Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Mein Windows Vista macht keine Updates mehr (https://www.trojaner-board.de/146192-windows-vista-macht-keine-updates-mehr.html)

palex31 16.12.2013 14:10
Mein Windows Vista macht keine Updates mehr
 
Hallo hatte ihr schon einen Beitrag gestartet, das meine Updates nicht funktionieren. Mir wurde empfohlen 2 Programme zu downloaden, um das problem zu beheben aber ohne Erfolg.
Die Antwort Hier war dann

Zitat:
Zitat von Alois S (Beitrag 1214320)
Verdacht auf Malware - bitte erstelle ein neues Thema, wie von mir im vorigen Post erwähnt :(

Versuche vielleicht auch noch dieses Tool:

PC-WELT-Fix Windows Update Download - Windows-Reparatur - PC-WELT


LG, Alois

schrauber 16.12.2013 14:21
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


palex31 16.12.2013 15:18
Vielen Dank für die unterstützung.

PC-WELT-Fix Windows Update Download - Windows-Reparatur - PC-WELT

Habe dieses Tool nochmals durchlaufen lassen und es hat was gebracht, mein Windows hat gerade 35 Updates installiert.

palex31 16.12.2013 15:32
Code:
[attach][/attach]
Code:
Anhang 63053

schrauber 17.12.2013 09:50
Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.


So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

palex31 17.12.2013 11:42
FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 16-12-2013 02
Ran by PAULO (administrator) on MEDION on 16-12-2013 15:15:52
Running from C:\Users\PAULO\Desktop\Desktop
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVM Berlin) C:\Program Files\avmwlanstick\WLanNetService.exe
(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
() C:\Program Files\Canon\IJPLM\ijplmsvc.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(PC Tools) C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Secunia) C:\Program Files\Secunia\PSI\psia.exe
() C:\Program Files\Home Cinema\TV Enhance\Kernel\TV\TVECapSvc.exe
(X10) C:\Program Files\Common Files\X10\Common\X10nets.exe
() C:\Program Files\Home Cinema\TV Enhance\Kernel\TV\TVESched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(PC Tools) C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(AVM Berlin) C:\Program Files\avmwlanstick\WLanGUI.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(DivX, LLC) C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(Logitech Inc.) C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
() C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(TomTom) C:\Program Files\MyDrive Connect\MyDriveConnect.exe
(Secunia) C:\Program Files\Secunia\PSI\psi_tray.exe
() C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Secunia) C:\Program Files\Secunia\PSI\sua.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
() C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(RealNetworks, Inc.) C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SSDMonitor] - C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe [104408 2010-09-16] (PC Tools)
HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-19] (Microsoft Corporation)
HKLM\...\Run: [AVMWlanClient] - C:\Program Files\avmwlanstick\WLanGUI.exe [2105344 2010-10-22] (AVM Berlin)
HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)
HKLM\...\Run: [IntelliPoint] - C:\Program Files\Microsoft IntelliPoint\ipoint.exe [1821576 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [DivXMediaServer] - C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-08-21] (DivX, LLC)
HKLM\...\Run: [TkBellExe] - C:\Program Files\Real\RealPlayer\Update\realsched.exe [295512 2013-09-16] (RealNetworks, Inc.)
HKLM\...\Run: [LWS] - C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-11-16] (AVAST Software)
HKLM\...\Run: [20131121] - C:\Program Files\AVAST Software\Avast\Setup\emupdate\a24ad245-bff2-4068-bbb2-d7c6a3fb164f.exe [180184 2013-11-24] (AVAST Software)
HKLM\...\Runonce: [B Register C:\Program Files\DivX\DivX Transcode Engine\plugins\mc_demux_mp2_ds.ax] - "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Transcode Engine\plugins\mc_demux_mp2_ds.ax",DllRegisterServer
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKCU\...\Run: [KiesPDLR] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [21392 2012-05-04] ()
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\wmpnscfg.exe [202240 2008-01-19] (Microsoft Corporation)
HKCU\...\Run: [MyDriveConnect.exe] - C:\Program Files\MyDrive Connect\MyDriveConnect.exe [473496 2013-10-21] (TomTom)
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2008-01-14] (Google Inc.)
HKCU\...\Policies\Explorer: [NoCDBurning] 0
HKCU\...\Policies\Explorer: [NoDriveTypeAutoRun] 0xDD000000
HKCU\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
MountPoints2: {15c155ec-bf89-11dc-b376-806e6f6e6963} - I:\CabaretClub.exe
MountPoints2: {451ff17e-947f-11e1-b054-0019dbc81212} - J:\pushinst.exe
MountPoints2: {975fbd28-e252-11e1-af7e-bc05430d329e} - J:\scania_tds_extended.exe
MountPoints2: {e0b350a6-b065-11e0-86bb-0019dbc81212} - J:\Startme.exe
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\UpdatusUser\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://ch.msn.com/default.aspx
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x9CE28A080518CB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-ch
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.live.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.live.com
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.live.com
HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKCU - (No Name) - {09152f0b-739c-4dec-a245-1aa8a37594f1} -  No File
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - URL hxxp://www.googIecrawler.com/search/?q={searchTerms}&lang=de
SearchScopes: HKCU - {16FBBA4F-85C6-48DC-99CF-8B7385E5CC1A} URL = hxxp://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}
SearchScopes: HKCU - {505DD0EE-EDDA-45EF-B7BA-C6DE5D6B35E6} URL =
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69} URL =
SearchScopes: HKCU - {DF629D51-0499-4884-A65E-4EFD87EB63BD} URL = hxxp://ch.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=198484&p={searchTerms}
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {965B54B0-71E0-4611-8DE7-F73FA0B20E26} -  No File
Toolbar: HKCU - No Name - {472734EA-242A-422B-ADF8-83D1E48CC825} -  No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab}
DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} hxxp://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab
DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} hxxp://127.0.0.1:9070/etc/var/TVUAx.cab
DPF: {428A9DEF-F057-402B-9F2D-A5887F4544ED} hxxp://download.microsoft.com/download/f/0/2/f02b515c-7076-4cee-bc08-fd6fea594578/VirtualEarth3D.cab
DPF: {4BFD075D-C36E-4F28-BB0A-5D472795197A} hxxp://www.powerchallenge.com/applet/PowerLoader.cab
DPF: {5CE72DD0-4695-4D18-A4D3-3367ACD37578} hxxp://de.bluewin.ch/services/security_checker/fscax.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} hxxp://navigram.com/engine/v1111/Navigram.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {B9F79165-A264-4C4A-A211-133A5E8D647F} hxxp://services.bluewin.ch/securitychecker/fscax.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} https://signin2.valueactive.eu/Register/Branding/olr3313/OCX/v1018/flashax.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
Handler: livecall - No CLSID Value -
Handler: msnim - No CLSID Value -
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks:  - {AEB6717E-7E19-11d0-97EE-00C04FD91972} -  No File [ ]
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MI1933~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MI1933~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/npracplug;version=1.0.0.0 - C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\PAULO\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @soe.sony.com/installer,version=1.0.3 - C:\Users\PAULO\AppData\LocalLow\Sony Online Entertainment\npsoe.dll ()
FF Plugin HKCU: @www.flatcast.com/FlatViewer 5.2 - C:\PROGRA~1\MOZILL~1\plugins\NpFv522.dll (1 mal 1 Software GmbH)
FF SearchPlugin: C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\searchplugins\duckduckgo-http.xml
FF SearchPlugin: C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\searchplugins\filehippo.xml
FF SearchPlugin: C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\searchplugins\firefox-add-ons.xml
FF SearchPlugin: C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\searchplugins\gmx-suche-schweiz.xml
FF SearchPlugin: C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\searchplugins\ixquick-https---deutsch.xml
FF SearchPlugin: C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\avg_igeared.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: DoNotTrackMe: Online Privacy Protection - C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\Extensions\donottrackplus@abine.com
FF Extension: Amazon Toolbar - C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\Extensions\FFAmazonShoppingToolbar@wangtom.com
FF Extension: MaskMe - C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\Extensions\idme@abine.com
FF Extension: vShare - C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\Extensions\vshare@toolbar(1646)
FF Extension: SearchNewTab - C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\Extensions\yoaa7_ofz@mutpeuyeqht-.org
FF Extension: Personas Rotator - C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\Extensions\{6e73f6b7-b9ab-44b8-b744-6393e3c2e351}(1405)
FF Extension: WOT - C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: amznUWL2 - C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\Extensions\amznUWL2@amazon.com.xpi
FF Extension: autofillForms - C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\Extensions\autofillForms@blueimp.net.xpi
FF Extension: extension - C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\Extensions\extension@ciuvo.com.xpi
FF Extension: finder - C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\Extensions\finder@meingutscheincode.de.xpi
FF Extension: toolbar - C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\Extensions\toolbar@gmx.net.xpi
FF Extension: No Name - C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\Extensions\{15fe27f3-e5ab-2d59-4c5c-dadc7945bdbd}.xpi
FF Extension: prefs-cphelper - C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\Extensions\{239cc760-75a9-4276-b1fc-c0ceb963f373}.xpi
FF Extension: Adblock Plus - C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: bprivacyprefs - C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\%APPDATA%
FF Extension: Google Settings - C:\Program Files\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com
FF Extension: Swisscom Quick Help - C:\Program Files\Mozilla Firefox\extensions\{6A6114A5-EEF5-45F4-BCD1-B00A7B33E04B}
FF Extension: ICQ Toolbar - C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}(889)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\

Chrome:
=======
CHR DefaultSearchKeyword: google.ch
CHR DefaultSearchProvider: Google
CHR DefaultSearchURL: {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultNewTabURL: {google:baseURL}_/chrome/newtab?{google:RLZ}{google:instantExtendedEnabledParameter}{google:ntpIsThemedParameter}ie={inputEncoding}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Advanced SystemCare 6) - C:\Users\PAULO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin/ASCPlugin_Protect.dll No File
CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (DivX Player Netscape Plugin) - C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (Flatcast Viewer Plugin 5.2.2.454) - C:\Program Files\Mozilla Firefox\plugins\NpFv522.dll (1 mal 1 Software GmbH)
CHR Plugin: (Windows Genuine Advantage) - C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
CHR Plugin: (king.com - Game controller for firefox) - C:\Program Files\Mozilla Firefox\plugins\npmidas.dll (Midasplayer Ltd)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (RealArcade Mozilla Plugin) - C:\Program Files\Mozilla Firefox\plugins\npracplug.dll (RealNetworks)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprpplugin.dll (RealPlayer)
CHR Plugin: (getPlusPlus for Adobe 16248) - C:\Program Files\Mozilla Firefox\plugins\np_gp.dll (NOS Microsystems Ltd.)
CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MI1933~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MI1933~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility) - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Updater) - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Advanced SystemCare 6 Opera Plugin) - C:\Program Files\IObit\Advanced SystemCare 6\BrowerProtect\np_Asc_plugin.dll (IObit)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealDownloader Plugin) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
CHR Plugin: (SOE Web Installer) - C:\Users\PAULO\AppData\LocalLow\Sony Online Entertainment\npsoe.dll ()
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\PAULO\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_88.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Google Docs) - C:\Users\PAULO\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\PAULO\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\PAULO\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\PAULO\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (DoNotTrackMe: Online Privacy Protection) - C:\Users\PAULO\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd\3.1.1031_0
CHR Extension: (AdBlock) - C:\Users\PAULO\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0
CHR Extension: (avast! Online Security) - C:\Users\PAULO\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0
CHR Extension: (RealDownloader) - C:\Users\PAULO\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.3_0
CHR Extension: (Ghostery) - C:\Users\PAULO\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.0.0_0
CHR Extension: (Google Wallet) - C:\Users\PAULO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\PAULO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\...\Chrome\Extension: [aaaaoiagmlcohkmjodefppbmpjdiocmh] - C:\Users\PAULO\AppData\Local\APN\GoogleCRXs\aaaaoiagmlcohkmjodefppbmpjdiocmh_7.15.12.0.crx
CHR HKLM\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files\Common Files\Spigot\GC\saebay_1.0.crx
CHR HKLM\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files\Common Files\Spigot\GC\errorassistant_1.1.crx
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
CHR HKLM\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files\Common Files\Spigot\GC\coupons_2.4.crx
CHR HKLM\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files\Common Files\Spigot\GC\saamazon_1.0.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-11-16] (AVAST Software)
R2 AVM WLAN Connection Service; C:\Program Files\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin)
S2 ezGOSvc; C:\Windows\system32\ezGOSvc.dll [73600 2011-05-29] ()
S3 getPlusHelper; C:\Windows\System32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S2 gupdate1c98a367113a630; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-02-08] (Google Inc.)
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] ()
R2 Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [132768 2011-11-09] (Intel Corporation)
S2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [11552 2012-03-26] (Microsoft Corporation)
R2 PCToolsSSDMonitorSvc; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [632792 2010-10-01] (PC Tools)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [262247 2007-01-12] ()
R2 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1228504 2013-11-04] (Secunia)
R2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [660184 2013-11-04] (Secunia)
R2 TVECapSvc; C:\Program Files\Home Cinema\TV Enhance\Kernel\TV\TVECapSvc.exe [290908 2007-01-12] ()
R2 TVESched; C:\Program Files\Home Cinema\TV Enhance\Kernel\TV\TVESched.exe [114778 2007-01-12] ()
R2 UMVPFSrv; C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [450848 2012-01-18] (Logitech Inc.)
S3 UPnPService; C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [544768 2006-12-14] (Magix AG)
R2 x10nets; C:\Program Files\Common Files\X10\Common\X10nets.exe [20480 2001-11-12] (X10)

==================== Drivers (Whitelisted) ====================

S3 3xHybrid; C:\Windows\System32\DRIVERS\3xHybrid.sys [1025920 2009-08-26] (NXP Semiconductors Germany GmbH)
R2 ACEDRV08; C:\Windows\system32\drivers\ACEDRV08.sys [108768 2008-11-26] (Protect Software GmbH)
R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [35656 2013-11-16] (AVAST Software)
R0 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21576 2013-10-14] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2013-11-16] (AVAST Software)
R1 AswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2013-11-16] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2013-11-16] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [774392 2013-11-16] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [403440 2013-11-16] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2013-11-16] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [178304 2013-11-16] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [278728 2008-07-12] ()
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [4352 2010-10-22] (AVM Berlin)
S3 FETNDIS; C:\Windows\System32\DRIVERS\fetnd5.sys [45568 2006-11-02] (VIA Technologies, Inc.              )
R3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [586752 2010-10-22] (AVM GmbH)
R3 KMWDFILTER; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [17408 2008-10-09] (Windows (R) Codename Longhorn DDK provider)
R0 Lbd; C:\Windows\System32\DRIVERS\Lbd.sys [64288 2009-09-23] (Lavasoft AB)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25416 2008-07-12] ()
S3 LVPr2Mon; C:\Windows\System32\Drivers\LVPr2Mon.sys [25824 2010-05-07] ()
R3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41752 2008-12-17] (Logitech Inc.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [171064 2012-03-20] (Microsoft Corporation)
S3 MREMP50; C:\Program Files\Common Files\Motive\MREMP50.sys [19712 2007-05-30] (Printing Communications Assoc., Inc. (PCAUSA))
S3 MRESP50; C:\Program Files\Common Files\Motive\MRESP50.sys [18304 2007-05-30] (Printing Communications Assoc., Inc. (PCAUSA))
R0 mv61xx; C:\Windows\System32\DRIVERS\mv61xx.sys [161072 2011-05-06] (Marvell Semiconductor, Inc.)
S3 pepifilter; C:\Windows\System32\DRIVERS\lv302af.sys [13976 2009-04-30] (Logitech Inc.)
R3 Ph3xIB32; C:\Windows\System32\DRIVERS\Ph3xIB32.sys [1131136 2007-04-03] (Philips Semiconductors GmbH)
S3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [2687512 2009-04-30] (Logitech Inc.)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_x86.sys [16024 2013-11-04] (Secunia)
S3 s1039mdm; C:\Windows\System32\DRIVERS\s1039mdm.sys [124016 2010-03-01] (MCCI Corporation)
S3 USB_RNDIS; C:\Windows\System32\DRIVERS\usb8023.sys [15872 2013-02-12] (Microsoft Corporation)
R3 WmBEnum; C:\Windows\System32\drivers\WmBEnum.sys [19336 2008-01-24] (Logitech Inc.)
S3 WmFilter; C:\Windows\System32\drivers\WmFilter.sys [28168 2008-01-24] (Logitech Inc.)
S3 WmVirHid; C:\Windows\System32\drivers\WmVirHid.sys [14728 2008-01-24] (Logitech Inc.)
R3 WmXlCore; C:\Windows\System32\drivers\WmXlCore.sys [48904 2008-01-24] (Logitech Inc.)
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [13976 2006-11-17] (X10 Wireless Technology, Inc.)
S3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
U3 DfSdkS;
S3 EagleXNt; No ImagePath
S1 FSES; System32\drivers\fses.sys [x]
S1 fsvista; No ImagePath
S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 MREMP50a64; No ImagePath
S3 MRESP50a64; No ImagePath
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] ()
S3 uxddrv; \??\H:\DIAGNOSE\WSTGER32\2PART\uxddrv86.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-16 15:15 - 2013-12-16 15:15 - 00000000 ____D C:\FRST
2013-12-16 13:28 - 2013-12-16 13:29 - 00000000 ____D C:\5dc6eb3b0a3bdca6bc002fb2174d
2013-12-16 12:31 - 2013-12-16 12:31 - 00145624 _____ C:\Users\PAULO\Desktop\WindowsUpdate.zip
2013-12-16 12:10 - 2013-12-16 12:10 - 00000863 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-12-16 11:49 - 2013-12-16 11:49 - 00000000 ____D C:\Users\PAULO\AppData\Local\Secunia PSI
2013-12-16 11:44 - 2013-12-16 11:44 - 00000000 ____D C:\Program Files\Secunia
2013-12-16 11:31 - 2013-12-16 11:31 - 00087358 _____ C:\Users\PAULO\Documents\ResultReport.html
2013-12-16 10:58 - 2013-12-16 10:58 - 00094524 _____ C:\Users\PAULO\Desktop\WindowsUpdate.rar
2013-12-06 18:33 - 2013-12-06 18:33 - 00085243 _____ C:\Users\PAULO\Desktop\WindowsUpdate.7z
2013-12-06 18:32 - 2013-12-06 18:32 - 00000000 ____D C:\Program Files\7-Zip
2013-12-06 18:17 - 2013-12-06 18:17 - 01461337 _____ C:\Users\PAULO\Desktop\WindowsUpdate.log
2013-12-06 16:54 - 2013-12-06 16:54 - 00000000 ____D C:\Users\PAULO\AppData\Local\Logitech® Webcam-Software
2013-12-06 16:05 - 2013-12-06 16:05 - 00000000 _____ C:\Windows\setuperr.log
2013-12-06 16:05 - 2013-12-06 16:05 - 00000000 _____ C:\Windows\setupact.log
2013-12-06 15:56 - 2013-12-06 15:57 - 00005185 _____ C:\Windows\LDPINST.LOG
2013-12-06 15:56 - 2013-12-06 15:56 - 00001477 _____ C:\Users\Public\Desktop\Logitech Webcam Software  .lnk
2013-12-04 20:11 - 2013-12-04 20:12 - 00000000 ____D C:\Users\PAULO\Desktop\100D3100
2013-12-04 14:34 - 2013-12-16 13:32 - 00002866 _____ C:\Windows\PFRO.log
2013-12-04 14:19 - 2013-12-16 11:58 - 00000910 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-04 14:19 - 2013-12-16 11:58 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-04 14:19 - 2013-12-04 14:19 - 00001956 _____ C:\Users\PAULO\Desktop\Tweaking.com - Windows Repair (All in One).lnk
2013-12-04 14:19 - 2013-12-04 14:19 - 00000000 ____D C:\Program Files\Tweaking.com
2013-12-04 14:19 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-11-25 21:43 - 2013-11-25 21:43 - 00000000 ____D C:\MGADiagToolOutput
2013-11-25 21:42 - 2013-11-25 21:42 - 00000130 _____ C:\Descriptors.txt
2013-11-25 21:42 - 2003-03-25 06:00 - 00009216 _____ (Microsoft Corporation) C:\Windows\proxycfg.exe
2013-11-25 21:01 - 2013-11-25 21:01 - 00041604 _____ C:\Users\PAULO\Documents\cc_20131125_210140.reg
2013-11-25 20:55 - 2013-11-25 20:55 - 00000808 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-11-25 20:55 - 2013-11-25 20:55 - 00000000 ____D C:\Program Files\CCleaner
2013-11-17 14:05 - 2013-11-17 14:05 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-16 21:56 - 2013-11-16 21:56 - 00000000 ____D C:\Users\PAULO\AppData\Roaming\AVAST Software
2013-11-16 17:36 - 2013-11-16 17:42 - 00001877 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk

