----a-w-        c:\windows\SysWow64\mssrch.dll
2013-04-08 21:51 . 2013-05-14 23:41        403968        ----a-w-        c:\windows\SysWow64\mssph.dll
2013-04-08 21:51 . 2013-05-14 23:41        659456        ----a-w-        c:\windows\SysWow64\mssvp.dll
2013-04-08 21:51 . 2013-05-14 23:40        35328        ----a-w-        c:\windows\SysWow64\mssprxy.dll
2013-04-08 21:51 . 2013-05-14 23:40        186880        ----a-w-        c:\windows\SysWow64\mssphtb.dll
2013-04-08 21:51 . 2013-05-14 23:40        10752        ----a-w-        c:\windows\SysWow64\msshooks.dll
2013-04-08 21:51 . 2013-05-14 23:41        1113600        ----a-w-        c:\windows\SysWow64\MSAudDecMFT.dll
2013-04-08 21:51 . 2013-05-14 23:41        214528        ----a-w-        c:\windows\SysWow64\mfreadwrite.dll
2013-04-08 21:51 . 2013-05-14 23:40        361984        ----a-w-        c:\windows\SysWow64\MFMediaEngine.dll
2013-04-08 21:51 . 2013-05-14 23:41        656896        ----a-w-        c:\windows\SysWow64\kerberos.dll
2013-04-08 21:51 . 2013-05-14 23:40        41984        ----a-w-        c:\windows\SysWow64\fmifs.dll
2013-04-08 21:51 . 2013-05-14 23:41        155648        ----a-w-        c:\windows\SysWow64\dmvdsitf.dll
2013-04-04 23:30 . 2013-05-14 23:41        503080        ----a-w-        c:\windows\system32\ci.dll
2013-04-04 12:50 . 2013-01-14 14:21        25928        ----a-w-        c:\windows\system32\drivers\mbam.sys
2013-04-01 12:06 . 2012-12-21 03:38        2079816        ----a-w-        c:\windows\RtlExUpd.dll
2013-03-31 16:10 . 2013-03-31 16:10        1807136        ----a-w-        c:\windows\system32\nvdispco6431422.dll
2013-03-31 16:10 . 2013-03-31 16:10        1510176        ----a-w-        c:\windows\system32\nvdispgenco6431422.dll
2013-03-30 18:16 . 2013-05-14 23:41        1403784        ----a-w-        c:\windows\system32\winload.efi
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2013-04-12 21:28        611840        ----a-w-        c:\program files\Classic Shell\ClassicExplorer32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute        REG_MULTI_SZ          autocheck autochk *\0\0sdnclean64.exe
.
R2 SystemStoreService;System Store;c:\program files (x86)\SoftwareUpdater\SystemStore.exe  -displayname System Store -servicename SystemStoreService;c:\program files (x86)\SoftwareUpdater\SystemStore.exe  -displayname System Store -servicename SystemStoreService [x]
R3 andnetadb;ADB Interface DriverNet;c:\windows\System32\Drivers\lgandnetadb.sys;c:\windows\SYSNATIVE\Drivers\lgandnetadb.sys [x]
R3 AndNetDiag;LGE AndroidNet USB Serial Port;c:\windows\system32\DRIVERS\lgandnetdiag64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetdiag64.sys [x]
R3 ANDNetModem;LGE AndroidNet USB Modem;c:\windows\system32\DRIVERS\lgandnetmodem64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetmodem64.sys [x]
R3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys;c:\windows\SYSNATIVE\DRIVERS\avfsfilter.sys [x]
R3 c2wts;Claims to Windows Token Service;c:\program files\Windows Identity Foundation\v3.5\c2wtshost.exe;c:\program files\Windows Identity Foundation\v3.5\c2wtshost.exe [x]
R3 DsRoleSvc;DS-Rollenserver;c:\windows\System32\lsass.exe;c:\windows\SYSNATIVE\lsass.exe [x]
R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
R3 gfiark;gfiark;c:\windows\system32\drivers\gfiark.sys;c:\windows\SYSNATIVE\drivers\gfiark.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]
R3 WMSVC;Webverwaltungsdienst;c:\windows\system32\inetsrv\wmsvc.exe;c:\windows\SYSNATIVE\inetsrv\wmsvc.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys;c:\windows\SYSNATIVE\drivers\gfibto.sys [x]
S0 MxEFUF;Matrox Extio Upper Function Filter;c:\windows\system32\DRIVERS\MxEFUF64.sys;c:\windows\SYSNATIVE\DRIVERS\MxEFUF64.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S2 DfSdkS;Defragmentation-Service;c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 6\DfsdkS.exe;c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 6\DfsdkS.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 ftpsvc;Microsoft-FTP-Dienst;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 iprip;RIP-Überwachung;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 regi;regi;c:\windows\system32\drivers\regi.sys;c:\windows\SYSNATIVE\drivers\regi.sys [x]
S2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);c:\program files\CyberLink\Shared files\RichVideo64.exe;c:\program files\CyberLink\Shared files\RichVideo64.exe [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
S3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt        REG_MULTI_SZ          hpqcxs08 hpqddsvc
apphost        REG_MULTI_SZ          apphostsvc
iissvcs        REG_MULTI_SZ          w3svc was
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-05 23:35        1165776        ----a-w-        c:\program files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-06-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-23 21:32]
.
2013-06-12 c:\windows\Tasks\AdvancedDriverUpdater_UPDATES.job
- c:\program files (x86)\Advanced Driver Updater\adu.exe [2013-02-21 13:23]
.
2013-03-26 c:\windows\Tasks\DriverEasy Scheduled Scan.job
- c:\program files\Easeware\DriverEasy\DriverEasy.exe [2013-02-25 13:29]
.
2013-06-18 c:\windows\Tasks\dsmonitor.job
- c:\program files (x86)\Uniblue\DriverScanner\dsmonitor.exe [2013-03-11 09:00]
.
2013-06-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-21 04:08]
.
2013-06-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-21 04:08]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-04-16 14:10        776144        ----a-w-        c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-04-16 14:10        776144        ----a-w-        c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-04-16 14:10        776144        ----a-w-        c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-04-16 14:10        776144        ----a-w-        c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2013-04-12 21:28        742400        ----a-w-        c:\program files\Classic Shell\ClassicExplorer64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsmqIntCert"="c:\windows\System32\mqrt.dll" [2012-07-26 237056]
"Apoint"="c:\program files\Alps\GlidePoint\Apoint.exe" [2013-03-13 670040]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-04-10 13519432]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2000-01-01 1278024]
"ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2013-03-21 6330568]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
uDefault_Search_URL = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Bar = about:blank
IE: An OneNote s&enden - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
LSP: c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\boyttrw8.default-1370988776258\
FF - prefs.js: browser.startup.homepage - hxxp://comcenter.netcologne.de/
FF - ExtSQL: 2013-05-31 09:07; {23fcfd51-4958-4f00-80a3-ae97e717ed8b}; c:\program files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
WebBrowser-{5786D022-540E-4699-B350-B4BE0AE94B79} - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\SysWOW64\\Macromed\\Flash\\FlashUtil10zi_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\SysWOW64\\Macromed\\Flash\\FlashUtil10zi_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Zeit der Fertigstellung: 2013-06-18  13:32:26
ComboFix-quarantined-files.txt  2013-06-18 11:32
ComboFix2.txt  2013-06-17 17:38
.
Vor Suchlauf: 38 Verzeichnis(se), 60.592.361.472 Bytes frei
Nach Suchlauf: 39 Verzeichnis(se), 60.358.877.184 Bytes frei
.
- - End Of File - - 92E44CCCD5D6B967B99AB22B38747CF5
--- --- ---
A36C5E4F47E84449FF07ED3517B43A31

