Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Google Chrome und alle anderen Browser funktionieren nicht mehr! (https://www.trojaner-board.de/138054-google-chrome-alle-anderen-browser-funktionieren-mehr.html)

BadGoblin 11.07.2013 12:29
Google Chrome und alle anderen Browser funktionieren nicht mehr!
 
Hallo
das ist mein erster Post in diesem Forum!
Fals ich was falsch gemacht habe bitte belehren.
Zu meinem Problem:
Seit gestern abends hat mein Chrome eine Makke will einfach nichts mehr laden. Wenn ich starte kommt einfache eine weiße Seite und sonst tut sich da nichts.
Dachte mir kann ja am inet liegen hab es mit Opera getestet und der broweser stürtz immer ab wenn ich versuche den zu starten.
Chrome deinstalliert und neu installier hat nichts gebracht.
Hab dann meine Antivirensoftware drüberlaufen lassen und Malwarebytes beide nichts gefunden.
Hatte den PC die ganze Nacht an als ich dann am Morgen Chrome gestarte hab hat alles wieder funktioniert hab mich dann mit meinem Google-Konto angemeldet, Lesezeichen und Erweiterungen wurden geladen und dann war das Problem wieder da.
Hab dann eienn Neustart versucht und hat nichts gebracht.
Leider meke ich dass der PC zunehmend langsamer wird und hab wirklich keine Ahnung was ich machen soll deshalb suche ich hier Hilfe.

markusg 11.07.2013 12:43
Hi,
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

BadGoblin 11.07.2013 12:50
Krass vielen Dank für die schnelle Hilfe
hier der LOG :