==================== One Month Modified Files and Folders =======

2013-12-16 15:17 - 2013-04-12 15:25 - 01383598 _____ C:\Windows\WindowsUpdate.log
2013-12-16 15:16 - 2013-03-03 17:53 - 00000000 ____D C:\Users\PAULO\AppData\Roaming\Skype
2013-12-16 15:15 - 2013-12-16 15:15 - 00000000 ____D C:\FRST
2013-12-16 15:11 - 2006-11-02 11:33 - 01472912 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-16 15:05 - 2013-07-03 04:58 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2013-12-16 15:05 - 2012-12-09 22:05 - 00000398 _____ C:\Windows\Tasks\Wise Care 365.job
2013-12-16 15:05 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-16 15:05 - 2006-11-02 13:47 - 00003296 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-16 15:05 - 2006-11-02 13:47 - 00003296 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-16 15:05 - 2006-11-02 13:37 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-12-16 15:03 - 2008-04-10 17:22 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-12-16 15:01 - 2006-11-02 14:01 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-16 14:57 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-12-16 14:56 - 2011-02-07 15:22 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-16 14:50 - 2006-11-02 11:23 - 00000331 _____ C:\Windows\win.ini
2013-12-16 13:36 - 2012-12-10 11:33 - 00002617 _____ C:\Users\PAULO\Desktop\Microsoft Word 2010.lnk
2013-12-16 13:34 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\tracing
2013-12-16 13:32 - 2013-12-04 14:34 - 00002866 _____ C:\Windows\PFRO.log
2013-12-16 13:29 - 2013-12-16 13:28 - 00000000 ____D C:\5dc6eb3b0a3bdca6bc002fb2174d
2013-12-16 12:44 - 2012-08-22 05:09 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-16 12:44 - 2009-12-07 23:15 - 00000000 ____D C:\Program Files\WinRAR
2013-12-16 12:31 - 2013-12-16 12:31 - 00145624 _____ C:\Users\PAULO\Desktop\WindowsUpdate.zip
2013-12-16 12:10 - 2013-12-16 12:10 - 00000863 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-12-16 12:09 - 2009-03-13 23:57 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR
2013-12-16 11:58 - 2013-12-04 14:19 - 00000910 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-16 11:58 - 2013-12-04 14:19 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-16 11:49 - 2013-12-16 11:49 - 00000000 ____D C:\Users\PAULO\AppData\Local\Secunia PSI
2013-12-16 11:44 - 2013-12-16 11:44 - 00000000 ____D C:\Program Files\Secunia
2013-12-16 11:44 - 2012-04-04 23:28 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-12-16 11:44 - 2011-05-25 02:58 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-12-16 11:31 - 2013-12-16 11:31 - 00087358 _____ C:\Users\PAULO\Documents\ResultReport.html
2013-12-16 10:58 - 2013-12-16 10:58 - 00094524 _____ C:\Users\PAULO\Desktop\WindowsUpdate.rar
2013-12-16 04:43 - 2009-07-04 11:24 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-16 02:57 - 2013-07-02 16:34 - 00001967 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-12-15 21:43 - 2009-07-04 11:24 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-06 18:33 - 2013-12-06 18:33 - 00085243 _____ C:\Users\PAULO\Desktop\WindowsUpdate.7z
2013-12-06 18:32 - 2013-12-06 18:32 - 00000000 ____D C:\Program Files\7-Zip
2013-12-06 18:17 - 2013-12-06 18:17 - 01461337 _____ C:\Users\PAULO\Desktop\WindowsUpdate.log
2013-12-06 16:54 - 2013-12-06 16:54 - 00000000 ____D C:\Users\PAULO\AppData\Local\Logitech® Webcam-Software
2013-12-06 16:05 - 2013-12-06 16:05 - 00000000 _____ C:\Windows\setuperr.log
2013-12-06 16:05 - 2013-12-06 16:05 - 00000000 _____ C:\Windows\setupact.log
2013-12-06 15:57 - 2013-12-06 15:56 - 00005185 _____ C:\Windows\LDPINST.LOG
2013-12-06 15:57 - 2010-05-02 17:39 - 00038908 _____ C:\Windows\system32\lvcoinst.log
2013-12-06 15:57 - 2007-12-13 17:39 - 00000000 ____D C:\Program Files\Common Files\LogiShrd
2013-12-06 15:57 - 2007-11-19 19:23 - 00000000 ____D C:\Users\PAULO
2013-12-06 15:56 - 2013-12-06 15:56 - 00001477 _____ C:\Users\Public\Desktop\Logitech Webcam Software  .lnk
2013-12-06 11:35 - 2013-09-27 15:35 - 00000000 ____D C:\Windows\system32\logishrd
2013-12-04 20:12 - 2013-12-04 20:11 - 00000000 ____D C:\Users\PAULO\Desktop\100D3100
2013-12-04 14:40 - 2007-11-28 19:36 - 00000000 ____D C:\Users\PAULO\AppData\Local\Adobe
2013-12-04 14:34 - 2006-11-02 13:37 - 00000000 ____D C:\Windows\ShellNew
2013-12-04 14:19 - 2013-12-04 14:19 - 00001956 _____ C:\Users\PAULO\Desktop\Tweaking.com - Windows Repair (All in One).lnk
2013-12-04 14:19 - 2013-12-04 14:19 - 00000000 ____D C:\Program Files\Tweaking.com
2013-12-03 13:15 - 2013-10-13 12:20 - 00000000 ____D C:\Users\PAULO\Desktop\Gutscheine
2013-12-02 17:34 - 2011-10-14 09:19 - 00000000 ____D C:\ProgramData\CanonIJPLM
2013-11-26 14:26 - 2013-03-03 18:15 - 00000000 ___RD C:\Program Files\Skype
2013-11-26 14:26 - 2011-11-11 20:33 - 00000000 ____D C:\ProgramData\Skype
2013-11-25 21:43 - 2013-11-25 21:43 - 00000000 ____D C:\MGADiagToolOutput
2013-11-25 21:42 - 2013-11-25 21:42 - 00000130 _____ C:\Descriptors.txt
2013-11-25 21:01 - 2013-11-25 21:01 - 00041604 _____ C:\Users\PAULO\Documents\cc_20131125_210140.reg
2013-11-25 20:55 - 2013-11-25 20:55 - 00000808 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-11-25 20:55 - 2013-11-25 20:55 - 00000000 ____D C:\Program Files\CCleaner
2013-11-25 12:20 - 2012-04-12 14:46 - 00000000 ____D C:\Program Files\stinger
2013-11-25 11:51 - 2012-08-08 22:32 - 00000000 ____D C:\Users\PAULO\Desktop\PROGRAMME
2013-11-17 14:05 - 2013-11-17 14:05 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-16 21:56 - 2013-11-16 21:56 - 00000000 ____D C:\Users\PAULO\AppData\Roaming\AVAST Software
2013-11-16 17:42 - 2013-11-16 17:36 - 00001877 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-11-16 17:42 - 2013-07-03 18:42 - 00774392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-11-16 17:42 - 2013-07-03 18:42 - 00403440 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-11-16 17:42 - 2013-07-03 18:42 - 00269216 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-11-16 17:42 - 2013-07-03 18:42 - 00178304 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-11-16 17:42 - 2013-07-03 18:42 - 00070384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-11-16 17:42 - 2013-07-03 18:42 - 00057672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-11-16 17:42 - 2013-07-03 18:42 - 00054832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2013-11-16 17:42 - 2013-07-03 18:42 - 00049944 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-11-16 17:42 - 2013-07-03 18:42 - 00035656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-11-16 17:42 - 2013-07-03 18:41 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-11-16 17:38 - 2013-07-03 18:17 - 00000000 ____D C:\ProgramData\AVAST Software
2013-11-16 17:38 - 2006-11-02 11:23 - 00002577 _____ C:\Windows\system32\config.nt

Files to move or delete:
====================
C:\ProgramData\PKP_DLdu.DAT


Some content of TEMP:
====================
C:\Users\PAULO\AppData\Local\Temp\Checkupdate.exe
C:\Users\PAULO\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\PAULO\AppData\Local\Temp\gcapi_dll.dll
C:\Users\PAULO\AppData\Local\Temp\gtapi_signed.dll
C:\Users\PAULO\AppData\Local\Temp\mbam-setup.exe
C:\Users\PAULO\AppData\Local\Temp\WindowsUpdateAgent30-x86.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-16 15:10

==================== End Of Log ============================
--- --- ---

--- --- ---


Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 16-12-2013 02
Ran by PAULO at 2013-12-16 15:17:36
Running from C:\Users\PAULO\Desktop\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

7-Zip 9.20
Adobe AIR (Version: 3.9.0.1380)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.170)
Adobe Flash Player 11 Plugin (Version: 11.9.900.170)
Adobe Shockwave Player 12.0 (Version: 12.0.7.148)
Apple Application Support (Version: 2.3.4)
Apple Software Update (Version: 2.1.3.127)
Ashampoo Burning Studio 2013 v.11.0.6 (Version: 11.0.6)
Ashampoo WinOptimizer 10 v.10.2.5 (Version: 10.02.05)
Ashampoo WinOptimizer 8 v.8.14.00 (Version: 8.14.00)
avast! Free Antivirus (Version: 9.0.2008)
AVM FRITZ!WLAN
CameraHelperMsi (Version: 13.31.1038.0)
Canon Easy-PhotoPrint EX
Canon Easy-WebPrint EX
Canon Inkjet Printer/Scanner/Fax Extended Survey Program
Canon MP Navigator EX 4.0
Canon MP495 series Benutzerregistrierung
Canon MP495 series MP Drivers
Canon My Printer
Canon Solution Menu EX
CCleaner (Version: 4.07)
CyberLink PowerDVD 8 (Version: 8.0.1830)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DivX-Setup (Version: 2.6.1.84)
DriverGenius 11
erLT (Version: 1.20.138.34)
Facebook Video Calling 1.2.0.287 (Version: 1.2.287)
Foxit Reader (Version: 6.0.6.722)
FUSSBALL MANAGER 12 (Version: 1.0.0.0)
Google Chrome (Version: 31.0.1650.63)
Google Earth (Version: 7.1.1.1580)
Google Update Helper (Version: 1.3.22.3)
Google Updater (Version: 2.4.2432.1652)
Intel(R) Control Center (Version: 1.2.1.1007)
Intel(R) Network Connections 16.8.46.0 (Version: 16.8.46.0)
Intel(R) Rapid Storage Technology (Version: 11.1.0.1006)
IObit Apps Toolbar v7.2 (Version: 7.2)
Java 7 Update 45 (Version: 7.0.450)
Java Auto Updater (Version: 2.1.9.8)
Joost Plugin (Version: 0.1.0)
Junk Mail filter update (Version: 15.4.3502.0922)
king.com (remove only)
KWorld TV713X BDA Driver
LG USB Modem Drivers (Version: 4.9.4)
LightScribe  1.4.124.1 (Version: 1.4.124.1)
Logitech Desktop Messenger (Version: 2.52.18)
Logitech Legacy USB Camera-Treiberpaket
Logitech Webcam Software (Version: 2.0)
Logitech Webcam Software-Treiberpaket (Version: 12.10.1110)
LWS Facebook (Version: 13.31.1038.0)
LWS Gallery (Version: 13.31.1038.0)
LWS Help_main (Version: 13.31.1044.0)
LWS Launcher (Version: 13.31.1038.0)
LWS Motion Detection (Version: 13.30.1395.0)
LWS Pictures And Video (Version: 13.31.1038.0)
LWS Twitter (Version: 13.30.1346.0)
LWS Video Mask Maker (Version: 13.30.1379.0)
LWS VideoEffects (Version: 13.30.1379.0)
LWS Webcam Software (Version: 13.31.1038.0)
LWS WLM Plugin (Version: 1.30.1201.0)
LWS YouTube Plugin (Version: 13.31.1038.0)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300)
marvell 61xx (Version: 1.2.0.8300)
MCE Software Encoder 1.1 (Version: 1.1.0.1207)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0)
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (Version: 14.0.5120.5000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (Version: 9.0.21022.218)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (Version: 11.0.51106.1)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (Version: 11.0.51106)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (Version: 11.0.51106)
Mozilla Firefox 25.0.1 (x86 de) (Version: 25.0.1)
Mozilla Maintenance Service (Version: 22.0)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB925672) (Version: 4.20.9839.0)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
MyDriveConnect 3.3.0.1318 (Version: 3.3.0.1318)
MyFreeCodec
NAVIGON Fresh 3.4.1 (Version: 3.4.1)
neroxml (Version: 1.0.0)
NVIDIA 3D Vision Controller-Treiber 314.22 (Version: 314.22)
NVIDIA Display Control Panel (Version: 6.14.11.9745)
NVIDIA Grafiktreiber 314.22 (Version: 314.22)
NVIDIA Install Application (Version: 2.1002.115.743)
NVIDIA PhysX (Version: 9.12.1031)
NVIDIA PhysX-Systemsoftware 9.12.1031 (Version: 9.12.1031)
NVIDIA Systemsteuerung 314.22 (Version: 314.22)
NVIDIA Update 1.12.12 (Version: 1.12.12)
NVIDIA Update Components (Version: 1.12.12)
Opera 12.16 (Version: 12.16.1860)
Opera next 15.0.1147.18 (Version: 15.0.1147.18)
Picasa 3 (Version: 3.9)
Picasa Uploader (Version: 0.5)
Plus500
PowerDVD (Version: 7.0.2414.0)
PowerProducer
PVSonyDll (Version: 1.00.0001)
QuickTime (Version: 7.74.80.86)
RealDownloader (Version: 1.3.3)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0)
RealPlayer (Version: 16.0.3)
RealUpgrade 1.1 (Version: 1.1.0)
Recuva (Version: 1.47)
Registry Mechanic 10.0 (Version: 10.0)
Samsung Kies (Version: 2.1.0.11095_121)
SAMSUNG USB Driver for Mobile Phones (Version: 1.4.103.0)
Secunia PSI (3.0.0.9015) (Version: 3.0.0.9015)
Segoe UI (Version: 15.4.2271.0615)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Skype™ 6.11 (Version: 6.11.102)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
Spyware Striker (Version: 7.1.1)
SpywareBlaster 5.0 (Version: 5.0.0)
Swisscom Quick Help (Version: 3.1.0.209)
swMSM (Version: 12.0.0.1)
TheLastRipper 1.4 (Version: 1.4)
TuneUp Utilities Language Pack (en-US) (Version: 9.0.4700.23)
TV Enhance (Version: 1.0.3712)
Tweaking.com - Windows Repair (All in One) (Version: 2.1.0)
Uninstall Gold 2.0.2.87
Unlocker 1.9.2 (Version: 1.9.2)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
VideoMate T , M , P Series  Driver (Version: 1.37.800)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
Visual C++ 8.0 CRT (x86) WinSXS MSM (Version: 8.0.50727.762)
Visual Studio C++ 10.0 Runtime (Version: 10.0.0)
VLC media player 2.1.1 (Version: 2.1.1)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live Fotogalerie (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX control for remote connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live OneCare safety scanner (Version: 1.0.0.0)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)

==================== Restore Points  =========================

31-10-2013 23:00:11 Geplanter Prüfpunkt
01-11-2013 16:27:47 Geplanter Prüfpunkt
01-11-2013 16:54:55 Windows Update
02-11-2013 16:40:58 Geplanter Prüfpunkt
03-11-2013 11:09:01 Geplanter Prüfpunkt
04-11-2013 16:30:36 Geplanter Prüfpunkt
05-11-2013 15:43:16 Geplanter Prüfpunkt
05-11-2013 16:55:09 Windows Update
06-11-2013 14:02:35 Geplanter Prüfpunkt
07-11-2013 10:28:30 Removed inSSIDer 3
07-11-2013 10:30:19 Removed IObit Apps Toolbar v7.2.
08-11-2013 13:34:41 Geplanter Prüfpunkt
09-11-2013 13:19:53 Geplanter Prüfpunkt
12-11-2013 16:42:23 Geplanter Prüfpunkt
12-11-2013 16:55:06 Windows Update
13-11-2013 11:28:07 Geplanter Prüfpunkt
14-11-2013 16:29:39 Geplanter Prüfpunkt
15-11-2013 11:17:12 Geplanter Prüfpunkt
16-11-2013 16:34:32 Windows Update
16-11-2013 16:38:57 avast! antivirus system restore point
18-11-2013 13:16:26 Geplanter Prüfpunkt
19-11-2013 16:45:21 Windows Update
20-11-2013 16:08:21 Geplanter Prüfpunkt
22-11-2013 12:10:12 Geplanter Prüfpunkt
23-11-2013 15:12:03 Geplanter Prüfpunkt
24-11-2013 14:37:37 Geplanter Prüfpunkt
25-11-2013 15:28:44 Geplanter Prüfpunkt
25-11-2013 20:05:53 Wiederherstellungspunkt vor Fehlerhafte Patchregistrierungsschlüssel
26-11-2013 16:11:14 Geplanter Prüfpunkt
26-11-2013 16:45:22 Windows Update
27-11-2013 12:12:14 Geplanter Prüfpunkt
28-11-2013 16:44:09 Geplanter Prüfpunkt
29-11-2013 20:15:55 Geplanter Prüfpunkt
30-11-2013 13:11:01 Geplanter Prüfpunkt
01-12-2013 14:31:02 Geplanter Prüfpunkt
03-12-2013 14:35:28 Geplanter Prüfpunkt
03-12-2013 16:45:22 Windows Update
05-12-2013 14:05:02 Geplanter Prüfpunkt
06-12-2013 12:16:23 Geplanter Prüfpunkt
07-12-2013 09:54:43 Geplanter Prüfpunkt
15-12-2013 20:53:07 Windows Update
16-12-2013 11:32:40 Removed NetSpeedMonitor 2.5.4.0 x86
16-12-2013 12:28:47 Windows Update
16-12-2013 13:15:52 Windows Update