schrauber 18.06.2013 13:31
Wir reden aneinander vorbei :)

Die Meldung mit HomeTab die beim Starten kommt, davon bitte ein Foto :)

luci4712 18.06.2013 14:39
Liste der Anhänge anzeigen (Anzahl: 1)
Sorry.
beiliegend das gewünschte Foto von 15Uhr30

luci4712 18.06.2013 16:44
Ich habe etwas gefunden:

Hometab tmp log

HTML-Code:
1,"fusion","GAC",0
3,"C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\5cb0754debdf19b9f0d63d4d8721f532\System.Windows.Forms.ni.dll",0
3,"C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\28c2c6e7f48ff80c680a97b08df66a72\System.ni.dll",0
3,"C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7e6b074d3f3e3cc8e0270a3552c47aaa\System.Drawing.ni.dll",0
3,"C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\ae31f7dc9817e359d05c9c8efdd5f359\System.Xml.ni.dll",0
3,"C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\8e9282974a23dfd1c27496da39f39472\System.Management.ni.dll",0
3,"C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\d29382ad4b800178b51631569c928f0b\System.Configuration.ni.dll",0
3,"C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\644cb8dc7b37a1eec15f542da9846d0c\System.Data.ni.dll",0
3,"C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\fe30f9017b763714b1372d77204cd3d0\System.Transactions.ni.dll",0
2,"System.EnterpriseServices, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a",0

schrauber 18.06.2013 18:29
Lade SystemLook von jpshortstuff von einem der folgenden Spiegel herunter und speichere das Tool auf dem Desktop.
SystemLook (64 bit)
  • Doppelklicke auf die SystemLook_x64.exe, um das Tool zu starten.
  • Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:
    Code:
    :filefind
    *Browser Updater*
    :regfind
    Browser Updater
  • Klicke nun auf den Button Look, um den Scan zu starten.
  • Der Suchlauf kann einige Zeit dauern.
  • Wenn der Suchlauf beendet ist, wird sich Dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
  • Die Ergebnisse werden auf dem Desktop als SystemLook.txt gespeichert.

luci4712 18.06.2013 20:15
Logfile anbei

Code:
SystemLook 30.07.11 by jpshortstuff
Log created at 21:00 on 18/06/2013 by Admin
Administrator - Elevation successful