Code:
13:46:04.0448 5428  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
13:46:06.0461 5428  ============================================================
13:46:06.0461 5428  Current date / time: 2013/07/11 13:46:06.0461
13:46:06.0461 5428  SystemInfo:
13:46:06.0461 5428 
13:46:06.0461 5428  OS Version: 6.1.7601 ServicePack: 1.0
13:46:06.0461 5428  Product type: Workstation
13:46:06.0461 5428  ComputerName: ***-PC
13:46:06.0461 5428  UserName: ***
13:46:06.0461 5428  Windows directory: C:\Windows
13:46:06.0461 5428  System windows directory: C:\Windows
13:46:06.0461 5428  Running under WOW64
13:46:06.0461 5428  Processor architecture: Intel x64
13:46:06.0461 5428  Number of processors: 4
13:46:06.0461 5428  Page size: 0x1000
13:46:06.0461 5428  Boot type: Normal boot
13:46:06.0461 5428  ============================================================
13:46:07.0833 5428  Drive \Device\Harddisk0\DR0 - Size: 0x2EC3DCEA00 (187.06 Gb), SectorSize: 0x200, Cylinders: 0x5F63, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:46:07.0849 5428  Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:46:07.0943 5428  Drive \Device\Harddisk3\DR3 - Size: 0x1DCD80000 (7.45 Gb), SectorSize: 0x200, Cylinders: 0x3CC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:46:07.0943 5428  ============================================================
13:46:07.0943 5428  \Device\Harddisk0\DR0:
13:46:07.0943 5428  MBR partitions:
13:46:07.0943 5428  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
13:46:07.0943 5428  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x175EB800
13:46:07.0943 5428  \Device\Harddisk1\DR1:
13:46:07.0943 5428  MBR partitions:
13:46:07.0943 5428  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x7A320000
13:46:07.0943 5428  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x7A320800, BlocksNum 0x6EAE7800
13:46:07.0943 5428  \Device\Harddisk3\DR3:
13:46:07.0943 5428  MBR partitions:
13:46:07.0943 5428  \Device\Harddisk3\DR3\Partition1: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0xEE6BE0
13:46:07.0943 5428  ============================================================
13:46:07.0958 5428  C: <-> \Device\Harddisk0\DR0\Partition2
13:46:07.0974 5428  D: <-> \Device\Harddisk1\DR1\Partition1
13:46:08.0021 5428  E: <-> \Device\Harddisk1\DR1\Partition2
13:46:08.0021 5428  ============================================================
13:46:08.0021 5428  Initialize success
13:46:08.0021 5428  ============================================================
13:46:26.0070 3216  ============================================================
13:46:26.0070 3216  Scan started
13:46:26.0070 3216  Mode: Manual; SigCheck; TDLFS;
13:46:26.0070 3216  ============================================================
13:46:26.0787 3216  ================ Scan system memory ========================
13:46:26.0787 3216  System memory - ok
13:46:26.0787 3216  ================ Scan services =============================
13:46:26.0850 3216  1394hub - ok
13:46:26.0897 3216  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
13:46:26.0943 3216  1394ohci - ok
13:46:26.0959 3216  [ CEDDA5E0599A595911BE1210E16C0D2E ] A38CCID        C:\Windows\system32\DRIVERS\a38ccid.sys
13:46:26.0990 3216  A38CCID - ok
13:46:27.0053 3216  [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon        C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
13:46:27.0084 3216  ACDaemon - ok
13:46:27.0115 3216  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
13:46:27.0162 3216  ACPI - ok
13:46:27.0193 3216  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi        C:\Windows\system32\drivers\acpipmi.sys
13:46:27.0224 3216  AcpiPmi - ok
13:46:27.0287 3216  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:46:27.0287 3216  AdobeARMservice - ok
13:46:27.0349 3216  [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:46:27.0365 3216  AdobeFlashPlayerUpdateSvc - ok
13:46:27.0396 3216  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx        C:\Windows\system32\DRIVERS\adp94xx.sys
13:46:27.0411 3216  adp94xx - ok
13:46:27.0427 3216  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci        C:\Windows\system32\DRIVERS\adpahci.sys
13:46:27.0443 3216  adpahci - ok
13:46:27.0458 3216  [ E109549C90F62FB570B9540C4B148E54 ] adpu320        C:\Windows\system32\DRIVERS\adpu320.sys
13:46:27.0474 3216  adpu320 - ok
13:46:27.0489 3216  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc    C:\Windows\System32\aelupsvc.dll
13:46:27.0521 3216  AeLookupSvc - ok
13:46:27.0552 3216  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD            C:\Windows\system32\drivers\afd.sys
13:46:27.0583 3216  AFD - ok
13:46:27.0614 3216  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
13:46:27.0630 3216  agp440 - ok
13:46:27.0677 3216  [ 44F360B65C37A42EB5B71C2E5179FDD5 ] aksdf          C:\Windows\system32\drivers\aksdf.sys
13:46:27.0708 3216  aksdf - ok
13:46:27.0755 3216  [ BC61697103C9EFC3DBA83777CEA8E76B ] aksfridge      C:\Windows\system32\drivers\aksfridge.sys
13:46:27.0755 3216  aksfridge - ok
13:46:27.0786 3216  [ 3290D6946B5E30E70414990574883DDB ] ALG            C:\Windows\System32\alg.exe
13:46:27.0801 3216  ALG - ok
13:46:27.0817 3216  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
13:46:27.0817 3216  aliide - ok
13:46:27.0879 3216  [ 99E061822198323D427901FDA293825C ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
13:46:27.0895 3216  AMD External Events Utility - ok
13:46:27.0973 3216  AMD FUEL Service - ok
13:46:28.0004 3216  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
13:46:28.0020 3216  amdide - ok
13:46:28.0035 3216  [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64        C:\Windows\system32\DRIVERS\amdiox64.sys
13:46:28.0051 3216  amdiox64 - ok
13:46:28.0067 3216  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8          C:\Windows\system32\DRIVERS\amdk8.sys
13:46:28.0098 3216  AmdK8 - ok
13:46:28.0363 3216  [ 454451A6A699C07040F406E44C457A50 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
13:46:28.0659 3216  amdkmdag - ok
13:46:28.0691 3216  [ 61FBDA851233587CE9C9B7020146359E ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
13:46:28.0722 3216  amdkmdap - ok
13:46:28.0722 3216  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
13:46:28.0753 3216  AmdPPM - ok
13:46:28.0784 3216  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata        C:\Windows\system32\drivers\amdsata.sys
13:46:28.0800 3216  amdsata - ok
13:46:28.0831 3216  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
13:46:28.0847 3216  amdsbs - ok
13:46:28.0862 3216  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata        C:\Windows\system32\drivers\amdxata.sys
13:46:28.0862 3216  amdxata - ok
13:46:28.0940 3216  [ 165D721B48D5A712C4AC370C1906FC0A ] AntiVirFirewallService C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe
13:46:28.0956 3216  AntiVirFirewallService - ok
13:46:28.0971 3216  [ 1ADD310A86EC52EBBB5F7F81224692C7 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
13:46:28.0971 3216  AntiVirMailService - ok
13:46:29.0018 3216  [ 8F272AB3B03454DE259BD370E71BA954 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
13:46:29.0018 3216  AntiVirSchedulerService - ok
13:46:29.0065 3216  [ A80B5696C0A4BE484C4BCDA19B5533B0 ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
13:46:29.0065 3216  AntiVirService - ok
13:46:29.0112 3216  [ 6EEA7A324065C2233FC3C5E774C54103 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
13:46:29.0127 3216  AntiVirWebService - ok
13:46:29.0174 3216  AODDriver4.0 - ok
13:46:29.0221 3216  [ 5A528A540B1AEE8B1C77ED65094E8CDF ] AODDriver4.01  C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
13:46:29.0221 3216  AODDriver4.01 - ok
13:46:29.0252 3216  [ 5A528A540B1AEE8B1C77ED65094E8CDF ] AODDriver4.2    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
13:46:29.0268 3216  AODDriver4.2 - ok
13:46:29.0299 3216  [ 89A69C3F2F319B43379399547526D952 ] AppID          C:\Windows\system32\drivers\appid.sys
13:46:29.0330 3216  AppID - ok
13:46:29.0361 3216  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
13:46:29.0393 3216  AppIDSvc - ok
13:46:29.0439 3216  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo        C:\Windows\System32\appinfo.dll
13:46:29.0455 3216  Appinfo - ok
13:46:29.0533 3216  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:46:29.0549 3216  Apple Mobile Device - ok
13:46:29.0580 3216  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt        C:\Windows\System32\appmgmts.dll
13:46:29.0611 3216  AppMgmt - ok
13:46:29.0627 3216  [ C484F8CEB1717C540242531DB7845C4E ] arc            C:\Windows\system32\DRIVERS\arc.sys
13:46:29.0627 3216  arc - ok
13:46:29.0642 3216  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
13:46:29.0642 3216  arcsas - ok
13:46:29.0720 3216  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:46:29.0720 3216  aspnet_state - ok
13:46:29.0736 3216  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
13:46:29.0767 3216  AsyncMac - ok
13:46:29.0814 3216  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi          C:\Windows\system32\drivers\atapi.sys
13:46:29.0814 3216  atapi - ok
13:46:29.0845 3216  [ 4E5C72F003BFCB75701480DDCA5F0F09 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
13:46:29.0861 3216  AtiHDAudioService - ok
13:46:29.0861 3216  atillk64 - ok
13:46:29.0923 3216  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:46:29.0985 3216  AudioEndpointBuilder - ok
13:46:30.0017 3216  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
13:46:30.0032 3216  AudioSrv - ok
13:46:30.0063 3216  [ AA63DDD55F620BF96F1114F3BE3691C0 ] avfwim          C:\Windows\system32\DRIVERS\avfwim.sys
13:46:30.0063 3216  avfwim - ok
13:46:30.0079 3216  [ 2427ABF5319463B9B7DF062C79967E9E ] avfwot          C:\Windows\system32\DRIVERS\avfwot.sys
13:46:30.0095 3216  avfwot - ok
13:46:30.0126 3216  [ 09E6069EF94B345061B4BD3CEBD974C8 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
13:46:30.0141 3216  avgntflt - ok
13:46:30.0157 3216  [ 488486DAD09A5B6C6DBB8B990A8B2307 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
13:46:30.0173 3216  avipbb - ok
13:46:30.0173 3216  [ 490FA25161BF3E51993EB724ECF0ACEB ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
13:46:30.0188 3216  avkmgr - ok
13:46:30.0219 3216  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
13:46:30.0282 3216  AxInstSV - ok
13:46:30.0313 3216  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv        C:\Windows\system32\DRIVERS\bxvbda.sys
13:46:30.0360 3216  b06bdrv - ok
13:46:30.0375 3216  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
13:46:30.0407 3216  b57nd60a - ok
13:46:30.0422 3216  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
13:46:30.0469 3216  BDESVC - ok
13:46:30.0485 3216  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
13:46:30.0516 3216  Beep - ok
13:46:30.0563 3216  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE            C:\Windows\System32\bfe.dll
13:46:30.0609 3216  BFE - ok
13:46:30.0656 3216  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
13:46:30.0719 3216  BITS - ok
13:46:30.0734 3216  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
13:46:30.0750 3216  blbdrive - ok
13:46:30.0781 3216  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:46:30.0797 3216  Bonjour Service - ok
13:46:30.0828 3216  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
13:46:30.0859 3216  bowser - ok
13:46:30.0859 3216  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:46:30.0890 3216  BrFiltLo - ok
13:46:30.0906 3216  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:46:30.0906 3216  BrFiltUp - ok
13:46:30.0953 3216  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser        C:\Windows\System32\browser.dll
13:46:30.0968 3216  Browser - ok
13:46:30.0999 3216  [ E5E9B1625A767CEB6F319C12D33EAB78 ] BrSerIb        C:\Windows\system32\DRIVERS\BrSerIb.sys
13:46:31.0015 3216  BrSerIb - ok
13:46:31.0046 3216  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid        C:\Windows\System32\Drivers\Brserid.sys
13:46:31.0062 3216  Brserid - ok
13:46:31.0077 3216  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
13:46:31.0093 3216  BrSerWdm - ok
13:46:31.0093 3216  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
13:46:31.0124 3216  BrUsbMdm - ok
13:46:31.0140 3216  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
13:46:31.0155 3216  BrUsbSer - ok
13:46:31.0187 3216  [ D9F6B30AD93CBD165EC71FADF51DF25E ] BrUsbSIb        C:\Windows\system32\DRIVERS\BrUsbSIb.sys
13:46:31.0202 3216  BrUsbSIb - ok
13:46:31.0218 3216  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
13:46:31.0233 3216  BTHMODEM - ok
13:46:31.0265 3216  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv        C:\Windows\system32\bthserv.dll
13:46:31.0296 3216  bthserv - ok
13:46:31.0327 3216  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
13:46:31.0358 3216  cdfs - ok
13:46:31.0389 3216  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom          C:\Windows\system32\DRIVERS\cdrom.sys
13:46:31.0405 3216  cdrom - ok
13:46:31.0452 3216  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc    C:\Windows\System32\certprop.dll
13:46:31.0483 3216  CertPropSvc - ok
13:46:31.0499 3216  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
13:46:31.0514 3216  circlass - ok
13:46:31.0561 3216  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
13:46:31.0577 3216  CLFS - ok
13:46:31.0639 3216  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:46:31.0655 3216  clr_optimization_v2.0.50727_32 - ok
13:46:31.0686 3216  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:46:31.0701 3216  clr_optimization_v2.0.50727_64 - ok
13:46:31.0748 3216  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:46:31.0748 3216  clr_optimization_v4.0.30319_32 - ok
13:46:31.0764 3216  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:46:31.0779 3216  clr_optimization_v4.0.30319_64 - ok
13:46:31.0842 3216  [ 09D38AEC081F064FD67B8B9C49790020 ] CltMngSvc      C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe
13:46:31.0857 3216  CltMngSvc - ok
13:46:31.0873 3216  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
13:46:31.0889 3216  CmBatt - ok
13:46:31.0935 3216  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
13:46:31.0951 3216  cmdide - ok
13:46:31.0982 3216  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG            C:\Windows\system32\Drivers\cng.sys
13:46:32.0013 3216  CNG - ok
13:46:32.0123 3216  [ 1C15404EA8FC42DAB8A7B3765ED53E58 ] CodeMeter.exe  C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
13:46:32.0201 3216  CodeMeter.exe - ok
13:46:32.0216 3216  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
13:46:32.0232 3216  Compbatt - ok
13:46:32.0263 3216  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
13:46:32.0279 3216  CompositeBus - ok
13:46:32.0279 3216  COMSysApp - ok
13:46:32.0294 3216  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk        C:\Windows\system32\DRIVERS\crcdisk.sys
13:46:32.0310 3216  crcdisk - ok
13:46:32.0341 3216  [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc        C:\Windows\system32\cryptsvc.dll
13:46:32.0388 3216  CryptSvc - ok
13:46:32.0435 3216  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC            C:\Windows\system32\drivers\csc.sys
13:46:32.0450 3216  CSC - ok
13:46:32.0481 3216  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
13:46:32.0513 3216  CscService - ok
13:46:32.0528 3216  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
13:46:32.0575 3216  DcomLaunch - ok
13:46:32.0606 3216  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc      C:\Windows\System32\defragsvc.dll
13:46:32.0653 3216  defragsvc - ok
13:46:32.0684 3216  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
13:46:32.0715 3216  DfsC - ok
13:46:32.0762 3216  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
13:46:32.0793 3216  Dhcp - ok
13:46:32.0809 3216  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
13:46:32.0840 3216  discache - ok
13:46:32.0840 3216  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
13:46:32.0856 3216  Disk - ok
13:46:32.0871 3216  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
13:46:32.0887 3216  Dnscache - ok
13:46:32.0934 3216  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc        C:\Windows\System32\dot3svc.dll
13:46:32.0965 3216  dot3svc - ok
13:46:33.0012 3216  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS            C:\Windows\system32\dps.dll
13:46:33.0043 3216  DPS - ok
13:46:33.0059 3216  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud        C:\Windows\system32\drivers\drmkaud.sys
13:46:33.0074 3216  drmkaud - ok
13:46:33.0137 3216  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl        C:\Windows\System32\drivers\dxgkrnl.sys
13:46:33.0152 3216  DXGKrnl - ok
13:46:33.0152 3216  EagleX64 - ok
13:46:33.0168 3216  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost        C:\Windows\System32\eapsvc.dll
13:46:33.0199 3216  EapHost - ok
13:46:33.0293 3216  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv          C:\Windows\system32\DRIVERS\evbda.sys
13:46:33.0386 3216  ebdrv - ok
13:46:33.0402 3216  [ C118A82CD78818C29AB228366EBF81C3 ] EFS            C:\Windows\System32\lsass.exe
13:46:33.0433 3216  EFS - ok
13:46:33.0449 3216  [ A05FC7ECA0966EBB70E4D17B855A853B ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
13:46:33.0464 3216  ElbyCDIO - ok
13:46:33.0480 3216  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor        C:\Windows\system32\DRIVERS\elxstor.sys
13:46:33.0511 3216  elxstor - ok
13:46:33.0527 3216  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
13:46:33.0542 3216  ErrDev - ok
13:46:33.0589 3216  ESEADriver2 - ok
13:46:33.0636 3216  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem    C:\Windows\system32\es.dll
13:46:33.0683 3216  EventSystem - ok
13:46:33.0698 3216  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat          C:\Windows\system32\drivers\exfat.sys
13:46:33.0745 3216  exfat - ok
13:46:33.0792 3216  [ BC680DC833672E54DB07F5F39D259B03 ] ezGOSvc        C:\Windows\SysWOW64\ezGOSvc.dll
13:46:33.0792 3216  ezGOSvc - ok
13:46:33.0854 3216  Fabs - ok
13:46:33.0885 3216  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat        C:\Windows\system32\drivers\fastfat.sys
13:46:33.0932 3216  fastfat - ok
13:46:33.0979 3216  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax            C:\Windows\system32\fxssvc.exe
13:46:34.0010 3216  Fax - ok
13:46:34.0026 3216  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc            C:\Windows\system32\DRIVERS\fdc.sys
13:46:34.0041 3216  fdc - ok
13:46:34.0057 3216  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost        C:\Windows\system32\fdPHost.dll
13:46:34.0088 3216  fdPHost - ok
13:46:34.0104 3216  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
13:46:34.0135 3216  FDResPub - ok
13:46:34.0151 3216  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
13:46:34.0166 3216  FileInfo - ok
13:46:34.0182 3216  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace      C:\Windows\system32\drivers\filetrace.sys
13:46:34.0213 3216  Filetrace - ok
13:46:34.0291 3216  [ 5BD96D8C5411ACE71A7EAACAF0EF2903 ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
13:46:34.0385 3216  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
13:46:34.0385 3216  FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
13:46:34.0400 3216  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
13:46:34.0416 3216  flpydisk - ok
13:46:34.0463 3216  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
13:46:34.0478 3216  FltMgr - ok
13:46:34.0525 3216  [ C4C183E6551084039EC862DA1C945E3D ] FontCache      C:\Windows\system32\FntCache.dll
13:46:34.0572 3216  FontCache - ok
13:46:34.0619 3216  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:46:34.0634 3216  FontCache3.0.0.0 - ok
13:46:34.0650 3216  [ D43703496149971890703B4B1B723EAC ] FsDepends      C:\Windows\system32\drivers\FsDepends.sys
13:46:34.0650 3216  FsDepends - ok
13:46:34.0665 3216  [ B16B626996C74B564005BA855C5DEE90 ] fssfltr        C:\Windows\system32\DRIVERS\fssfltr.sys
13:46:34.0681 3216  fssfltr - ok
13:46:34.0759 3216  [ 812E1BA5C52A78F13EA6AA10DF708B1D ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
13:46:34.0821 3216  fsssvc - ok
13:46:34.0837 3216  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
13:46:34.0853 3216  Fs_Rec - ok
13:46:34.0915 3216  [ B99C240DEA85007044E178C1C9C75659 ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
13:46:34.0931 3216  Futuremark SystemInfo Service - ok
13:46:34.0962 3216  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
13:46:34.0977 3216  fvevol - ok
13:46:35.0009 3216  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
13:46:35.0009 3216  gagp30kx - ok
13:46:35.0040 3216  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM    C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:46:35.0055 3216  GEARAspiWDM - ok
13:46:35.0102 3216  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc          C:\Windows\System32\gpsvc.dll
13:46:35.0165 3216  gpsvc - ok
13:46:35.0211 3216  [ F02A533F517EB38333CB12A9E8963773 ] gupdate        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:46:35.0211 3216  gupdate - ok
13:46:35.0227 3216  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:46:35.0227 3216  gupdatem - ok
13:46:35.0243 3216  [ 408DDD80EEDE47175F6844817B90213E ] gusvc          C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
13:46:35.0258 3216  gusvc - ok
13:46:35.0274 3216  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi        C:\Windows\system32\DRIVERS\hamachi.sys
13:46:35.0274 3216  hamachi - ok
13:46:35.0321 3216  [ D619BA1712B83D14149850E758B835AD ] hardlock        C:\Windows\system32\drivers\hardlock.sys
13:46:35.0336 3216  hardlock - ok
13:46:35.0352 3216  hasplms - ok
13:46:35.0367 3216  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
13:46:35.0383 3216  hcw85cir - ok
13:46:35.0430 3216  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:46:35.0445 3216  HdAudAddService - ok
13:46:35.0461 3216  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
13:46:35.0477 3216  HDAudBus - ok
13:46:35.0492 3216  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt        C:\Windows\system32\DRIVERS\HidBatt.sys
13:46:35.0508 3216  HidBatt - ok
13:46:35.0523 3216  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
13:46:35.0555 3216  HidBth - ok
13:46:35.0570 3216  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr          C:\Windows\system32\DRIVERS\hidir.sys
13:46:35.0586 3216  HidIr - ok
13:46:35.0601 3216  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv        C:\Windows\system32\hidserv.dll
13:46:35.0633 3216  hidserv - ok
13:46:35.0664 3216  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
13:46:35.0664 3216  HidUsb - ok
13:46:35.0711 3216  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
13:46:35.0742 3216  hkmsvc - ok
13:46:35.0789 3216  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:46:35.0835 3216  HomeGroupListener - ok
13:46:35.0882 3216  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:46:35.0898 3216  HomeGroupProvider - ok
13:46:35.0929 3216  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
13:46:35.0945 3216  HpSAMD - ok
13:46:35.0991 3216  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
13:46:36.0038 3216  HTTP - ok
13:46:36.0069 3216  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
13:46:36.0085 3216  hwpolicy - ok
13:46:36.0116 3216  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
13:46:36.0132 3216  i8042prt - ok
13:46:36.0147 3216  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV        C:\Windows\system32\drivers\iaStorV.sys
13:46:36.0179 3216  iaStorV - ok
13:46:36.0225 3216  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc          C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:46:36.0257 3216  idsvc - ok
13:46:36.0288 3216  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp          C:\Windows\system32\DRIVERS\iirsp.sys
13:46:36.0288 3216  iirsp - ok
13:46:36.0350 3216  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
13:46:36.0397 3216  IKEEXT - ok
13:46:36.0475 3216  [ 88798B4381FD58FAE2DA07880C177C5C ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
13:46:36.0553 3216  IntcAzAudAddService - ok
13:46:36.0569 3216  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
13:46:36.0569 3216  intelide - ok
13:46:36.0584 3216  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
13:46:36.0600 3216  intelppm - ok
13:46:36.0615 3216  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum      C:\Windows\system32\ipbusenum.dll
13:46:36.0662 3216  IPBusEnum - ok
13:46:36.0693 3216  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:46:36.0725 3216  IpFilterDriver - ok
13:46:36.0771 3216  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
13:46:36.0818 3216  iphlpsvc - ok
13:46:36.0849 3216  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV        C:\Windows\system32\drivers\IPMIDrv.sys
13:46:36.0865 3216  IPMIDRV - ok
13:46:36.0896 3216  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT          C:\Windows\system32\drivers\ipnat.sys
13:46:36.0927 3216  IPNAT - ok
13:46:36.0990 3216  [ 2872B90D57C8310194A78A9787406467 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
13:46:37.0021 3216  iPod Service - ok
13:46:37.0037 3216  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
13:46:37.0052 3216  IRENUM - ok
13:46:37.0083 3216  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
13:46:37.0099 3216  isapnp - ok
13:46:37.0130 3216  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
13:46:37.0177 3216  iScsiPrt - ok
13:46:37.0193 3216  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
13:46:37.0208 3216  kbdclass - ok
13:46:37.0239 3216  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
13:46:37.0271 3216  kbdhid - ok
13:46:37.0286 3216  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
13:46:37.0286 3216  KeyIso - ok
13:46:37.0302 3216  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
13:46:37.0317 3216  KSecDD - ok
13:46:37.0349 3216  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg        C:\Windows\system32\Drivers\ksecpkg.sys
13:46:37.0364 3216  KSecPkg - ok
13:46:37.0380 3216  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk        C:\Windows\system32\drivers\ksthunk.sys
13:46:37.0411 3216  ksthunk - ok
13:46:37.0442 3216  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm          C:\Windows\system32\msdtckrm.dll
13:46:37.0489 3216  KtmRm - ok
13:46:37.0536 3216  [ 305BB2AC00D46542E0A653AB63F4ABB1 ] LADF_CaptureOnly C:\Windows\system32\DRIVERS\ladfGSCamd64.sys
13:46:37.0551 3216  LADF_CaptureOnly - ok
13:46:37.0551 3216  [ 28CDDC7D478A6313F55077416DCBD0DE ] LADF_RenderOnly C:\Windows\system32\DRIVERS\ladfGSRamd64.sys
13:46:37.0567 3216  LADF_RenderOnly - ok
13:46:37.0598 3216  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
13:46:37.0645 3216  LanmanServer - ok
13:46:37.0676 3216  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:46:37.0723 3216  LanmanWorkstation - ok
13:46:37.0801 3216  [ 7772DFAB22611050B79504E671B06E6E ] LBTServ        C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
13:46:37.0801 3216  LBTServ - ok
13:46:37.0817 3216  [ FA529FB35694C24BF98A9EF67C1CD9D0 ] LGBusEnum      C:\Windows\system32\drivers\LGBusEnum.sys
13:46:37.0832 3216  LGBusEnum - ok
13:46:37.0863 3216  [ CDDC07D414B08FECD48E4940C29F483F ] LGSHidFilt      C:\Windows\system32\DRIVERS\LGSHidFilt.Sys
13:46:37.0879 3216  LGSHidFilt - ok
13:46:37.0895 3216  [ 94B29CE153765E768F004FB3440BE2B0 ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
13:46:37.0895 3216  LGVirHid - ok
13:46:37.0926 3216  [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
13:46:37.0926 3216  LHidFilt - ok
13:46:37.0941 3216  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
13:46:37.0973 3216  lltdio - ok
13:46:37.0988 3216  [ C1185803384AB3FEED115F79F109427F ] lltdsvc        C:\Windows\System32\lltdsvc.dll
13:46:38.0035 3216  lltdsvc - ok
13:46:38.0051 3216  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts        C:\Windows\System32\lmhsvc.dll
13:46:38.0082 3216  lmhosts - ok
13:46:38.0097 3216  [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
13:46:38.0113 3216  LMouFilt - ok
13:46:38.0144 3216  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
13:46:38.0144 3216  LSI_FC - ok
13:46:38.0160 3216  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS        C:\Windows\system32\DRIVERS\lsi_sas.sys
13:46:38.0175 3216  LSI_SAS - ok
13:46:38.0191 3216  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:46:38.0191 3216  LSI_SAS2 - ok
13:46:38.0191 3216  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:46:38.0207 3216  LSI_SCSI - ok
13:46:38.0222 3216  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv          C:\Windows\system32\drivers\luafv.sys
13:46:38.0253 3216  luafv - ok
13:46:38.0316 3216  [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector  C:\Windows\system32\drivers\mbam.sys
13:46:38.0331 3216  MBAMProtector - ok
13:46:38.0815 3216  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler  E:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
13:46:38.0815 3216  MBAMScheduler - ok
13:46:38.0846 3216  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService    E:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
13:46:38.0862 3216  MBAMService - ok
13:46:38.0877 3216  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas        C:\Windows\system32\DRIVERS\megasas.sys
13:46:38.0877 3216  megasas - ok
13:46:38.0909 3216  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
13:46:38.0924 3216  MegaSR - ok
13:46:38.0940 3216  [ 1595FECFFBE9EA2417E06D5FD0BFA4C4 ] MEMSWEEP2      C:\Windows\system32\25AC.tmp
13:46:38.0955 3216  MEMSWEEP2 ( UnsignedFile.Multi.Generic ) - warning
13:46:38.0955 3216  MEMSWEEP2 - detected UnsignedFile.Multi.Generic (1)
13:46:38.0987 3216  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS          C:\Windows\system32\mmcss.dll
13:46:39.0018 3216  MMCSS - ok
13:46:39.0033 3216  [ 800BA92F7010378B09F9ED9270F07137 ] Modem          C:\Windows\system32\drivers\modem.sys
13:46:39.0065 3216  Modem - ok
13:46:39.0080 3216  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor        C:\Windows\system32\DRIVERS\monitor.sys
13:46:39.0096 3216  monitor - ok
13:46:39.0127 3216  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
13:46:39.0143 3216  mouclass - ok
13:46:39.0158 3216  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
13:46:39.0174 3216  mouhid - ok
13:46:39.0221 3216  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
13:46:39.0221 3216  mountmgr - ok
13:46:39.0252 3216  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
13:46:39.0267 3216  mpio - ok
13:46:39.0283 3216  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
13:46:39.0299 3216  mpsdrv - ok
13:46:39.0361 3216  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
13:46:39.0408 3216  MpsSvc - ok
13:46:39.0439 3216  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
13:46:39.0470 3216  MRxDAV - ok
13:46:39.0486 3216  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
13:46:39.0501 3216  mrxsmb - ok
13:46:39.0533 3216  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:46:39.0564 3216  mrxsmb10 - ok
13:46:39.0564 3216  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:46:39.0579 3216  mrxsmb20 - ok
13:46:39.0611 3216  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
13:46:39.0611 3216  msahci - ok
13:46:39.0626 3216  [ DB801A638D011B9633829EB6F663C900 ] msdsm          C:\Windows\system32\drivers\msdsm.sys
13:46:39.0642 3216  msdsm - ok
13:46:39.0657 3216  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC          C:\Windows\System32\msdtc.exe
13:46:39.0689 3216  MSDTC - ok
13:46:39.0704 3216  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
13:46:39.0720 3216  Msfs - ok
13:46:39.0735 3216  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf      C:\Windows\System32\drivers\mshidkmdf.sys
13:46:39.0767 3216  mshidkmdf - ok
13:46:39.0767 3216  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
13:46:39.0782 3216  msisadrv - ok
13:46:39.0813 3216  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI        C:\Windows\system32\iscsiexe.dll
13:46:39.0845 3216  MSiSCSI - ok
13:46:39.0860 3216  msiserver - ok
13:46:39.0860 3216  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV        C:\Windows\system32\drivers\MSKSSRV.sys
13:46:39.0891 3216  MSKSSRV - ok
13:46:39.0891 3216  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
13:46:39.0923 3216  MSPCLOCK - ok
13:46:39.0923 3216  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM          C:\Windows\system32\drivers\MSPQM.sys
13:46:39.0954 3216  MSPQM - ok
13:46:40.0001 3216  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC          C:\Windows\system32\drivers\MsRPC.sys
13:46:40.0016 3216  MsRPC - ok
13:46:40.0047 3216  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
13:46:40.0063 3216  mssmbios - ok