==================== Hosts content: ==========================

2006-11-02 11:23 - 2012-08-22 09:02 - 00442303 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1        localhost
127.0.0.1        www.007guard.com
127.0.0.1        007guard.com
127.0.0.1        008i.com
127.0.0.1        www.008k.com
127.0.0.1        008k.com
127.0.0.1        www.00hq.com
127.0.0.1        00hq.com
127.0.0.1        010402.com
127.0.0.1        www.032439.com
127.0.0.1        032439.com
127.0.0.1        www.0scan.com
127.0.0.1        0scan.com
127.0.0.1        1000gratisproben.com
127.0.0.1        www.1000gratisproben.com
127.0.0.1        1001namen.com
127.0.0.1        www.1001namen.com
127.0.0.1        100888290cs.com
127.0.0.1        www.100888290cs.com
127.0.0.1        www.100sexlinks.com
127.0.0.1        100sexlinks.com
127.0.0.1        10sek.com
127.0.0.1        www.10sek.com
127.0.0.1        www.1-2005-search.com
127.0.0.1        1-2005-search.com
127.0.0.1        123fporn.info
127.0.0.1        www.123fporn.info
127.0.0.1        123haustiereundmehr.com
127.0.0.1        www.123haustiereundmehr.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {039CDDAF-3129-407D-B953-7BA0BE60A2A2} - System32\Tasks\Microsoft\Windows\RestartManager\{B6D0D6E0-F40C-4467-922D-6885BFEC82FB} => C:\Windows\System32\RmClient.exe [2006-11-02] (Microsoft Corporation)
Task: {066E3793-5433-4584-AE6D-3C9F4A991401} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2795511429-1016840749-3435742708-1000 => C:\Program Files\Real\RealUpgrade\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {06AE5F01-5B63-4568-BDA4-E8BFA1A26166} - System32\Tasks\RMSchedule => C:\Program Files\Registry Mechanic\RegMech.exe
Task: {09BCEC93-BAF4-4DB7-8CD9-F116823FA3F6} - System32\Tasks\{72014751-1D3C-425F-AB0F-E23ECCF863E9} => Firefox.exe hxxp://ui.skype.com/ui/0/6.0.0.126/de/go/help.faq.installer?LastError=1603
Task: {0E326FCB-56DC-497D-A4CA-F8861C707C4A} - System32\Tasks\RealCreateProcessScheduledTask4969677S-1-5-21-2795511429-1016840749-3435742708-1000 => C:\Program Files\Real\RealPlayer\realplay.exe [2013-09-16] (RealNetworks, Inc.)
Task: {122E9867-953D-4D58-9F18-26C72FBB9AD5} - System32\Tasks\Wise Care 365 => C:\Program Files\Wise\Wise Care 365\WiseTray.exe
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {20DA87A3-23A6-4C81-953A-8D60BFA91DE1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-16] (Adobe Systems Incorporated)
Task: {25069B2B-BD93-4B2A-A923-755DF698D145} - System32\Tasks\{B3B87009-9445-4F42-BD1E-836A3AD650DA} => Chrome.exe hxxp://ui.skype.com/ui/0/6.0.0.126/de/go/help.faq.installer?LastError=1603
Task: {2636CF2A-3688-4355-B2E7-8FBAF375888F} - System32\Tasks\SmartDefragUpdate => C:\Program Files\IObit\Smart Defrag 2\AutoUpdate.exe
Task: {2ADFA046-B6BE-4677-87D8-C11DD71D151E} - System32\Tasks\DriverScanner => C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe
Task: {2B7D78B1-E930-4E9C-BC59-33B26903DD09} - System32\Tasks\RealCreateProcessScheduledTask1554019S-1-5-21-2795511429-1016840749-3435742708-1000 => C:\Program Files\Real\RealPlayer\realplay.exe [2013-09-16] (RealNetworks, Inc.)
Task: {2E8910C5-4F5A-4220-B7A2-7956073E33F1} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2795511429-1016840749-3435742708-1000 => C:\Program Files\Real\RealUpgrade\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {2FDBDC47-7148-49DB-9D32-32E6A003C996} - System32\Tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 => Rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
Task: {3356E348-91E9-4417-9651-F4783711038E} - System32\Tasks\Ad-Aware Update (Daily 1) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {33F56E49-BEC8-4A80-8072-788EFAA5FDC0} - System32\Tasks\RNUpgradeHelperResumePrompt_PAULO => C:\Users\PAULO\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.60\agent\rnupgagent.exe [2013-09-04] (RealNetworks, Inc.)
Task: {340406B8-C83A-434A-81AB-13712B597FF4} - System32\Tasks\{F7983250-C069-4131-871C-9236EA5B38EA} => Firefox.exe hxxp://ui.skype.com/ui/0/5.9.0.123/de/go/help.faq.installer?LastError=1603
Task: {383E85BA-E356-4171-B85E-94666FB66ADB} - System32\Tasks\{EBE37741-0C7D-485D-A2C9-9A95FE405F7A} => Firefox.exe hxxp://ui.skype.com/ui/0/5.9.0.123/de/go/help.faq.installer?LastError=1603
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\System32\RacAgent.exe [2008-01-19] (Microsoft Corporation)
Task: {4543010C-C401-4D8F-A6C2-0F5486843F4D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2795511429-1016840749-3435742708-1000UA => C:\Users\PAULO\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {4C578A49-256E-4C49-BE4B-5926D5315B0C} - System32\Tasks\schedule!3036567561 => C:\ProgramData\BetterSoft\OptimizerPro\OptimizerPro.exe <==== ATTENTION
Task: {4E915501-5E8E-45A3-A232-95725203E1CA} - System32\Tasks\ReclaimerResumeInstall_PAULO => C:\Users\PAULO\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.60\agent\rnupgagent.exe [2013-09-04] (RealNetworks, Inc.)
Task: {57E686D9-FA28-4722-8A9B-1E5BDECAF8B8} - System32\Tasks\Orb Startup => C:\Program Files\Winamp Remote\bin\OrbTray.exe
Task: {5930A06C-F8DD-4407-8DB8-195BA2DD91D6} - System32\Tasks\{7940717C-DF97-4EAA-871B-E980427DA419} => Firefox.exe hxxp://www.skype.com/go/downloading?source=installer&amp;ver=4.1.0.166.180&amp;LastError=-9
Task: {5A83E31D-F0A6-44D8-A440-DEE5EC21F763} - System32\Tasks\ReclaimerResumeInstallLogin_PAULO => C:\Users\PAULO\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.60\agent\rnupgagent.exe [2013-09-04] (RealNetworks, Inc.)
Task: {66142AEA-7DEE-4449-9A2E-CBC6AE8B5269} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2795511429-1016840749-3435742708-1000UA => C:\Users\PAULO\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-08] (Facebook Inc.)
Task: {68413093-42C1-4FCA-9271-754936D61C3C} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2795511429-1016840749-3435742708-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {6C8CDA9F-D9D4-4A81-91CF-31A94B739B99} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2795511429-1016840749-3435742708-1000Core => C:\Users\PAULO\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-08] (Facebook Inc.)
Task: {6C968DF2-E110-4A6C-80F6-2272445D0B51} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2795511429-1016840749-3435742708-1000Core1cdcf22259beeed => C:\Users\PAULO\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {6E19647E-BF32-41BD-906B-98C76F960B88} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => C:\Program Files\Windows Defender\MpCmdRun.exe [2008-01-19] (Microsoft Corporation)
Task: {6E44F8C3-C3BE-4E8F-8F10-2297740293B9} - System32\Tasks\{5F97CF02-2FCF-460B-8C81-2938EBFAB745} => Chrome.exe hxxp://ui.skype.com/ui/0/6.0.0.126/de/go/help.faq.installer?source=lightinstaller&amp;LastError=1603
Task: {725E00DC-45D4-4114-9123-315DE90D4928} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2795511429-1016840749-3435742708-1000Core => C:\Users\PAULO\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {73CD9D9A-FFDC-4713-BE0B-D03EF0CD2365} - System32\Tasks\ASC6_AutoClean => C:\Program Files\IObit\Advanced SystemCare 6\AutoSweep.exe
Task: {73F627F5-69A0-46FF-A826-E1D2251170A5} - System32\Tasks\SmartDefrag_Startup => C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe
Task: {7421A1C7-92AF-48F1-BCD6-468B305383C2} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance => C:\Program Files\TuneUp Utilities 2010\OneClick.exe
Task: {7957181E-348B-4719-A447-E90AF937E853} - System32\Tasks\{DD442EDE-DB2C-4F25-A1A8-553DEAFA6AE5} => Firefox.exe hxxp://ui.skype.com/ui/0/5.9.0.123/de/go/help.faq.installer?source=lightinstaller&amp;LastError=1603
Task: {7F687AE8-447E-4BB0-851F-09151519958B} - System32\Tasks\ReclaimerUpdateFiles_PAULO => C:\Users\PAULO\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.60\agent\rnupgagent.exe [2013-09-04] (RealNetworks, Inc.)
Task: {7FB985A5-0D52-442C-A9DB-04854F8AFDC6} - System32\Tasks\EPUpdater => C:\Users\PAULO\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe
Task: {867C371A-62AB-44E6-861E-E5FF3E9CE5DC} - System32\Tasks\RNUpgradeHelperLogonPrompt_PAULO => C:\Users\PAULO\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.60\agent\rnupgagent.exe [2013-09-04] (RealNetworks, Inc.)
Task: {891377A3-5AE5-48B6-9F54-C9DB6053A004} - System32\Tasks\GlaryInitialize => C:\Program Files\Glary Utilities\initialize.exe
Task: {8B9EA27F-2521-4F4D-9192-63E84E7683C5} - System32\Tasks\{0CD2F811-20F0-4CB5-A3CD-5583E44F4A29} => Firefox.exe hxxp://ui.skype.com/ui/0/5.9.0.123/de/go/help.faq.installer?LastError=1603
Task: {8C9B2580-62FD-41FD-A201-82E187B44E5E} - System32\Tasks\AWC Startup => C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
Task: {921368AE-AE36-4CF3-AFDC-8AEE8E04DA10} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-11-16] (AVAST Software)
Task: {9A884D90-60ED-4E22-8386-268069D3AB26} - System32\Tasks\Ad-Aware Update (Daily 2) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {9B805735-489C-47C4-ADA9-92DB9CDBE769} - System32\Tasks\{7BBC8379-19E6-4FB6-9FA0-030B5A73C968} => Firefox.exe hxxp://ui.skype.com/ui/0/5.5.0.124.259/de/abandoninstall?source=lightinstaller&amp;page=tsDownload&amp;installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;disabled
Task: {9EE75E4B-3F51-41D5-815C-F5362903C6E8} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2011-08-01] (Microsoft Corporation)
Task: {A1868F64-ED08-49A9-9F86-F62ED855AFFD} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => Rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
Task: {A5FB8C59-646F-4D7B-80D7-0708023AC690} - System32\Tasks\QUAD => C:\Program Files\QUAD Utilities\QUAD Registry Cleaner\QUAD Scheduler.exe
Task: {AAB9776D-FD85-404A-8A3A-BAA99248AFE7} - System32\Tasks\RealCreateProcessScheduledTask2190784S-1-5-21-2795511429-1016840749-3435742708-1000 => C:\Program Files\Real\RealPlayer\Update\realonemessagecenter.exe [2013-09-16] (RealNetworks, Inc.)
Task: {AF52FCDC-C4C7-446A-9AB3-5E4EA813ACEA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-08] (Google Inc.)
Task: {B50A55A4-A4BD-4B4F-B2DD-7AB479755D96} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2795511429-1016840749-3435742708-1000 => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe [2013-08-14] (RealNetworks, Inc.)
Task: {B51476E5-B1EE-4E67-90F2-606E85FCC56E} - System32\Tasks\Automatic troubleshooting => C:\Program Files\TuneUp Utilities 2010\TuneUpSystemStatusCheck.exe
Task: {BBD500C9-30AC-499E-838E-856F0EBCD954} - System32\Tasks\Ad-Aware Update (Daily 3) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {BDB584C6-A12D-4EC2-AE58-28950E3DFCB2} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {BE414DD4-64FC-4D4E-B4E2-5F58BE222E54} - System32\Tasks\Scan the system (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {C68185EE-DF89-4A98-99D2-10DB51AD8E73} - System32\Tasks\BrowserDefendert => Sc.exe start BrowserDefendert
Task: {C99B3726-C4B3-4AC7-BD74-2FB4CE101917} - System32\Tasks\Check for updates (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {C9BD1087-F5FC-4016-9B19-58F8A9EA5EF8} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2795511429-1016840749-3435742708-1000 => C:\Program Files\Real\RealUpgrade\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {CE95BDC4-A675-4FDE-AA69-661F6BBC0770} - System32\Tasks\{78AC419A-6693-4DBC-89C9-BD563A0C3476} => Firefox.exe hxxp://ui.skype.com/ui/0/5.9.0.123/de/go/help.faq.installer?LastError=1603
Task: {CF4E1D24-CFC5-4880-8BAD-A4308E58AA81} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - PAULO => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-10] (Microsoft Corporation)
Task: {CFF7169F-D861-410C-AE37-BE76F2E3E70B} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2795511429-1016840749-3435742708-1000 => C:\Program Files\Real\RealUpgrade\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {D09CE50E-D929-4D8C-A55D-2093E245D7D9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-10-22] (Piriform Ltd)
Task: {D286619A-4262-49F2-B711-A2886C67BC96} - System32\Tasks\DriverEasy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: {D2D14DBB-1B0E-40E2-A618-AD28A26D729C} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {D359E6AC-ABAA-4F78-BCB2-55A62B3F6EB6} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files\Ask.com\UpdateTask.exe
Task: {D57A5673-85EB-407B-ACC4-0482A28E9557} - System32\Tasks\Google Software Updater => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-21] (Google)
Task: {D90984E7-3E98-43F3-BBEE-072616F104C8} - System32\Tasks\{2BF719F1-B66F-4947-9938-167172D6E839} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=4.2.0.155.217&amp;LastError=-3
Task: {D9283256-CA25-4FF8-A3A0-4EEC49F6AC28} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {DA17A894-33DB-441D-BEEB-BF5BEACF581C} - System32\Tasks\ASC6_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare 6\Monitor.exe
Task: {DCE8058E-3BD6-40B1-8700-80FAD4FDFA61} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {DEBC4145-F05E-4A08-AB85-6F235A252A0B} - System32\Tasks\Secunia PSI Logon Task => C:\Program Files\Secunia\PSI\psi.exe [2013-11-04] (Secunia)
Task: {E1124319-5557-4E7B-9166-1EEF4B844D7E} - System32\Tasks\1-Klick-Wartung => C:\Program Files\TuneUp Utilities 2009\OneClickStarter.exe
Task: {E3168AEE-75C3-4BC4-A307-53275D31927D} - System32\Tasks\Ad-Aware Update (Daily 4) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\System32\gatherWirelessInfo.vbs [2008-01-05] ()
Task: {EA6D4EA7-0D8E-4FC8-97A5-D03C4CCB5A4D} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2795511429-1016840749-3435742708-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {ECC93284-E5B7-49C9-97AB-89911632DFCC} - System32\Tasks\ReclaimerUpdateXML_PAULO => C:\Users\PAULO\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.60\agent\rnupgagent.exe [2013-09-04] (RealNetworks, Inc.)
Task: {ED82047A-B9A2-4230-9857-FF3A0A526693} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-08] (Google Inc.)
Task: {EF428C4A-A381-4ED9-ADB3-D8C7AC3314A6} - System32\Tasks\03-17-2011_221603 => C:\Program Files\Spyware Cease 2011\SpywareCease2011.exe
Task: {F41E5348-91AA-4239-9785-440DF8D24896} - System32\Tasks\{BB9186F9-B872-4208-8ED6-4CDE6FC3AFA0} => Chrome.exe hxxp://ui.skype.com/ui/0/6.0.0.126/de/go/help.faq.installer?LastError=1603
Task: {F7E77040-8CB1-41F5-9005-8A8E0259497A} - System32\Tasks\RMSmartUpdate => C:\Program Files\Registry Mechanic\update.exe
Task: {F8CCD03A-25D7-4870-9C29-E8E5469221C0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2795511429-1016840749-3435742708-1000UA1cdcf2225bc211d => C:\Users\PAULO\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {F8D6E476-24FE-4649-A4D7-985706B29128} - System32\Tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 => Rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
Task: {FAB21A2E-5363-46E8-B375-D672ADB077DA} - System32\Tasks\RealCreateProcessScheduledTask17108036S-1-5-21-2795511429-1016840749-3435742708-1000 => C:\Program Files\Real\RealPlayer\realplay.exe [2013-09-16] (RealNetworks, Inc.)
Task: {FBAFFF52-DF4B-47F2-99CB-949477887F4E} - System32\Tasks\Refresh immunization (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2795511429-1016840749-3435742708-1000Core.job => C:\Users\PAULO\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2795511429-1016840749-3435742708-1000UA.job => C:\Users\PAULO\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\Google Software Updater.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RMSchedule.job => C:\Program Files\Registry Mechanic\RegMech.exe
Task: C:\Windows\Tasks\Wise Care 365.job => C:\Program Files\Wise\Wise Care 365\WiseTray.exe

==================== Loaded Modules (whitelisted) =============

2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-07-04 22:32 - 2010-07-04 22:32 - 00010752 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2013-08-21 10:19 - 2013-08-21 10:19 - 01392640 _____ () C:\Program Files\DivX\DivX Media Server\DivXDLNATranscoder.dll
2010-05-07 17:35 - 2010-05-07 17:35 - 02143576 _____ () C:\Program Files\Logitech\LWS\Webcam Software\QtCore4.dll
2010-05-07 17:35 - 2010-05-07 17:35 - 07954776 _____ () C:\Program Files\Logitech\LWS\Webcam Software\QtGui4.dll
2010-05-07 17:36 - 2010-05-07 17:36 - 00340824 _____ () C:\Program Files\Logitech\LWS\Webcam Software\QtXml4.dll
2010-05-07 17:37 - 2010-05-07 17:37 - 00027480 _____ () C:\Program Files\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2010-05-07 17:37 - 2010-05-07 17:37 - 00126808 _____ () C:\Program Files\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2013-08-29 01:25 - 2013-08-29 01:25 - 00100688 _____ () C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
2013-11-16 17:42 - 2013-11-16 17:42 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-08-06 16:59 - 2013-08-06 16:59 - 00115137 _____ () C:\Users\PAULO\AppData\Local\Temp\c25e8b3d-33a7-42bf-85e6-6880c6753136\CliSecureRT.dll
2013-10-21 08:33 - 2013-10-21 08:33 - 00026520 _____ () C:\Program Files\MyDrive Connect\DeviceDetection.dll
2013-10-21 08:33 - 2013-10-21 08:33 - 00082840 _____ () C:\Program Files\MyDrive Connect\TomTomSupporterBase.dll
2013-10-21 08:33 - 2013-10-21 08:33 - 00337816 _____ () C:\Program Files\MyDrive Connect\TomTomSupporterProxy.dll
2011-11-11 14:09 - 2011-11-11 14:09 - 00336408 _____ () C:\Program Files\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
2013-11-17 14:05 - 2013-11-17 14:05 - 03363952 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2013-12-16 10:58 - 2013-12-16 10:58 - 16242056 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51
AlternateDataStreams: C:\ProgramData\TEMP:2E0A12A9
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
AlternateDataStreams: C:\ProgramData\TEMP:6020C786
AlternateDataStreams: C:\ProgramData\TEMP:7631EA83
AlternateDataStreams: C:\ProgramData\TEMP:A8ADE5D8
AlternateDataStreams: C:\ProgramData\TEMP:C895616B
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2
AlternateDataStreams: C:\ProgramData\TEMP:E6974837
AlternateDataStreams: C:\ProgramData\TEMP:FA5F15C4
AlternateDataStreams: C:\Users\PAULO\Documents\Michael Carreira -como vou esquecer.flv:TOC.WMV

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Lavasoft Ad-Aware Service => ""="Service"

==================== Faulty Device Manager Devices =============

Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft-6zu4-Adapter #2
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft-6zu4-Adapter #3
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft-6zu4-Adapter #4
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/16/2013 03:08:00 PM) (Source: Windows Search Service) (User: )
Description: Der alte Katalog konnte vom Windows-Suchdienst nicht entfernt werden. Interner Fehler <0,0x80070002>.

Error: (12/16/2013 03:08:00 PM) (Source: Windows Search Service) (User: )
Description: Fehler beim Erstellen des SystemIndex-Suchindex durch den Windows-Suchdienst. Interner Fehler <0, 0x80070002, Fehler beim Lesen des Registrierungswerts: DataDirectory>.

Error: (12/16/2013 03:07:59 PM) (Source: Windows Search Service) (User: )
Description: Der alte Katalog konnte vom Windows-Suchdienst nicht entfernt werden. Interner Fehler <0,0x80070002>.

Error: (12/16/2013 03:07:33 PM) (Source: Windows Search Service) (User: )
Description: Der alte Katalog konnte vom Windows-Suchdienst nicht entfernt werden. Interner Fehler <0,0x80070002>.

Error: (12/16/2013 03:07:33 PM) (Source: Windows Search Service) (User: )
Description: Fehler beim Erstellen des SystemIndex-Suchindex durch den Windows-Suchdienst. Interner Fehler <0, 0x80070002, Fehler beim Lesen des Registrierungswerts: DataDirectory>.

Error: (12/16/2013 03:07:31 PM) (Source: Windows Search Service) (User: )
Description: Der alte Katalog konnte vom Windows-Suchdienst nicht entfernt werden. Interner Fehler <0,0x80070002>.

Error: (12/16/2013 03:07:20 PM) (Source: Windows Search Service) (User: )
Description: Der alte Katalog konnte vom Windows-Suchdienst nicht entfernt werden. Interner Fehler <0,0x80070002>.

Error: (12/16/2013 03:07:20 PM) (Source: Windows Search Service) (User: )
Description: Fehler beim Erstellen des SystemIndex-Suchindex durch den Windows-Suchdienst. Interner Fehler <0, 0x80070002, Fehler beim Lesen des Registrierungswerts: DataDirectory>.

Error: (12/16/2013 03:07:19 PM) (Source: Windows Search Service) (User: )
Description: Der alte Katalog konnte vom Windows-Suchdienst nicht entfernt werden. Interner Fehler <0,0x80070002>.

Error: (12/16/2013 03:07:00 PM) (Source: Windows Search Service) (User: )
Description: Der alte Katalog konnte vom Windows-Suchdienst nicht entfernt werden. Interner Fehler <0,0x80070002>.