========== filefind ==========

Searching for "*Browser Updater*"
C:\Windows\System32\Tasks\Browser Updater\Browser Updater        --a---- 4024 bytes        [15:59 08/06/2013]        [15:59 08/06/2013] 0D1DB22846E303118E42A48C241AEEAE

========== regfind ==========

Searching for "Browser Updater"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2B6CC758-E291-491B-8378-B85AD7F8CCBB}]
"Path"="\Browser Updater\Browser Updater"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2B6CC758-E291-491B-8378-B85AD7F8CCBB}]
"Author"="Browser Updater\Browser Updater"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Browser Updater]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Browser Updater\Browser Updater]

-= EOF =-

schrauber 19.06.2013 07:09
Da isser ja :)

Fixen mit OTL

  • Starte bitte die OTL.exe.
  • Kopiere nun den Inhalt aus der Codebox in die Textbox.
Code:
:Files
C:\Windows\System32\Tasks\Browser Updater
  • Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
  • Schließe bitte nun alle Programme.
  • Klicke nun bitte auf den Fix Button.
  • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
  • Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
    ( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
    Kopiere nun den Inhalt hier in Deinen Thread

luci4712 19.06.2013 07:50
OTL Log file

Code:
========== FILES ==========
File\Folder C:\Windows\System32\Tasks\Browser Updater not found.
 
OTL by OldTimer - Version 3.2.69.0 log created on 06192013_084631

schrauber 19.06.2013 08:24
Meldung weg beim Booten? Wenn nicht hat OTL ein Problem, dann müssen wir die Datei anders löschen. ODer geh mal bitte zu dem angegebenen Pfad

C:\Windows\System32\Tasks

und schau ob Du die Datei findest, wenn ja löschen.

luci4712 19.06.2013 09:42
:applaus: Geschafft. :applaus:
Habe die Datei lange gesucht und schließlich mit dem Totalcommander gefunden und gelöscht. Die Datei hatte sich immer versteckt.

Meldung ist weg.

:party: Hierfür gilt Dir mein persönlicher Dank. :party:

Spende? Ich würde gerne spenden. Wieviel und wohin?

Ich will meinen PC neu einrichten. Welche Browser sind empfehlenswert?

Als Virenscanner hatte ich G-Data, der aber hier total versagte. Die Firewall von G-Gata wurde stetig blockiert. Was ist hier empfehlenswert?

schrauber 19.06.2013 12:17
Gern Geschehen :)

Freeware: Avast
Wenns was kosten darf: Emsisoft

SPenden-Infos in meiner Signatur, danke :)

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.


Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

luci4712 21.06.2013 10:08
Hallo. da bin ich wieder.
Ich habe eine Anwendung gefunden, die sich nicht deinstallieren läßt.
HTML-Code:
SmartPCFixer
.
Wenn ich diese Datei im abgesicherten Modus lösche, benennt sich diese nur um.
Was kann ich machen?

schrauber 21.06.2013 12:46
Revo Uninstaller Pro - Uninstall Software, Remove Programs easily, Forced Uninstall, Leftovers Uninstaller

Versuchs mal damit :)

luci4712 21.06.2013 15:29
Danke.
Die Software hat sich schon wieder umbenannt. Läßt sich deshalb nicht finden.
Ich versuche derzeit herauszufinden, von welcher Firma die Software vertrieben wird. Dies wäre noch eine zusätzliche Suchmöglichkeit.

schrauber 21.06.2013 19:36
Dann lade FRST mal neu und poste die beiden Logs, ich schau mal :)

luci4712 21.06.2013 21:01
Danke.
Windows 8 hat selbständig neu aufgesetzt.
Ich muß jetzt alles neu instsllieren, dabei werde ich versuchen, neutral zu installieren.
Sollte ich wieder Probleme bekommen, melde ich mich.
Danke.

Gruß luci4712

schrauber 22.06.2013 12:51
Zitat:
Windows 8 hat selbständig neu aufgesetzt.
What? :wtf:

luci4712 22.06.2013 20:34
HTML-Code:
Windows 8 hat die Installationscd verlangt, wegen Aktualisierung der Daten.

Alle Daten wurden dabei erhalten. Außer meine EMails. Wurden diese gelöscht oder sind die irgendwo auf dem PC gespeichert?
I
HTML-Code:
Im PC hatte ich noch 2 bösartige Dateien. Die sind jetzt gelöscht.

Meine E-Mails habe ich alle gefunden.

Jetzt heißt es, mein System sauber halten.

Bitte dieses Thema jetzt abschließen.

Sollte ein neues Thema auftauchen, komme ich gerne auf Sie zurück.

:party:Danke.:party: Danke.:party: Danke

schrauber 23.06.2013 08:56
Zitat:
Windows 8 hat die Installationscd verlangt, wegen Aktualisierung der Daten.
Ich hab ja win8 auch auf 2 Rechnern, das is mir neu :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 12:30 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55