13:46:40.0079 3216  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE          C:\Windows\system32\drivers\MSTEE.sys
13:46:40.0110 3216  MSTEE - ok
13:46:40.0125 3216  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
13:46:40.0157 3216  MTConfig - ok
13:46:40.0172 3216  [ 19B006B181E3875FD254F7B67ACF1E7C ] MTsensor        C:\Windows\system32\DRIVERS\ASACPI.sys
13:46:40.0188 3216  MTsensor - ok
13:46:40.0188 3216  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup            C:\Windows\system32\Drivers\mup.sys
13:46:40.0203 3216  Mup - ok
13:46:40.0235 3216  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
13:46:40.0281 3216  napagent - ok
13:46:40.0313 3216  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP    C:\Windows\system32\DRIVERS\nwifi.sys
13:46:40.0344 3216  NativeWifiP - ok
13:46:40.0391 3216  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
13:46:40.0422 3216  NDIS - ok
13:46:40.0437 3216  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap        C:\Windows\system32\DRIVERS\ndiscap.sys
13:46:40.0469 3216  NdisCap - ok
13:46:40.0484 3216  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
13:46:40.0500 3216  NdisTapi - ok
13:46:40.0547 3216  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio        C:\Windows\system32\DRIVERS\ndisuio.sys
13:46:40.0578 3216  Ndisuio - ok
13:46:40.0625 3216  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan        C:\Windows\system32\DRIVERS\ndiswan.sys
13:46:40.0656 3216  NdisWan - ok
13:46:40.0687 3216  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy        C:\Windows\system32\drivers\NDProxy.sys
13:46:40.0718 3216  NDProxy - ok
13:46:40.0734 3216  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS        C:\Windows\system32\DRIVERS\netbios.sys
13:46:40.0765 3216  NetBIOS - ok
13:46:40.0812 3216  [ 09594D1089C523423B32A4229263F068 ] NetBT          C:\Windows\system32\DRIVERS\netbt.sys
13:46:40.0843 3216  NetBT - ok
13:46:40.0859 3216  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
13:46:40.0859 3216  Netlogon - ok
13:46:40.0890 3216  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
13:46:40.0937 3216  Netman - ok
13:46:40.0983 3216  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:46:40.0983 3216  NetMsmqActivator - ok
13:46:41.0015 3216  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:46:41.0015 3216  NetPipeActivator - ok
13:46:41.0046 3216  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
13:46:41.0093 3216  netprofm - ok
13:46:41.0093 3216  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:46:41.0093 3216  NetTcpActivator - ok
13:46:41.0108 3216  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:46:41.0108 3216  NetTcpPortSharing - ok
13:46:41.0139 3216  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960        C:\Windows\system32\DRIVERS\nfrd960.sys
13:46:41.0139 3216  nfrd960 - ok
13:46:41.0155 3216  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
13:46:41.0186 3216  NlaSvc - ok
13:46:41.0202 3216  [ 351533ACC2A069B94E80BBFC177E8FDF ] NPF            C:\Windows\system32\drivers\npf.sys
13:46:41.0202 3216  NPF - ok
13:46:41.0217 3216  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
13:46:41.0249 3216  Npfs - ok
13:46:41.0264 3216  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi            C:\Windows\system32\nsisvc.dll
13:46:41.0295 3216  nsi - ok
13:46:41.0311 3216  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
13:46:41.0342 3216  nsiproxy - ok
13:46:41.0420 3216  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
13:46:41.0467 3216  Ntfs - ok
13:46:41.0483 3216  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
13:46:41.0514 3216  Null - ok
13:46:41.0763 3216  [ DD81FBC57AB9134CDDC5CE90880BFD80 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:46:42.0075 3216  nvlddmkm - ok
13:46:42.0122 3216  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
13:46:42.0138 3216  nvraid - ok
13:46:42.0153 3216  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
13:46:42.0169 3216  nvstor - ok
13:46:42.0185 3216  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
13:46:42.0185 3216  nv_agp - ok
13:46:42.0200 3216  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
13:46:42.0216 3216  ohci1394 - ok
13:46:42.0278 3216  [ B9C125314A025127FE562C116D614AA3 ] ose64          C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:46:42.0278 3216  ose64 - ok
13:46:42.0465 3216  [ FE9C0029E1AF26350D9985D00520E5C8 ] osppsvc        C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:46:42.0621 3216  osppsvc - ok
13:46:42.0653 3216  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
13:46:42.0684 3216  p2pimsvc - ok
13:46:42.0715 3216  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
13:46:42.0731 3216  p2psvc - ok
13:46:42.0762 3216  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport        C:\Windows\system32\DRIVERS\parport.sys
13:46:42.0762 3216  Parport - ok
13:46:42.0809 3216  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr        C:\Windows\system32\drivers\partmgr.sys
13:46:42.0809 3216  partmgr - ok
13:46:42.0824 3216  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
13:46:42.0855 3216  PcaSvc - ok
13:46:42.0855 3216  pccsmcfd - ok
13:46:42.0855 3216  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci            C:\Windows\system32\drivers\pci.sys
13:46:42.0871 3216  pci - ok
13:46:42.0887 3216  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
13:46:42.0902 3216  pciide - ok
13:46:42.0918 3216  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
13:46:42.0933 3216  pcmcia - ok
13:46:42.0933 3216  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw            C:\Windows\system32\drivers\pcw.sys
13:46:42.0933 3216  pcw - ok
13:46:42.0965 3216  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
13:46:43.0011 3216  PEAUTH - ok
13:46:43.0058 3216  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc    C:\Windows\system32\peerdistsvc.dll
13:46:43.0121 3216  PeerDistSvc - ok
13:46:43.0167 3216  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
13:46:43.0183 3216  PerfHost - ok
13:46:43.0261 3216  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla            C:\Windows\system32\pla.dll
13:46:43.0339 3216  pla - ok
13:46:43.0386 3216  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
13:46:43.0417 3216  PlugPlay - ok
13:46:43.0417 3216  PnkBstrA - ok
13:46:43.0417 3216  PnkBstrB - ok
13:46:43.0433 3216  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg    C:\Windows\system32\pnrpauto.dll
13:46:43.0448 3216  PNRPAutoReg - ok
13:46:43.0464 3216  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc        C:\Windows\system32\pnrpsvc.dll
13:46:43.0479 3216  PNRPsvc - ok
13:46:43.0511 3216  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent    C:\Windows\System32\ipsecsvc.dll
13:46:43.0557 3216  PolicyAgent - ok
13:46:43.0589 3216  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power          C:\Windows\system32\umpo.dll
13:46:43.0620 3216  Power - ok
13:46:43.0635 3216  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
13:46:43.0682 3216  PptpMiniport - ok
13:46:43.0698 3216  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor      C:\Windows\system32\DRIVERS\processr.sys
13:46:43.0713 3216  Processor - ok
13:46:43.0745 3216  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc        C:\Windows\system32\profsvc.dll
13:46:43.0776 3216  ProfSvc - ok
13:46:43.0791 3216  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:46:43.0791 3216  ProtectedStorage - ok
13:46:43.0838 3216  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
13:46:43.0854 3216  Psched - ok
13:46:43.0916 3216  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
13:46:43.0963 3216  ql2300 - ok
13:46:43.0979 3216  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
13:46:43.0979 3216  ql40xx - ok
13:46:44.0010 3216  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE          C:\Windows\system32\qwave.dll
13:46:44.0041 3216  QWAVE - ok
13:46:44.0057 3216  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
13:46:44.0072 3216  QWAVEdrv - ok
13:46:44.0088 3216  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
13:46:44.0119 3216  RasAcd - ok
13:46:44.0150 3216  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn    C:\Windows\system32\DRIVERS\AgileVpn.sys
13:46:44.0166 3216  RasAgileVpn - ok
13:46:44.0197 3216  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto        C:\Windows\System32\rasauto.dll
13:46:44.0213 3216  RasAuto - ok
13:46:44.0259 3216  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp        C:\Windows\system32\DRIVERS\rasl2tp.sys
13:46:44.0291 3216  Rasl2tp - ok
13:46:44.0337 3216  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
13:46:44.0384 3216  RasMan - ok
13:46:44.0415 3216  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
13:46:44.0447 3216  RasPppoe - ok
13:46:44.0462 3216  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp        C:\Windows\system32\DRIVERS\rassstp.sys
13:46:44.0493 3216  RasSstp - ok
13:46:44.0540 3216  [ 77F665941019A1594D887A74F301FA2F ] rdbss          C:\Windows\system32\DRIVERS\rdbss.sys
13:46:44.0571 3216  rdbss - ok
13:46:44.0587 3216  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
13:46:44.0587 3216  rdpbus - ok
13:46:44.0603 3216  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
13:46:44.0618 3216  RDPCDD - ok
13:46:44.0665 3216  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR          C:\Windows\system32\drivers\rdpdr.sys
13:46:44.0681 3216  RDPDR - ok
13:46:44.0696 3216  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
13:46:44.0727 3216  RDPENCDD - ok
13:46:44.0743 3216  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
13:46:44.0759 3216  RDPREFMP - ok
13:46:44.0790 3216  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
13:46:44.0821 3216  RdpVideoMiniport - ok
13:46:44.0868 3216  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD          C:\Windows\system32\drivers\RDPWD.sys
13:46:44.0883 3216  RDPWD - ok
13:46:44.0930 3216  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
13:46:44.0930 3216  rdyboost - ok
13:46:44.0961 3216  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
13:46:45.0008 3216  RemoteAccess - ok
13:46:45.0039 3216  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
13:46:45.0086 3216  RemoteRegistry - ok
13:46:45.0102 3216  [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM      C:\Windows\system32\Drivers\RootMdm.sys
13:46:45.0117 3216  ROOTMODEM - ok
13:46:45.0149 3216  [ B60F58F175DE20A6739194E85B035178 ] rpcapd          C:\Program Files (x86)\WinPcap\rpcapd.exe
13:46:45.0164 3216  rpcapd - ok
13:46:45.0180 3216  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
13:46:45.0227 3216  RpcEptMapper - ok
13:46:45.0258 3216  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
13:46:45.0273 3216  RpcLocator - ok
13:46:45.0305 3216  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs          C:\Windows\system32\rpcss.dll
13:46:45.0336 3216  RpcSs - ok
13:46:45.0351 3216  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
13:46:45.0383 3216  rspndr - ok
13:46:45.0414 3216  [ F15623B73768C35A666BB5CDCEEF497F ] RTL8167        C:\Windows\system32\DRIVERS\Rt64win7.sys
13:46:45.0429 3216  RTL8167 - ok
13:46:45.0492 3216  [ CFBABCC8E8B72F9D1693FF583A09C79B ] RTL85n64        C:\Windows\system32\DRIVERS\RTL85n64.sys
13:46:45.0554 3216  RTL85n64 - ok
13:46:45.0585 3216  [ E60C0A09F997826C7627B244195AB581 ] s3cap          C:\Windows\system32\drivers\vms3cap.sys
13:46:45.0601 3216  s3cap - ok
13:46:45.0617 3216  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs          C:\Windows\system32\lsass.exe
13:46:45.0632 3216  SamSs - ok
13:46:45.0632 3216  SAVRKBootTasks - ok
13:46:45.0648 3216  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
13:46:45.0663 3216  sbp2port - ok
13:46:45.0679 3216  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
13:46:45.0710 3216  SCardSvr - ok
13:46:45.0757 3216  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
13:46:45.0788 3216  scfilter - ok
13:46:45.0835 3216  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
13:46:45.0882 3216  Schedule - ok
13:46:45.0929 3216  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc    C:\Windows\System32\certprop.dll
13:46:45.0944 3216  SCPolicySvc - ok
13:46:45.0960 3216  [ 8B56BDCE6A303DDE63D63440D1CF9AD1 ] ScreamBAudioSvc C:\Windows\system32\drivers\ScreamingBAudio64.sys
13:46:45.0975 3216  ScreamBAudioSvc - ok
13:46:46.0007 3216  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
13:46:46.0038 3216  SDRSVC - ok
13:46:46.0053 3216  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
13:46:46.0085 3216  secdrv - ok
13:46:46.0131 3216  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
13:46:46.0163 3216  seclogon - ok
13:46:46.0178 3216  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
13:46:46.0209 3216  SENS - ok
13:46:46.0225 3216  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
13:46:46.0256 3216  SensrSvc - ok
13:46:46.0287 3216  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum        C:\Windows\system32\DRIVERS\serenum.sys
13:46:46.0287 3216  Serenum - ok
13:46:46.0303 3216  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
13:46:46.0319 3216  Serial - ok
13:46:46.0319 3216  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
13:46:46.0350 3216  sermouse - ok
13:46:46.0381 3216  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
13:46:46.0428 3216  SessionEnv - ok
13:46:46.0459 3216  [ A554811BCD09279536440C964AE35BBF ] sffdisk        C:\Windows\system32\drivers\sffdisk.sys
13:46:46.0475 3216  sffdisk - ok
13:46:46.0490 3216  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
13:46:46.0506 3216  sffp_mmc - ok
13:46:46.0521 3216  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd        C:\Windows\system32\drivers\sffp_sd.sys
13:46:46.0537 3216  sffp_sd - ok
13:46:46.0568 3216  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy        C:\Windows\system32\DRIVERS\sfloppy.sys
13:46:46.0584 3216  sfloppy - ok
13:46:46.0615 3216  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
13:46:46.0662 3216  SharedAccess - ok
13:46:46.0709 3216  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:46:46.0755 3216  ShellHWDetection - ok
13:46:46.0787 3216  [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH        C:\Windows\system32\DRIVERS\SiSG664.sys
13:46:46.0802 3216  SiSGbeLH - ok
13:46:46.0818 3216  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:46:46.0818 3216  SiSRaid2 - ok
13:46:46.0849 3216  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
13:46:46.0849 3216  SiSRaid4 - ok
13:46:46.0912 3216  [ 4E8A4BB5B11D828FF986F6228B1CD3DF ] SkypeUpdate    C:\Program Files (x86)\Skype\Updater\Updater.exe
13:46:46.0958 3216  SkypeUpdate - ok
13:46:46.0974 3216  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb            C:\Windows\system32\DRIVERS\smb.sys
13:46:47.0005 3216  Smb - ok
13:46:47.0036 3216  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:46:47.0052 3216  SNMPTRAP - ok
13:46:47.0083 3216  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr          C:\Windows\system32\drivers\spldr.sys
13:46:47.0083 3216  spldr - ok
13:46:47.0130 3216  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler        C:\Windows\System32\spoolsv.exe
13:46:47.0146 3216  Spooler - ok
13:46:47.0255 3216  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
13:46:47.0364 3216  sppsvc - ok
13:46:47.0380 3216  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify    C:\Windows\system32\sppuinotify.dll
13:46:47.0426 3216  sppuinotify - ok
13:46:47.0458 3216  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv            C:\Windows\system32\DRIVERS\srv.sys
13:46:47.0473 3216  srv - ok
13:46:47.0489 3216  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:46:47.0520 3216  srv2 - ok
13:46:47.0520 3216  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:46:47.0536 3216  srvnet - ok
13:46:47.0567 3216  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV        C:\Windows\System32\ssdpsrv.dll
13:46:47.0598 3216  SSDPSRV - ok
13:46:47.0614 3216  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc        C:\Windows\system32\sstpsvc.dll
13:46:47.0660 3216  SstpSvc - ok
13:46:47.0692 3216  Steam Client Service - ok
13:46:47.0692 3216  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
13:46:47.0707 3216  stexstor - ok
13:46:47.0738 3216  [ DECACB6921DED1A38642642685D77DAC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
13:46:47.0754 3216  StillCam - ok
13:46:47.0816 3216  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
13:46:47.0863 3216  stisvc - ok
13:46:47.0894 3216  [ 7785DC213270D2FC066538DAF94087E7 ] storflt        C:\Windows\system32\drivers\vmstorfl.sys
13:46:47.0894 3216  storflt - ok
13:46:47.0910 3216  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc        C:\Windows\system32\drivers\storvsc.sys
13:46:47.0926 3216  storvsc - ok
13:46:47.0941 3216  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
13:46:47.0941 3216  swenum - ok
13:46:47.0972 3216  [ E08E46FDD841B7184194011CA1955A0B ] swprv          C:\Windows\System32\swprv.dll
13:46:48.0019 3216  swprv - ok
13:46:48.0019 3216  Synth3dVsc - ok
13:46:48.0097 3216  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain        C:\Windows\system32\sysmain.dll
13:46:48.0160 3216  SysMain - ok
13:46:48.0191 3216  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:46:48.0206 3216  TabletInputService - ok
13:46:48.0222 3216  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv        C:\Windows\System32\tapisrv.dll
13:46:48.0269 3216  TapiSrv - ok
13:46:48.0284 3216  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS            C:\Windows\System32\tbssvc.dll
13:46:48.0316 3216  TBS - ok
13:46:48.0394 3216  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip          C:\Windows\system32\drivers\tcpip.sys
13:46:48.0440 3216  Tcpip - ok
13:46:48.0487 3216  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
13:46:48.0518 3216  TCPIP6 - ok
13:46:48.0565 3216  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:46:48.0581 3216  tcpipreg - ok
13:46:48.0612 3216  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
13:46:48.0628 3216  TDPIPE - ok
13:46:48.0643 3216  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP          C:\Windows\system32\drivers\tdtcp.sys
13:46:48.0659 3216  TDTCP - ok
13:46:48.0706 3216  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx            C:\Windows\system32\DRIVERS\tdx.sys
13:46:48.0737 3216  tdx - ok
13:46:49.0189 3216  [ 5E53CF8AD0FD33B35000C113656AB37B ] TeamViewer7    E:\Programme\TeamViewerVersion7\TeamViewer_Service.exe
13:46:49.0267 3216  TeamViewer7 - ok
13:46:49.0314 3216  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
13:46:49.0314 3216  TermDD - ok
13:46:49.0345 3216  [ 2E648163254233755035B46DD7B89123 ] TermService    C:\Windows\System32\termsrv.dll
13:46:49.0392 3216  TermService - ok
13:46:49.0423 3216  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
13:46:49.0439 3216  Themes - ok
13:46:49.0470 3216  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER    C:\Windows\system32\mmcss.dll
13:46:49.0501 3216  THREADORDER - ok
13:46:49.0517 3216  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
13:46:49.0548 3216  TrkWks - ok
13:46:49.0610 3216  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:46:49.0642 3216  TrustedInstaller - ok
13:46:49.0673 3216  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
13:46:49.0704 3216  tssecsrv - ok
13:46:49.0751 3216  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
13:46:49.0782 3216  TsUsbFlt - ok
13:46:49.0782 3216  tsusbhub - ok
13:46:49.0860 3216  [ 50D8102EECC446F160C8C31AF927242D ] TuneUp.UtilitiesSvc E:\Programme\TuneUp Utility\TuneUpUtilitiesService64.exe
13:46:49.0891 3216  TuneUp.UtilitiesSvc - ok
13:46:49.0907 3216  [ 7BC3381C0713F613B31ACDE38B71CB53 ] TuneUpUtilitiesDrv E:\Programme\TuneUp Utility\TuneUpUtilitiesDriver64.sys
13:46:49.0907 3216  TuneUpUtilitiesDrv - ok
13:46:49.0938 3216  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:46:49.0969 3216  tunnel - ok
13:46:49.0985 3216  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
13:46:50.0000 3216  uagp35 - ok
13:46:50.0047 3216  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:46:50.0094 3216  udfs - ok
13:46:50.0125 3216  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect      C:\Windows\system32\UI0Detect.exe
13:46:50.0141 3216  UI0Detect - ok
13:46:50.0156 3216  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
13:46:50.0156 3216  uliagpkx - ok
13:46:50.0203 3216  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus          C:\Windows\system32\DRIVERS\umbus.sys
13:46:50.0219 3216  umbus - ok
13:46:50.0234 3216  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
13:46:50.0250 3216  UmPass - ok
13:46:50.0297 3216  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
13:46:50.0312 3216  UmRdpService - ok
13:46:50.0344 3216  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
13:46:50.0390 3216  upnphost - ok
13:46:50.0422 3216  [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64      C:\Windows\system32\Drivers\usbaapl64.sys
13:46:50.0422 3216  USBAAPL64 - ok
13:46:50.0453 3216  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
13:46:50.0468 3216  usbaudio - ok
13:46:50.0484 3216  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp        C:\Windows\system32\DRIVERS\usbccgp.sys
13:46:50.0500 3216  usbccgp - ok
13:46:50.0515 3216  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
13:46:50.0531 3216  usbcir - ok
13:46:50.0546 3216  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci        C:\Windows\system32\DRIVERS\usbehci.sys
13:46:50.0546 3216  usbehci - ok
13:46:50.0562 3216  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
13:46:50.0593 3216  usbhub - ok
13:46:50.0593 3216  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci        C:\Windows\system32\DRIVERS\usbohci.sys
13:46:50.0609 3216  usbohci - ok
13:46:50.0640 3216  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
13:46:50.0656 3216  usbprint - ok
13:46:50.0702 3216  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan        C:\Windows\system32\DRIVERS\usbscan.sys
13:46:50.0718 3216  usbscan - ok
13:46:50.0749 3216  [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser          C:\Windows\system32\drivers\usbser.sys
13:46:50.0780 3216  usbser - ok
13:46:50.0796 3216  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR        C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:46:50.0812 3216  USBSTOR - ok
13:46:50.0827 3216  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci        C:\Windows\system32\drivers\usbuhci.sys
13:46:50.0827 3216  usbuhci - ok
13:46:50.0858 3216  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
13:46:50.0874 3216  usbvideo - ok
13:46:50.0890 3216  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms          C:\Windows\System32\uxsms.dll
13:46:50.0936 3216  UxSms - ok
13:46:50.0999 3216  [ CC3A994F4733FF4CD8CAF09DF892E61C ] UxTuneUp        C:\Windows\System32\uxtuneup.dll
13:46:50.0999 3216  UxTuneUp - ok
13:46:51.0014 3216  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
13:46:51.0014 3216  VaultSvc - ok
13:46:51.0046 3216  [ B4FFC1739B9BD3B0177B16B46CAF8420 ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
13:46:51.0061 3216  VBoxNetAdp - ok
13:46:51.0061 3216  VBoxNetFlt - ok
13:46:51.0092 3216  [ FD911873C0BB6945FA38C16E9A2B58F9 ] VClone          C:\Windows\system32\DRIVERS\VClone.sys
13:46:51.0092 3216  VClone - ok
13:46:51.0124 3216  [ 3A4B01C2BDB07DFEF29B0B369487503A ] VCSVADHWSer    C:\Windows\system32\DRIVERS\vcsvad.sys
13:46:51.0124 3216  VCSVADHWSer - ok
13:46:51.0139 3216  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
13:46:51.0139 3216  vdrvroot - ok
13:46:51.0186 3216  [ 8D6B481601D01A456E75C3210F1830BE ] vds            C:\Windows\System32\vds.exe
13:46:51.0233 3216  vds - ok
13:46:51.0264 3216  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga            C:\Windows\system32\DRIVERS\vgapnp.sys
13:46:51.0280 3216  vga - ok
13:46:51.0295 3216  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave        C:\Windows\System32\drivers\vga.sys
13:46:51.0311 3216  VgaSave - ok
13:46:51.0326 3216  VGPU - ok
13:46:51.0358 3216  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp          C:\Windows\system32\drivers\vhdmp.sys
13:46:51.0373 3216  vhdmp - ok
13:46:51.0420 3216  [ 8F69C38A8BA725F891F26AAC8888696E ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
13:46:51.0436 3216  VIAHdAudAddService - ok
13:46:51.0482 3216  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
13:46:51.0498 3216  viaide - ok
13:46:51.0514 3216  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus          C:\Windows\system32\drivers\vmbus.sys
13:46:51.0529 3216  vmbus - ok
13:46:51.0545 3216  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
13:46:51.0560 3216  VMBusHID - ok
13:46:51.0560 3216  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
13:46:51.0576 3216  volmgr - ok
13:46:51.0592 3216  [ A255814907C89BE58B79EF2F189B843B ] volmgrx        C:\Windows\system32\drivers\volmgrx.sys
13:46:51.0623 3216  volmgrx - ok
13:46:51.0623 3216  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap        C:\Windows\system32\drivers\volsnap.sys
13:46:51.0638 3216  volsnap - ok
13:46:51.0670 3216  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid        C:\Windows\system32\DRIVERS\vsmraid.sys
13:46:51.0670 3216  vsmraid - ok
13:46:51.0732 3216  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS            C:\Windows\system32\vssvc.exe
13:46:51.0794 3216  VSS - ok
13:46:51.0810 3216  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
13:46:51.0826 3216  vwifibus - ok
13:46:51.0857 3216  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time        C:\Windows\system32\w32time.dll
13:46:51.0904 3216  W32Time - ok
13:46:51.0935 3216  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
13:46:51.0935 3216  WacomPen - ok
13:46:51.0982 3216  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
13:46:51.0997 3216  WANARP - ok
13:46:52.0013 3216  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
13:46:52.0028 3216  Wanarpv6 - ok
13:46:52.0091 3216  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc    C:\Windows\system32\Wat\WatAdminSvc.exe
13:46:52.0169 3216  WatAdminSvc - ok
13:46:52.0231 3216  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
13:46:52.0325 3216  wbengine - ok
13:46:52.0356 3216  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
13:46:52.0372 3216  WbioSrvc - ok
13:46:52.0418 3216  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc        C:\Windows\System32\wcncsvc.dll
13:46:52.0465 3216  wcncsvc - ok
13:46:52.0481 3216  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:46:52.0512 3216  WcsPlugInService - ok
13:46:52.0528 3216  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
13:46:52.0543 3216  Wd - ok
13:46:52.0590 3216  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:46:52.0621 3216  Wdf01000 - ok
13:46:52.0652 3216  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:46:52.0668 3216  WdiServiceHost - ok
13:46:52.0684 3216  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost  C:\Windows\system32\wdi.dll
13:46:52.0699 3216  WdiSystemHost - ok
13:46:52.0730 3216  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient      C:\Windows\System32\webclnt.dll
13:46:52.0777 3216  WebClient - ok
13:46:52.0808 3216  [ D5BA7D43FA2EF656BF7E98A188391E40 ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:46:52.0855 3216  Wecsvc - ok
13:46:52.0886 3216  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport  C:\Windows\System32\wercplsupport.dll
13:46:52.0918 3216  wercplsupport - ok
13:46:52.0933 3216  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
13:46:52.0949 3216  WerSvc - ok
13:46:52.0964 3216  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
13:46:52.0996 3216  WfpLwf - ok
13:46:53.0011 3216  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
13:46:53.0011 3216  WIMMount - ok
13:46:53.0042 3216  WinDefend - ok
13:46:53.0058 3216  WinHttpAutoProxySvc - ok
13:46:53.0120 3216  [ 136760C1E9697BAF4ECDEAE5590A0806 ] Winmgmt        C:\Windows\system32\wbem\WMIsvc.dll
13:46:53.0152 3216  Winmgmt - ok
13:46:53.0230 3216  [ 3BB6B401A780BF434C8F58137DE10BF7 ] WinRM          C:\Windows\system32\WsmSvc.dll
13:46:53.0339 3216  WinRM - ok
13:46:53.0401 3216  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
13:46:53.0417 3216  WinUsb - ok
13:46:53.0464 3216  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc        C:\Windows\System32\wlansvc.dll
13:46:53.0479 3216  Wlansvc - ok
13:46:53.0620 3216  [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc        C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:46:53.0635 3216  wlidsvc - ok
13:46:53.0682 3216  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi        C:\Windows\system32\drivers\wmiacpi.sys
13:46:53.0682 3216  WmiAcpi - ok
13:46:53.0729 3216  [ 4DF841632B62A7CF19A79A05046A8AB1 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:46:53.0760 3216  wmiApSrv - ok
13:46:53.0791 3216  WMPNetworkSvc - ok
13:46:53.0822 3216  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:46:53.0838 3216  WPCSvc - ok
13:46:53.0869 3216  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:46:53.0900 3216  WPDBusEnum - ok
13:46:53.0932 3216  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl        C:\Windows\system32\drivers\ws2ifsl.sys
13:46:53.0963 3216  ws2ifsl - ok
13:46:53.0978 3216  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
13:46:53.0994 3216  wscsvc - ok
13:46:54.0025 3216  [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
13:46:54.0041 3216  WSDPrintDevice - ok
13:46:54.0041 3216  WSearch - ok
13:46:54.0134 3216  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
13:46:54.0197 3216  wuauserv - ok
13:46:54.0244 3216  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
13:46:54.0259 3216  WudfPf - ok
13:46:54.0275 3216  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
13:46:54.0306 3216  WUDFRd - ok
13:46:54.0353 3216  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc        C:\Windows\System32\WUDFSvc.dll
13:46:54.0368 3216  wudfsvc - ok
13:46:54.0400 3216  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc        C:\Windows\System32\wwansvc.dll
13:46:54.0431 3216  WwanSvc - ok
13:46:54.0478 3216  X6va006 - ok
13:46:54.0524 3216  X6va008 - ok
13:46:54.0540 3216  X6va012 - ok
13:46:54.0571 3216  [ 2EE48CFCE7CA8E0DB4C44C7476C0943B ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
13:46:54.0587 3216  xusb21 - ok
13:46:54.0618 3216  ================ Scan global ===============================
13:46:54.0649 3216  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
13:46:54.0696 3216  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
13:46:54.0712 3216  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
13:46:54.0727 3216  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
13:46:54.0774 3216  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
13:46:54.0774 3216  [Global] - ok
13:46:54.0774 3216  ================ Scan MBR ==================================
13:46:54.0790 3216  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:46:54.0930 3216  \Device\Harddisk0\DR0 - ok
13:46:54.0930 3216  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
13:46:55.0024 3216  \Device\Harddisk1\DR1 - ok
13:46:55.0024 3216  [ 973E9BA32FDBB305C552ED3E1EBF0686 ] \Device\Harddisk3\DR3
13:46:55.0133 3216  \Device\Harddisk3\DR3 - ok
13:46:55.0133 3216  ================ Scan VBR ==================================
13:46:55.0164 3216  [ 2F454BB6509B60AB4071EEC9716DB44D ] \Device\Harddisk0\DR0\Partition1
13:46:55.0164 3216  \Device\Harddisk0\DR0\Partition1 - ok
13:46:55.0164 3216  [ DC82E363FB5F676B1AC3F4F801BD7B44 ] \Device\Harddisk0\DR0\Partition2
13:46:55.0164 3216  \Device\Harddisk0\DR0\Partition2 - ok
13:46:55.0180 3216  [ A902328110913EE33AF8A7C1304C78F7 ] \Device\Harddisk1\DR1\Partition1
13:46:55.0180 3216  \Device\Harddisk1\DR1\Partition1 - ok
13:46:55.0180 3216  [ 3A096CDCCEF3A60ADAEB60FC8EE9D67C ] \Device\Harddisk1\DR1\Partition2
13:46:55.0180 3216  \Device\Harddisk1\DR1\Partition2 - ok
13:46:55.0180 3216  [ 1E0550AEDF0E19C5B0C9CFF7E0A1242D ] \Device\Harddisk3\DR3\Partition1
13:46:55.0180 3216  \Device\Harddisk3\DR3\Partition1 - ok
13:46:55.0180 3216  ============================================================
13:46:55.0180 3216  Scan finished
13:46:55.0180 3216  ============================================================
13:46:55.0180 4980  Detected object count: 2
13:46:55.0180 4980  Actual detected object count: 2
13:47:27.0830 4980  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
13:47:27.0830 4980  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:47:27.0830 4980  MEMSWEEP2 ( UnsignedFile.Multi.Generic ) - skipped by user
13:47:27.0830 4980  MEMSWEEP2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:47:42.0744 5664  Deinitialize success