System errors:
=============
Error: (12/16/2013 03:08:53 PM) (Source: Service Control Manager) (User: )
Description: NVIDIA Update Service Daemon%%1069

Error: (12/16/2013 03:08:53 PM) (Source: Service Control Manager) (User: )
Description: nvUpdatusService.\UpdatusUser%%1330

Error: (12/16/2013 03:08:01 PM) (Source: Service Control Manager) (User: )
Description: Windows Search5

Error: (12/16/2013 03:08:01 PM) (Source: Service Control Manager) (User: )
Description: Windows Search2147749155 (0x80040D23)

Error: (12/16/2013 03:07:35 PM) (Source: Service Control Manager) (User: )
Description: Windows Search4

Error: (12/16/2013 03:07:33 PM) (Source: Service Control Manager) (User: )
Description: Windows Search2147749155 (0x80040D23)

Error: (12/16/2013 03:07:21 PM) (Source: Service Control Manager) (User: )
Description: Windows Search3

Error: (12/16/2013 03:07:21 PM) (Source: Service Control Manager) (User: )
Description: Windows Search2147749155 (0x80040D23)

Error: (12/16/2013 03:07:01 PM) (Source: Service Control Manager) (User: )
Description: Windows Search2300001Neustart des Diensts

Error: (12/16/2013 03:07:01 PM) (Source: Service Control Manager) (User: )
Description: Windows Search2147749155 (0x80040D23)


Microsoft Office Sessions:
=========================
Error: (12/16/2013 03:08:00 PM) (Source: Windows Search Service)(User: )
Description: 00x80070002

Error: (12/16/2013 03:08:00 PM) (Source: Windows Search Service)(User: )
Description: 00x80070002Fehler beim Lesen des Registrierungswerts: DataDirectory

Error: (12/16/2013 03:07:59 PM) (Source: Windows Search Service)(User: )
Description: 00x80070002

Error: (12/16/2013 03:07:33 PM) (Source: Windows Search Service)(User: )
Description: 00x80070002

Error: (12/16/2013 03:07:33 PM) (Source: Windows Search Service)(User: )
Description: 00x80070002Fehler beim Lesen des Registrierungswerts: DataDirectory

Error: (12/16/2013 03:07:31 PM) (Source: Windows Search Service)(User: )
Description: 00x80070002

Error: (12/16/2013 03:07:20 PM) (Source: Windows Search Service)(User: )
Description: 00x80070002

Error: (12/16/2013 03:07:20 PM) (Source: Windows Search Service)(User: )
Description: 00x80070002Fehler beim Lesen des Registrierungswerts: DataDirectory

Error: (12/16/2013 03:07:19 PM) (Source: Windows Search Service)(User: )
Description: 00x80070002

Error: (12/16/2013 03:07:00 PM) (Source: Windows Search Service)(User: )
Description: 00x80070002


CodeIntegrity Errors:
===================================
  Date: 2013-08-12 11:07:33.944
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\BillP Studios\WinPatrol\patrolpro.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-12 11:07:33.607
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\BillP Studios\WinPatrol\patrolpro.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-26 14:57:05.787
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Common Files\Spigot\Search Settings\wth162.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-26 14:57:05.572
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Common Files\Spigot\Search Settings\wth162.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-26 14:57:05.358
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Common Files\Spigot\Search Settings\wth162.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-26 14:57:05.151
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Common Files\Spigot\Search Settings\wth162.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-26 14:57:04.940
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Common Files\Spigot\Search Settings\wth162.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-26 14:57:04.726
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Common Files\Spigot\Search Settings\wth162.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-26 14:57:04.513
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Common Files\Spigot\Search Settings\wth162.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-26 14:57:04.300
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Common Files\Spigot\Search Settings\wth162.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Percentage of memory in use: 67%
Total physical RAM: 3069.45 MB
Available physical RAM: 1001.77 MB
Total Pagefile: 6339.88 MB
Available Pagefile: 4109.48 MB
Total Virtual: 2047.88 MB
Available Virtual: 1901.98 MB

==================== Drives ================================

Drive c: (BOOT) (Fixed) (Total:911.93 GB) (Free:645.09 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVER) (Fixed) (Total:19.58 GB) (Free:8.45 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 932 GB) (Disk ID: 1238DA8E)
Partition 1: (Not Active) - (Size=20 GB) - (Type=OF Extended)
Partition 2: (Active) - (Size=912 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber 18.12.2013 09:33
hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

palex31 18.12.2013 10:55
Code:
ComboFix 13-12-17.02 - PAULO 18.12.2013  10:09:24.1.4 - x86
Microsoft® Windows Vista™ Home Premium  6.0.6002.2.1252.41.1031.18.3069.1132 [GMT 1:00]
ausgeführt von:: c:\users\PAULO\Desktop\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\SafeSaver
c:\program files\SafeSaver\sprote~1.dll.ftf
c:\users\PAULO\AppData\Local\Temp\c25e8b3d-33a7-42bf-85e6-6880c6753136\CliSecureRT.dll
c:\users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\extensions\yoaa7_ofz@mutpeuyeqht-.org
c:\users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\extensions\yoaa7_ofz@mutpeuyeqht-.org\bootstrap.js
c:\users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\extensions\yoaa7_ofz@mutpeuyeqht-.org\chrome.manifest
c:\users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\extensions\yoaa7_ofz@mutpeuyeqht-.org\install.rdf
c:\windows\unin0407.exe
.
.
(((((((((((((((((((((((((((((((((((((((  Treiber/Dienste  )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_RKHIT
.
.
(((((((((((((((((((((((  Dateien erstellt von 2013-11-18 bis 2013-12-18  ))))))))))))))))))))))))))))))
.
.
2013-12-18 09:20 . 2013-12-18 09:20        --------        d-----w-        c:\users\UpdatusUser\AppData\Local\temp
2013-12-17 16:53 . 2013-12-04 02:57        7760024        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{8B26911E-6AC1-4482-B1AA-2CFAD85D680D}\mpengine.dll
2013-12-17 10:47 . 2013-12-17 10:47        --------        d-----w-        c:\users\PAULO\AppData\Local\Opera Software
2013-12-17 10:46 . 2013-12-17 10:46        --------        d-----w-        c:\users\PAULO\AppData\Roaming\Opera Software
2013-12-17 01:13 . 2013-12-17 01:13        40776        ----a-w-        c:\windows\system32\drivers\mbamswissarmy.sys
2013-12-16 14:50 . 2013-12-16 14:50        83808        ----a-w-        c:\windows\system32\NicInE6.dll
2013-12-16 14:50 . 2013-12-16 14:50        232296        ----a-w-        c:\windows\system32\drivers\e1e6032.sys
2013-12-16 14:35 . 2013-12-16 14:35        9619872        ----a-w-        c:\windows\system32\nvopencl.dll
2013-12-16 14:35 . 2013-12-16 14:35        893728        ----a-w-        c:\windows\system32\nvdispgenco3233182.dll
2013-12-16 14:35 . 2013-12-16 14:35        22951200        ----a-w-        c:\windows\system32\nvoglv32.dll
2013-12-16 14:35 . 2013-12-16 14:35        10446112        ----a-w-        c:\windows\system32\drivers\nvlddmkm.sys
2013-12-16 14:35 . 2013-12-16 14:35        1049888        ----a-w-        c:\windows\system32\nvdispco3233182.dll
2013-12-16 14:35 . 2013-12-16 14:35        9663656        ----a-w-        c:\windows\system32\nvcuda.dll
2013-12-16 14:35 . 2013-12-16 14:35        2947872        ----a-w-        c:\windows\system32\nvcuvid.dll
2013-12-16 14:35 . 2013-12-16 14:35        2747680        ----a-w-        c:\windows\system32\nvcuvenc.dll
2013-12-16 14:35 . 2013-12-16 14:35        17560352        ----a-w-        c:\windows\system32\nvcompiler.dll
2013-12-16 14:33 . 2013-12-17 10:59        --------        d-----w-        c:\program files\FileHippo.com
2013-12-16 14:15 . 2013-12-16 14:15        --------        d-----w-        C:\FRST
2013-12-16 12:28 . 2013-12-16 12:29        --------        d-----w-        C:\5dc6eb3b0a3bdca6bc002fb2174d
2013-12-16 10:49 . 2013-12-16 10:49        --------        d-----w-        c:\users\PAULO\AppData\Local\Secunia PSI
2013-12-16 10:44 . 2013-12-16 10:44        --------        d-----w-        c:\program files\Secunia
2013-12-13 02:31 . 2013-12-13 02:31        4583424        ----a-w-        c:\windows\system32\GPhotos.scr
2013-12-06 17:32 . 2013-12-06 17:32        --------        d-----w-        c:\program files\7-Zip
2013-12-06 15:54 . 2013-12-06 15:54        --------        d-----w-        c:\users\PAULO\AppData\Local\Logitech® Webcam-Software
2013-12-04 13:19 . 2013-12-16 10:58        --------        d-----w-        c:\program files\Malwarebytes' Anti-Malware
2013-12-04 13:19 . 2013-04-04 13:50        22856        ----a-w-        c:\windows\system32\drivers\mbam.sys
2013-12-04 13:19 . 2013-12-04 13:19        --------        d-----w-        c:\program files\Tweaking.com
2013-11-25 20:43 . 2013-11-25 20:43        --------        d-----w-        C:\MGADiagToolOutput
2013-11-25 20:42 . 2003-03-25 05:00        9216        ----a-w-        c:\windows\proxycfg.exe
2013-11-25 20:42 . 2013-11-25 20:43        --------        d-----w-        C:\AULOGS
2013-11-25 19:55 . 2013-12-17 10:46        --------        d-----w-        c:\program files\CCleaner
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-18 09:05 . 2013-07-03 17:42        410528        ----a-w-        c:\windows\system32\drivers\aswSP.sys
2013-12-18 09:05 . 2013-07-03 17:42        54832        ----a-w-        c:\windows\system32\drivers\aswRdr.sys
2013-12-18 09:05 . 2013-07-03 17:42        57672        ----a-w-        c:\windows\system32\drivers\aswTdi.sys
2013-12-18 09:05 . 2013-07-03 17:42        775952        ----a-w-        c:\windows\system32\drivers\aswSnx.sys
2013-12-18 09:05 . 2013-07-03 17:42        180248        ----a-w-        c:\windows\system32\drivers\aswVmm.sys
2013-12-18 09:05 . 2013-07-03 17:42        67824        ----a-w-        c:\windows\system32\drivers\aswMonFlt.sys
2013-12-18 09:05 . 2013-07-03 17:42        270240        ----a-w-        c:\windows\system32\aswBoot.exe
2013-12-18 09:05 . 2013-07-03 17:41        43152        ----a-w-        c:\windows\avastSS.scr
2013-12-16 14:50 . 2007-09-24 07:42        317240        ----a-w-        c:\windows\system32\Prounstl.exe
2013-12-16 14:35 . 2013-02-25 22:22        15862272        ----a-w-        c:\windows\system32\nvwgf2um.dll
2013-12-16 14:35 . 2013-02-25 22:22        15218504        ----a-w-        c:\windows\system32\nvd3dum.dll
2013-12-16 14:35 . 2013-02-25 22:22        2697248        ----a-w-        c:\windows\system32\nvapi.dll
2013-12-16 10:44 . 2012-04-04 22:28        692616        ----a-w-        c:\windows\system32\FlashPlayerApp.exe
2013-12-16 10:44 . 2011-05-25 01:58        71048        ----a-w-        c:\windows\system32\FlashPlayerCPLApp.cpl
2013-11-19 02:33 . 2009-10-02 16:01        230048        ------w-        c:\windows\system32\MpSigStub.exe
2013-11-16 16:42 . 2013-07-03 17:42        49944        ----a-w-        c:\windows\system32\drivers\aswRvrt.sys
2013-11-11 14:26 . 2010-04-03 16:27        4321056        ----a-w-        c:\windows\system32\nvcpl.dll
2013-11-11 14:26 . 2010-04-03 16:27        3036960        ----a-w-        c:\windows\system32\nvsvc.dll
2013-11-11 14:26 . 2010-04-03 16:27        664352        ----a-w-        c:\windows\system32\nvvsvc.exe
2013-11-11 14:26 . 2010-04-03 16:27        209184        ----a-w-        c:\windows\system32\nvmctray.dll
2013-11-11 14:26 . 2009-09-19 04:15        62752        ----a-w-        c:\windows\system32\nvshext.dll
2013-10-14 18:41 . 2013-09-17 09:58        21576        ----a-w-        c:\windows\system32\drivers\aswKbd.sys
2013-10-08 05:51 . 2012-06-16 17:39        873384        ----a-w-        c:\windows\system32\npDeployJava1.dll
2013-10-08 05:51 . 2010-04-18 14:50        796072        ----a-w-        c:\windows\system32\deployJava1.dll
2013-10-08 05:50 . 2013-10-20 12:03        94632        ----a-w-        c:\windows\system32\WindowsAccessBridge.dll
2013-09-27 14:36 . 2013-09-27 14:36        53248        ----a-r-        c:\users\PAULO\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2007-03-12 17:59 . 2007-03-12 17:59        299008        ----a-w-        c:\program files\navigram_register.exe
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}"= "c:\program files\AVAST Software\Avast\aswWebRepIE.dll" [2013-12-18 1138536]
.
[HKEY_CLASSES_ROOT\clsid\{cc1a175a-e45b-41ed-a30c-c9b1d7a0c02f}]
[HKEY_CLASSES_ROOT\TypeLib\{6B795924-95E7-4D31-8521-407360C3AA0B}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-12-18 09:05        259464        ----a-w-        c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-11-14 20584608]
"KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-05-04 21392]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"MyDriveConnect.exe"="c:\program files\MyDrive Connect\MyDriveConnect.exe" [2013-10-21 473496]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-01-14 68856]
"FileHippo.com"="c:\program files\FileHippo.com\UpdateChecker.exe" [2012-11-23 307712]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SSDMonitor"="c:\program files\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2010-09-16 104408]
"AVMWlanClient"="c:\program files\avmwlanstick\wlangui.exe" [2010-10-22 2105344]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-02-29 56088]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 1821576]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2013-05-01 421888]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
"DivXMediaServer"="c:\program files\DivX\DivX Media Server\DivXMediaServer.exe" [2013-09-11 450560]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2013-09-16 295512]
"LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2013-08-29 1861968]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-12-18 3764024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableSecureUIAPath"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoFileAssociate"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SandboxieControl
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 6]
2013-04-18 18:38        491840        ----a-w-        c:\program files\IObit\Advanced SystemCare 6\ASCTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2012-11-05 14:27        89184        ----a-w-        c:\program files\Microsoft Office\Office14\BCSSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer]
2013-09-11 03:09        450560        ----a-w-        c:\program files\DivX\DivX Media Server\DivXMediaServer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2013-08-29 00:23        1861968        ----a-w-        c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2013-07-02 07:16        254336        ----a-w-        c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"WMPNSCFG"=c:\program files\Windows Media Player\WMPNSCFG.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe"
"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" /hide
"Swisscom LiveUpdate"=c:\program files\Swisscom\LiveUpdate\SwisscomLiveUpdate.exe
"Swisscom Quick Help"=c:\program files\Swisscom\Quick Help\SwisscomQuickHelp.exe /auto
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2795511429-1016840749-3435742708-1000]
"EnableNotificationsRef"=dword:00000001
.
R3 3xHybrid;3xHybrid service;c:\windows\system32\DRIVERS\3xHybrid.sys [2009-08-26 1025920]
S2 ACEDRV08;ACEDRV08;c:\windows\system32\drivers\ACEDRV08.sys [2008-11-26 108768]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper        REG_MULTI_SZ          getPlusHelper
LocalServiceAndNoImpersonation        REG_MULTI_SZ          FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-16 01:44        1210320        ----a-w-        c:\program files\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-12-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 10:44]
.
2013-12-16 c:\windows\Tasks\Driver Booster Update.job
- c:\program files\IObit\Driver Booster\AutoUpdate.exe [2013-12-16 10:01]
.
2012-12-08 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2795511429-1016840749-3435742708-1000Core.job
- c:\users\PAULO\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-02-26 18:16]
.
2012-12-08 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2795511429-1016840749-3435742708-1000UA.job
- c:\users\PAULO\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-02-26 18:16]
.
2013-12-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-08 21:44]
.
2013-12-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-08 21:44]
.
.
------- Zusätzlicher Suchlauf -------
.
uDefault_Search_URL = hxxp://www.google.com/ie
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: An OneNote s&enden - c:\progra~1\MI1933~1\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MI1933~1\Office14\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: microsoft.com\update
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.1.1
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
DPF: Microsoft XML Parser for Java - file:///C:/Windows/Java/classes/xmldso.cab
DPF: {4BFD075D-C36E-4F28-BB0A-5D472795197A} - hxxp://www.powerchallenge.com/applet/PowerLoader.cab
DPF: {B9F79165-A264-4C4A-A211-133A5E8D647F} - hxxp://services.bluewin.ch/securitychecker/fscax.cab
FF - ProfilePath - c:\users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\
FF - prefs.js: keyword.enabled - false
FF - ExtSQL: 2013-10-19 13:06; toolbar@gmx.net; c:\users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\extensions\toolbar@gmx.net.xpi
FF - ExtSQL: 2013-11-01 15:44; idme@abine.com; c:\users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\extensions\idme@abine.com
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{09152f0b-739c-4dec-a245-1aa8a37594f1} - (no file)
SafeBoot-Lavasoft Ad-Aware Service
MSConfigStartUp-IObit Malware Fighter - c:\program files\IObit\IObit Malware Fighter\IMF.exe
MSConfigStartUp-SpywareTerminatorShield - c:\program files\spyware terminator\spywareterminatorshield.exe
MSConfigStartUp-SpywareTerminatorUpdater - c:\program files\spyware terminator\spywareterminatorupdate.exe
AddRemove-Swisscom Quick Help - c:\programdata\{D61DF0B8-23A1-439C-84C4-35F3EF31A430}\SwisscomQuickHelp_Setup.exe
AddRemove-{8F8AB607-DBA4-4367-BDB0-D1E827BE2D9A} - c:\programdata\{D61DF0B8-23A1-439C-84C4-35F3EF31A430}\SwisscomQuickHelp_Setup.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2013-12-18 10:26
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=hex:51,66,7a,6c,4c,1d,38,12,df,c1,0b,
  27,57,07,ba,54,e4,0e,43,d0,22,fb,89,5b
"{759D9886-0C6F-4498-BAB6-4A5F47C6C72F}"=hex:51,66,7a,6c,4c,1d,38,12,e8,9b,8e,
  71,5d,42,f6,01,c5,a0,09,1f,42,98,83,3b
"{E16DC1FE-7C34-43F2-B754-F3AD12DDF97C}"=hex:51,66,7a,6c,4c,1d,38,12,90,c2,7e,
  e5,06,32,9c,06,c8,42,b0,ed,17,83,bd,68
"{326E768D-4182-46FD-9C16-1449A49795F4}"=hex:51,66,7a,6c,4c,1d,38,12,e3,75,7d,
  36,b0,0f,93,03,e3,00,57,09,a1,c9,d1,e0
"{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}"=hex:51,66,7a,6c,4c,1d,38,12,c3,d3,96,
  33,cd,f1,98,02,c0,4d,e6,c7,c4,3c,ba,cd
"{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,38,12,0f,32,96,
  76,f7,7e,4c,08,c8,ef,48,fc,18,66,e7,6a
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
  72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{AA58ED58-01DD-4D91-8333-CF10577473F7}"=hex:51,66,7a,6c,4c,1d,38,12,36,ee,4b,
  ae,ef,4f,ff,08,fc,25,8c,50,52,2a,37,e3
"{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}"=hex:51,66,7a,6c,4c,1d,38,12,2d,dd,7a,
  ab,6a,33,56,03,c9,ec,8d,26,b0,f3,64,49
"{B4F3A835-0E21-4959-BA22-42B3008E02FF}"=hex:51,66,7a,6c,4c,1d,38,12,5b,ab,e0,
  b0,13,40,37,0c,c5,34,01,f3,05,d0,46,eb
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
  df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:ed,9f,ee,98,a3,06,cd,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
  d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,c9,c4,53,c2,44,c5,11,45,a1,cf,0c,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
  d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,25,a0,3c,33,d1,8b,16,4e,89,9e,0c,\
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.HTM"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.HTM"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.MHT"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.MHT"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.url\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.URL"
.
[HKEY_USERS\S-1-5-21-2795511429-1016840749-3435742708-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:e2,cf,6d,72,7e,04,01,26,b8,70,ae,e9,c3,3d,7d,3c,c8,af,fa,c7,d5,15,a7,
  17,66,36,ef,58,0d,6f,7c,dd,c4,86,fe,4b,d9,3f,ff,bf,9c,eb,cb,35,90,09,2d,51,\
"??"=hex:34,0c,ff,a5,64,83,bc,41,55,a4,c3,32,b1,3a,3e,47
.
[HKEY_USERS\S-1-5-21-2795511429-1016840749-3435742708-1000\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
"datasecu"=hex:c9,07,9e,0a,05,8b,9b,c8,fa,cf,7a,b3,ab,cd,a6,38,20,54,fe,4e,c8,
  df,be,5c,71,a3,4e,99,a3,1e,61,14,d8,db,a7,34,98,86,f8,6b,ae,71,6c,04,4c,1f,\
"rkeysecu"=hex:84,df,29,69,c3,16,e8,40,40,d9,33,e0,1a,59,cb,16
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet005\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\avmwlanstick\WlanNetService.exe
c:\windows\ehome\ehRecvr.exe
c:\windows\ehome\ehsched.exe
c:\program files\Canon\IJPLM\IJPLMSVC.EXE
c:\windows\system32\IProsetMonitor.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe
c:\program files\RealNetworks\RealDownloader\rndlresolversvc.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\Home Cinema\TV Enhance\Kernel\TV\TVECapSvc.exe
c:\progra~1\COMMON~1\X10\Common\x10nets.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\Home Cinema\TV Enhance\Kernel\TV\TVESched.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-12-18  10:31:47 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2013-12-18 09:31
.
Vor Suchlauf: 25 Verzeichnis(se), 830'486'818'816 Bytes frei
Nach Suchlauf: 28 Verzeichnis(se), 830'959'079'424 Bytes frei
.
- - End Of File - - 0FE18691247AE5B5B30CAD102C392177
5C616939100B85E558DA92B899A0FC36

schrauber 19.12.2013 09:53
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

palex31 20.12.2013 00:40
Code:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.12.19.07

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
PAULO :: MEDION [Administrator]

19.12.2013 14:21:43
mbam-log-2013-12-19 (14-21-43).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 495058
Laufzeit: 2 Stunde(n), 1 Minute(n), 8 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Qoobox\Quarantine\C\Program Files\SafeSaver\sprote~1.dll.ftf.vir (PUP.Optional.SProtect.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
Code:
# AdwCleaner v3.015 - Bericht erstellt am 19/12/2013 um 23:16:54
# Updated 10/12/2013 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzername : PAULO - MEDION
# Gestartet von : C:\Users\PAULO\Desktop\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\PAULO\AppData\Local\iMesh
Ordner Gelöscht : C:\Users\PAULO\AppData\LocalLow\boost_interprocess
Ordner Gelöscht : C:\Users\PAULO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FirstRowSportApp.com
Ordner Gelöscht : C:\Users\PAULO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LSHunter.TV
Ordner Gelöscht : C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\ICQToolbarData
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Program Files\Mozilla Firefox\browser\nsprotector.js
Datei Gelöscht : C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\searchplugins\11-suche.xml
Datei Gelöscht : C:\Windows\System32\Tasks\BrowserDefendert
Datei Gelöscht : C:\Windows\System32\Tasks\driverscanner
Datei Gelöscht : C:\Windows\System32\Tasks\EPUpdater
Datei Gelöscht : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C68185EE-DF89-4A98-99D2-10DB51AD8E73}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2ADFA046-B6BE-4677-87D8-C11DD71D151E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7FB985A5-0D52-442C-A9DB-04854F8AFDC6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7FB985A5-0D52-442C-A9DB-04854F8AFDC6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D359E6AC-ABAA-4F78-BCB2-55A62B3F6EB6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D359E6AC-ABAA-4F78-BCB2-55A62B3F6EB6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D57A5673-85EB-407B-ACC4-0482A28E9557}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\Launcher.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\driverscanner
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{756C097C-6BDB-45DE-A8F1-83E01AB86BA4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7854F00C-DC77-477E-A10E-603F48442D3B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\Myfree Codec
Schlüssel Gelöscht : HKCU\Software\Orbit
Schlüssel Gelöscht : HKLM\Software\DivX\Install\Setup\WizardLayout\ConduitToolbar
Schlüssel Gelöscht : HKLM\Software\ICQ\ICQToolbar
Schlüssel Gelöscht : HKLM\Software\Myfree Codec
Schlüssel Gelöscht : HKLM\Software\Trymedia Systems
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyFreeCodec
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF

***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16490


-\\ Mozilla Firefox v25.0.1 (de)

[ Datei : C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\prefs.js ]


-\\ Google Chrome v31.0.1650.63

[ Datei : C:\Users\PAULO\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [7333 octets] - [19/12/2013 16:55:55]
AdwCleaner[R1].txt - [7217 octets] - [19/12/2013 16:59:15]
AdwCleaner[R2].txt - [7336 octets] - [19/12/2013 17:01:37]
AdwCleaner[R3].txt - [7455 octets] - [19/12/2013 23:15:43]
AdwCleaner[S0].txt - [604 octets] - [19/12/2013 16:57:24]
AdwCleaner[S1].txt - [361 octets] - [19/12/2013 17:00:28]
AdwCleaner[S2].txt - [361 octets] - [19/12/2013 17:02:42]
AdwCleaner[S3].txt - [7363 octets] - [19/12/2013 23:16:54]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [7423 octets] ##########
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows Vista (TM) Home Premium x86
Ran by PAULO on 20.12.2013 at  0:14:46.89
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\PAULO\appdata\local\{BF1FBC77-05B1-47DF-998A-16DCB74429D5}



~~~ FireFox

Failed to delete: [File] "C:\Program Files\Mozilla Firefox\searchplugins\avg_igeared.xml"
Emptied folder: C:\Users\PAULO\AppData\Roaming\mozilla\firefox\profiles\r709548e.default\minidumps [112 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20.12.2013 at  0:19:54.18
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 19-12-2013
Ran by PAULO (administrator) on MEDION on 20-12-2013 00:31:39
Running from C:\Users\PAULO\Desktop\Desktop
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVM Berlin) C:\Program Files\avmwlanstick\WLanNetService.exe
(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
() C:\Program Files\Canon\IJPLM\ijplmsvc.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(PC Tools) C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
() C:\Program Files\Home Cinema\TV Enhance\Kernel\TV\TVECapSvc.exe
(X10) C:\Program Files\Common Files\X10\Common\X10nets.exe
() C:\Program Files\Home Cinema\TV Enhance\Kernel\TV\TVESched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(PC Tools) C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
(AVM Berlin) C:\Program Files\avmwlanstick\WLanGUI.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(DivX, LLC) C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(Logitech Inc.) C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
() C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(TomTom) C:\Program Files\MyDrive Connect\MyDriveConnect.exe
() C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
() C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(RealNetworks, Inc.) C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SSDMonitor] - C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe [104408 2010-09-16] (PC Tools)
HKLM\...\Run: [AVMWlanClient] - C:\Program Files\avmwlanstick\WLanGUI.exe [2105344 2010-10-22] (AVM Berlin)
HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)
HKLM\...\Run: [IntelliPoint] - C:\Program Files\Microsoft IntelliPoint\ipoint.exe [1821576 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [DivXMediaServer] - C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-09-11] (DivX, LLC)
HKLM\...\Run: [TkBellExe] - C:\Program Files\Real\RealPlayer\Update\realsched.exe [295512 2013-09-16] (RealNetworks, Inc.)
HKLM\...\Run: [LWS] - C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2013-12-18] (AVAST Software)
HKLM\...\Runonce: [B Register C:\Program Files\DivX\DivX Transcode Engine\plugins\mc_demux_mp2_ds.ax] - "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Transcode Engine\plugins\mc_demux_mp2_ds.ax",DllRegisterServer
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKCU\...\Run: [KiesPDLR] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [21392 2012-05-04] ()
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\wmpnscfg.exe [202240 2008-01-19] (Microsoft Corporation)
HKCU\...\Run: [MyDriveConnect.exe] - C:\Program Files\MyDrive Connect\MyDriveConnect.exe [473496 2013-10-21] (TomTom)
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2008-01-14] (Google Inc.)
HKCU\...\Run: [FileHippo.com] - C:\Program Files\FileHippo.com\UpdateChecker.exe [307712 2012-11-23] (FileHippo.com)
HKCU\...\Policies\Explorer: [NoCDBurning] 0
HKCU\...\Policies\Explorer: [NoDriveTypeAutoRun] 0xDD000000
HKCU\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\UpdatusUser\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x9CE28A080518CB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-ch
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.live.com
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.live.com
HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - URL hxxp://www.googIecrawler.com/search/?q={searchTerms}&lang=de
SearchScopes: HKCU - {16FBBA4F-85C6-48DC-99CF-8B7385E5CC1A} URL = hxxp://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}
SearchScopes: HKCU - {505DD0EE-EDDA-45EF-B7BA-C6DE5D6B35E6} URL =
SearchScopes: HKCU - {DF629D51-0499-4884-A65E-4EFD87EB63BD} URL = hxxp://ch.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=198484&p={searchTerms}
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {965B54B0-71E0-4611-8DE7-F73FA0B20E26} -  No File
Toolbar: HKCU - No Name - {472734EA-242A-422B-ADF8-83D1E48CC825} -  No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab}
DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} hxxp://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab
DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} hxxp://127.0.0.1:9070/etc/var/TVUAx.cab
DPF: {428A9DEF-F057-402B-9F2D-A5887F4544ED} hxxp://download.microsoft.com/download/f/0/2/f02b515c-7076-4cee-bc08-fd6fea594578/VirtualEarth3D.cab
DPF: {4BFD075D-C36E-4F28-BB0A-5D472795197A} hxxp://www.powerchallenge.com/applet/PowerLoader.cab
DPF: {5CE72DD0-4695-4D18-A4D3-3367ACD37578} hxxp://de.bluewin.ch/services/security_checker/fscax.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} hxxp://navigram.com/engine/v1111/Navigram.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {B9F79165-A264-4C4A-A211-133A5E8D647F} hxxp://services.bluewin.ch/securitychecker/fscax.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} https://signin2.valueactive.eu/Register/Branding/olr3313/OCX/v1018/flashax.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
Handler: livecall - No CLSID Value -
Handler: msnim - No CLSID Value -
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks:  - {AEB6717E-7E19-11d0-97EE-00C04FD91972} -  No File [ ]
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MI1933~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MI1933~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/npracplug;version=1.0.0.0 - C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\PAULO\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @soe.sony.com/installer,version=1.0.3 - C:\Users\PAULO\AppData\LocalLow\Sony Online Entertainment\npsoe.dll ()
FF Plugin HKCU: @www.flatcast.com/FlatViewer 5.2 - C:\PROGRA~1\MOZILL~1\plugins\NpFv522.dll (1 mal 1 Software GmbH)
FF SearchPlugin: C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\searchplugins\duckduckgo-http.xml
FF SearchPlugin: C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\searchplugins\filehippo.xml
FF SearchPlugin: C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\searchplugins\firefox-add-ons.xml
FF SearchPlugin: C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\searchplugins\gmx-suche-schweiz.xml
FF SearchPlugin: C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\searchplugins\ixquick-https---deutsch.xml
FF SearchPlugin: C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\avg_igeared.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: DoNotTrackMe: Online Privacy Protection - C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\Extensions\donottrackplus@abine.com
FF Extension: Amazon Toolbar - C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\Extensions\FFAmazonShoppingToolbar@wangtom.com
FF Extension: MaskMe - C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\Extensions\idme@abine.com
FF Extension: vShare - C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\Extensions\vshare@toolbar(1646)
FF Extension: Personas Rotator - C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\Extensions\{6e73f6b7-b9ab-44b8-b744-6393e3c2e351}(1405)
FF Extension: WOT - C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: Add to Amazon Wish List Button - C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\Extensions\amznUWL2@amazon.com.xpi
FF Extension: Autofill Forms - C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\Extensions\autofillForms@blueimp.net.xpi
FF Extension: Ciuvo - C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\Extensions\extension@ciuvo.com.xpi
FF Extension: preisspion.de - C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\Extensions\finder@meingutscheincode.de.xpi
FF Extension: GMX MailCheck - C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\Extensions\toolbar@gmx.net.xpi
FF Extension: Webutation - C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\Extensions\{15fe27f3-e5ab-2d59-4c5c-dadc7945bdbd}.xpi
FF Extension: CouponsHelper - C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\Extensions\{239cc760-75a9-4276-b1fc-c0ceb963f373}.xpi
FF Extension: Adblock Plus - C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: BetterPrivacy - C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\%APPDATA%
FF Extension: Google Settings - C:\Program Files\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com
FF Extension: Swisscom Quick Help - C:\Program Files\Mozilla Firefox\extensions\{6A6114A5-EEF5-45F4-BCD1-B00A7B33E04B}
FF Extension: ICQ Toolbar - C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}(889)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\

Chrome:
=======
CHR DefaultSearchKeyword: google.ch
CHR DefaultSearchProvider: Google
CHR DefaultSearchURL: {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultNewTabURL: {google:baseURL}_/chrome/newtab?{google:RLZ}{google:instantExtendedEnabledParameter}{google:ntpIsThemedParameter}ie={inputEncoding}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Advanced SystemCare 6) - C:\Users\PAULO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin/ASCPlugin_Protect.dll No File
CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (DivX Player Netscape Plugin) - C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (Flatcast Viewer Plugin 5.2.2.454) - C:\Program Files\Mozilla Firefox\plugins\NpFv522.dll (1 mal 1 Software GmbH)
CHR Plugin: (Windows Genuine Advantage) - C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
CHR Plugin: (king.com - Game controller for firefox) - C:\Program Files\Mozilla Firefox\plugins\npmidas.dll (Midasplayer Ltd)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (RealArcade Mozilla Plugin) - C:\Program Files\Mozilla Firefox\plugins\npracplug.dll (RealNetworks)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprpplugin.dll (RealPlayer)
CHR Plugin: (getPlusPlus for Adobe 16248) - C:\Program Files\Mozilla Firefox\plugins\np_gp.dll (NOS Microsystems Ltd.)
CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MI1933~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MI1933~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility) - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Updater) - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Advanced SystemCare 6 Opera Plugin) - C:\Program Files\IObit\Advanced SystemCare 6\BrowerProtect\np_Asc_plugin.dll (IObit)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealDownloader Plugin) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
CHR Plugin: (SOE Web Installer) - C:\Users\PAULO\AppData\LocalLow\Sony Online Entertainment\npsoe.dll ()
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\PAULO\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_88.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Google Docs) - C:\Users\PAULO\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\PAULO\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\PAULO\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\PAULO\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (DoNotTrackMe: Online Privacy Protection) - C:\Users\PAULO\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd\3.1.1031_0
CHR Extension: (AdBlock) - C:\Users\PAULO\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0
CHR Extension: (avast! Online Security) - C:\Users\PAULO\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0
CHR Extension: (RealDownloader) - C:\Users\PAULO\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.3_0
CHR Extension: (Ghostery) - C:\Users\PAULO\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.0.0_0
CHR Extension: (Google Wallet) - C:\Users\PAULO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\PAULO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\...\Chrome\Extension: [aaaaoiagmlcohkmjodefppbmpjdiocmh] - C:\Users\PAULO\AppData\Local\APN\GoogleCRXs\aaaaoiagmlcohkmjodefppbmpjdiocmh_7.15.12.0.crx
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-18] (AVAST Software)
R2 AVM WLAN Connection Service; C:\Program Files\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin)
S2 ezGOSvc; C:\Windows\system32\ezGOSvc.dll [73600 2011-05-29] ()
S3 getPlusHelper; C:\Windows\System32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S2 gupdate1c98a367113a630; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-02-08] (Google Inc.)
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] ()
R2 Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [132768 2011-11-09] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [11552 2012-03-26] (Microsoft Corporation)
R2 PCToolsSSDMonitorSvc; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [632792 2010-10-01] (PC Tools)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [262247 2007-01-12] ()
R2 TVECapSvc; C:\Program Files\Home Cinema\TV Enhance\Kernel\TV\TVECapSvc.exe [290908 2007-01-12] ()
R2 TVESched; C:\Program Files\Home Cinema\TV Enhance\Kernel\TV\TVESched.exe [114778 2007-01-12] ()
R2 UMVPFSrv; C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [450848 2012-01-18] (Logitech Inc.)
S3 UPnPService; C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [544768 2006-12-14] (Magix AG)
R2 x10nets; C:\Program Files\Common Files\X10\Common\X10nets.exe [20480 2001-11-12] (X10)

==================== Drivers (Whitelisted) ====================

S3 3xHybrid; C:\Windows\System32\DRIVERS\3xHybrid.sys [1025920 2009-08-26] (NXP Semiconductors Germany GmbH)
R2 ACEDRV08; C:\Windows\system32\drivers\ACEDRV08.sys [108768 2008-11-26] (Protect Software GmbH)
R0 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21576 2013-10-14] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2013-12-18] (AVAST Software)
R1 AswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2013-12-18] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2013-11-16] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [775952 2013-12-18] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [410528 2013-12-18] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2013-12-18] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [180248 2013-12-18] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [278728 2008-07-12] ()
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [4352 2010-10-22] (AVM Berlin)
S3 FETNDIS; C:\Windows\System32\DRIVERS\fetnd5.sys [45568 2006-11-02] (VIA Technologies, Inc.              )
R3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [586752 2010-10-22] (AVM GmbH)
S3 KMWDFILTER; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [17408 2008-10-09] (Windows (R) Codename Longhorn DDK provider)
R0 Lbd; C:\Windows\System32\DRIVERS\Lbd.sys [64288 2009-09-23] (Lavasoft AB)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25416 2008-07-12] ()
S3 LVPr2Mon; C:\Windows\System32\Drivers\LVPr2Mon.sys [25824 2010-05-07] ()
R3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41752 2008-12-17] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\mbamswissarmy.sys [40776 2013-12-19] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [171064 2012-03-20] (Microsoft Corporation)
S3 MREMP50; C:\Program Files\Common Files\Motive\MREMP50.sys [19712 2007-05-30] (Printing Communications Assoc., Inc. (PCAUSA))
S3 MRESP50; C:\Program Files\Common Files\Motive\MRESP50.sys [18304 2007-05-30] (Printing Communications Assoc., Inc. (PCAUSA))
R0 mv61xx; C:\Windows\System32\DRIVERS\mv61xx.sys [161072 2011-05-06] (Marvell Semiconductor, Inc.)
S3 pepifilter; C:\Windows\System32\DRIVERS\lv302af.sys [13976 2009-04-30] (Logitech Inc.)
R3 Ph3xIB32; C:\Windows\System32\DRIVERS\Ph3xIB32.sys [1131136 2007-04-03] (Philips Semiconductors GmbH)
S3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [2687512 2009-04-30] (Logitech Inc.)
S3 s1039mdm; C:\Windows\System32\DRIVERS\s1039mdm.sys [124016 2010-03-01] (MCCI Corporation)
S3 USB_RNDIS; C:\Windows\System32\DRIVERS\usb8023.sys [15872 2013-02-12] (Microsoft Corporation)
R3 WmBEnum; C:\Windows\System32\drivers\WmBEnum.sys [19336 2008-01-24] (Logitech Inc.)
S3 WmFilter; C:\Windows\System32\drivers\WmFilter.sys [28168 2008-01-24] (Logitech Inc.)
S3 WmVirHid; C:\Windows\System32\drivers\WmVirHid.sys [14728 2008-01-24] (Logitech Inc.)
R3 WmXlCore; C:\Windows\System32\drivers\WmXlCore.sys [48904 2008-01-24] (Logitech Inc.)
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [13976 2006-11-17] (X10 Wireless Technology, Inc.)
S3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
U3 DfSdkS;
S3 EagleXNt; No ImagePath
S1 FSES; System32\drivers\fses.sys [x]
S1 fsvista; No ImagePath
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 MREMP50a64; No ImagePath
S3 MRESP50a64; No ImagePath
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 uxddrv; \??\H:\DIAGNOSE\WSTGER32\2PART\uxddrv86.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-20 00:19 - 2013-12-20 00:19 - 00000966 _____ C:\Users\PAULO\Desktop\JRT.txt
2013-12-19 14:29 - 2013-12-19 23:21 - 00000000 ____D C:\AdwCleaner
2013-12-19 14:20 - 2013-12-19 14:20 - 00000910 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-19 14:20 - 2013-12-19 14:20 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-19 14:20 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-18 14:41 - 2013-12-19 11:42 - 00000974 _____ C:\Windows\Tasks\Google Software Updater.job
2013-12-18 10:31 - 2013-12-18 10:31 - 00024043 _____ C:\ComboFix.txt
2013-12-18 10:06 - 2013-12-18 10:31 - 00000000 ____D C:\Qoobox
2013-12-18 10:06 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2013-12-18 10:06 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2013-12-18 10:06 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-12-18 10:06 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-12-18 10:06 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-12-18 10:06 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2013-12-18 10:06 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2013-12-18 10:06 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2013-12-17 13:00 - 2013-12-17 13:00 - 00001847 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2013-12-17 12:00 - 2013-12-17 12:00 - 00001638 _____ C:\Users\Public\Desktop\Recuva.lnk
2013-12-17 11:58 - 2013-12-17 11:59 - 25469280 _____ C:\Users\PAULO\Downloads\googleearth-win-bundle-7.1.2.2041 (1).exe
2013-12-17 11:52 - 2013-12-17 11:52 - 23353953 _____ C:\Users\PAULO\Downloads\googleearth-win-bundle-7.1.2.2041 (1).exe.opdownload
2013-12-17 11:51 - 2013-12-17 11:51 - 00001400 _____ C:\Users\PAULO\Desktop\DivX Movies.lnk
2013-12-17 11:51 - 2013-12-17 11:51 - 00000871 _____ C:\Users\Public\Desktop\DivX Player.lnk
2013-12-17 11:50 - 2013-12-17 11:50 - 00000936 _____ C:\Users\Public\Desktop\DivX Converter.lnk
2013-12-17 11:49 - 2013-12-17 11:49 - 25469280 _____ C:\Users\PAULO\Downloads\googleearth-win-bundle-7.1.2.2041.exe
2013-12-17 11:47 - 2013-12-17 11:47 - 00017563 _____ C:\Users\PAULO\Desktop\Opera 12 Notes.html
2013-12-17 11:47 - 2013-12-17 11:47 - 00000000 ____D C:\Users\PAULO\AppData\Local\Opera Software
2013-12-17 11:46 - 2013-12-17 11:46 - 00000801 _____ C:\Users\Public\Desktop\Opera 18.lnk
2013-12-17 11:46 - 2013-12-17 11:46 - 00000000 ____D C:\Users\PAULO\AppData\Roaming\Opera Software
2013-12-17 02:13 - 2013-12-19 14:21 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2013-12-16 15:50 - 2013-12-16 15:50 - 00232296 _____ (Intel Corporation) C:\Windows\system32\Drivers\e1e6032.sys
2013-12-16 15:50 - 2013-12-16 15:50 - 00083808 _____ (Intel Corporation) C:\Windows\system32\NicInE6.dll
2013-12-16 15:50 - 2013-12-16 15:50 - 00002760 _____ C:\Windows\system32\e1e6032.din
2013-12-16 15:49 - 2013-12-16 15:49 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2013-12-16 15:46 - 2013-12-16 15:46 - 38385664 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes.dat
2013-12-16 15:46 - 2013-12-16 15:46 - 27369216 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 13881088 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 07162128 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP32A.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 06176944 _____ (Dolby Laboratories) C:\Windows\system32\DDPP32A.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 05773592 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 05681192 _____ C:\Windows\system32\Drivers\rtvienna.dat
2013-12-16 15:46 - 2013-12-16 15:46 - 03444992 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 02888536 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys
2013-12-16 15:46 - 2013-12-16 15:46 - 02547928 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkPgExt.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 02395680 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 02328792 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 01935104 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 01824000 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 01783056 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesLib.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 01677568 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek2.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 01596488 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSndMgr.cpl
2013-12-16 15:46 - 2013-12-16 15:46 - 01509480 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 01489072 _____ (Dolby Laboratories) C:\Windows\system32\DDPD32A.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 01379760 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 01292904 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 01220200 _____ (DTS) C:\Windows\system32\DTSBoostDLL.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 01097984 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO50.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00938752 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt32.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00926976 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00919600 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00877880 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOSettingsIPC.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00873728 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO40.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00859904 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00852016 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00823040 _____ (DTS, Inc.) C:\Windows\system32\sl3apo32.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00819648 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo2.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00782040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApoApi.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00761088 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO20.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00681905 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2013-12-16 15:46 - 2013-12-16 15:46 - 00654952 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00631400 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00604928 _____ (DTS, Inc.) C:\Windows\system32\sltech32.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00601704 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00509184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00509184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00502584 _____ C:\Windows\system32\audioLibVc.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00458344 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00426944 _____ (DTS) C:\Windows\system32\DTSU2PLFX32.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00403392 _____ (DTS) C:\Windows\system32\DTSU2PGFX32.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00389736 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00375400 _____ (DTS) C:\Windows\system32\DTSLimiterDLL.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00359768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP32A.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00357712 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00352016 _____ (Dolby Laboratories) C:\Windows\system32\R4EED32A.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00346048 _____ (DTS) C:\Windows\system32\DTSU2PREC32.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00345328 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSXT.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT32.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA32.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00272048 _____ (Dolby Laboratories) C:\Windows\system32\DDPO32A.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00232792 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00219312 _____ (Dolby Laboratories) C:\Windows\system32\DDPA32.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00218728 _____ (DTS) C:\Windows\system32\DTSGFXAPONS.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00218728 _____ (DTS) C:\Windows\system32\DTSGFXAPO.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00218368 _____ (TODO: <Company name>) C:\Windows\system32\slprp32.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00218216 _____ (DTS) C:\Windows\system32\DTSLFXAPO.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00214368 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00188696 _____ C:\Windows\system32\AcpiServiceVnA.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00185584 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSHD.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00182472 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTACap.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00173296 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP360.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00170840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED32A.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00140528 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00134584 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00132368 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00124632 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoInstII.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00106768 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL32A.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00095840 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTARen.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00092584 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00091920 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA32A.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL32A.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00074080 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00068960 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00064856 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG32A.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00062224 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG32A.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00058264 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\TepeqAPO.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00013416 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR.dll