markusg 11.07.2013 12:52
Hi,
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

BadGoblin 11.07.2013 13:22
Soo hatte keine Probleme mit dem Programm und hier der LOG
Code:
ComboFix 13-07-09.01 - *** 1.Jul.2013  14:00:46.1.4 - x64
Microsoft Windows 7 Ultimate  6.1.7601.1.1252.39.1031.18.8190.6372 [GMT 2:00]
Eseguito da: c:\users\***\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((  Altre eliminazioni  )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\***\AppData\Roaming\mIRC\logs\status.log
c:\windows\SysWow64\frapsvid.dll
D:\install.exe
.
.
(((((((((((((((((((((((((  Files Creati Da 2013-06-11 al 2013-07-11  )))))))))))))))))))))))))))))))))))
.
.
2013-07-10 20:51 . 2013-04-04 12:50        25928        ----a-w-        c:\windows\system32\drivers\mbam.sys
2013-07-10 11:41 . 2013-05-27 05:50        1011712        ----a-w-        c:\program files\Windows Defender\MpSvc.dll
2013-07-10 11:41 . 2013-05-27 05:50        571904        ----a-w-        c:\program files\Windows Defender\MpClient.dll
2013-07-10 11:41 . 2013-05-27 05:50        314880        ----a-w-        c:\program files\Windows Defender\MpCommu.dll
2013-07-10 11:41 . 2013-05-27 04:57        54784        ----a-w-        c:\program files (x86)\Windows Defender\MpOAV.dll
2013-07-10 11:41 . 2013-05-27 04:57        392704        ----a-w-        c:\program files (x86)\Windows Defender\MpClient.dll
2013-07-10 11:41 . 2013-05-27 04:57        4608        ----a-w-        c:\program files (x86)\Windows Defender\MsMpLics.dll
2013-07-10 11:41 . 2013-05-27 03:15        9216        ----a-w-        c:\program files (x86)\Windows Defender\MpAsDesc.dll
2013-07-10 11:41 . 2013-06-04 06:00        624128        ----a-w-        c:\windows\system32\qedit.dll
2013-07-10 11:41 . 2013-06-04 04:53        509440        ----a-w-        c:\windows\SysWow64\qedit.dll
2013-07-10 11:41 . 2013-05-06 06:03        1887744        ----a-w-        c:\windows\system32\WMVDECOD.DLL
2013-07-10 11:41 . 2013-05-06 04:56        1620480        ----a-w-        c:\windows\SysWow64\WMVDECOD.DLL
2013-07-10 11:41 . 2013-06-05 03:34        3153920        ----a-w-        c:\windows\system32\win32k.sys
2013-07-10 11:40 . 2013-04-10 05:48        1732608        ----a-w-        c:\program files\Windows Journal\NBDoc.DLL
2013-07-10 11:40 . 2013-04-10 05:46        1402880        ----a-w-        c:\program files\Windows Journal\JNWDRV.dll
2013-07-10 11:40 . 2013-04-10 05:46        1393152        ----a-w-        c:\program files\Windows Journal\JNTFiltr.dll
2013-07-10 11:40 . 2013-04-10 05:46        1367040        ----a-w-        c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-10 11:40 . 2013-04-10 05:03        936448        ----a-w-        c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-07-10 11:40 . 2013-04-09 23:34        1247744        ----a-w-        c:\windows\SysWow64\DWrite.dll
2013-07-10 11:40 . 2013-04-02 22:51        1643520        ----a-w-        c:\windows\system32\DWrite.dll
2013-07-09 11:35 . 2013-06-12 03:08        9552976        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{93CAA9C6-95E0-47D8-9C16-90E3A97D9AD1}\mpengine.dll
2013-06-26 11:11 . 2013-06-26 11:11        --------        d-----w-        c:\program files (x86)\Common Files\Java
2013-06-26 11:10 . 2013-06-26 11:10        96168        ----a-w-        c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-21 12:48 . 2013-06-21 12:48        --------        d-----w-        c:\programdata\ATI
2013-06-21 12:48 . 2013-06-21 12:48        --------        d-----w-        c:\program files (x86)\AMD AVT
2013-06-21 12:39 . 2013-06-21 12:39        --------        d-----w-        c:\programdata\Package Cache
2013-06-21 12:37 . 2013-06-21 12:47        --------        d-----w-        c:\program files\ATI Technologies
2013-06-17 06:09 . 2013-06-17 06:09        5086424        ----a-w-        c:\program files (x86)\Common Files\Microsoft Shared\OFFICE15\CMigrate.exe
2013-06-17 06:09 . 2013-06-17 06:09        4851904        ----a-w-        c:\program files (x86)\Common Files\Microsoft Shared\OFFICE15\Csi.dll
2013-06-17 06:09 . 2013-06-17 06:09        25405632        ----a-w-        c:\program files (x86)\Common Files\Microsoft Shared\OFFICE15\MSO.DLL
2013-06-17 05:53 . 2013-06-17 05:53        6807768        ----a-w-        c:\program files\Common Files\Microsoft Shared\OFFICE15\CMigrate.exe
2013-06-17 05:53 . 2013-06-17 05:53        6584000        ----a-w-        c:\program files\Common Files\Microsoft Shared\OFFICE15\Csi.dll
2013-06-17 05:53 . 2013-06-17 05:53        35405504        ----a-w-        c:\program files\Common Files\Microsoft Shared\OFFICE15\MSO.DLL
2013-06-17 05:53 . 2013-06-17 05:53        3002048        ----a-w-        c:\program files\Common Files\Microsoft Shared\OFFICE15\1031\MSOINTL.DLL
2013-06-13 18:45 . 2013-06-13 18:45        34048        ----a-w-        c:\program files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((  Find3M Report  )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-26 11:10 . 2013-01-23 07:46        867240        ----a-w-        c:\windows\SysWow64\npdeployJava1.dll
2013-06-26 11:10 . 2011-04-26 16:21        789416        ----a-w-        c:\windows\SysWow64\deployJava1.dll
2013-06-25 08:30 . 2012-04-05 06:05        692104        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-25 08:30 . 2011-05-18 17:35        71048        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-24 10:03 . 2013-05-06 08:34        83672        ----a-w-        c:\windows\system32\drivers\avnetflt.sys
2013-06-12 22:05 . 2011-04-27 13:35        75825640        ----a-w-        c:\windows\system32\MRT.exe
2013-06-04 23:12 . 2013-06-04 23:12        78432        ----a-w-        c:\windows\system32\atimpc64.dll
2013-06-04 23:12 . 2013-06-04 23:12        78432        ----a-w-        c:\windows\system32\amdpcom64.dll
2013-06-04 23:12 . 2013-06-04 23:12        71704        ----a-w-        c:\windows\SysWow64\atimpc32.dll
2013-06-04 23:12 . 2013-06-04 23:12        71704        ----a-w-        c:\windows\SysWow64\amdpcom32.dll
2013-06-04 23:12 . 2013-06-04 23:12        139696        ----a-w-        c:\windows\system32\atiuxp64.dll
2013-06-04 23:12 . 2013-06-04 23:12        123216        ----a-w-        c:\windows\SysWow64\atiuxpag.dll
2013-06-04 23:12 . 2013-06-04 23:12        97448        ----a-w-        c:\windows\SysWow64\atiu9pag.dll
2013-06-04 23:12 . 2013-06-04 23:12        113464        ----a-w-        c:\windows\system32\atiu9p64.dll
2013-06-04 23:11 . 2013-06-04 23:11        1182056        ----a-w-        c:\windows\system32\aticfx64.dll
2013-06-04 23:11 . 2013-06-04 23:11        990976        ----a-w-        c:\windows\SysWow64\aticfx32.dll
2013-06-04 23:11 . 2013-06-04 23:11        8431232        ----a-w-        c:\windows\system32\atidxx64.dll
2013-06-04 23:11 . 2013-06-04 23:11        7378560        ----a-w-        c:\windows\SysWow64\atidxx32.dll
2013-06-04 23:11 . 2013-06-04 23:11        4415256        ----a-w-        c:\windows\SysWow64\atiumdva.dll
2013-06-04 23:11 . 2013-06-04 23:11        5963328        ----a-w-        c:\windows\SysWow64\atiumdag.dll
2013-06-04 23:11 . 2013-06-04 23:11        4957536        ----a-w-        c:\windows\system32\atiumd6a.dll
2013-06-04 23:11 . 2013-06-04 23:11        6984088        ----a-w-        c:\windows\system32\atiumd64.dll
2013-06-04 23:09 . 2013-06-04 23:09        11833856        ----a-w-        c:\windows\system32\drivers\atikmdag.sys
2013-06-04 22:51 . 2013-06-04 22:51        229376        ----a-w-        c:\windows\system32\clinfo.exe
2013-06-04 22:51 . 2013-06-04 22:51        1187342        ----a-w-        c:\windows\system32\amdocl_as64.exe
2013-06-04 22:51 . 2013-06-04 22:51        1061902        ----a-w-        c:\windows\system32\amdocl_ld64.exe
2013-06-04 22:51 . 2013-06-04 22:51        995342        ----a-w-        c:\windows\SysWow64\amdocl_as32.exe
2013-06-04 22:51 . 2013-06-04 22:51        798734        ----a-w-        c:\windows\SysWow64\amdocl_ld32.exe
2013-06-04 22:51 . 2013-06-04 22:51        98304        ----a-w-        c:\windows\system32\OpenVideo64.dll
2013-06-04 22:50 . 2013-06-04 22:50        82944        ----a-w-        c:\windows\SysWow64\OpenVideo.dll
2013-06-04 22:50 . 2013-06-04 22:50        86016        ----a-w-        c:\windows\system32\OVDecode64.dll
2013-06-04 22:50 . 2013-06-04 22:50        72704        ----a-w-        c:\windows\SysWow64\OVDecode.dll
2013-06-04 22:50 . 2013-06-04 22:50        27800576        ----a-w-        c:\windows\system32\amdocl64.dll
2013-06-04 22:48 . 2013-06-04 22:48        23421440        ----a-w-        c:\windows\SysWow64\amdocl.dll
2013-06-04 22:46 . 2013-06-04 22:46        63488        ----a-w-        c:\windows\system32\OpenCL.dll
2013-06-04 22:46 . 2013-06-04 22:46        57344        ----a-w-        c:\windows\SysWow64\OpenCL.dll
2013-06-04 22:33 . 2013-06-04 22:33        24250880        ----a-w-        c:\windows\system32\atio6axx.dll
2013-06-04 22:27 . 2013-06-04 22:27        368640        ----a-w-        c:\windows\system32\atiapfxx.exe
2013-06-04 22:25 . 2013-06-04 22:25        51200        ----a-w-        c:\windows\system32\aticalrt64.dll
2013-06-04 22:25 . 2013-06-04 22:25        46080        ----a-w-        c:\windows\SysWow64\aticalrt.dll
2013-06-04 22:25 . 2013-06-04 22:25        44544        ----a-w-        c:\windows\system32\aticalcl64.dll
2013-06-04 22:25 . 2013-06-04 22:25        44032        ----a-w-        c:\windows\SysWow64\aticalcl.dll
2013-06-04 22:25 . 2013-06-04 22:25        118784        ----a-w-        c:\windows\system32\coinst_13.101.dll
2013-06-04 22:24 . 2013-06-04 22:24        16082944        ----a-w-        c:\windows\system32\aticaldd64.dll
2013-06-04 22:20 . 2013-06-04 22:20        13703168        ----a-w-        c:\windows\SysWow64\aticaldd.dll
2013-06-04 22:13 . 2013-06-04 22:13        19906560        ----a-w-        c:\windows\SysWow64\atioglxx.dll
2013-06-04 22:03 . 2013-06-04 22:03        442368        ----a-w-        c:\windows\system32\atidemgy.dll
2013-06-04 22:03 . 2013-06-04 22:03        26112        ----a-w-        c:\windows\system32\atimuixx.dll
2013-06-04 22:03 . 2013-06-04 22:03        562688        ----a-w-        c:\windows\system32\atieclxx.exe
2013-06-04 22:02 . 2013-06-04 22:02        241152        ----a-w-        c:\windows\system32\atiesrxx.exe
2013-06-04 22:00 . 2013-06-04 22:00        120320        ----a-w-        c:\windows\system32\atitmm64.dll
2013-06-04 22:00 . 2013-06-04 22:00        59392        ----a-w-        c:\windows\system32\atiedu64.dll
2013-06-04 22:00 . 2013-06-04 22:00        43520        ----a-w-        c:\windows\SysWow64\ati2edxx.dll
2013-06-04 21:35 . 2013-06-04 21:35        594944        ----a-w-        c:\windows\system32\atiadlxx.dll
2013-06-04 21:35 . 2013-06-04 21:35        419840        ----a-w-        c:\windows\SysWow64\atiadlxy.dll
2013-06-04 21:35 . 2013-06-04 21:35        17408        ----a-w-        c:\windows\system32\atig6pxx.dll
2013-06-04 21:35 . 2013-06-04 21:35        15872        ----a-w-        c:\windows\SysWow64\atiglpxx.dll
2013-06-04 21:35 . 2013-06-04 21:35        15872        ----a-w-        c:\windows\system32\atiglpxx.dll
2013-06-04 21:35 . 2013-06-04 21:35        41984        ----a-w-        c:\windows\system32\atig6txx.dll
2013-06-04 21:35 . 2013-06-04 21:35        36352        ----a-w-        c:\windows\SysWow64\atigktxx.dll
2013-06-04 21:35 . 2013-06-04 21:35        608768        ----a-w-        c:\windows\system32\drivers\atikmpag.sys
2013-06-04 21:31 . 2013-06-04 21:31        43520        ----a-w-        c:\windows\system32\drivers\ati2erec.dll
2013-05-09 20:11 . 2012-07-17 13:37        22240        ----a-w-        c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-02 20:41 . 2011-04-26 17:34        18960        ----a-w-        c:\windows\system32\drivers\LNonPnP.sys
2013-05-02 00:06 . 2011-04-26 15:47        278800        ------w-        c:\windows\system32\MpSigStub.exe
2013-05-01 01:59 . 2013-05-01 01:59        94208        ----a-w-        c:\windows\SysWow64\QuickTimeVR.qtx
2013-05-01 01:59 . 2013-05-01 01:59        69632        ----a-w-        c:\windows\SysWow64\QuickTime.qts
2013-04-24 21:56 . 2013-04-24 21:56        77592        ----a-w-        c:\windows\system32\ladfGSRCoinst_amd64.dll
2013-04-24 21:56 . 2013-04-24 21:56        410008        ----a-w-        c:\windows\system32\drivers\ladfGSCamd64.sys
2013-04-24 21:56 . 2013-04-24 21:56        102808        ----a-w-        c:\windows\system32\drivers\ladfGSRamd64.sys
2013-04-24 16:31 . 2013-04-24 16:31        96768        ----a-w-        c:\windows\system32\drivers\AtihdW76.sys
2013-04-24 16:30 . 2013-04-24 16:30        110080        ----a-w-        c:\windows\system32\DelayAPO.dll
2013-04-22 09:38 . 2013-03-04 13:35        838216        ----a-w-        c:\windows\system32\drivers\Rt64win7.sys
2013-04-22 09:38 . 2011-06-10 04:34        78920        ----a-w-        c:\windows\system32\RtNicProp64.dll
2013-04-22 09:38 . 2011-03-21 11:22        108104        ----a-w-        c:\windows\system32\RTNUninst64.dll
2013-04-13 05:49 . 2013-05-15 18:32        135168        ----a-w-        c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-15 18:32        308736        ----a-w-        c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-15 18:32        350208        ----a-w-        c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-15 18:32        111104        ----a-w-        c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-15 18:32        474624        ----a-w-        c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 18:32        2176512        ----a-w-        c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-24 08:08        1656680        ----a-w-        c:\windows\system32\drivers\ntfs.sys
.
.
(((((((((((((((((((((((((((((((((((((  Punti Reg Caricati  ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-12-27 13:21        222712        ----a-w-        c:\users\***\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-12-27 13:21        222712        ----a-w-        c:\users\***\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-12-27 13:21        222712        ----a-w-        c:\users\***\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-06-03 05:35        1725128        ----a-w-        c:\progra~2\MICROS~4\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-06-03 05:35        1725128        ----a-w-        c:\progra~2\MICROS~4\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-06-03 05:35        1725128        ----a-w-        c:\progra~2\MICROS~4\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="d:\steam\steam.exe" [2013-07-10 1672616]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Spotify Web Helper"="c:\users\***\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2013-07-09 1104384]
"Spotify"="c:\users\***\AppData\Roaming\Spotify\spotify.exe" [2013-07-09 4640768]
"TeamSpeak 3 Client"="e:\programme\TeamSpeak3\ts3client_win64.exe" [2013-04-10 13620200]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-06-04 676608]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2010-08-11 2472048]
"BrMfcWnd"="c:\program files (x86)\Brother\Brmfcmon\BrMfcWnd.exe" [2009-05-26 1159168]
"ControlCenter3"="c:\program files (x86)\Brother\ControlCenter3\brctrcen.exe" [2008-12-24 114688]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-06-24 345144]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"QuickTime Task"="e:\programme\Quicktime\QTTask.exe" -atboottime
"StartCCC"="e:\ati\ATI.ACE\Core-Static\CLIStart.exe" MSRun
"iTunesHelper"="e:\programme\iTune\iTunesHelper.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"RaidCall"=e:\programme\RaidCall\raidcall.exe
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R1 SAVRKBootTasks;Boot Tasks Driver;c:\windows\system32\SAVRKBootTasks.sys;c:\windows\SYSNATIVE\SAVRKBootTasks.sys [x]
R2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 1394hub;1394 Enabled Hub;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 A38CCID;CCID USB Smart Card Reader;c:\windows\system32\DRIVERS\a38ccid.sys;c:\windows\SYSNATIVE\DRIVERS\a38ccid.sys [x]
R3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
R3 AODDriver4.0;AODDriver4.0;e:\ati\ATI.ACE\Fuel\amd64\AODDriver2.sys;e:\ati\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R3 atillk64;atillk64;e:\ati\atillk64.sys;e:\ati\atillk64.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 ESEADriver2;ESEADriver2;c:\users\***\AppData\Local\Temp\ESEADriver2.sys;c:\users\***\AppData\Local\Temp\ESEADriver2.sys [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [x]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
R3 MEMSWEEP2;MEMSWEEP2;c:\windows\system32\25AC.tmp;c:\windows\SYSNATIVE\25AC.tmp [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL85n64;Realtek 8180/8185 Extensible 802.11 Wireless Device Driver;c:\windows\system32\DRIVERS\RTL85n64.sys;c:\windows\SYSNATIVE\DRIVERS\RTL85n64.sys [x]
R3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys;c:\windows\SYSNATIVE\drivers\ScreamingBAudio64.sys [x]
R3 SiSGbeLH;NDIS 6.0-Treiber für SiS191/SiS190-Ethernet-Gerät;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\DRIVERS\vcsvad.sys;c:\windows\SYSNATIVE\DRIVERS\vcsvad.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 X6va006;X6va006;c:\users\***\AppData\Local\Temp\0061B76.tmp;c:\users\***\AppData\Local\Temp\0061B76.tmp [x]
R3 X6va008;X6va008;c:\windows\SysWOW64\Drivers\X6va008;c:\windows\SysWOW64\Drivers\X6va008 [x]
R3 X6va012;X6va012;c:\windows\SysWOW64\Drivers\X6va012;c:\windows\SysWOW64\Drivers\X6va012 [x]
R4 CltMngSvc;Search Protect by Conduit Updater;c:\program files (x86)\SearchProtect\bin\CltMngSvc.exe;c:\program files (x86)\SearchProtect\bin\CltMngSvc.exe [x]
R4 CodeMeter.exe;CodeMeter Runtime Server;c:\program files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe;c:\program files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [x]
R4 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [x]
R4 hasplms;Sentinel Local License Manager;c:\windows\system32\hasplms.exe  -run;c:\windows\SYSNATIVE\hasplms.exe  -run [x]
R4 TeamViewer7;TeamViewer 7;e:\programme\TeamViewerVersion7\TeamViewer_Service.exe;e:\programme\TeamViewerVersion7\TeamViewer_Service.exe [x]
S1 avfwot;avfwot;c:\windows\system32\DRIVERS\avfwot.sys;c:\windows\SYSNATIVE\DRIVERS\avfwot.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys;c:\windows\SYSNATIVE\drivers\aksdf.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AntiVirFirewallService;Avira FireWall;c:\program files (x86)\Avira\AntiVir Desktop\avfwsvc.exe;c:\program files (x86)\Avira\AntiVir Desktop\avfwsvc.exe [x]
S2 AntiVirMailService;Avira Email Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avmailc.exe;c:\program files (x86)\Avira\AntiVir Desktop\avmailc.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [x]
S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
S2 ezGOSvc;Easybits GO Services for Windows;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [x]
S2 MBAMScheduler;MBAMScheduler;e:\programme\Malwarebytes' Anti-Malware\mbamscheduler.exe;e:\programme\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;e:\programme\Malwarebytes' Anti-Malware\mbamservice.exe;e:\programme\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;e:\programme\TuneUp Utility\TuneUpUtilitiesService64.exe;e:\programme\TuneUp Utility\TuneUpUtilitiesService64.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 avfwim;AvFw Packet Filter Miniport;c:\windows\system32\DRIVERS\avfwim.sys;c:\windows\SYSNATIVE\DRIVERS\avfwim.sys [x]
S3 BrSerIb;Brother MFC Serial Interface Driver(WDM);c:\windows\system32\DRIVERS\BrSerIb.sys;c:\windows\SYSNATIVE\DRIVERS\BrSerIb.sys [x]
S3 BrUsbSIb;Brother MFC Serial USB Driver(WDM);c:\windows\system32\DRIVERS\BrUsbSIb.sys;c:\windows\SYSNATIVE\DRIVERS\BrUsbSIb.sys [x]
S3 LADF_CaptureOnly;LADF Capture Filter Driver;c:\windows\system32\DRIVERS\ladfGSCamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfGSCamd64.sys [x]
S3 LADF_RenderOnly;LADF Render Filter Driver;c:\windows\system32\DRIVERS\ladfGSRamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfGSRamd64.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSHidFilt.Sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;e:\programme\TuneUp Utility\TuneUpUtilitiesDriver64.sys;e:\programme\TuneUp Utility\TuneUpUtilitiesDriver64.sys [x]
S3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-07-10 20:03        1173456        ----a-w-        c:\program files (x86)\Google\Chrome\Application\28.0.1500.71\Installer\chrmstp.exe
.
Contenuto della cartella 'Scheduled Tasks'
.
2013-07-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 08:30]
.
2013-03-01 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-906868190-618524015-2706588552-1001Core.job
- c:\users\***\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-07-07 20:38]
.
2013-03-01 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-906868190-618524015-2706588552-1001UA.job
- c:\users\***\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-07-07 20:38]
.
2013-07-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-02 16:14]
.
2013-07-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-02 16:14]
.
2013-07-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-906868190-618524015-2706588552-1001Core.job
- c:\users\***\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-02 16:00]
.
2013-07-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-906868190-618524015-2706588552-1001UA.job
- c:\users\***\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-02 16:00]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-12-27 13:21        261624        ----a-w-        c:\users\***\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-12-27 13:21        261624        ----a-w-        c:\users\***\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-12-27 13:21        261624        ----a-w-        c:\users\***\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-06-03 05:33        2328264        ----a-w-        c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-06-03 05:33        2328264        ----a-w-        c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-06-03 05:33        2328264        ----a-w-        c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-06-06 21:57        778192        ----a-w-        c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-06 21:57        778192        ----a-w-        c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-06 21:57        778192        ----a-w-        c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-06-06 21:57        778192        ----a-w-        c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-06-06 21:57        778192        ----a-w-        c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-06-06 21:57        778192        ----a-w-        c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-03-28 11786344]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-10-01 825184]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2013-04-24 7477016]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
ezGOSvc
.
------- Scansione supplementare -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;<local>
mSearchAssistant = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: An OneNote s&enden - c:\progra~1\MICROS~2\Office15\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~2\Office15\EXCEL.EXE/3000
LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.1.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\***\AppData\Roaming\Mozilla\Firefox\Profiles\dfa508wj.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3175297&SearchSource=2&CUI=UN10706683192285716&UM=2&q=
user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0);
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
AddRemove-nhwsfzpwafhjlwo - c:\windows\system32\nhwsfzpwafhjlwo.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_new_5-9-08.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\25AC.tmp"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va006]
"ImagePath"="\??\c:\users\***\AppData\Local\Temp\0061B76.tmp"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va008]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va008"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va012]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va012"
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_USERS\S-1-5-21-906868190-618524015-2706588552-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (S-1-5-21-906868190-618524015-2706588552-1001)
@Denied: (2) (LocalSystem)
"Progid"="ThunderbirdEML"
.
[HKEY_USERS\S-1-5-21-906868190-618524015-2706588552-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_168_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_168_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_168_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_168_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_168.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_168.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_168.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_168.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Google\Update\1.3.21.149\GoogleCrashHandler.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\PnkBstrB.exe
e:\programme\Malwarebytes' Anti-Malware\mbamgui.exe
.
**************************************************************************
.
Ora fine scansione: 2013-07-11  14:13:57 - Il pc è stato riavviato
ComboFix-quarantined-files.txt  2013-07-11 12:13
.
Pre-Run: 7 Verzeichnis(se), 71.740.166.144 Bytes frei
Post-Run: 12 Verzeichnis(se), 71.507.660.800 Bytes frei
.
- - End Of File - - C794D378392D6B26798AF99FD94DF269
A36C5E4F47E84449FF07ED3517B43A31

markusg 11.07.2013 13:33
Hi,

lade den CCleaner standard:
CCleaner - Download - Filepony
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.

BadGoblin 11.07.2013 14:14
So hat ein bischen gedauert aber hier:

Code:
1... 2... 3... KICK IT! (Drop That Beat Like an Ugly Baby)                26.Apr.2011
3DMark        Futuremark        01.Jun.2013                1.1                unnötig
7-Zip 9.20 (x64 edition)        Igor Pavlov        09.Feb.2013        4,53MB        9.20.00.0  unnötig
AaAaAA!!! - A Reckless Disregard for Gravity        Dejobaan Games        26.Apr.2011               
Adobe AIR        Adobe Systems Incorporated        24.Apr.2013                3.7.0.1530                notwendig
Adobe Download Assistant        Adobe Systems Incorporated        09.Jan.2012                1.0.6                notwendig
Adobe Flash Media Live Encoder 3.2        Adobe Systems Incorporated        26.Mrz.2013        14,0MB        3.2.0        notwendig
Adobe Flash Player 11 ActiveX        Adobe Systems Incorporated        20.Feb.2013        6,00MB        11.6.602.168        notwendig
Adobe Flash Player 11 Plugin        Adobe Systems Incorporated        25.Jun.2013        6,00MB        11.7.700.224        notwendig
Adobe Reader XI (11.0.03) - Deutsch        Adobe Systems Incorporated        20.Mai.2013        133MB        11.0.03                notwendig
Adobe Shockwave Player 12.0        Adobe Systems, Inc.        30.Mrz.2013                12.0.0.112                notwendig
Age of Chivalry Dedicated Server        Team Chivalry        13.Mai.2011                unnötig
Age of Empires Online        Microsoft        10.Apr.2012               
Alien Swarm        Valve        27.Apr.2011               
Alien Swarm - SDK        Valve        13.Mai.2011               
Alliance of Valiant Arms                16.Jun.2011               
AMD Catalyst Install Manager        Advanced Micro Devices, Inc.        21.Jun.2013        26,4MB        8.0.915.0
American Conquest                05.Nov.2011               
American Conquest - Fight Back                05.Nov.2011               
Amnesia: The Dark Descent                26.Apr.2011               
Apple Application Support        Apple Inc.        03.Jun.2013        64,7MB        2.3.4
Apple Mobile Device Support        Apple Inc.        10.Apr.2013        25,2MB        6.1.0.13
Apple Software Update        Apple Inc.        02.Jul.2011        2,25MB        2.1.3.127
Application Profiles        Advanced Micro Devices, Inc.        23.Dez.2011        361KB        2.0.4365.36132
ArcSoft WebCam Companion 3        ArcSoft        21.Dez.2011                3.0.15.182
ASIO4ALL        Michael Tippach        04.Apr.2013                2.10                unbekannt
Audiosurf        BestGameEver        26.Apr.2011               
Authorizer 2.0.2        Propellerhead Software AB        15.Apr.2013        51,6MB        2.0.2                unbekannt
Avira Internet Security        Avira        01.Jul.2013        173MB        13.0.0.3737
Back to the Future: Ep 1 - It's About Time                26.Okt.2011               
Back to the Future: Ep 2 - Get Tannen!                26.Okt.2011               
Back to the Future: Ep 3 - Citizen Brown                26.Okt.2011               
Back to the Future: Ep 4 - Double Visions                26.Okt.2011               
Back to the Future: Ep 5 - OUTATIME                26.Okt.2011               
Batman: Arkham City™ PC        Rocksteady        25.Nov.2011               
Bewerbungsfoto-/Passbild-Generator v3.5b                26.Sep.2012        1,28MB        unnötig
BIT.TRIP BEAT        Gaijin Games        26.Apr.2011               
Bit4Id - miniLector        Bit4id        17.Apr.2012                3.0                unbekannt
Bloodline Champions        Stunlock Studios        07.Apr.2012               
Bonjour        Apple Inc.        14.Okt.2011        2,00MB        3.0.0.10                unbekannt
BookScan&Whiteboard Suite        Reallusion        21.Mrz.2012                1.0        unbekannt
Brawl Busters                25.Mrz.2012               
Brother BRAdmin Light 1.12        Brother        21.Mrz.2012                1.12                notwendig
Brother MFL-Pro Suite MFC-5890CN        Brother Industries, Ltd.        21.Mrz.2012                1.0.1.0        notwendig
Brütal Legend                20.Feb.2013               
CamStudio version 2.7        CamStudio Open Source        04.Apr.2013        15,1MB        2.7                unnötig
CardOS API        Siemens IT Solutions and Services GmbH        17.Apr.2012        5,26MB        3.3.018                notwendig
CCleaner        Piriform        19.Jun.2013                4.03        notwendig
Chameleon Gems        Freeze Tag        26.Apr.2011               
Champions Online: Free For All        Cryptic Studios        16.Jun.2011               
Cogs        Lazy 8 Studios        26.Apr.2011               
Company of Heroes        Relic        26.Apr.2011               
Company of Heroes: Tales of Valor        Relic        27.Apr.2011               
Cossacks II: Battle for Europe                05.Nov.2011               
Cossacks II: Napoleonic Wars                05.Nov.2011               
Cossacks: Art of War                05.Nov.2011               
Cossacks: Back to War        GSC Game World        05.Nov.2011               
Cossacks: European Wars                05.Nov.2011               
Counter-Strike        Valve        27.Apr.2011               
Counter-Strike: Condition Zero        Valve        27.Apr.2011               
Counter-Strike: Condition Zero Deleted Scenes        Ritual        27.Apr.2011               
Counter-Strike: Global Offensive                22.Nov.2012               
Counter-Strike: Global Offensive - SDK                22.Nov.2012               
Counter-Strike: Source        Valve        26.Apr.2011               
Counter-Strike: Source Beta                27.Apr.2011               
CPUID CPU-Z 1.64.0                18.Jun.2013        3,26MB       
Crazy Machines 1.5 Inventors Training Camp        Viva-Media        14.Okt.2011               
Critter Crunch                18.Okt.2012               
D-i-v-X AVI Codec Pack Pro 2.4.0        D-i-v-X AVI Codec Pack Pro        16.Jan.2013                unbekannt
Day of Defeat        Valve        27.Apr.2011               
Day of Defeat: Source        Valve        27.Apr.2011               
DC Universe Online        Sony Online Entertainment        26.Mai.2011               
Deathmatch Classic        Valve        27.Apr.2011               
Deckadance        Image-Line        04.Apr.2013        46,8MB        2.0
Defense Grid: The Awakening        Hidden Path Entertainment        27.Apr.2011               
Diablo III        Blizzard Entertainment        09.Jun.2013                1.0.8.16603
DiRT 3        Codemasters        26.Mrz.2013               
DivX-Setup        DivX, LLC        26.Sep.2012                2.6.1.9                unbekannt
Don't Starve                30.Apr.2013               
Dota 2                21.Okt.2012               
Dual-Core Optimizer        AMD        25.Nov.2011        86,0KB        1.1.4.0169                unbekannt
Dungeon Defenders                04.Nov.2011               
Dungeons & Dragons Online®                28.Jun.2012               
Dust: An Elysian Tail        Humble Hearts LLC        03.Jul.2013               
Elsword_DE                02.Jun.2013        1,98GB       
EVEREST Ultimate Edition v5.50        Lavalys, Inc.        26.Apr.2011                5.50                notwendig
Facebook Video Calling 1.2.0.287        Skype Limited        24.Okt.2012        4,76MB        1.2.287                unnötig
FaceFilter Studio Brother Edition                21.Mrz.2012                1.0               
ffdshow v1.2.4422 [2012-04-09]                01.Apr.2013        13,3MB        1.2.4422.0                unbekannt
FileZilla Client 3.6.0.2        FileZilla Project        22.Jan.2013        17,1MB        3.6.0.2
Firebird SQL Server - MAGIX Edition        MAGIX AG        24.Mrz.2013        11,5MB        2.1.31.0        unnötig
Fishing Craze        Freeze Tag        27.Apr.2011               
FL Studio 10        Image-Line        04.Apr.2013               
Forsaken World                16.Jun.2011               
Fraps (remove only)                18.Jul.2012               
Free Studio version 2013        DVDVideoSoft Ltd.        20.Mrz.2013        403MB        6.1.0.319
Frontlines: Fuel of War        Kaos Studios        27.Apr.2011               
Full Spectrum Warrior        Pandemic Studios        27.Apr.2011               
Full Spectrum Warrior: Ten Hammers        Pandemic Studios        27.Apr.2011               
Futuremark SystemInfo        Futuremark Corporation        01.Jun.2013                4.17.0                unbekannt
Game Dev Tycoon Version 1.3.8        Greenheart Games Pty. Ltd.        06.Mai.2013        139MB        1.3.8
GamerzHost.de CSGO Config Creator        Karow GamerzHost        22.Jan.2013                1.0.0.8                unnötig
GhostMouse        AutomaticSolution Software        19.Mrz.2012        1,44MB        Free V3.1                unnötig
Global Agenda        Hi-Rez Studios        16.Jun.2011               
Google Chrome        Google Inc.        10.Jul.2013                28.0.1500.71
Google Drive        Google, Inc.        22.Jun.2013        32,1MB        1.10.4769.632
Google Talk Plugin        Google        11.Jul.2013        20,6MB        4.2.1.14031                unnötig
Grooveshark        Escape Media Group        15.Apr.2012                20120118.01                unnötig
Half-Life 2        Valve        27.Apr.2011               
Half-Life 2: Deathmatch        Valve        27.Apr.2011               
Half-Life 2: Episode One        Valve        27.Apr.2011               
Half-Life 2: Episode Two        Valve        27.Apr.2011               
Half-Life 2: Lost Coast        Valve        27.Apr.2011               
Half-Life Deathmatch: Source        Valve        27.Apr.2011               
Half-Life: Blue Shift        Gearbox        27.Apr.2011               
Half-Life: Opposing Force        Gearbox        27.Apr.2011               
HDVidCodec        hdvidcodec.com        01.Apr.2013                2.1 Build 26473                unbekannt
Hellgate        Hanbit Soft        31.Mai.2011        5,76GB        2.0.0.3
HiJackThis        Trend Micro        19.Jan.2013        369KB        1.0.0
HLSW v1.4.0.2        Stripf Software        29.Jan.2013        47,2MB       
iCloud        Apple Inc.        03.Jun.2013        81,9MB        2.1.2.8
IL Download Manager        Image-Line        04.Apr.2013                unbekannt
IL Shared Libraries        Image-Line        04.Apr.2013                unbekannt
IrfanView (remove only)        Irfan Skiljan        11.Nov.2012        2,00MB        4.35
IsoBuster 3.0        Smart Projects        10.Aug.2012        10,4MB        3.0
iTunes        Apple Inc.        03.Jun.2013        187MB        11.0.3.42
Java 7 Update 25        Oracle        26.Jun.2013        129MB        7.0.250
JDownloader 0.9        AppWork GmbH        26.Apr.2011                0.9
JDownloader 2        AppWork GmbH        05.Apr.2013                2
Juiced 2: Hot Import Nights        Juice Games        28.Apr.2011               
K-Lite Codec Pack 9.5.0 (Full)                25.Nov.2012        84,0MB        9.5.0
Killing Floor        Tripwire Interactive        28.Apr.2011               
League of Legends        Riot Games        03.Mai.2011                2.0
Left 4 Dead 2        Valve        05.Nov.2011               
Lightworks        Lightworks        24.Mrz.2013                11.0.3.0                unnötig
LIMBO                18.Okt.2012               
Line 6 Uninstaller        Line 6        15.Apr.2013                unbekannt
Little Inferno                13.Mai.2013               
Logitech Gaming Software 8.46        Logitech Inc.        02.Mai.2013        85,5MB        8.46.27
Logitech Harmony Remote Software        Logitech        13.Mai.2012                1.0.110307
Logitech SetPoint 6.32        Logitech        21.Mrz.2012        39,0MB        6.32.20
LOLReplay        www.leaguereplays.com        18.Feb.2013                0.8.1.4
Magic The Gathering Tactics        Sony Online Entertainment        27.Mai.2011                unnötih
Magic: The Gathering - Duels of the Planeswalkers                26.Apr.2011                unnötig
Magic: The Gathering – Tactics                05.Feb.2012                unnötig
Magicka        Arrowhead Game Studios AB        13.Mai.2011                unnötig
MAGIX Content und Soundpools        MAGIX AG        23.Aug.2012                1.0.0.0                unnötig
MAGIX Goya burnR (MSI)        MAGIX AG        15.Apr.2013                4.3.2.0                unnötig
MAGIX Music Maker 2013        MAGIX AG        15.Apr.2013                19.0.1.36                unnötig
MAGIX Screenshare        MAGIX AG        15.Apr.2013                4.3.6.1987                unnötig       
MAGIX Speed burnR (MSI)        MAGIX AG        24.Mrz.2013                7.0.2.6                unnötig       
MAGIX Video deluxe 2013        MAGIX AG        24.Mrz.2013                12.0.0.32        unnötig
Malwarebytes Anti-Malware Version 1.75.0.1300        Malwarebytes Corporation        10.Jul.2013        19,2MB        1.75.0.1300                unnötig
Metro 2033        THQ        28.Apr.2011               
Microsoft .NET Framework 1.1        Microsoft        29.Jun.2012        34,8MB        1.1.4322
Microsoft .NET Framework 4 Client Profile        Microsoft Corporation        29.Apr.2011        38,8MB        4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack        Microsoft Corporation        29.Apr.2011        2,93MB        4.0.30319
Microsoft .NET Framework 4 Extended        Microsoft Corporation        26.Mai.2011        51,9MB        4.0.30319
Microsoft .NET Framework 4 Extended DEU Language Pack        Microsoft Corporation        26.Mai.2011        10,6MB        4.0.30319
Microsoft Games for Windows - LIVE Redistributable        Microsoft Corporation        25.Nov.2011        31,3MB        3.5.92.0
Microsoft Games for Windows Marketplace        Microsoft Corporation        07.Mai.2011        6,03MB        3.5.50.0
Microsoft Office Professional Plus 2013        Microsoft Corporation        03.Jan.2013                15.0.4420.1017
Microsoft Silverlight        Microsoft Corporation        10.Jul.2013        149MB        5.1.20513.0
Microsoft SkyDrive        Microsoft Corporation        27.Dez.2012        26,4MB        17.0.2003.1112
Microsoft SQL Server 2005 Compact Edition [ENU]        Microsoft Corporation        13.Mai.2011        1,69MB        3.1.0000
Microsoft Visual Basic PowerPacks 10.0        Microsoft        22.Jan.2013        1,47MB        10.0.20911
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053        Microsoft Corporation        28.Apr.2011        250KB        8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable        Microsoft Corporation        30.Jan.2012        2,38MB        8.0.59193
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148        Microsoft Corporation        27.Apr.2011        210KB        9.0.30729.4148
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148        Microsoft Corporation        15.Mai.2011        198KB        9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570        Microsoft Corporation        29.Apr.2011        790KB        9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570        Microsoft Corporation        01.Jun.2011        598KB        9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022        Microsoft Corporation        03.Mai.2011        3,43MB        9.0.21022
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17        Microsoft Corporation        26.Apr.2011        788KB        9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148        Microsoft Corporation        12.Mai.2011        234KB        9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161        Microsoft Corporation        16.Jun.2011        788KB        9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022        Microsoft Corporation        02.Jul.2011        5,76MB        9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411        Microsoft Corporation        30.Mai.2011        1,46MB        9.0.30411
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729        Microsoft Corporation        24.Jun.2011        234KB        9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17        Microsoft Corporation        13.Mai.2011        596KB        9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148        Microsoft Corporation        04.Nov.2011        224KB        9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161        Microsoft Corporation        16.Jun.2011        600KB        9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219        Microsoft Corporation        02.Dez.2011        15,2MB        10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219        Microsoft Corporation        05.Nov.2011        15,0MB        10.0.40219
Microsoft Xbox 360 Accessories 1.2        Microsoft        19.Nov.2012        7,82MB        1.20.146.0
Microsoft XNA Framework Redistributable 3.1        Microsoft Corporation        13.Mai.2011        7,55MB        3.1.10527.0
Microsoft XNA Framework Redistributable 4.0 Refresh        Microsoft Corporation        04.Jul.2013        8,03MB        4.0.30901.0
mIRC        mIRC Co. Ltd.        21.Jan.2013                7.29
Mirror's Edge        DICE        18.Nov.2011               
Mixxx 1.10.1        The Mixxx Team        15.Apr.2013                1.10.1                unnötig
Mouse Recorder Pro 2.0.7.4        Nemex Studios        19.Mrz.2012        4,40MB        unnötig
Mozilla Firefox 12.0 (x86 de)        Mozilla        06.Mai.2012        62,2MB        12.0                unnötig
Mozilla Firefox 5.0 (x86 de)        Mozilla        28.Jun.2011        32,1MB        5.0                        unnötig
Mozilla Thunderbird (7.0.1)        Mozilla        04.Nov.2011                7.0.1 (de)                        unnötig
Mozilla Thunderbird 12.0.1 (x86 de)        Mozilla        27.Dez.2012        60,6MB        12.0.1                unnötig
MSXML 4.0 SP2 (KB954430)        Microsoft Corporation        28.Apr.2011        1,27MB        4.20.9870.0                unbekannt
MSXML 4.0 SP2 (KB973688)        Microsoft Corporation        28.Apr.2011        1,33MB        4.20.9876.0                unbekannt
MSXML 4.0 SP3 Parser        Microsoft Corporation        23.Aug.2012        1,47MB        4.30.2100.0                        unbekannt
MSXML 4.0 SP3 Parser (KB2721691)        Microsoft Corporation        24.Aug.2012        1,53MB        4.30.2114.0                unbekannt
MSXML 4.0 SP3 Parser (KB2758694)        Microsoft Corporation        10.Jan.2013        1,54MB        4.30.2117.0                unbekannt
MXPLAY Beta 1.1        MXPLAY, Inc.        15.Apr.2013                1.1.7                unnötig
Need For Speed™ World        Electronic Arts        07.Apr.2012        12,5MB        1.0.0.659                unnötig
Nokia Connectivity Cable Driver                19.Jun.2013                7.1.32.64                unnötig
Notepad++                06.Jun.2011                5.9.2
NVIDIA PhysX        NVIDIA Corporation        20.Feb.2013        80,0MB        9.10.0222                unnötig
Octoshape Streaming Services        Octoshape ApS        21.Nov.2011                       
Open Broadcaster Software                07.Jan.2013               
OpenAL                26.Mrz.2013                        unbekannt
OpenOffice.org 3.4.1        Apache Software Foundation        04.Feb.2013        331MB        3.41.9593
Opera 12.15        Opera Software ASA        17.Apr.2013                12.15.1748
Orcs Must Die!                18.Okt.2011               
Orcs Must Die! 2                05.Dez.2012               
Pandora Saga: Weapons of Balance                01.Mrz.2012               
PC Gamer                17.Nov.2011               
Peggle Deluxe        PopCap        28.Apr.2011               
Peggle Nights        PopCap        28.Apr.2011               
Performance Solution Brincome.                26.Apr.2011                unbekannt
Pets Fun House        Freeze Tag        28.Apr.2011               
Picasa 3        Google, Inc.        20.Apr.2013                3.9
Pinball FX2                13.Mai.2013               
Plants vs. Zombies: Game of the Year        PopCap        28.Apr.2011               
Poker Night at the Inventory        Telltale Games        09.Jun.2011               
PokerStars.it        PokerStars.it        27.Feb.2013               
Portal        Valve        28.Apr.2011               
Portal 2        Valve        28.Apr.2011               
Portal 2 Authoring Tools - Beta        Valve        13.Mai.2011               
PunkBuster Services        Even Balance, Inc.        28.Apr.2011                0.986
Puzzle Quest        Infinite Interactive        30.Apr.2013                1.01
Puzzle Quest        Infinite Interactive        30.Apr.2013               
Puzzle Quest 2                30.Apr.2013               
Puzzle Quest 2                30.Apr.2013               
Quake        id Software        28.Apr.2011               
Quake 4                27.Jan.2012               
Quake II        id Software        28.Apr.2011               
Quake II: Ground Zero        id Software        29.Apr.2011               
Quake II: The Reckoning        id Software        29.Apr.2011               
Quake III Arena        id Software        29.Apr.2011               
Quake III: Team Arena        id Software        29.Apr.2011               
Quake Live Mozilla Plugin        id Software        09.Aug.2012        14,0MB        1.0.520
Quake Mission Pack 1: Scourge of Armagon        Ritual Software        29.Apr.2011               
Quake Mission Pack 2: Dissolution of Eternity        Rogue Software        29.Apr.2011               
QuickTime        Apple Inc.        03.Jun.2013        74,6MB        7.74.80.86
RaidCall        raidcall.com        15.Apr.2013                7.2.0-1.0.5185.0                unnötig
Rapture3D 2.4.8 Game        Blue Ripple Sound        26.Mrz.2013                                ubekannt
Ravensburger tiptoi                26.Dez.2012               
RealPlayer        RealNetworks        07.Jun.2012        91,7MB        15.0.4
Realtek High Definition Audio Driver        Realtek Semiconductor Corp.        26.Apr.2011                6.0.1.6343
Reason 6.5.3        Propellerhead Software AB        15.Apr.2013        3,28GB        6.5.3                unbekannt/unnötig
Recuva        Piriform        17.Apr.2012                1.42                unbekannt
Red Faction                29.Apr.2011               
Red Faction II                29.Apr.2011               
Red Faction: Guerrilla        Volition        29.Apr.2011               
Ricochet        Valve        29.Apr.2011               
Rotastic        Dancing Dots        18.Okt.2012               
RUSH        Two Tribes        29.Apr.2011               
S.T.A.L.K.E.R.: Shadow of Chernobyl        GSC Game World        29.Apr.2011               
Saints Row 2        Volition        30.Apr.2011               
Sanctum                04.Nov.2011               
Scrolls        Mojang        11.Jun.2013                1.0.0
Search Protect by conduit        Conduit        06.Apr.2013                1.4.1.12                unbekannt
Serious Sam Classic: The First Encounter                29.Apr.2011               
Serious Sam Classic: The Second Encounter                29.Apr.2011               
Serious Sam HD: The First Encounter        Croteam        29.Apr.2011               
Serious Sam HD: The Second Encounter        Croteam        29.Apr.2011               
Skulls of the Shogun        17-BIT        03.Jul.2013               
Skype Click to Call        Skype Technologies S.A.        30.Mai.2012        34,2MB        5.10.9560               
Skype™ 6.5        Skype Technologies S.A.        28.Jun.2013        21,8MB        6.5.158
Smart File Advisor 1.1.1        Filefacts.net        10.Aug.2012        1,50MB        1.1.1                unbekannt
Sophos Anti-Rootkit 1.5.0        Sophos Plc        13.Jan.2013                1.5.0                        unbekannt
Speccy        Piriform        01.Feb.2012                1.15                unbekannt
Spiral Knights        SEGA        16.Jun.2011               
Spore        Maxis        18.Nov.2011               
Spore: Creepy & Cute Parts Pack        Maxis        18.Nov.2011               
Spore: Galactic Adventures        EA - Maxis        18.Nov.2011               
Spotify        Spotify AB        09.Jul.2013                0.9.1.57.ge7405149
Star Wars: The Old Republic        Electronic Arts, Inc.        12.Jan.2012        26,7MB        1.00
Steam        Valve Corporation        26.Apr.2011        35,4MB        1.0.0.0
Street Fighter X Tekken        hxxp://www.capcom.com        16.Nov.2012               
Stronghold Kingdoms        Firefly Studios Ltd        25.Mrz.2012               
Super Meat Boy                29.Apr.2011               
Team Fortress 2        Valve        30.Apr.2011               
Team Fortress 2 Beta        Valve        30.Apr.2011               
Team Fortress Classic        Valve        30.Apr.2011               
TeamViewer 7        TeamViewer        20.Sep.2012                7.0.14563                unnötig
TERA        Gameforge Productions GmbH        03.Mrz.2013        42,5MB        19.04.02.03.hf3
TeraCopy 2.27        Code Sector        08.Dez.2012        5,49MB       
Terraria                26.Mai.2011               
Text-To-Speech-Runtime        Magix Development GmbH        15.Apr.2013        260KB        1.0.0.0                unnötig
The Ball        Teotl Studios        26.Apr.2011               
The Binding of Isaac                18.Okt.2012               
The Wonderful End of the World        Dejobaan Games        01.Mai.2011               
Titan Quest        IronLore        30.Apr.2011               
Titan Quest: Immortal Throne        IronLore        30.Apr.2011               
TmNationsForever        Nadeo        01.Dez.2011               
Toki Tori        Two Tribes        30.Apr.2011               
Tony Hawk's Pro Skater HD                26.Mrz.2013               
Torchlight        Runic Games, Inc.        01.Mai.2011               
Torchlight Editor        Runic Games, Inc.        13.Mai.2011               
TuneUp Utilities 2013        TuneUp Software        27.Feb.2013                13.0.3020.2
Unreal Gold        Epic Games        27.Jan.2012               
Unreal II: The Awakening        Epic Games        27.Jan.2012               
Unreal Tournament 2004        Epic Games        27.Jan.2012               
Unreal Tournament 3: Black Edition        Epic Games        27.Jan.2012               
Unreal Tournament: Game of the Year Edition        Epic Games        27.Jan.2012               
VIA Manager Piattaforma        VIA Technologies, Inc.        30.Jan.2012        2,61MB        1.34                unbekannt
VirtualCloneDrive        Elaborate Bytes        26.Apr.2011               
VirtualDJ Home FREE        Atomix Productions        04.Apr.2013        53,5MB        7.4
VLC media player 2.0.7        VideoLAN        08.Jul.2013                2.0.7
Warhammer 40,000: Dawn of War – Dark Crusade        Relic        01.Mai.2011               
Warhammer 40,000: Dawn of War – Soulstorm        Relic        01.Mai.2011               
Warhammer 40,000: Dawn of War – Winter Assault        Relic        01.Mai.2011               
Warhammer® 40,000™: Dawn of War® II        Relic        01.Mai.2011               
Warhammer® 40,000™: Dawn of War® II – Chaos Rising™        Relic        01.Mai.2011               
Winamp        Nullsoft, Inc        16.Jan.2013                5.63
Winamp Erkennungs-Plug-in        Nullsoft, Inc        16.Jan.2013        75,0KB        1.0.0.1
Windows Live Essentials        Microsoft Corporation        27.Dez.2012                16.4.3505.0912
Windows Media Player Firefox Plugin        Microsoft Corp        26.Apr.2011        296KB        1.0.0.8                unnötig
WinPcap 4.1.2        CACE Technologies        05.Jun.2011                4.1.0.2001                unbekannt
WinRAR archiver                26.Apr.2011               
World of Goo        2D Boy        14.Okt.2012               
World of Warcraft        Blizzard Entertainment        20.Jun.2013                5.3.0.17055
World of Zoo        Blue Fang Games        01.Mai.2011               
Worms Reloaded        Team17        14.Nov.2012               
Xango Tango        Freeze Tag        01.Mai.2011               
XSplit        SplitMediaLabs        25.Mrz.2013        95,7MB        1.2.1303.0101
µTorrent                04.Mai.2012                3.1.3                unnötig
Habe jetz nicht alles Spiele mit notwendig gekennzeichnet da ich diese auf einer seperaten Parttion habe. Möchte die Spiele alle behalten und die nichtgekennzeichneten Programme auch nur zur erklärung. :-)