2013-12-16 15:35 - 2013-12-16 15:35 - 22951200 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll
2013-12-16 15:35 - 2013-12-16 15:35 - 17560352 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-12-16 15:35 - 2013-12-16 15:35 - 10446112 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-12-16 15:35 - 2013-12-16 15:35 - 09663656 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-12-16 15:35 - 2013-12-16 15:35 - 09619872 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-12-16 15:35 - 2013-12-16 15:35 - 02947872 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-12-16 15:35 - 2013-12-16 15:35 - 02747680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-12-16 15:35 - 2013-12-16 15:35 - 01049888 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3233182.dll
2013-12-16 15:35 - 2013-12-16 15:35 - 00893728 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3233182.dll
2013-12-16 15:33 - 2013-12-17 11:59 - 00000000 ____D C:\Program Files\FileHippo.com
2013-12-16 15:33 - 2013-12-17 11:47 - 00001788 _____ C:\Users\PAULO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update Checker.lnk
2013-12-16 15:33 - 2013-12-17 11:47 - 00001758 _____ C:\Users\PAULO\Desktop\Update Checker.lnk
2013-12-16 15:32 - 2013-12-17 00:19 - 00000272 _____ C:\Windows\Tasks\Driver Booster Update.job
2013-12-16 15:32 - 2013-12-16 15:32 - 00000977 _____ C:\Users\Public\Desktop\Driver Booster.lnk
2013-12-16 15:15 - 2013-12-20 00:31 - 00000000 ____D C:\FRST
2013-12-16 13:28 - 2013-12-16 13:29 - 00000000 ____D C:\5dc6eb3b0a3bdca6bc002fb2174d
2013-12-16 12:10 - 2013-12-16 12:10 - 00000863 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-12-16 11:49 - 2013-12-16 11:49 - 00000000 ____D C:\Users\PAULO\AppData\Local\Secunia PSI
2013-12-16 11:44 - 2013-12-16 11:44 - 00000000 ____D C:\Program Files\Secunia
2013-12-16 11:31 - 2013-12-16 11:31 - 00087358 _____ C:\Users\PAULO\Documents\ResultReport.html
2013-12-13 03:31 - 2013-12-13 03:31 - 04583424 _____ (Google Inc.) C:\Windows\system32\GPhotos.scr
2013-12-06 18:32 - 2013-12-06 18:32 - 00000000 ____D C:\Program Files\7-Zip
2013-12-06 16:54 - 2013-12-06 16:54 - 00000000 ____D C:\Users\PAULO\AppData\Local\Logitech® Webcam-Software
2013-12-06 16:05 - 2013-12-19 21:44 - 00000034 _____ C:\Windows\setupact.log
2013-12-06 16:05 - 2013-12-06 16:05 - 00000000 _____ C:\Windows\setuperr.log
2013-12-06 15:56 - 2013-12-06 15:57 - 00005185 _____ C:\Windows\LDPINST.LOG
2013-12-06 15:56 - 2013-12-06 15:56 - 00001477 _____ C:\Users\Public\Desktop\Logitech Webcam Software  .lnk
2013-12-04 20:11 - 2013-12-04 20:12 - 00000000 ____D C:\Users\PAULO\Desktop\100D3100
2013-12-04 14:34 - 2013-12-19 16:42 - 00065764 _____ C:\Windows\PFRO.log
2013-12-04 14:19 - 2013-12-04 14:19 - 00001956 _____ C:\Users\PAULO\Desktop\Tweaking.com - Windows Repair (All in One).lnk
2013-12-04 14:19 - 2013-12-04 14:19 - 00000000 ____D C:\Program Files\Tweaking.com
2013-11-25 21:43 - 2013-11-25 21:43 - 00000000 ____D C:\MGADiagToolOutput
2013-11-25 21:42 - 2013-11-25 21:42 - 00000130 _____ C:\Descriptors.txt
2013-11-25 21:42 - 2003-03-25 06:00 - 00009216 _____ (Microsoft Corporation) C:\Windows\proxycfg.exe
2013-11-25 21:01 - 2013-11-25 21:01 - 00041604 _____ C:\Users\PAULO\Documents\cc_20131125_210140.reg
2013-11-25 20:55 - 2013-12-17 11:46 - 00000808 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-11-25 20:55 - 2013-12-17 11:46 - 00000000 ____D C:\Program Files\CCleaner

==================== One Month Modified Files and Folders =======

2013-12-20 00:31 - 2013-12-16 15:15 - 00000000 ____D C:\FRST
2013-12-20 00:20 - 2013-03-03 17:53 - 00000000 ____D C:\Users\PAULO\AppData\Roaming\Skype
2013-12-20 00:19 - 2013-12-20 00:19 - 00000966 _____ C:\Users\PAULO\Desktop\JRT.txt
2013-12-20 00:04 - 2013-04-12 15:25 - 01599775 _____ C:\Windows\WindowsUpdate.log
2013-12-20 00:04 - 2006-11-02 11:33 - 01472912 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-20 00:02 - 2012-08-05 18:47 - 00001356 _____ C:\Users\PAULO\AppData\Local\d3d9caps.dat
2013-12-19 23:59 - 2013-07-03 04:58 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2013-12-19 23:59 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-19 23:59 - 2006-11-02 13:47 - 00003296 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-19 23:59 - 2006-11-02 13:47 - 00003296 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-19 23:59 - 2006-11-02 13:37 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-12-19 23:57 - 2006-11-02 14:01 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-19 23:57 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\tracing
2013-12-19 23:21 - 2013-12-19 14:29 - 00000000 ____D C:\AdwCleaner
2013-12-19 21:44 - 2013-12-06 16:05 - 00000034 _____ C:\Windows\setupact.log
2013-12-19 16:57 - 2013-01-15 19:30 - 00000000 ____D C:\ProgramData\Uniblue
2013-12-19 16:42 - 2013-12-04 14:34 - 00065764 _____ C:\Windows\PFRO.log
2013-12-19 14:21 - 2013-12-17 02:13 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2013-12-19 14:20 - 2013-12-19 14:20 - 00000910 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-19 14:20 - 2013-12-19 14:20 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-19 11:42 - 2013-12-18 14:41 - 00000974 _____ C:\Windows\Tasks\Google Software Updater.job
2013-12-18 10:31 - 2013-12-18 10:31 - 00024043 _____ C:\ComboFix.txt
2013-12-18 10:31 - 2013-12-18 10:06 - 00000000 ____D C:\Qoobox
2013-12-18 10:31 - 2006-11-02 12:18 - 00000000 ___RD C:\Users\Public
2013-12-18 10:25 - 2006-11-02 11:23 - 00000215 _____ C:\Windows\system.ini
2013-12-18 10:21 - 2010-06-30 03:10 - 00000000 ____D C:\Windows\ERDNT
2013-12-18 10:21 - 2006-11-02 11:22 - 76283904 _____ C:\Windows\system32\config\software.bak
2013-12-18 10:21 - 2006-11-02 11:22 - 52166656 _____ C:\Windows\system32\config\system.bak
2013-12-18 10:21 - 2006-11-02 11:22 - 39845888 _____ C:\Windows\system32\config\COMPON~3.bak
2013-12-18 10:21 - 2006-11-02 11:22 - 05767168 _____ C:\Windows\system32\config\default.bak
2013-12-18 10:21 - 2006-11-02 11:22 - 00262144 _____ C:\Windows\system32\config\security.bak
2013-12-18 10:21 - 2006-11-02 11:22 - 00057344 _____ C:\Windows\system32\config\sam.bak
2013-12-18 10:05 - 2013-11-16 17:36 - 00001877 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-12-18 10:05 - 2013-07-03 18:42 - 00775952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-12-18 10:05 - 2013-07-03 18:42 - 00410528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-12-18 10:05 - 2013-07-03 18:42 - 00270240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-12-18 10:05 - 2013-07-03 18:42 - 00180248 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-12-18 10:05 - 2013-07-03 18:42 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-12-18 10:05 - 2013-07-03 18:42 - 00057672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-12-18 10:05 - 2013-07-03 18:42 - 00054832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2013-12-18 10:05 - 2013-07-03 18:41 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-12-17 13:00 - 2013-12-17 13:00 - 00001847 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2013-12-17 13:00 - 2011-10-26 15:58 - 00000000 ____D C:\Users\PAULO\AppData\Roaming\Foxit Software
2013-12-17 12:01 - 2010-10-27 17:06 - 00000000 ____D C:\Program Files\Recuva
2013-12-17 12:00 - 2013-12-17 12:00 - 00001638 _____ C:\Users\Public\Desktop\Recuva.lnk
2013-12-17 11:59 - 2013-12-17 11:58 - 25469280 _____ C:\Users\PAULO\Downloads\googleearth-win-bundle-7.1.2.2041 (1).exe
2013-12-17 11:59 - 2013-12-16 15:33 - 00000000 ____D C:\Program Files\FileHippo.com
2013-12-17 11:52 - 2013-12-17 11:52 - 23353953 _____ C:\Users\PAULO\Downloads\googleearth-win-bundle-7.1.2.2041 (1).exe.opdownload
2013-12-17 11:51 - 2013-12-17 11:51 - 00001400 _____ C:\Users\PAULO\Desktop\DivX Movies.lnk
2013-12-17 11:51 - 2013-12-17 11:51 - 00000871 _____ C:\Users\Public\Desktop\DivX Player.lnk
2013-12-17 11:51 - 2011-11-01 18:35 - 00000000 ____D C:\ProgramData\DivX
2013-12-17 11:51 - 2011-03-08 15:55 - 00000000 ____D C:\Program Files\DivX
2013-12-17 11:50 - 2013-12-17 11:50 - 00000936 _____ C:\Users\Public\Desktop\DivX Converter.lnk
2013-12-17 11:49 - 2013-12-17 11:49 - 25469280 _____ C:\Users\PAULO\Downloads\googleearth-win-bundle-7.1.2.2041.exe
2013-12-17 11:47 - 2013-12-17 11:47 - 00017563 _____ C:\Users\PAULO\Desktop\Opera 12 Notes.html
2013-12-17 11:47 - 2013-12-17 11:47 - 00000000 ____D C:\Users\PAULO\AppData\Local\Opera Software
2013-12-17 11:47 - 2013-12-16 15:33 - 00001788 _____ C:\Users\PAULO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update Checker.lnk
2013-12-17 11:47 - 2013-12-16 15:33 - 00001758 _____ C:\Users\PAULO\Desktop\Update Checker.lnk
2013-12-17 11:46 - 2013-12-17 11:46 - 00000801 _____ C:\Users\Public\Desktop\Opera 18.lnk
2013-12-17 11:46 - 2013-12-17 11:46 - 00000000 ____D C:\Users\PAULO\AppData\Roaming\Opera Software
2013-12-17 11:46 - 2013-11-25 20:55 - 00000808 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-12-17 11:46 - 2013-11-25 20:55 - 00000000 ____D C:\Program Files\CCleaner
2013-12-17 11:46 - 2011-03-08 17:28 - 00000000 ____D C:\Program Files\Opera
2013-12-17 11:44 - 2007-09-24 15:10 - 00000000 ____D C:\Program Files\Google
2013-12-17 00:19 - 2013-12-16 15:32 - 00000272 _____ C:\Windows\Tasks\Driver Booster Update.job
2013-12-16 15:59 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-12-16 15:51 - 2007-11-19 19:23 - 00000000 ____D C:\Users\PAULO
2013-12-16 15:50 - 2013-12-16 15:50 - 00232296 _____ (Intel Corporation) C:\Windows\system32\Drivers\e1e6032.sys
2013-12-16 15:50 - 2013-12-16 15:50 - 00083808 _____ (Intel Corporation) C:\Windows\system32\NicInE6.dll
2013-12-16 15:50 - 2013-12-16 15:50 - 00002760 _____ C:\Windows\system32\e1e6032.din
2013-12-16 15:50 - 2007-09-24 08:42 - 00317240 _____ (Intel Corporation) C:\Windows\system32\Prounstl.exe
2013-12-16 15:49 - 2013-12-16 15:49 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2013-12-16 15:48 - 2010-02-20 12:47 - 00000000 ____D C:\Windows\system32\RTCOM
2013-12-16 15:46 - 2013-12-16 15:46 - 38385664 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes.dat
2013-12-16 15:46 - 2013-12-16 15:46 - 27369216 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 13881088 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 07162128 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP32A.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 06176944 _____ (Dolby Laboratories) C:\Windows\system32\DDPP32A.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 05773592 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 05681192 _____ C:\Windows\system32\Drivers\rtvienna.dat
2013-12-16 15:46 - 2013-12-16 15:46 - 03444992 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 02888536 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys
2013-12-16 15:46 - 2013-12-16 15:46 - 02547928 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkPgExt.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 02395680 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 02328792 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 01935104 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 01824000 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 01783056 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesLib.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 01677568 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek2.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 01596488 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSndMgr.cpl
2013-12-16 15:46 - 2013-12-16 15:46 - 01509480 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 01489072 _____ (Dolby Laboratories) C:\Windows\system32\DDPD32A.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 01379760 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 01292904 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 01220200 _____ (DTS) C:\Windows\system32\DTSBoostDLL.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 01097984 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO50.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00938752 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt32.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00926976 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00919600 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00877880 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOSettingsIPC.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00873728 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO40.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00859904 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00852016 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00823040 _____ (DTS, Inc.) C:\Windows\system32\sl3apo32.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00819648 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo2.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00782040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApoApi.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00761088 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO20.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00681905 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2013-12-16 15:46 - 2013-12-16 15:46 - 00654952 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00631400 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00604928 _____ (DTS, Inc.) C:\Windows\system32\sltech32.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00601704 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00509184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00509184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00502584 _____ C:\Windows\system32\audioLibVc.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00458344 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00426944 _____ (DTS) C:\Windows\system32\DTSU2PLFX32.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00403392 _____ (DTS) C:\Windows\system32\DTSU2PGFX32.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00389736 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00375400 _____ (DTS) C:\Windows\system32\DTSLimiterDLL.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00359768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP32A.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00357712 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00352016 _____ (Dolby Laboratories) C:\Windows\system32\R4EED32A.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00346048 _____ (DTS) C:\Windows\system32\DTSU2PREC32.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00345328 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSXT.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT32.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA32.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00272048 _____ (Dolby Laboratories) C:\Windows\system32\DDPO32A.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00232792 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00219312 _____ (Dolby Laboratories) C:\Windows\system32\DDPA32.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00218728 _____ (DTS) C:\Windows\system32\DTSGFXAPONS.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00218728 _____ (DTS) C:\Windows\system32\DTSGFXAPO.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00218368 _____ (TODO: <Company name>) C:\Windows\system32\slprp32.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00218216 _____ (DTS) C:\Windows\system32\DTSLFXAPO.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00214368 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00188696 _____ C:\Windows\system32\AcpiServiceVnA.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00185584 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSHD.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00182472 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTACap.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00173296 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP360.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00170840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED32A.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00140528 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00134584 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00132368 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00124632 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoInstII.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00106768 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL32A.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00095840 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTARen.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00092584 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00091920 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA32A.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL32A.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00074080 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00068960 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00064856 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG32A.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00062224 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG32A.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00058264 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\TepeqAPO.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00013416 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR.dll
2013-12-16 15:37 - 2007-09-24 13:22 - 00000000 ____D C:\ProgramData\NVIDIA
2013-12-16 15:35 - 2013-12-16 15:35 - 22951200 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll
2013-12-16 15:35 - 2013-12-16 15:35 - 17560352 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-12-16 15:35 - 2013-12-16 15:35 - 10446112 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-12-16 15:35 - 2013-12-16 15:35 - 09663656 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-12-16 15:35 - 2013-12-16 15:35 - 09619872 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-12-16 15:35 - 2013-12-16 15:35 - 02947872 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-12-16 15:35 - 2013-12-16 15:35 - 02747680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-12-16 15:35 - 2013-12-16 15:35 - 01049888 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3233182.dll
2013-12-16 15:35 - 2013-12-16 15:35 - 00893728 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3233182.dll
2013-12-16 15:35 - 2013-02-25 23:22 - 15862272 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2um.dll
2013-12-16 15:35 - 2013-02-25 23:22 - 15218504 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dum.dll
2013-12-16 15:35 - 2013-02-25 23:22 - 02697248 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi.dll
2013-12-16 15:35 - 2012-08-05 20:01 - 00018439 _____ C:\Windows\system32\nvinfo.pb
2013-12-16 15:32 - 2013-12-16 15:32 - 00000977 _____ C:\Users\Public\Desktop\Driver Booster.lnk
2013-12-16 15:32 - 2012-10-31 01:41 - 00000000 ____D C:\Program Files\IObit
2013-12-16 15:32 - 2011-12-15 18:59 - 00000000 ____D C:\ProgramData\IObit
2013-12-16 15:32 - 2009-01-04 13:53 - 00000000 ____D C:\Users\PAULO\AppData\Roaming\IObit
2013-12-16 15:03 - 2008-04-10 17:22 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-12-16 14:56 - 2011-02-07 15:22 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-16 14:50 - 2006-11-02 11:23 - 00000331 _____ C:\Windows\win.ini
2013-12-16 13:36 - 2012-12-10 11:33 - 00002617 _____ C:\Users\PAULO\Desktop\Microsoft Word 2010.lnk
2013-12-16 13:29 - 2013-12-16 13:28 - 00000000 ____D C:\5dc6eb3b0a3bdca6bc002fb2174d
2013-12-16 12:44 - 2012-08-22 05:09 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-16 12:44 - 2009-12-07 23:15 - 00000000 ____D C:\Program Files\WinRAR
2013-12-16 12:10 - 2013-12-16 12:10 - 00000863 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-12-16 12:09 - 2009-03-13 23:57 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR
2013-12-16 11:49 - 2013-12-16 11:49 - 00000000 ____D C:\Users\PAULO\AppData\Local\Secunia PSI
2013-12-16 11:44 - 2013-12-16 11:44 - 00000000 ____D C:\Program Files\Secunia
2013-12-16 11:44 - 2012-04-04 23:28 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-12-16 11:44 - 2011-05-25 02:58 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-12-16 11:31 - 2013-12-16 11:31 - 00087358 _____ C:\Users\PAULO\Documents\ResultReport.html
2013-12-16 04:43 - 2009-07-04 11:24 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-16 02:57 - 2013-07-02 16:34 - 00001967 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-12-15 21:43 - 2009-07-04 11:24 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-13 03:31 - 2013-12-13 03:31 - 04583424 _____ (Google Inc.) C:\Windows\system32\GPhotos.scr
2013-12-06 18:32 - 2013-12-06 18:32 - 00000000 ____D C:\Program Files\7-Zip
2013-12-06 16:54 - 2013-12-06 16:54 - 00000000 ____D C:\Users\PAULO\AppData\Local\Logitech® Webcam-Software
2013-12-06 16:05 - 2013-12-06 16:05 - 00000000 _____ C:\Windows\setuperr.log
2013-12-06 15:57 - 2013-12-06 15:56 - 00005185 _____ C:\Windows\LDPINST.LOG
2013-12-06 15:57 - 2010-05-02 17:39 - 00038908 _____ C:\Windows\system32\lvcoinst.log
2013-12-06 15:57 - 2007-12-13 17:39 - 00000000 ____D C:\Program Files\Common Files\LogiShrd
2013-12-06 15:56 - 2013-12-06 15:56 - 00001477 _____ C:\Users\Public\Desktop\Logitech Webcam Software  .lnk
2013-12-06 11:35 - 2013-09-27 15:35 - 00000000 ____D C:\Windows\system32\logishrd
2013-12-04 20:12 - 2013-12-04 20:11 - 00000000 ____D C:\Users\PAULO\Desktop\100D3100
2013-12-04 14:40 - 2007-11-28 19:36 - 00000000 ____D C:\Users\PAULO\AppData\Local\Adobe
2013-12-04 14:34 - 2006-11-02 13:37 - 00000000 ____D C:\Windows\ShellNew
2013-12-04 14:19 - 2013-12-04 14:19 - 00001956 _____ C:\Users\PAULO\Desktop\Tweaking.com - Windows Repair (All in One).lnk
2013-12-04 14:19 - 2013-12-04 14:19 - 00000000 ____D C:\Program Files\Tweaking.com
2013-12-03 13:15 - 2013-10-13 12:20 - 00000000 ____D C:\Users\PAULO\Desktop\Gutscheine
2013-12-02 17:34 - 2011-10-14 09:19 - 00000000 ____D C:\ProgramData\CanonIJPLM
2013-11-26 14:26 - 2013-03-03 18:15 - 00000000 ___RD C:\Program Files\Skype
2013-11-26 14:26 - 2011-11-11 20:33 - 00000000 ____D C:\ProgramData\Skype
2013-11-25 21:43 - 2013-11-25 21:43 - 00000000 ____D C:\MGADiagToolOutput
2013-11-25 21:42 - 2013-11-25 21:42 - 00000130 _____ C:\Descriptors.txt
2013-11-25 21:01 - 2013-11-25 21:01 - 00041604 _____ C:\Users\PAULO\Documents\cc_20131125_210140.reg
2013-11-25 12:20 - 2012-04-12 14:46 - 00000000 ____D C:\Program Files\stinger
2013-11-25 11:51 - 2012-08-08 22:32 - 00000000 ____D C:\Users\PAULO\Desktop\PROGRAMME

Files to move or delete:
====================
C:\ProgramData\PKP_DLdu.DAT


Some content of TEMP:
====================
C:\Users\PAULO\AppData\Local\temp\Checkupdate.exe
C:\Users\PAULO\AppData\Local\temp\Foxit Reader Updater.exe
C:\Users\PAULO\AppData\Local\temp\gcapi_dll.dll
C:\Users\PAULO\AppData\Local\temp\gtapi_signed.dll
C:\Users\PAULO\AppData\Local\temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-20 00:04

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

Hallo Schrauber nur zur Info bin erst ab dem 06.01.14 wieder da, schöne Weihnachten und Guten Rutsch.

schrauber 20.12.2013 16:30

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

palex31 06.01.2014 20:46
Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=127d023e90467045b9e0f1867dd33f3b
# engine=16535
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-01-06 07:21:43
# local_time=2014-01-06 08:21:43 (+0100, Mitteleuropäische Zeit)
# country="Switzerland"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=774 16777213 85 77 1681063 5837787 0 0
# compatibility_mode=5892 16776574 100 100 1712495 226568831 0 0
# scanned=427953
# found=2
# cleaned=0
# scan_time=15678
sh=7BC4998793462E1932A4F74E3A139DCDDA7653C6 ft=1 fh=19edba72960273eb vn="probably unknown NewHeur_PE virus" ac=I fn="C:\Program Files\Swisscom\Quick Help\m2mupdate.exe"
sh=7BC4998793462E1932A4F74E3A139DCDDA7653C6 ft=1 fh=19edba72960273eb vn="probably unknown NewHeur_PE virus" ac=I fn="C:\Programme\Swisscom\Quick Help\m2mupdate.exe"
Code:
Results of screen317's Security Check version 0.99.78 
 Windows Vista Service Pack 2 x86 (UAC is enabled) 
 Internet Explorer 9 
 Internet Explorer 8 
``````````````Antivirus/Firewall Check:``````````````
avast! Antivirus 
 Antivirus up to date! 
`````````Anti-malware/Other Utilities Check:`````````
 SpywareBlaster 5.0   
 Spyware Striker   
 Malwarebytes Anti-Malware Version 1.75.0.1300 
 TuneUp Utilities Language Pack (en-US)
 CCleaner   
 Java 7 Update 45 
 Adobe Flash Player        11.9.900.170 
 Adobe Reader 9 Adobe Reader out of Date!
 Mozilla Firefox (26.0)
 Google Chrome 30.0.1599.101 
 Google Chrome 31.0.1650.63 
````````Process Check: objlist.exe by Laurent```````` 
 AVAST Software Avast AvastSvc.exe 
 AVAST Software Avast AvastUI.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````