markusg 11.07.2013 14:16
Hi,
es sind 2 Logs zu erstellen, poste diese möglichst gleichzeitig.
1.
deinstaliere:
3DMark
7-Zip
Adobe Flash Player alle
http://get.adobe.com/de/flashplayer/
neueste version laden, instalieren.
bitte auch mal den adobe reader wie folgt konfigurieren:
adobe reader öffnen, bearbeiten, voreinstellungen.
allgemein:
nur zertifizierte zusatz module verwenden, anhaken.
Sicherheit (erweitert)
Erweiterte Sicherheit anhaken
und alle Dateien auswählen.
internet:
hier sollte alles deaktiviert werden, es ist sehr unsicher pdfs automatisch zu öffnen, zu downloaden etc.
es ist immer besser diese direkt abzuspeichern da man nur so die kontrolle hat was auf dem pc vor geht.
bei javascript den haken bei java script verwenden raus nehmen
bei updater, automatisch instalieren wählen.
übernehmen /ok

deinstaliere:
Age of : beide falls beide unnötig
Bewerbungsfoto
CamStudio
DivX
Facebook
Firebird
Futuremark
GamerzHost
GhostMouse
Google Talk
HiJackThis
IL
Magic : alle
Malwarebytes
Magicka
MAGIX : alle
Mixxx
Mouse
Mozilla : alle
MXPLAY
Nokia
RaidCall
Reason
Recuva
TeamViewer
Windows Media Player Firefox
µTorrent
Performance Solution Brincome
Search Protect
Smart File
Sophos Anti
Speccy

Öffne CCleaner, analysieren, starten, PC neustarten.
2.
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

neustarten.
3.
Hitmanpro laden:
http://filepony.de/download-hitmanpro_64/
Doppelklicken, Scan klicken.
Nichts löschen, weiter klicken.
Log speichern und posten, bzw als XML exportieren, packen und anhängen

BadGoblin 11.07.2013 15:36
Hallo,

hab jetz alles
hat ein bischen gedauert da ich Probleme hatte mit ein zwei Programmen die sich zuerst nicht deinstalliern wollten hat aber nach einem Neustart gklappt.

Adw LOG:
Code:
# AdwCleaner v2.304 - Datei am 11/07/2013 um 16:15:19 erstellt
# Aktualisiert am 03/07/2013 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzer : *** - ***-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\***\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelöscht : C:\END
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\fcmdSrch.xml
Datei Gelöscht : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\dfa508wj.default\extensions\movie2kdownloader@movie2kdownloader.com.xpi
Datei Gelöscht : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\dfa508wj.default\searchplugins\Askcom.xml
Gelöscht mit Neustart : C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\oikliheaihindkomebcajofjponhlhhh
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Program Files (x86)\HDvidCodec.com
Ordner Gelöscht : C:\Program Files (x86)\Movie2KDownloader.com
Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\Users\***\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\oikliheaihindkomebcajofjponhlhhh
Ordner Gelöscht : C:\Users\***\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\***\AppData\LocalLow\facemoods.com
Ordner Gelöscht : C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HDvidCodec.com
Ordner Gelöscht : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\dfa508wj.default\ConduitCommon
Ordner Gelöscht : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\dfa508wj.default\CT2438727
Ordner Gelöscht : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\dfa508wj.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
Ordner Gelöscht : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\dfa508wj.default\extensions\{dc84d6f4-abf5-441d-bdef-65f3f4d7aabe}

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\1ClickDownload
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\oikliheaihindkomebcajofjponhlhhh
Schlüssel Gelöscht : HKCU\Software\Headlight
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\Iminent
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\facemoods_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\facemoods_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Vid-Saver_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Vid-Saver_RASMANCS
Schlüssel Gelöscht : HKLM\Software\PIP
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\blaofbhgbmeikidhlkmjhbkbfohpgekf
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\oikliheaihindkomebcajofjponhlhhh
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]

***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16635

Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4 --> hxxp://www.google.com

-\\ Mozilla Firefox v [Version kann nicht ermittelt werden]

Datei : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\dfa508wj.default\prefs.js

C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\dfa508wj.default\user.js ... Gelöscht !