schrauber 07.01.2014 10:25
Zitat:
und ein frisches FRST log bitte. Noch Probleme?
:).

palex31 07.01.2014 15:59

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-01-2014
Ran by PAULO (administrator) on MEDION on 07-01-2014 15:53:13
Running from C:\Users\PAULO\Desktop\Desktop
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVM Berlin) C:\Program Files\avmwlanstick\WLanNetService.exe
(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
() C:\Program Files\Canon\IJPLM\ijplmsvc.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(PC Tools) C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
() C:\Program Files\Home Cinema\TV Enhance\Kernel\TV\TVECapSvc.exe
(X10) C:\Program Files\Common Files\X10\Common\X10nets.exe
() C:\Program Files\Home Cinema\TV Enhance\Kernel\TV\TVESched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(IObit) C:\Program Files\IObit\Driver Booster\DriverBooster.exe
(PC Tools) C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
(AVM Berlin) C:\Program Files\avmwlanstick\WLanGUI.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(DivX, LLC) C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(Logitech Inc.) C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
() C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(TomTom) C:\Program Files\MyDrive Connect\MyDriveConnect.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
() C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
() C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(RealNetworks, Inc.) C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SSDMonitor] - C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe [104408 2010-09-16] (PC Tools)
HKLM\...\Run: [AVMWlanClient] - C:\Program Files\avmwlanstick\WLanGUI.exe [2105344 2010-10-22] (AVM Berlin)
HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)
HKLM\...\Run: [IntelliPoint] - C:\Program Files\Microsoft IntelliPoint\ipoint.exe [1821576 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [DivXMediaServer] - C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-09-11] (DivX, LLC)
HKLM\...\Run: [TkBellExe] - C:\Program Files\Real\RealPlayer\Update\realsched.exe [295512 2013-09-16] (RealNetworks, Inc.)
HKLM\...\Run: [LWS] - C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2013-12-18] (AVAST Software)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12017368 2013-12-16] (Realtek Semiconductor)
HKLM\...\Runonce: [B Register C:\Program Files\DivX\DivX Transcode Engine\plugins\mc_demux_mp2_ds.ax] - "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Transcode Engine\plugins\mc_demux_mp2_ds.ax",DllRegisterServer
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKCU\...\Run: [KiesPDLR] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [21392 2012-05-04] ()
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\wmpnscfg.exe [202240 2008-01-19] (Microsoft Corporation)
HKCU\...\Run: [MyDriveConnect.exe] - C:\Program Files\MyDrive Connect\MyDriveConnect.exe [473496 2013-10-21] (TomTom)
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2008-01-14] (Google Inc.)
HKCU\...\Run: [FileHippo.com] - C:\Program Files\FileHippo.com\UpdateChecker.exe [307712 2012-11-23] (FileHippo.com)
HKCU\...\Policies\Explorer: [NoCDBurning] 0
HKCU\...\Policies\Explorer: [NoDriveTypeAutoRun] 0xDD000000
HKCU\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-10] (Microsoft Corporation)
HKU\Default User\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-10] (Microsoft Corporation)
HKU\UpdatusUser\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-10] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x9CE28A080518CB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-ch
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.live.com
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.live.com
HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - URL hxxp://www.googIecrawler.com/search/?q={searchTerms}&lang=de
SearchScopes: HKCU - {16FBBA4F-85C6-48DC-99CF-8B7385E5CC1A} URL = hxxp://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}
SearchScopes: HKCU - {505DD0EE-EDDA-45EF-B7BA-C6DE5D6B35E6} URL =
SearchScopes: HKCU - {DF629D51-0499-4884-A65E-4EFD87EB63BD} URL = hxxp://ch.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=198484&p={searchTerms}
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {965B54B0-71E0-4611-8DE7-F73FA0B20E26} -  No File
Toolbar: HKCU - No Name - {472734EA-242A-422B-ADF8-83D1E48CC825} -  No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab}
DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} hxxp://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab
DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} hxxp://127.0.0.1:9070/etc/var/TVUAx.cab
DPF: {428A9DEF-F057-402B-9F2D-A5887F4544ED} hxxp://download.microsoft.com/download/f/0/2/f02b515c-7076-4cee-bc08-fd6fea594578/VirtualEarth3D.cab
DPF: {4BFD075D-C36E-4F28-BB0A-5D472795197A} hxxp://www.powerchallenge.com/applet/PowerLoader.cab
DPF: {5CE72DD0-4695-4D18-A4D3-3367ACD37578} hxxp://de.bluewin.ch/services/security_checker/fscax.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} hxxp://navigram.com/engine/v1111/Navigram.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {B9F79165-A264-4C4A-A211-133A5E8D647F} hxxp://services.bluewin.ch/securitychecker/fscax.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} https://signin2.valueactive.eu/Register/Branding/olr3313/OCX/v1018/flashax.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
Handler: livecall - No CLSID Value -
Handler: msnim - No CLSID Value -
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks:  - {AEB6717E-7E19-11d0-97EE-00C04FD91972} -  No File [ ]
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MI1933~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MI1933~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/npracplug;version=1.0.0.0 - C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\PAULO\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @soe.sony.com/installer,version=1.0.3 - C:\Users\PAULO\AppData\LocalLow\Sony Online Entertainment\npsoe.dll ()
FF Plugin HKCU: @www.flatcast.com/FlatViewer 5.2 - C:\PROGRA~1\MOZILL~1\plugins\NpFv522.dll (1 mal 1 Software GmbH)
FF SearchPlugin: C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\searchplugins\duckduckgo-http.xml
FF SearchPlugin: C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\searchplugins\filehippo.xml
FF SearchPlugin: C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\searchplugins\firefox-add-ons.xml
FF SearchPlugin: C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\searchplugins\gmx-suche-schweiz.xml
FF SearchPlugin: C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\searchplugins\ixquick-https---deutsch.xml
FF SearchPlugin: C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\avg_igeared.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: DoNotTrackMe: Online Privacy Protection - C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\Extensions\donottrackplus@abine.com
FF Extension: Amazon Toolbar - C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\Extensions\FFAmazonShoppingToolbar@wangtom.com
FF Extension: MaskMe - C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\Extensions\idme@abine.com
FF Extension: vShare - C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\Extensions\vshare@toolbar(1646)
FF Extension: Personas Rotator - C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\Extensions\{6e73f6b7-b9ab-44b8-b744-6393e3c2e351}(1405)
FF Extension: WOT - C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: Add to Amazon Wish List Button - C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\Extensions\amznUWL2@amazon.com.xpi
FF Extension: Autofill Forms - C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\Extensions\autofillForms@blueimp.net.xpi
FF Extension: Ciuvo - C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\Extensions\extension@ciuvo.com.xpi
FF Extension: preisspion.de - C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\Extensions\finder@meingutscheincode.de.xpi
FF Extension: GMX MailCheck - C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\Extensions\toolbar@gmx.net.xpi
FF Extension: Webutation - C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\Extensions\{15fe27f3-e5ab-2d59-4c5c-dadc7945bdbd}.xpi
FF Extension: CouponsHelper - C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\Extensions\{239cc760-75a9-4276-b1fc-c0ceb963f373}.xpi
FF Extension: Adblock Plus - C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: BetterPrivacy - C:\Users\PAULO\AppData\Roaming\Mozilla\Firefox\Profiles\r709548e.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\%APPDATA%
FF Extension: Google Settings - C:\Program Files\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com
FF Extension: Swisscom Quick Help - C:\Program Files\Mozilla Firefox\extensions\{6A6114A5-EEF5-45F4-BCD1-B00A7B33E04B}
FF Extension: ICQ Toolbar - C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}(889)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\

Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Advanced SystemCare 6) - C:\Users\PAULO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin/ASCPlugin_Protect.dll No File
CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (DivX Player Netscape Plugin) - C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (Flatcast Viewer Plugin 5.2.2.454) - C:\Program Files\Mozilla Firefox\plugins\NpFv522.dll (1 mal 1 Software GmbH)
CHR Plugin: (Windows Genuine Advantage) - C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
CHR Plugin: (king.com - Game controller for firefox) - C:\Program Files\Mozilla Firefox\plugins\npmidas.dll (Midasplayer Ltd)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (RealArcade Mozilla Plugin) - C:\Program Files\Mozilla Firefox\plugins\npracplug.dll (RealNetworks)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprpplugin.dll (RealPlayer)
CHR Plugin: (getPlusPlus for Adobe 16248) - C:\Program Files\Mozilla Firefox\plugins\np_gp.dll (NOS Microsystems Ltd.)
CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MI1933~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MI1933~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility) - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Updater) - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Advanced SystemCare 6 Opera Plugin) - C:\Program Files\IObit\Advanced SystemCare 6\BrowerProtect\np_Asc_plugin.dll (IObit)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealDownloader Plugin) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
CHR Plugin: (SOE Web Installer) - C:\Users\PAULO\AppData\LocalLow\Sony Online Entertainment\npsoe.dll ()
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\PAULO\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_88.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Google Docs) - C:\Users\PAULO\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\PAULO\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\PAULO\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\PAULO\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (DoNotTrackMe: Online Privacy Protection) - C:\Users\PAULO\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd\3.1.1037_0
CHR Extension: (AdBlock) - C:\Users\PAULO\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0
CHR Extension: (avast! Online Security) - C:\Users\PAULO\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0
CHR Extension: (RealDownloader) - C:\Users\PAULO\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.3_0
CHR Extension: (Ghostery) - C:\Users\PAULO\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.0.0_0
CHR Extension: (Google Wallet) - C:\Users\PAULO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR Extension: (Gmail) - C:\Users\PAULO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\...\Chrome\Extension: [aaaaoiagmlcohkmjodefppbmpjdiocmh] - C:\Users\PAULO\AppData\Local\APN\GoogleCRXs\aaaaoiagmlcohkmjodefppbmpjdiocmh_7.15.12.0.crx
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-18] (AVAST Software)
R2 AVM WLAN Connection Service; C:\Program Files\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin)
S2 ezGOSvc; C:\Windows\system32\ezGOSvc.dll [73600 2011-05-29] ()
S3 getPlusHelper; C:\Windows\System32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S2 gupdate1c98a367113a630; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-02-08] (Google Inc.)
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] ()
R2 Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [132768 2011-11-09] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [11552 2012-03-26] (Microsoft Corporation)
R2 PCToolsSSDMonitorSvc; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [632792 2010-10-01] (PC Tools)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [262247 2007-01-12] ()
R2 TVECapSvc; C:\Program Files\Home Cinema\TV Enhance\Kernel\TV\TVECapSvc.exe [290908 2007-01-12] ()
R2 TVESched; C:\Program Files\Home Cinema\TV Enhance\Kernel\TV\TVESched.exe [114778 2007-01-12] ()
R2 UMVPFSrv; C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [450848 2012-01-18] (Logitech Inc.)
S3 UPnPService; C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [544768 2006-12-14] (Magix AG)
R2 x10nets; C:\Program Files\Common Files\X10\Common\X10nets.exe [20480 2001-11-12] (X10)