Gelöscht : user_pref("CT2438727..clientLogIsEnabled", true);
Gelöscht : user_pref("CT2438727..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Gelöscht : user_pref("CT2438727..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Gelöscht : user_pref("CT2438727.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Gelöscht : user_pref("CT2438727.CT2438727", "CT2438727");
Gelöscht : user_pref("CT2438727.CurrentServerDate", "7-7-2011");
Gelöscht : user_pref("CT2438727.DialogsAlignMode", "LTR");
Gelöscht : user_pref("CT2438727.DialogsGetterLastCheckTime", "Thu Jul 07 2011 16:24:04 GMT+0200");
Gelöscht : user_pref("CT2438727.DownloadReferralCookieData", "{\"BannerName\":\"\",\"BannerTypeId\":\"\",\"Bann[...]
Gelöscht : user_pref("CT2438727.FirstServerDate", "7-7-2011");
Gelöscht : user_pref("CT2438727.FirstTime", true);
Gelöscht : user_pref("CT2438727.FirstTimeFF3", true);
Gelöscht : user_pref("CT2438727.FixPageNotFoundErrors", false);
Gelöscht : user_pref("CT2438727.GroupingServerCheckInterval", 1440);
Gelöscht : user_pref("CT2438727.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Gelöscht : user_pref("CT2438727.HasUserGlobalKeys", true);
Gelöscht : user_pref("CT2438727.HomePageProtectorEnabled", false);
Gelöscht : user_pref("CT2438727.Initialize", true);
Gelöscht : user_pref("CT2438727.InitializeCommonPrefs", true);
Gelöscht : user_pref("CT2438727.InstallationAndCookieDataSentCount", 1);
Gelöscht : user_pref("CT2438727.InstalledDate", "Thu Jul 07 2011 16:24:05 GMT+0200");
Gelöscht : user_pref("CT2438727.IsAlertDBUpdated", true);
Gelöscht : user_pref("CT2438727.IsGrouping", false);
Gelöscht : user_pref("CT2438727.IsInitSetupIni", true);
Gelöscht : user_pref("CT2438727.IsMulticommunity", false);
Gelöscht : user_pref("CT2438727.IsOpenThankYouPage", true);
Gelöscht : user_pref("CT2438727.IsOpenUninstallPage", true);
Gelöscht : user_pref("CT2438727.IsProtectorsInit", true);
Gelöscht : user_pref("CT2438727.LanguagePackLastCheckTime", "Thu Jul 07 2011 16:24:05 GMT+0200");
Gelöscht : user_pref("CT2438727.LanguagePackReloadIntervalMM", 1440);
Gelöscht : user_pref("CT2438727.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Gelöscht : user_pref("CT2438727.LastLogin_3.5.0.12", "Thu Jul 07 2011 16:24:04 GMT+0200");
Gelöscht : user_pref("CT2438727.LatestVersion", "3.3.5.1");
Gelöscht : user_pref("CT2438727.Locale", "en");
Gelöscht : user_pref("CT2438727.MCDetectTooltipHeight", "83");
Gelöscht : user_pref("CT2438727.MCDetectTooltipShow", false);
Gelöscht : user_pref("CT2438727.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Gelöscht : user_pref("CT2438727.MCDetectTooltipWidth", "295");
Gelöscht : user_pref("CT2438727.MyStuffEnabledAtInstallation", false);
Gelöscht : user_pref("CT2438727.OriginalFirstVersion", "3.5.0.12");
Gelöscht : user_pref("CT2438727.SearchEngineBeforeUnload", "chrome://browser-region/locale/region.properties");
Gelöscht : user_pref("CT2438727.SearchFromAddressBarIsInit", true);
Gelöscht : user_pref("CT2438727.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT243[...]
Gelöscht : user_pref("CT2438727.SearchInNewTabEnabled", true);
Gelöscht : user_pref("CT2438727.SearchInNewTabIntervalMM", 1440);
Gelöscht : user_pref("CT2438727.SearchInNewTabLastCheckTime", "Thu Jul 07 2011 16:24:05 GMT+0200");
Gelöscht : user_pref("CT2438727.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Gelöscht : user_pref("CT2438727.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Gelöscht : user_pref("CT2438727.SearchProtectorEnabled", false);
Gelöscht : user_pref("CT2438727.SearchProtectorToolbarDisabled", false);
Gelöscht : user_pref("CT2438727.ServiceMapLastCheckTime", "Thu Jul 07 2011 16:24:03 GMT+0200");
Gelöscht : user_pref("CT2438727.SettingsLastCheckTime", "Thu Jul 07 2011 16:24:03 GMT+0200");
Gelöscht : user_pref("CT2438727.SettingsLastUpdate", "1308866789");
Gelöscht : user_pref("CT2438727.ThirdPartyComponentsInterval", 504);
Gelöscht : user_pref("CT2438727.ThirdPartyComponentsLastCheck", "Thu Jul 07 2011 16:24:03 GMT+0200");
Gelöscht : user_pref("CT2438727.ThirdPartyComponentsLastUpdate", "1246786978");
Gelöscht : user_pref("CT2438727.ToolbarShrinkedFromSetup", false);
Gelöscht : user_pref("CT2438727.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2438727");
Gelöscht : user_pref("CT2438727.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,OurTo[...]
Gelöscht : user_pref("CT2438727.UserID", "UN55215680790562232");
Gelöscht : user_pref("CT2438727.alertChannelId", "832836");
Gelöscht : user_pref("CT2438727.approveUntrustedApps", true);
Gelöscht : user_pref("CT2438727.components.1000034", false);
Gelöscht : user_pref("CT2438727.components.1000082", false);
Gelöscht : user_pref("CT2438727.components.1000234", false);
Gelöscht : user_pref("CT2438727.components.1000515", false);
Gelöscht : user_pref("CT2438727.generalConfigFromLogin", "{\"SocialDomains\":\"social.conduit.com;apps.conduit.[...]
Gelöscht : user_pref("CT2438727.globalFirstTimeInfoLastCheckTime", "Thu Jul 07 2011 16:24:04 GMT+0200");
Gelöscht : user_pref("CT2438727.homepageProtectorEnableByLogin", true);
Gelöscht : user_pref("CT2438727.initDone", true);
Gelöscht : user_pref("CT2438727.isAppTrackingManagerOn", true);
Gelöscht : user_pref("CT2438727.myStuffEnabled", true);
Gelöscht : user_pref("CT2438727.myStuffPublihserMinWidth", 400);
Gelöscht : user_pref("CT2438727.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Gelöscht : user_pref("CT2438727.myStuffServiceIntervalMM", 1440);
Gelöscht : user_pref("CT2438727.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Gelöscht : user_pref("CT2438727.searchProtectorDialogDelayInSec", 10);
Gelöscht : user_pref("CT2438727.searchProtectorEnableByLogin", true);
Gelöscht : user_pref("CT2438727.testingCtid", "");
Gelöscht : user_pref("CT2438727.toolbarAppMetaDataLastCheckTime", "Thu Jul 07 2011 16:24:04 GMT+0200");
Gelöscht : user_pref("CT2438727.toolbarContextMenuLastCheckTime", "Thu Jul 07 2011 16:24:05 GMT+0200");
Gelöscht : user_pref("CT2438727.usagesFlag", 2);
Gelöscht : user_pref("CT3175297.FF19Solved", "true");
Gelöscht : user_pref("CT3175297.UserID", "UN10706683192285716");
Gelöscht : user_pref("CT3175297.addressUrlXPETakeover", "true");
Gelöscht : user_pref("CT3175297.autoDisableScopes", 0);
Gelöscht : user_pref("CT3175297.installDate", "6/4/2013 21:18:36");
Gelöscht : user_pref("CT3175297.installerVersion", "1.3.7.3");
Gelöscht : user_pref("CT3175297.keyword", "true");
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/832836/828639/IT", "\"0\"")[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2438727", [...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.5.[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2438727",[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2438727/CT2438727[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/27/243/CT2438727/Images/Blank.png", "\"2[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634[...]
Gelöscht : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\***\\AppData\\Roaming\\Mozilla\\F[...]
Gelöscht : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.5.0.12");
Gelöscht : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Gelöscht : user_pref("CommunityToolbar.ToolbarsList", "CT2438727");
Gelöscht : user_pref("CommunityToolbar.ToolbarsList2", "CT2438727");
Gelöscht : user_pref("CommunityToolbar.ToolbarsList4", "CT2438727");
Gelöscht : user_pref("CommunityToolbar.globalUserId", "a0c3d2ac-d913-4ff6-9e3a-0cf22601d4dc");
Gelöscht : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Gelöscht : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Gelöscht : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Thu Jul 07 2011 16:24:0[...]
Gelöscht : user_pref("CommunityToolbar.notifications.alertEnabled", false);
Gelöscht : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Gelöscht : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Thu Jul 07 2011 16:24:14 GMT+020[...]
Gelöscht : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Gelöscht : user_pref("CommunityToolbar.notifications.locale", "en");
Gelöscht : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Gelöscht : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Thu Jul 07 2011 16:24:04 GMT+0200");
Gelöscht : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1305622559");
Gelöscht : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Gelöscht : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Gelöscht : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Gelöscht : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Gelöscht : user_pref("CommunityToolbar.notifications.userId", "370b8da9-f541-432f-a317-0f3f7cae820c");
Gelöscht : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
Gelöscht : user_pref("browser.search.order.1", "Ask.com");
Gelöscht : user_pref("browser.search.selectedEngine", "Ask.com");
Gelöscht : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3175297&SearchSource=2&CU[...]
Gelöscht : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT[...]
Gelöscht : user_pref("smartbar.originalSearchAddressUrl", "");

Datei : C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\9389v1w2.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v28.0.1500.71

Datei : C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

-\\ Chromium v      directory_upgrade: true
  }

Datei : C:\Users\***\AppData\Local\Chromium\User Data\Default\Preferences

[OK] Die Datei ist sauber.

-\\ Opera v [Version kann nicht ermittelt werden]

Datei : C:\Users\***\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S1].txt - [16121 octets] - [11/07/2013 16:15:19]

########## EOF - C:\AdwCleaner[S1].txt - [16182 octets] ##########
Hier der Hitman LOG
Code:
HitmanPro 3.7.6.201
www.hitmanpro.com

  Computer name . . . . : KLAUS-PC
  Windows . . . . . . . : 6.1.1.7601.X64/4
  User name . . . . . . : Klaus-PC\Klaus
  UAC . . . . . . . . . : Enabled
  License . . . . . . . : Trial (30 days left)

  Scan date . . . . . . : 2013-07-11 16:23:13
  Scan mode . . . . . . : Normal
  Scan duration . . . . : 7m 54s
  Disk access mode  . . : Direct disk access (SRB)
  Cloud . . . . . . . . : Internet
  Reboot  . . . . . . . : No

  Threats . . . . . . . : 14
  Traces  . . . . . . . : 364

  Objects scanned . . . : 2.401.390
  Files scanned . . . . : 54.984
  Remnants scanned  . . : 527.573 files / 1.818.833 keys

Malware _____________________________________________________________________

  C:\Users\Klaus\AppData\Local\Apps\2.0\KPRH08T9.LM4\M7ZE2HPO.NN9\game..tion_274b60bfce57d9e6_0001.0000_7f54574cc6d64f29\GamerzHost.de CSGO Config Creator.exe -> Quarantined
      Size . . . . . . . : 260.608 bytes
      Age  . . . . . . . : 169.9 days (2013-01-22 17:59:16)
      Entropy  . . . . . : 7.5
      SHA-256  . . . . . : 71A4BC07E9D5CE7DC063EFC4E2E3DB15B05886F3CA3E488B2239F597F84B9F01
      Product  . . . . . : CSGO Config Creator
      Description  . . . : CSGO Config Creator
      Version  . . . . . : 1.0.0.0
      Copyright  . . . . : Copyright ©  2012
    > Ikarus . . . . . . : Trojan-PWS.MSIL!IK
      Fuzzy  . . . . . . : 109.0


Suspicious files ____________________________________________________________

  C:\Windows\system32\hasplms.exe
      Size . . . . . . . : 4.941.768 bytes
      Age  . . . . . . . : 108.8 days (2013-03-24 22:10:18)
      Entropy  . . . . . : 7.7
      SHA-256  . . . . . : 8661FDD7344A1059B99450BA22C29F70C2DF2D3A381AA47D5B24A514DE8C029F
      Product  . . . . . : LDK License Manager Service
      Publisher  . . . . : SafeNet Inc.
      Description  . . . : Sentinel LDK License Manager Service
      Version  . . . . . : 13.23.1.26482
      Copyright  . . . . : © 2012 SafeNet, Inc. All rights reserved.
      RSA Key Size . . . : 2048
      Service  . . . . . : hasplms
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 26.0
        The file name extension of this program is not common.
        Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
        The Entry Point of this file lies in a resource section. This is an indication of malware infection.
        The file is located in a folder that contains core operating system files from Windows. This is not typical for most programs and is only common to system tools, drivers and hacking utilities.
        Starts automatically as a service during system bootup.
        Program contains PE structure anomalies. This is not typical for most programs.
        Program is code signed with a valid Authenticode certificate.
      Startup
        HKLM\SYSTEM\CurrentControlSet\Services\hasplms\


Cookies _____________________________________________________________________

  C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\9389v1w2.default\cookies.sqlite:247realmedia.com
  C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\9389v1w2.default\cookies.sqlite:ad.yieldmanager.com
  C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\9389v1w2.default\cookies.sqlite:ad.zanox.com
  C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\9389v1w2.default\cookies.sqlite:ads.ad4game.com
  C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\9389v1w2.default\cookies.sqlite:adtech.de
  C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\9389v1w2.default\cookies.sqlite:apmebf.com
  C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\9389v1w2.default\cookies.sqlite:atdmt.com
  C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\9389v1w2.default\cookies.sqlite:bs.serving-sys.com
  C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\9389v1w2.default\cookies.sqlite:cocacola2.solution.weborama.fr
  C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\9389v1w2.default\cookies.sqlite:content.yieldmanager.com
  C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\9389v1w2.default\cookies.sqlite:doubleclick.net
  C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\9389v1w2.default\cookies.sqlite:fastclick.net
  C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\9389v1w2.default\cookies.sqlite:invitemedia.com
  C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\9389v1w2.default\cookies.sqlite:media6degrees.com
  C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\9389v1w2.default\cookies.sqlite:microsoftwllivemkt.112.2o7.net
  C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\9389v1w2.default\cookies.sqlite:ru4.com
  C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\9389v1w2.default\cookies.sqlite:serving-sys.com
  C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\9389v1w2.default\cookies.sqlite:smartadserver.com
  C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\9389v1w2.default\cookies.sqlite:tradedoubler.com
  C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\9389v1w2.default\cookies.sqlite:weborama.fr
Antivirus hat jetz aus was gefunden glaub aber dass das das gleiche ist.
Code:


Typ:        Datei
Quelle:        C:\Users\Klaus\Downloads\codecc_pack_chrome_source.exe
Status:        Infiziert
Quarantäne-Objekt:        543262ea.qua
Wiederhergestellt:        NEIN
Zu Avira hochgeladen:        NEIN
Betriebssystem:        Windows XP/VISTA Workstation/Windows 7
Suchengine:        8.02.12.74
Virendefinitionsdatei:        7.11.89.254
Meldung:        APPL/CoolMirage.Gen6
Datum/Uhrzeit:        11.Jul.2013, 16:28


Typ:        URL
Quelle:        hxxp://uploadbaz.com/favicon.ico
Status:        Infiziert
Quarantäne-Objekt:        5270126c.qua
Wiederhergestellt:        NEIN
Zu Avira hochgeladen:        NEIN
Betriebssystem:        Windows XP/VISTA Workstation/Windows 7
Suchengine:        8.02.12.30
Virendefinitionsdatei:        7.11.73.184
Meldung:        HTML/Infected.WebPage.Gen3
Datum/Uhrzeit:        20.Apr.2013, 18:08

markusg 11.07.2013 15:57
Hi,
GamerzHost.de CSGO Config Creator.exe
der Fund war ein Fehlalarm, und die Löschung daher nicht nötig.
Wenn du die benötigst, aus der Quarantäne wiederherstellen.
PC neustarten, neues OTL Log.

BadGoblin 11.07.2013 16:06
Hey,

so neuer LOG

Code:
OTL logfile created on: 11.Jul.2013 16:59:18 - Run 2
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\***\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MMM.yyyy
 
8,00 Gb Total Physical Memory | 6,05 Gb Available Physical Memory | 75,60% Memory free
15,99 Gb Paging File | 13,85 Gb Available in Paging File | 86,58% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 186,96 Gb Total Space | 68,70 Gb Free Space | 36,74% Space Free | Partition Type: NTFS
Drive D: | 977,56 Gb Total Space | 373,95 Gb Free Space | 38,25% Space Free | Partition Type: NTFS
Drive E: | 885,45 Gb Total Space | 295,84 Gb Free Space | 33,41% Space Free | Partition Type: NTFS
Drive I: | 7,44 Gb Total Space | 6,36 Gb Free Space | 85,43% Space Free | Partition Type: FAT32
 
Computer Name: ***-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.07.11 12:04:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
PRC - [2013.07.09 08:59:20 | 001,104,384 | ---- | M] (Spotify Ltd) -- C:\Users\***\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2013.07.05 13:31:51 | 000,239,496 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.149\GoogleCrashHandler.exe
PRC - [2013.06.24 12:02:59 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2013.06.24 12:02:44 | 000,589,368 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
PRC - [2013.06.24 12:02:39 | 000,371,768 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
PRC - [2013.06.24 12:02:38 | 000,654,392 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe
PRC - [2013.06.24 12:02:38 | 000,345,144 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.06.24 12:02:38 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.04.28 03:15:10 | 000,107,832 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2011.04.28 03:14:59 | 000,066,872 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2009.03.30 16:00:54 | 000,221,184 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe
PRC - [2009.02.24 16:47:06 | 000,143,360 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Brother\Brmfcmon\BrMfimon.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2009.02.27 17:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2013.06.05 00:02:24 | 000,241,152 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013.06.04 18:40:32 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2013.01.28 15:19:28 | 000,037,664 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2012.06.28 10:53:00 | 004,941,768 | ---- | M] (SafeNet Inc.) [Disabled | Stopped] -- C:\Windows\SysNative\hasplms.exe -- (hasplms)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.07.11 15:42:06 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.07.10 03:56:22 | 000,559,016 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.06.24 12:02:59 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.06.24 12:02:44 | 000,589,368 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2013.06.24 12:02:39 | 000,371,768 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2013.06.24 12:02:38 | 000,654,392 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe -- (AntiVirFirewallService)
SRV - [2013.06.24 12:02:38 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.06.03 16:21:54 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.01.28 15:19:28 | 002,402,080 | ---- | M] (TuneUp Software) [Auto | Running] -- E:\Programme\TuneUp Utility\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2013.01.28 15:19:28 | 000,029,984 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2012.10.01 21:34:38 | 005,132,888 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2012.10.01 21:34:38 | 000,178,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose64)
SRV - [2012.07.17 16:14:44 | 002,292,480 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2011.09.27 21:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2011.07.06 04:30:00 | 002,304,912 | ---- | M] (WIBU-SYSTEMS AG) [Disabled | Stopped] -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe -- (CodeMeter.exe)
SRV - [2011.05.28 06:39:39 | 000,080,256 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\ezGOSvc.dll -- (ezGOSvc)
SRV - [2011.04.28 03:15:10 | 000,107,832 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2011.04.28 03:14:59 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010.06.25 19:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013.06.05 01:09:44 | 011,833,856 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013.06.04 23:35:04 | 000,608,768 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013.04.24 23:56:50 | 000,410,008 | ---- | M] (Logitech) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ladfGSCamd64.sys -- (LADF_CaptureOnly)
DRV:64bit: - [2013.04.24 23:56:50 | 000,102,808 | ---- | M] (Logitech) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ladfGSRamd64.sys -- (LADF_RenderOnly)
DRV:64bit: - [2013.04.24 18:31:10 | 000,096,768 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2013.04.22 11:38:46 | 000,838,216 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2013.03.21 16:06:07 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2013.03.21 16:06:07 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2013.03.21 16:06:07 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2013.02.12 22:44:28 | 000,141,376 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avfwot.sys -- (avfwot)
DRV:64bit: - [2013.02.12 22:44:28 | 000,114,608 | ---- | M] (Avira GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avfwim.sys -- (avfwim)
DRV:64bit: - [2013.01.17 22:15:12 | 000,066,800 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys -- (LGSHidFilt)
DRV:64bit: - [2012.12.13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.09.12 16:20:04 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.06.28 10:51:36 | 000,139,592 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aksfridge.sys -- (aksfridge)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.11.22 16:14:54 | 000,078,208 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aksdf.sys -- (aksdf)
DRV:64bit: - [2011.09.28 17:31:30 | 000,321,536 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hardlock.sys -- (hardlock)
DRV:64bit: - [2011.09.02 08:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011.09.02 08:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011.04.26 19:35:55 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2011.04.26 19:35:55 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2011.04.26 14:37:38 | 000,156,912 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.01.15 18:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2010.12.17 00:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.08.04 21:17:14 | 001,342,064 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2010.07.01 15:21:50 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)
DRV:64bit: - [2010.06.25 19:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2010.03.23 02:17:06 | 002,061,856 | ---- | M] (Realtek Semiconductor Corporation                          ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL85n64.sys -- (RTL85n64)
DRV:64bit: - [2010.02.18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009.12.16 00:38:56 | 000,045,824 | ---- | M] (Advanced Card Systems Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\a38ccid.sys -- (A38CCID)
DRV:64bit: - [2009.08.13 23:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009.07.16 05:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (1394hub)
DRV:64bit: - [2009.07.14 03:18:06 | 000,281,088 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BrSerIb.sys -- (BrSerIb)
DRV:64bit: - [2009.07.14 02:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009.07.14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009.07.14 02:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009.06.18 13:54:10 | 000,006,144 | ---- | M] (Sophos Plc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\25AC.tmp -- (MEMSWEEP2)
DRV:64bit: - [2009.06.10 22:41:10 | 000,015,360 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BrUsbSIb.sys -- (BrUsbSIb)
DRV:64bit: - [2009.06.10 22:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008.12.26 12:56:04 | 000,021,504 | ---- | M] (Avnex) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vcsvad.sys -- (VCSVADHWSer)
DRV - [2012.11.16 17:51:26 | 000,011,880 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- E:\Programme\TuneUp Utility\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2012.04.09 10:13:58 | 000,057,472 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Stopped] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.2)
DRV - [2012.04.09 10:13:58 | 000,057,472 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = it
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 9B 23 31 8E 27 04 CC 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rlz=1I7GGLD_de&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes\{93FDDC1C-6421-4DB3-9BDF-A4CC8134D0C7}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYIT&apn_uid=2FFD2986-32E8-4847-B627-11F640661F82&apn_sauid=A1AF69D2-B9F1-4A3E-8FBF-7355865AA555
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: E:\Programme\iTune\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@logitech.com/HarmonyRemote,version=1.0.0: C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Users\***\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1103234-0-npoctoshape.dll (Octoshape ApS)
FF - HKCU\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\Users\***\AppData\LocalLow\Sony Online Entertainment\npsoe.dll ()
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.06.07 09:02:06 | 000,000,000 | ---D | M]
 
[2011.04.26 18:38:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2013.07.11 16:15:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\dfa508wj.default\extensions
[2013.02.27 20:50:07 | 000,817,973 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\dfa508wj.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.06.13 20:45:42 | 000,034,048 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: hxxp://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.71\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.71\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.71\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\***\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\***\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Google Talk Plugin Video Renderer (Enabled) = C:\Users\***\AppData\Roaming\Mozilla\plugins\npo1d.dll
CHR - plugin: Octoshape Streaming Services (Enabled) = C:\Users\***\AppData\Roaming\Mozilla\plugins\npoctoshape.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = E:\Programme\Firefox\plugins\np-mswmp.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = E:\Programme\Firefox\plugins\nppl3260.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = E:\Programme\Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = E:\Programme\Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = E:\Programme\Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = E:\Programme\Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = E:\Programme\Firefox\plugins\npqtplugin5.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = E:\Programme\Firefox\plugins\nprjplug.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = E:\Programme\Firefox\plugins\nprpplugin.dll
CHR - plugin: Winamp Application Detector (Enabled) = E:\Programme\Firefox\plugins\npwachk.dll
CHR - plugin: Microsoft Office 2013 (Enabled) = C:\PROGRA~2\MICROS~4\Office15\NPSPWRAP.DLL
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U25 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Harmony Firefox Plugin (Enabled) = C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll
CHR - plugin: Microsoft Office 2013 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: QUAKE LIVE (Enabled) = C:\ProgramData\id Software\QuakeLive\npquakezero.dll
CHR - plugin: SOE Web Installer (Enabled) = C:\Users\***\AppData\LocalLow\Sony Online Entertainment\npsoe.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\***\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Octoshape Streaming Services (Enabled) = C:\Users\***\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1103234-0-npoctoshape.dll
CHR - plugin: Raidcall plugin (Enabled) = C:\Users\***\AppData\Roaming\raidcall\plugins\nprcplugin.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Windows\system32\C2MP\npdivx32.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = E:\Programme\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: iTunes Application Detector (Enabled) = E:\Programme\iTune\Mozilla Plugins\npitunes.dll
CHR - Extension: Auto HD For YouTube = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak\4.0.2_0\
CHR - Extension: Evernote Web = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0\
CHR - Extension: W\u00E4hrung Konverter = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbhghjdcfghfhlogkgdklfgmpodeglno\1.31_0\
CHR - Extension: Awesome New Tab Page = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgmiemnjjchgkmgbeljfocdjjnpjnmcg\2013.122.3.1_0\
CHR - Extension: Enhanced Steam = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\okadibdjfemgnhjiembecghcbfknbfhg\3.9.1_0\
CHR - Extension: Picasa = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb\6.2.2_0\
CHR - Extension: Google Mail = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Twitch Giveaways = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\poohjpljfecljomfhhimjhddddlidhdd\1.5.2_0\
 
O1 HOSTS File: ([2013.07.11 14:05:45 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Programme\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~4\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [Spotify] C:\Users\***\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\***\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKCU..\Run: [Steam] D:\Steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [TeamSpeak 3 Client] E:\Programme\TeamSpeak3\ts3client_win64.exe (TeamSpeak Systems GmbH)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office15\EXCEL.EXE (Microsoft Corporation)
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync: Anruf per Mausklick - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync: Anruf per Mausklick - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000019 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 1.7.0_09)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1C1BB0A5-661C-4693-AF64-AE0E94D0DEB5}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3DB63A12-AD61-4D3D-834B-44D4E2F075AC}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{546FA774-03DF-4F7A-BBE3-AC729C0E7B67}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8AF06241-00A0-4726-AAF3-BFFC298493D3}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Programme\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (bootdelete)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.07.11 16:32:44 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
[2013.07.11 16:31:26 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe
[2013.07.11 16:22:32 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2013.07.11 16:22:23 | 009,833,328 | ---- | C] (SurfRight B.V.) -- C:\Users\***\Desktop\HitmanPro_x64.exe
[2013.07.11 15:49:17 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013.07.11 13:58:51 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013.07.11 13:58:51 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013.07.11 13:58:51 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013.07.11 13:58:31 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.07.11 13:58:15 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.07.11 13:54:43 | 005,087,643 | R--- | C] (Swearware) -- C:\Users\***\Desktop\ComboFix.exe
[2013.07.11 13:45:23 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\***\Desktop\tdsskiller.exe
[2013.07.11 12:26:45 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2013.07.10 22:03:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013.07.10 21:44:37 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Chrome UserData
[2013.07.08 21:13:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013.07.08 13:52:54 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Saved Games
[2013.07.04 13:44:39 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\SavedGames
[2013.06.26 13:11:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013.06.26 10:38:29 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\***
[2013.06.26 10:04:38 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\***
[2013.06.21 14:48:48 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013.06.21 14:48:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2013.06.21 14:47:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
[2013.06.21 14:39:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2013.06.21 14:37:45 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2013.06.18 09:25:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.07.11 16:39:00 | 000,001,148 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.07.11 16:39:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.07.11 16:31:26 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe
[2013.07.11 16:31:26 | 000,000,390 | ---- | M] () -- C:\Windows\SysNative\bootdelete.lst
[2013.07.11 16:26:19 | 000,016,624 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.07.11 16:26:18 | 000,016,624 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.07.11 16:18:33 | 000,001,144 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.07.11 16:18:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.07.11 16:16:19 | 000,000,172 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat
[2013.07.11 16:03:42 | 000,574,472 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.07.11 15:51:08 | 009,833,328 | ---- | M] (SurfRight B.V.) -- C:\Users\***\Desktop\HitmanPro_x64.exe
[2013.07.11 15:49:12 | 000,650,027 | ---- | M] () -- C:\Users\***\Desktop\adwcleaner.exe
[2013.07.11 14:05:45 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013.07.11 13:54:12 | 005,087,643 | R--- | M] (Swearware) -- C:\Users\***\Desktop\ComboFix.exe
[2013.07.11 13:44:50 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\***\Desktop\tdsskiller.exe
[2013.07.11 12:33:49 | 001,403,922 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.07.11 12:33:49 | 001,361,536 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.07.11 12:33:49 | 000,807,068 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.07.11 12:33:49 | 000,776,542 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.07.11 12:33:49 | 000,006,866 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.07.11 12:27:53 | 000,000,000 | ---- | M] () -- C:\Users\***\defogger_reenable
[2013.07.11 12:05:48 | 000,377,856 | ---- | M] () -- C:\Users\***\Desktop\gmer_2.1.19163.exe
[2013.07.11 12:04:52 | 000,050,477 | ---- | M] () -- C:\Users\***\Desktop\Defogger.exe
[2013.07.11 12:04:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2013.07.11 11:02:32 | 000,027,606 | ---- | M] () -- C:\Users\***\Documents\cc_20130711_110229.reg
[2013.07.11 10:56:48 | 000,007,661 | ---- | M] () -- C:\Users\***\AppData\Local\resmon.resmoncfg
[2013.07.02 09:34:10 | 000,003,288 | ---- | M] () -- C:\bootsqm.dat
[2013.07.01 11:51:33 | 000,015,441 | ---- | M] () -- C:\Users\***\Documents\TeamSpeak Thing.odt
[2013.06.24 12:03:05 | 000,083,672 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2013.06.19 19:28:32 | 000,000,425 | ---- | M] () -- C:\Windows\BRWMARK.INI
[2013.06.19 19:28:32 | 000,000,027 | ---- | M] () -- C:\Windows\BRPP2KA.INI
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.07.11 16:31:26 | 000,000,390 | ---- | C] () -- C:\Windows\SysNative\bootdelete.lst
[2013.07.11 16:15:27 | 000,000,172 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat
[2013.07.11 16:08:16 | 000,650,027 | ---- | C] () -- C:\Users\***\Desktop\adwcleaner.exe
[2013.07.11 16:03:24 | 000,574,472 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.07.11 15:42:06 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.07.11 13:58:51 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.07.11 13:58:51 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.07.11 13:58:51 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.07.11 13:58:51 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.07.11 13:58:51 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.07.11 12:27:53 | 000,000,000 | ---- | C] () -- C:\Users\***\defogger_reenable
[2013.07.11 12:26:45 | 000,377,856 | ---- | C] () -- C:\Users\***\Desktop\gmer_2.1.19163.exe
[2013.07.11 12:26:45 | 000,050,477 | ---- | C] () -- C:\Users\***\Desktop\Defogger.exe
[2013.07.11 11:02:31 | 000,027,606 | ---- | C] () -- C:\Users\***\Documents\cc_20130711_110229.reg
[2013.07.02 09:34:10 | 000,003,288 | ---- | C] () -- C:\bootsqm.dat
[2013.07.01 01:44:10 | 000,015,441 | ---- | C] () -- C:\Users\***\Documents\TeamSpeak Thing.odt
[2013.06.05 00:51:06 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2013.06.05 00:51:06 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2013.06.05 00:03:28 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2013.06.05 00:03:28 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2013.03.18 15:09:26 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012.11.25 13:54:27 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012.11.07 22:40:23 | 000,000,000 | ---- | C] () -- C:\Windows\SUFDesign.INI
[2012.10.18 13:33:10 | 000,038,520 | ---- | C] () -- C:\Windows\SysWow64\RGBAcodec.dll
[2012.09.28 13:47:15 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2012.06.29 08:55:22 | 000,000,093 | ---- | C] () -- C:\Users\***\AppData\Local\fusioncache.dat
[2012.05.01 14:37:35 | 000,000,486 | RHS- | C] () -- C:\Users\***\ntuser.pol
[2012.03.21 15:29:25 | 000,000,871 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2012.03.21 15:29:25 | 000,000,131 | ---- | C] () -- C:\Windows\brpcfx.ini
[2012.03.21 15:29:21 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2012.03.21 15:29:21 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2012.03.21 15:29:04 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\BrMuSNMP.dll
[2012.03.21 15:29:04 | 000,000,066 | ---- | C] () -- C:\Windows\Brfaxrx.ini
[2012.03.21 15:29:04 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat
[2012.03.21 15:15:20 | 000,000,000 | RHS- | C] () -- C:\Windows\FFSSET.BIN
[2012.03.03 12:28:54 | 000,000,023 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2012.01.31 00:12:43 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012.01.31 00:12:42 | 000,027,743 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2011.12.01 23:14:11 | 003,736,364 | ---- | C] () -- C:\Users\***\ts3_recording_11_12_01_22_14_9.wav
[2011.09.28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.06.16 17:25:02 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2011.05.15 20:16:02 | 000,000,410 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011.05.08 12:33:11 | 000,000,155 | ---- | C] () -- C:\Users\***\.gtkrc-2.0
[2011.05.02 19:20:32 | 000,012,800 | ---- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.05.02 13:13:11 | 000,007,661 | ---- | C] () -- C:\Users\***\AppData\Local\resmon.resmoncfg
[2011.04.26 18:29:00 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.08.21 15:11:31 | 000,857,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.08.21 15:37:44 | 000,636,928 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.08.21 15:08:38 | 000,453,120 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013.04.27 13:02:36 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\.minecraft
[2011.10.28 20:42:15 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Avnex
[2013.04.24 12:47:08 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Awesomium
[2012.01.09 20:57:28 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013.04.04 22:51:06 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Deckadance19
[2013.02.20 23:57:28 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Doublefine
[2012.09.29 21:23:38 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Downloaded Installations
[2013.03.24 22:09:47 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DVDVideoSoft
[2013.04.27 13:07:26 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FileZilla
[2012.04.07 04:42:14 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Firefly Studios
[2012.10.18 15:28:51 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Focus
[2012.01.13 19:48:48 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FOG Downloader
[2013.01.07 20:22:11 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ftblauncher
[2013.07.11 11:33:04 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\GetRightToGo
[2011.12.19 00:13:21 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\go
[2012.04.15 17:57:41 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\GroovesharkDesktop.7F9BF17D6D9CB2159C78A6A6AB076EA0B1E0497C.1
[2011.06.17 20:50:40 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Hi-Rez Studios
[2013.06.30 23:08:13 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\HLSW
[2013.04.15 13:14:28 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Image-Line
[2012.11.07 22:42:03 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\IndigoRose
[2011.06.03 09:06:09 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Lazy 8 Studios
[2011.04.26 19:34:54 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Leadertech
[2013.04.15 15:41:56 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Line 6
[2013.05.21 15:55:22 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Little Inferno
[2011.04.26 20:06:49 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\LolClient
[2012.05.24 06:19:36 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\LolClient2
[2013.03.24 22:16:36 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\MAGIX
[2013.01.17 11:21:32 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\MediaMonkey
[2012.03.19 20:24:01 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Mouse Recorder Pro
[2013.04.15 21:04:01 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\MXPLAY
[2012.03.03 12:33:15 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\MySQL
[2012.04.07 05:16:03 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Need for Speed World
[2011.12.19 00:16:07 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Nokia Ovi Suite
[2011.06.06 15:41:09 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Notepad++
[2013.01.07 09:38:18 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OBS
[2011.11.21 02:33:22 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Octoshape
[2013.02.04 11:11:29 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OpenOffice.org
[2013.04.17 23:02:56 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Opera
[2011.05.03 21:18:15 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\PC Suite
[2012.03.21 15:50:42 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\PC-FAX TX
[2011.05.01 17:06:48 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\PetsFunHouse
[2013.04.15 15:42:34 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Propellerhead Software
[2013.04.15 23:38:48 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\raidcall
[2012.12.27 14:30:33 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\RavensburgerTipToi
[2011.05.13 12:10:24 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\runic games
[2012.11.03 14:26:21 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Screaming Bee
[2013.02.20 14:41:34 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\SFBot
[2013.01.03 14:45:54 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\SoftGrid Client
[2013.04.04 22:51:06 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\SongManager
[2011.10.20 00:06:40 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\SplitMediaLabs
[2011.11.18 21:35:28 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Spore
[2013.07.11 16:19:35 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Spotify
[2012.09.28 14:14:50 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\systweak
[2013.03.21 10:48:22 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TeamViewer
[2013.06.01 11:23:24 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TERA
[2012.12.13 16:24:50 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TeraCopy
[2011.11.04 14:22:38 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Thunderbird
[2011.05.01 11:00:18 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TP
[2012.04.08 23:25:27 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Trillian
[2011.10.14 21:53:18 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ts3overlay
[2013.04.04 13:22:35 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TuneUp Software
[2013.07.11 15:59:16 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\uTorrent
[2011.10.23 10:38:32 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Windows Live Writer
[2012.03.31 15:44:41 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\X-Chat 2
[2013.04.07 16:44:10 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\YaTQA
 
========== Purity Check ==========
 
 

< End of report >

markusg 11.07.2013 16:19
Hi,
1.
sichere mal deine Lizenzdaten von Avira, und lade dir die neueste, passene Version von deren Homepage.
Deinstaliere deine Avira Version, starte neu, reinstaliere Avira.
Bitte benutzerdefiniert instalieren, darauf achten, dass die Ask Toolbar nicht instaliert wird.
Schuld an deinem Problem ist warscheinlich ein fehlerhaftes Avira Update.
Nicht das du denkst, die Arbeit war umsonst, wir sind noch ein wenig Adware los geworden :-)

2.

otl fix

Fixen mit OTL

  • Starte bitte die OTL.exe.
  • Kopiere nun den Inhalt aus der Codebox in die Textbox.

Code:
:OTL
IE - HKCU\..\SearchScopes\{93FDDC1C-6421-4DB3-9BDF-A4CC8134D0C7}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYIT&apn_uid=2FFD2986-32E8-4847-B627-11F640661F82&apn_sauid=A1AF69D2-B9F1-4A3E-8FBF-7355865AA555
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found

:files
:Commands
[emptytemp]
  • Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
  • Schließe bitte nun alle Programme.
  • Klicke nun bitte auf den Fix Button.
  • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
  • Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
    ( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
    Kopiere nun den Inhalt hier in Deinen Thread

3.
bitte teste, ob es im Firefox, internet explorer, und sonstigen
evtl. instalierte Browser, irgendwelche ungewollten toolbars, umleitungen oder sonstigen Probleme gibt.
Teste wie pc und programme allgemein laufen.

BadGoblin 11.07.2013 16:49
Hallo,

also hab jetzt den Avira wieder neu installiert.
Programme laufen stabil und hab das Gefühl dass alles einwenig schneller vonstatten geht.
Broweser sind ohne Toolbars und scheint ich könnte wieder normal surfen.
Hier noch der FIXLOG

Code:
All processes killed
========== OTL ==========
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{93FDDC1C-6421-4DB3-9BDF-A4CC8134D0C7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{93FDDC1C-6421-4DB3-9BDF-A4CC8134D0C7}\ not found.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Add to Google Photos Screensa&ver\ deleted successfully.
========== FILES ==========
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 57472 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Gast
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 6826997 bytes
->FireFox cache emptied: 356935924 bytes
->Flash cache emptied: 2163 bytes
 
User: HomeGroupUser$
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
 
User: ***
->Temp folder emptied: 9280758 bytes
->Temporary Internet Files folder emptied: 6106 bytes
->Java cache emptied: 1733589 bytes
->FireFox cache emptied: 75015086 bytes
->Google Chrome cache emptied: 6157890 bytes
->Opera cache emptied: 188 bytes
->Flash cache emptied: 58076 bytes
 
User: Public
->Temp folder emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 200704 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 12288 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 8413985 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 68094 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 443,00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 07112013_173200

Files\Folders moved on Reboot...
C:\Users\***\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\TmpFile1 scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

markusg 11.07.2013 16:59
Hi,
schön zu hören.
Wenn alles zu deiner Zufriedenheit läuft, öffne OTL, bereinigen, PC startet neu, Remover werden gelöscht.
Lösche übrig gebliebene Logs, Setups, von uns verwendete Programme.
PC absichern:

die folgende anleitung ist umfangreich, dass ist mir klar, sie sollte aber umgesetzt werden, da nur dann dein pc sicher ist. stelle so viele fragen wie nötig, ich arbeite gern alles mit dir durch!

http://www.trojaner-board.de/96344-a...-rechners.html
Starte bitte mit der Passage, Windows Vista und Windows 7
Bitte beginne damit, Windows Updates zu instalieren.
Am besten geht dies, wenn du über Start, Suchen gehst, und dort Windows Updates eingibst.
Prüfe unter "Einstellungen ändern" dass folgendes ausgewählt ist:
- Updates automatisch Instalieren,
- Täglich
- Uhrzeit wählen
- Bitte den gesammten rest anhaken, außer:
- detailierte benachichtungen anzeigen, wenn neue Microsoft software verfügbar ist.
Klicke jetzt die Schaltfläche "OK"
Klicke jetzt "nach Updates suchen".
Bitte instaliere zunächst wichtige Updates.
Es wird nötig sein, den PC zwischendurch neu zu starten. falls dies der Fall ist, musst du erneut über Start, Suchen, Windows Update aufrufen, auf Updates suchen klicken und die nächsten instalieren.
Mache das selbe bitte mit den optionalen Updates.
Bitte übernimm den rest so, wie es im Abschnitt windows 7 / Vista zu lesen ist.

adblock für chrome:
http://filepony.de/download-adblock_chrome/
damit sollte das leben werbefreier von statten gehen.
ghostery um tracking zu verhindern:
http://filepony.de/download-ghostery_chrome/
HTTPS Everywhere
https://chrome.google.com/webstore/d...jekcdonpmejbdp
wählt, wenn möglich, eine sichere Verbindung
sicher surfen mit chrome:
Sicher surfen mit Google Chrome | Verbraucher sicher online


Sandboxie
Die devinition einer Sandbox ist hier nachzulesen:
Sandbox
Kurz gesagt, man kann Programme fast 100 %ig isuliert vom System ausführen.

Der Vorteil liegt klar auf der Hand, wenn über den Browser Schadcode eingeschläust wird, kann dieser nicht nach außen dringen.
Download Link:
Sandboxie - Download - Filepony

anleitung:
http://www.trojaner-board.de/71542-a...sandboxie.html
ausführliche anleitung als pdf, auch abarbeiten:
Sandbox Einstellungen |

bitte folgende zusatz konfiguration machen:
sandboxie control öffnen, menü sandbox anklicken, defauldbox wählen.
dort klicke auf sandbox einstellungen.
beschrenkungen, bei programm start und internet zugriff schreibe:
chrome.exe
dann gehe auf anwendungen, webbrowser, chrome.
dort aktiviere alles außer gesammten profil ordner freigeben.
Wie du evtl. schon gesehen hast, kannst du einige Funktionen nicht nutzen.
Dies ist nur in der Vollversion nötig, zu deren Kauf ich dir rate.
Du kannst zb unter "Erzwungene Programmstarts" festlegen, dass alle Browser in der Sandbox starten.
Ansonsten musst du immer auf "Sandboxed webbrowser" klicken bzw Rechtsklick, in Sandboxie starten.
Eine lebenslange Lizenz kostet 30 €, und ist auf allen deinen PC's nutzbar.

Weiter mit:
Maßnahmen für ALLE Windows-Versionen
alles komplett durcharbeiten
anmerkung zu file hippo.
in den settings zusätzlich auswählen:
hide beta updates.
Run updateChecker when Windows starts

Backup Programm:
in meiner Anleitung ist bereits ein Backup Programm verlinkt, als Alternative bietet sich auch das Windows eigene Backup Programm an:
http://www.trojaner-board.de/82962-w...en-backup.html
Dies ist aber leider nur für Windows 7 Nutzer vernünftig nutzbar.
Alle Anderen sollten sich aber auf jeden fall auch ein Backup Programm instalieren, denn dies kann unter Umständen sehr wichtig sein, zum Beispiel, wenn die Festplatte einmal kaputt ist.

Zum Schluss, die allgemeinen sicherheitstipps beachten, wenn es dich betrifft, den Tipp zum Onlinebanking beachten und alle Passwörter ändern
bitte auch lesen, wie mache ich programme für alle sichtbar:
Programme für alle Konten nutzbar machen - PCtipp.ch - Praxis & Hilfe
surfe jetzt also nur noch im standard nutzer konto und dort in der sandbox.
wenn du die kostenlose version nutzt, dann mit klick auf sandboxed web browser, wenn du die bezahlversion hast, kannst du erzwungene programm starts festlegen, dann wird sandboxie immer gestartet wenn du nen browser aufrufst.
wenn du mit der maus über den browser fährst sollte der eingerahmt sein, dann bist du im sandboxed web browser

passwort sicherheit:
jeder dienst benötigt ein eigenes, mindestens 12-stelliges passwort
bei der passwort verwaltung und erstellung hilft roboform
Passwort Manager, Formular Ausfueller, Passwort Management | RoboForm Passwort Manager
anleitung:
RoboForm-Bedienungsanleitung: Passwort-Manager, Verwalten von Passwörtern und persönlichen Daten

BadGoblin 11.07.2013 17:38
Hey,
hab mir das jetz mal durchgeschaut und durchgelesen!
Habe jetz schon einige sachen von der Liste abgearbeitet werd mich dran halte dass ich das alles hinbekomme.

Vielen Vielen Dank für die rasche und erfolgreiche Hilfe!
Werde euch aufjedenfall weiterempfehlen.
Kann geclosed werden!

Vielen Dank nochmal! :dankeschoen:


Alle Zeitangaben in WEZ +1. Es ist jetzt 11:26 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2024, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129