==================== Drivers (Whitelisted) ====================

S3 3xHybrid; C:\Windows\System32\DRIVERS\3xHybrid.sys [1025920 2009-08-26] (NXP Semiconductors Germany GmbH)
R2 ACEDRV08; C:\Windows\system32\drivers\ACEDRV08.sys [108768 2008-11-26] (Protect Software GmbH)
R0 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21576 2013-10-14] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2013-12-18] (AVAST Software)
R1 AswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2013-12-18] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2013-11-16] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [775952 2013-12-18] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [410528 2013-12-18] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2013-12-18] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [180248 2013-12-18] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [278728 2008-07-12] ()
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [4352 2010-10-22] (AVM Berlin)
S3 FETNDIS; C:\Windows\System32\DRIVERS\fetnd5.sys [45568 2006-11-02] (VIA Technologies, Inc.              )
R3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [586752 2010-10-22] (AVM GmbH)
R3 KMWDFILTER; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [17408 2008-10-09] (Windows (R) Codename Longhorn DDK provider)
R0 Lbd; C:\Windows\System32\DRIVERS\Lbd.sys [64288 2009-09-23] (Lavasoft AB)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25416 2008-07-12] ()
S3 LVPr2Mon; C:\Windows\System32\Drivers\LVPr2Mon.sys [25824 2010-05-07] ()
R3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41752 2008-12-17] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [171064 2012-03-20] (Microsoft Corporation)
S3 MREMP50; C:\Program Files\Common Files\Motive\MREMP50.sys [19712 2007-05-30] (Printing Communications Assoc., Inc. (PCAUSA))
S3 MRESP50; C:\Program Files\Common Files\Motive\MRESP50.sys [18304 2007-05-30] (Printing Communications Assoc., Inc. (PCAUSA))
R0 mv61xx; C:\Windows\System32\DRIVERS\mv61xx.sys [161072 2011-05-06] (Marvell Semiconductor, Inc.)
S3 pepifilter; C:\Windows\System32\DRIVERS\lv302af.sys [13976 2009-04-30] (Logitech Inc.)
R3 Ph3xIB32; C:\Windows\System32\DRIVERS\Ph3xIB32.sys [1131136 2007-04-03] (Philips Semiconductors GmbH)
S3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [2687512 2009-04-30] (Logitech Inc.)
S3 s1039mdm; C:\Windows\System32\DRIVERS\s1039mdm.sys [124016 2010-03-01] (MCCI Corporation)
S3 USB_RNDIS; C:\Windows\System32\DRIVERS\usb8023.sys [15872 2013-02-12] (Microsoft Corporation)
R3 WmBEnum; C:\Windows\System32\drivers\WmBEnum.sys [19336 2008-01-24] (Logitech Inc.)
S3 WmFilter; C:\Windows\System32\drivers\WmFilter.sys [28168 2008-01-24] (Logitech Inc.)
S3 WmVirHid; C:\Windows\System32\drivers\WmVirHid.sys [14728 2008-01-24] (Logitech Inc.)
R3 WmXlCore; C:\Windows\System32\drivers\WmXlCore.sys [48904 2008-01-24] (Logitech Inc.)
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [13976 2006-11-17] (X10 Wireless Technology, Inc.)
S3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
U3 DfSdkS;
S3 EagleXNt; No ImagePath
S1 FSES; System32\drivers\fses.sys [x]
S1 fsvista; No ImagePath
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 MREMP50a64; No ImagePath
S3 MRESP50a64; No ImagePath
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 uxddrv; \??\H:\DIAGNOSE\WSTGER32\2PART\uxddrv86.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-06 15:50 - 2014-01-06 15:50 - 41974272 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes.dat
2014-01-06 15:50 - 2014-01-06 15:50 - 13881600 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek.dll
2014-01-06 15:50 - 2014-01-06 15:50 - 05681196 _____ C:\Windows\system32\Drivers\rtvienna.dat
2014-01-06 15:50 - 2014-01-06 15:50 - 05115672 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2014-01-06 15:50 - 2014-01-06 15:50 - 03629824 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN.dll
2014-01-06 15:50 - 2014-01-06 15:50 - 02929048 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys
2014-01-06 15:50 - 2014-01-06 15:50 - 02547928 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkPgExt.dll
2014-01-06 15:50 - 2014-01-06 15:50 - 01935104 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2014-01-06 15:50 - 2014-01-06 15:50 - 01824000 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll
2014-01-06 15:50 - 2014-01-06 15:50 - 01677568 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek2.dll
2014-01-06 15:50 - 2014-01-06 15:50 - 01097984 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO50.dll
2014-01-06 15:50 - 2014-01-06 15:50 - 00865592 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOSettingsIPC.dll
2014-01-06 15:50 - 2014-01-06 15:50 - 00860416 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell.dll
2014-01-06 15:50 - 2014-01-06 15:50 - 00693329 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-01-06 15:50 - 2014-01-06 15:50 - 00126680 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoInstII.dll
2013-12-20 01:21 - 2013-12-20 01:21 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-20 00:19 - 2013-12-20 00:19 - 00000966 _____ C:\Users\PAULO\Desktop\JRT.txt
2013-12-19 14:29 - 2013-12-19 23:21 - 00000000 ____D C:\AdwCleaner
2013-12-19 14:20 - 2013-12-19 14:20 - 00000910 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-19 14:20 - 2013-12-19 14:20 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-19 14:20 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-18 14:41 - 2013-12-19 11:42 - 00000974 _____ C:\Windows\Tasks\Google Software Updater.job
2013-12-18 10:31 - 2013-12-18 10:31 - 00024043 _____ C:\ComboFix.txt
2013-12-18 10:06 - 2013-12-18 10:31 - 00000000 ____D C:\Qoobox
2013-12-18 10:06 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2013-12-18 10:06 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2013-12-18 10:06 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-12-18 10:06 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-12-18 10:06 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-12-18 10:06 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2013-12-18 10:06 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2013-12-18 10:06 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2013-12-17 13:00 - 2013-12-17 13:00 - 00001847 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2013-12-17 12:00 - 2013-12-17 12:00 - 00001638 _____ C:\Users\Public\Desktop\Recuva.lnk
2013-12-17 11:58 - 2013-12-17 11:59 - 25469280 _____ C:\Users\PAULO\Downloads\googleearth-win-bundle-7.1.2.2041 (1).exe
2013-12-17 11:52 - 2013-12-17 11:52 - 23353953 _____ C:\Users\PAULO\Downloads\googleearth-win-bundle-7.1.2.2041 (1).exe.opdownload
2013-12-17 11:51 - 2013-12-17 11:51 - 00001400 _____ C:\Users\PAULO\Desktop\DivX Movies.lnk
2013-12-17 11:51 - 2013-12-17 11:51 - 00000871 _____ C:\Users\Public\Desktop\DivX Player.lnk
2013-12-17 11:50 - 2013-12-17 11:50 - 00000936 _____ C:\Users\Public\Desktop\DivX Converter.lnk
2013-12-17 11:49 - 2013-12-17 11:49 - 25469280 _____ C:\Users\PAULO\Downloads\googleearth-win-bundle-7.1.2.2041.exe
2013-12-17 11:47 - 2013-12-17 11:47 - 00017563 _____ C:\Users\PAULO\Desktop\Opera 12 Notes.html
2013-12-17 11:47 - 2013-12-17 11:47 - 00000000 ____D C:\Users\PAULO\AppData\Local\Opera Software
2013-12-17 11:46 - 2013-12-17 11:46 - 00000801 _____ C:\Users\Public\Desktop\Opera 18.lnk
2013-12-17 11:46 - 2013-12-17 11:46 - 00000000 ____D C:\Users\PAULO\AppData\Roaming\Opera Software
2013-12-16 15:50 - 2013-12-16 15:50 - 00232296 _____ (Intel Corporation) C:\Windows\system32\Drivers\e1e6032.sys
2013-12-16 15:50 - 2013-12-16 15:50 - 00083808 _____ (Intel Corporation) C:\Windows\system32\NicInE6.dll
2013-12-16 15:50 - 2013-12-16 15:50 - 00002760 _____ C:\Windows\system32\e1e6032.din
2013-12-16 15:49 - 2013-12-16 15:49 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2013-12-16 15:46 - 2014-01-06 15:50 - 02329304 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 27369216 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 07162128 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP32A.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 06176944 _____ (Dolby Laboratories) C:\Windows\system32\DDPP32A.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 02395680 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 01783056 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesLib.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 01596488 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSndMgr.cpl
2013-12-16 15:46 - 2013-12-16 15:46 - 01509480 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 01489072 _____ (Dolby Laboratories) C:\Windows\system32\DDPD32A.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 01379760 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 01292904 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 01220200 _____ (DTS) C:\Windows\system32\DTSBoostDLL.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00938752 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt32.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00926976 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00919600 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00873728 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO40.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00852016 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00823040 _____ (DTS, Inc.) C:\Windows\system32\sl3apo32.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00819648 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo2.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00782040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApoApi.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00761088 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO20.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00654952 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00631400 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00604928 _____ (DTS, Inc.) C:\Windows\system32\sltech32.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00601704 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00509184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00509184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00502584 _____ C:\Windows\system32\audioLibVc.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00458344 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00426944 _____ (DTS) C:\Windows\system32\DTSU2PLFX32.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00403392 _____ (DTS) C:\Windows\system32\DTSU2PGFX32.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00389736 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00375400 _____ (DTS) C:\Windows\system32\DTSLimiterDLL.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00359768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP32A.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00357712 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00352016 _____ (Dolby Laboratories) C:\Windows\system32\R4EED32A.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00346048 _____ (DTS) C:\Windows\system32\DTSU2PREC32.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00345328 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSXT.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT32.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA32.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00272048 _____ (Dolby Laboratories) C:\Windows\system32\DDPO32A.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00232792 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00219312 _____ (Dolby Laboratories) C:\Windows\system32\DDPA32.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00218728 _____ (DTS) C:\Windows\system32\DTSGFXAPONS.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00218728 _____ (DTS) C:\Windows\system32\DTSGFXAPO.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00218368 _____ (TODO: <Company name>) C:\Windows\system32\slprp32.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00218216 _____ (DTS) C:\Windows\system32\DTSLFXAPO.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00214368 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00188696 _____ C:\Windows\system32\AcpiServiceVnA.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00185584 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSHD.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00182472 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTACap.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00173296 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP360.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00170840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED32A.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00140528 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00134584 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00132368 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00106768 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL32A.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00095840 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTARen.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00092584 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00091920 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA32A.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL32A.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00074080 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00068960 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00064856 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG32A.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00062224 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG32A.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00058264 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\TepeqAPO.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00013416 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR.dll
2013-12-16 15:35 - 2013-12-16 15:35 - 22951200 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll
2013-12-16 15:35 - 2013-12-16 15:35 - 17560352 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-12-16 15:35 - 2013-12-16 15:35 - 10446112 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-12-16 15:35 - 2013-12-16 15:35 - 09663656 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-12-16 15:35 - 2013-12-16 15:35 - 09619872 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-12-16 15:35 - 2013-12-16 15:35 - 02947872 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-12-16 15:35 - 2013-12-16 15:35 - 02747680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-12-16 15:35 - 2013-12-16 15:35 - 01049888 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3233182.dll
2013-12-16 15:35 - 2013-12-16 15:35 - 00893728 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3233182.dll
2013-12-16 15:33 - 2013-12-17 11:59 - 00000000 ____D C:\Program Files\FileHippo.com
2013-12-16 15:33 - 2013-12-17 11:47 - 00001788 _____ C:\Users\PAULO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update Checker.lnk
2013-12-16 15:33 - 2013-12-17 11:47 - 00001758 _____ C:\Users\PAULO\Desktop\Update Checker.lnk
2013-12-16 15:32 - 2013-12-17 00:19 - 00000272 _____ C:\Windows\Tasks\Driver Booster Update.job
2013-12-16 15:32 - 2013-12-16 15:32 - 00000977 _____ C:\Users\Public\Desktop\Driver Booster.lnk
2013-12-16 15:15 - 2014-01-07 15:52 - 00000000 ____D C:\FRST
2013-12-16 13:28 - 2013-12-16 13:29 - 00000000 ____D C:\5dc6eb3b0a3bdca6bc002fb2174d
2013-12-16 12:10 - 2013-12-16 12:10 - 00000863 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-12-16 11:49 - 2013-12-16 11:49 - 00000000 ____D C:\Users\PAULO\AppData\Local\Secunia PSI
2013-12-16 11:44 - 2013-12-16 11:44 - 00000000 ____D C:\Program Files\Secunia
2013-12-16 11:31 - 2013-12-16 11:31 - 00087358 _____ C:\Users\PAULO\Documents\ResultReport.html
2013-12-13 03:31 - 2013-12-13 03:31 - 04583424 _____ (Google Inc.) C:\Windows\system32\GPhotos.scr

==================== One Month Modified Files and Folders =======

2014-01-07 15:52 - 2013-12-16 15:15 - 00000000 ____D C:\FRST
2014-01-07 15:46 - 2013-03-03 17:53 - 00000000 ____D C:\Users\PAULO\AppData\Roaming\Skype
2014-01-07 15:46 - 2006-11-02 11:33 - 01472912 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-07 15:41 - 2013-07-03 04:58 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2014-01-07 15:41 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-07 15:41 - 2006-11-02 13:47 - 00003296 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-07 15:41 - 2006-11-02 13:47 - 00003296 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-07 15:41 - 2006-11-02 13:37 - 00000000 ___RD C:\Users\Public\Recorded TV
2014-01-07 15:40 - 2013-12-04 14:34 - 00066862 _____ C:\Windows\PFRO.log
2014-01-06 20:42 - 2013-04-12 15:25 - 01275414 _____ C:\Windows\WindowsUpdate.log
2014-01-06 20:42 - 2006-11-02 14:01 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-06 16:09 - 2011-10-14 09:19 - 00000000 ____D C:\ProgramData\CanonIJPLM
2014-01-06 15:53 - 2010-02-20 12:47 - 00000000 ____D C:\Windows\system32\RTCOM
2014-01-06 15:51 - 2007-11-19 19:23 - 00000000 ____D C:\Users\PAULO
2014-01-06 15:50 - 2014-01-06 15:50 - 41974272 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes.dat
2014-01-06 15:50 - 2014-01-06 15:50 - 13881600 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek.dll
2014-01-06 15:50 - 2014-01-06 15:50 - 05681196 _____ C:\Windows\system32\Drivers\rtvienna.dat
2014-01-06 15:50 - 2014-01-06 15:50 - 05115672 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2014-01-06 15:50 - 2014-01-06 15:50 - 03629824 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN.dll
2014-01-06 15:50 - 2014-01-06 15:50 - 02929048 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys
2014-01-06 15:50 - 2014-01-06 15:50 - 02547928 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkPgExt.dll
2014-01-06 15:50 - 2014-01-06 15:50 - 01935104 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2014-01-06 15:50 - 2014-01-06 15:50 - 01824000 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll
2014-01-06 15:50 - 2014-01-06 15:50 - 01677568 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek2.dll
2014-01-06 15:50 - 2014-01-06 15:50 - 01097984 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO50.dll
2014-01-06 15:50 - 2014-01-06 15:50 - 00865592 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOSettingsIPC.dll
2014-01-06 15:50 - 2014-01-06 15:50 - 00860416 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell.dll
2014-01-06 15:50 - 2014-01-06 15:50 - 00693329 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-01-06 15:50 - 2014-01-06 15:50 - 00126680 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoInstII.dll
2014-01-06 15:50 - 2013-12-16 15:46 - 02329304 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO.dll
2014-01-06 15:41 - 2007-09-24 15:10 - 00000000 ____D C:\Program Files\Google
2013-12-23 15:46 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\tracing
2013-12-20 04:45 - 2013-12-06 16:05 - 00000068 _____ C:\Windows\setupact.log
2013-12-20 04:41 - 2012-04-24 21:47 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-12-20 01:21 - 2013-12-20 01:21 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-20 00:19 - 2013-12-20 00:19 - 00000966 _____ C:\Users\PAULO\Desktop\JRT.txt
2013-12-20 00:02 - 2012-08-05 18:47 - 00001356 _____ C:\Users\PAULO\AppData\Local\d3d9caps.dat
2013-12-19 23:21 - 2013-12-19 14:29 - 00000000 ____D C:\AdwCleaner
2013-12-19 16:57 - 2013-01-15 19:30 - 00000000 ____D C:\ProgramData\Uniblue
2013-12-19 14:20 - 2013-12-19 14:20 - 00000910 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-19 14:20 - 2013-12-19 14:20 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-19 11:42 - 2013-12-18 14:41 - 00000974 _____ C:\Windows\Tasks\Google Software Updater.job
2013-12-18 10:31 - 2013-12-18 10:31 - 00024043 _____ C:\ComboFix.txt
2013-12-18 10:31 - 2013-12-18 10:06 - 00000000 ____D C:\Qoobox
2013-12-18 10:31 - 2006-11-02 12:18 - 00000000 ___RD C:\Users\Public
2013-12-18 10:25 - 2006-11-02 11:23 - 00000215 _____ C:\Windows\system.ini
2013-12-18 10:21 - 2010-06-30 03:10 - 00000000 ____D C:\Windows\ERDNT
2013-12-18 10:21 - 2006-11-02 11:22 - 76283904 _____ C:\Windows\system32\config\software.bak
2013-12-18 10:21 - 2006-11-02 11:22 - 52166656 _____ C:\Windows\system32\config\system.bak
2013-12-18 10:21 - 2006-11-02 11:22 - 39845888 _____ C:\Windows\system32\config\COMPON~3.bak
2013-12-18 10:21 - 2006-11-02 11:22 - 05767168 _____ C:\Windows\system32\config\default.bak
2013-12-18 10:21 - 2006-11-02 11:22 - 00262144 _____ C:\Windows\system32\config\security.bak
2013-12-18 10:21 - 2006-11-02 11:22 - 00057344 _____ C:\Windows\system32\config\sam.bak
2013-12-18 10:05 - 2013-11-16 17:36 - 00001877 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-12-18 10:05 - 2013-07-03 18:42 - 00775952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-12-18 10:05 - 2013-07-03 18:42 - 00410528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-12-18 10:05 - 2013-07-03 18:42 - 00270240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-12-18 10:05 - 2013-07-03 18:42 - 00180248 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-12-18 10:05 - 2013-07-03 18:42 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-12-18 10:05 - 2013-07-03 18:42 - 00057672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-12-18 10:05 - 2013-07-03 18:42 - 00054832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2013-12-18 10:05 - 2013-07-03 18:41 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-12-17 13:00 - 2013-12-17 13:00 - 00001847 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2013-12-17 13:00 - 2011-10-26 15:58 - 00000000 ____D C:\Users\PAULO\AppData\Roaming\Foxit Software
2013-12-17 12:01 - 2010-10-27 17:06 - 00000000 ____D C:\Program Files\Recuva
2013-12-17 12:00 - 2013-12-17 12:00 - 00001638 _____ C:\Users\Public\Desktop\Recuva.lnk
2013-12-17 11:59 - 2013-12-17 11:58 - 25469280 _____ C:\Users\PAULO\Downloads\googleearth-win-bundle-7.1.2.2041 (1).exe
2013-12-17 11:59 - 2013-12-16 15:33 - 00000000 ____D C:\Program Files\FileHippo.com
2013-12-17 11:52 - 2013-12-17 11:52 - 23353953 _____ C:\Users\PAULO\Downloads\googleearth-win-bundle-7.1.2.2041 (1).exe.opdownload
2013-12-17 11:51 - 2013-12-17 11:51 - 00001400 _____ C:\Users\PAULO\Desktop\DivX Movies.lnk
2013-12-17 11:51 - 2013-12-17 11:51 - 00000871 _____ C:\Users\Public\Desktop\DivX Player.lnk
2013-12-17 11:51 - 2011-11-01 18:35 - 00000000 ____D C:\ProgramData\DivX
2013-12-17 11:51 - 2011-03-08 15:55 - 00000000 ____D C:\Program Files\DivX
2013-12-17 11:50 - 2013-12-17 11:50 - 00000936 _____ C:\Users\Public\Desktop\DivX Converter.lnk
2013-12-17 11:49 - 2013-12-17 11:49 - 25469280 _____ C:\Users\PAULO\Downloads\googleearth-win-bundle-7.1.2.2041.exe
2013-12-17 11:47 - 2013-12-17 11:47 - 00017563 _____ C:\Users\PAULO\Desktop\Opera 12 Notes.html
2013-12-17 11:47 - 2013-12-17 11:47 - 00000000 ____D C:\Users\PAULO\AppData\Local\Opera Software
2013-12-17 11:47 - 2013-12-16 15:33 - 00001788 _____ C:\Users\PAULO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update Checker.lnk
2013-12-17 11:47 - 2013-12-16 15:33 - 00001758 _____ C:\Users\PAULO\Desktop\Update Checker.lnk
2013-12-17 11:46 - 2013-12-17 11:46 - 00000801 _____ C:\Users\Public\Desktop\Opera 18.lnk
2013-12-17 11:46 - 2013-12-17 11:46 - 00000000 ____D C:\Users\PAULO\AppData\Roaming\Opera Software
2013-12-17 11:46 - 2013-11-25 20:55 - 00000808 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-12-17 11:46 - 2013-11-25 20:55 - 00000000 ____D C:\Program Files\CCleaner
2013-12-17 11:46 - 2011-03-08 17:28 - 00000000 ____D C:\Program Files\Opera
2013-12-17 00:19 - 2013-12-16 15:32 - 00000272 _____ C:\Windows\Tasks\Driver Booster Update.job
2013-12-16 15:59 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-12-16 15:50 - 2013-12-16 15:50 - 00232296 _____ (Intel Corporation) C:\Windows\system32\Drivers\e1e6032.sys
2013-12-16 15:50 - 2013-12-16 15:50 - 00083808 _____ (Intel Corporation) C:\Windows\system32\NicInE6.dll
2013-12-16 15:50 - 2013-12-16 15:50 - 00002760 _____ C:\Windows\system32\e1e6032.din
2013-12-16 15:50 - 2007-09-24 08:42 - 00317240 _____ (Intel Corporation) C:\Windows\system32\Prounstl.exe
2013-12-16 15:49 - 2013-12-16 15:49 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2013-12-16 15:46 - 2013-12-16 15:46 - 27369216 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 07162128 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP32A.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 06176944 _____ (Dolby Laboratories) C:\Windows\system32\DDPP32A.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 02395680 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 01783056 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesLib.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 01596488 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSndMgr.cpl
2013-12-16 15:46 - 2013-12-16 15:46 - 01509480 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 01489072 _____ (Dolby Laboratories) C:\Windows\system32\DDPD32A.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 01379760 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 01292904 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 01220200 _____ (DTS) C:\Windows\system32\DTSBoostDLL.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00938752 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt32.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00926976 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00919600 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00873728 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO40.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00852016 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00823040 _____ (DTS, Inc.) C:\Windows\system32\sl3apo32.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00819648 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo2.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00782040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApoApi.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00761088 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO20.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00654952 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00631400 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00604928 _____ (DTS, Inc.) C:\Windows\system32\sltech32.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00601704 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00509184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00509184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00502584 _____ C:\Windows\system32\audioLibVc.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00458344 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00426944 _____ (DTS) C:\Windows\system32\DTSU2PLFX32.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00403392 _____ (DTS) C:\Windows\system32\DTSU2PGFX32.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00389736 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00375400 _____ (DTS) C:\Windows\system32\DTSLimiterDLL.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00359768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP32A.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00357712 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00352016 _____ (Dolby Laboratories) C:\Windows\system32\R4EED32A.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00346048 _____ (DTS) C:\Windows\system32\DTSU2PREC32.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00345328 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSXT.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT32.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA32.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00272048 _____ (Dolby Laboratories) C:\Windows\system32\DDPO32A.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00232792 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00219312 _____ (Dolby Laboratories) C:\Windows\system32\DDPA32.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00218728 _____ (DTS) C:\Windows\system32\DTSGFXAPONS.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00218728 _____ (DTS) C:\Windows\system32\DTSGFXAPO.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00218368 _____ (TODO: <Company name>) C:\Windows\system32\slprp32.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00218216 _____ (DTS) C:\Windows\system32\DTSLFXAPO.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00214368 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00188696 _____ C:\Windows\system32\AcpiServiceVnA.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00185584 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSHD.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00182472 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTACap.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00173296 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP360.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00170840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED32A.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00140528 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00134584 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00132368 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00106768 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL32A.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00095840 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTARen.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00092584 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00091920 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA32A.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL32A.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00074080 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00068960 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00064856 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG32A.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00062224 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG32A.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00058264 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\TepeqAPO.dll
2013-12-16 15:46 - 2013-12-16 15:46 - 00013416 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR.dll
2013-12-16 15:37 - 2007-09-24 13:22 - 00000000 ____D C:\ProgramData\NVIDIA
2013-12-16 15:35 - 2013-12-16 15:35 - 22951200 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll
2013-12-16 15:35 - 2013-12-16 15:35 - 17560352 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-12-16 15:35 - 2013-12-16 15:35 - 10446112 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-12-16 15:35 - 2013-12-16 15:35 - 09663656 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-12-16 15:35 - 2013-12-16 15:35 - 09619872 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-12-16 15:35 - 2013-12-16 15:35 - 02947872 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-12-16 15:35 - 2013-12-16 15:35 - 02747680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-12-16 15:35 - 2013-12-16 15:35 - 01049888 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3233182.dll
2013-12-16 15:35 - 2013-12-16 15:35 - 00893728 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3233182.dll
2013-12-16 15:35 - 2013-02-25 23:22 - 15862272 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2um.dll
2013-12-16 15:35 - 2013-02-25 23:22 - 15218504 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dum.dll
2013-12-16 15:35 - 2013-02-25 23:22 - 02697248 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi.dll
2013-12-16 15:35 - 2012-08-05 20:01 - 00018439 _____ C:\Windows\system32\nvinfo.pb
2013-12-16 15:32 - 2013-12-16 15:32 - 00000977 _____ C:\Users\Public\Desktop\Driver Booster.lnk
2013-12-16 15:32 - 2012-10-31 01:41 - 00000000 ____D C:\Program Files\IObit
2013-12-16 15:32 - 2011-12-15 18:59 - 00000000 ____D C:\ProgramData\IObit
2013-12-16 15:32 - 2009-01-04 13:53 - 00000000 ____D C:\Users\PAULO\AppData\Roaming\IObit
2013-12-16 15:03 - 2008-04-10 17:22 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-12-16 14:56 - 2011-02-07 15:22 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-16 14:50 - 2006-11-02 11:23 - 00000331 _____ C:\Windows\win.ini
2013-12-16 13:36 - 2012-12-10 11:33 - 00002617 _____ C:\Users\PAULO\Desktop\Microsoft Word 2010.lnk
2013-12-16 13:29 - 2013-12-16 13:28 - 00000000 ____D C:\5dc6eb3b0a3bdca6bc002fb2174d
2013-12-16 12:44 - 2012-08-22 05:09 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-16 12:44 - 2009-12-07 23:15 - 00000000 ____D C:\Program Files\WinRAR
2013-12-16 12:10 - 2013-12-16 12:10 - 00000863 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-12-16 12:09 - 2009-03-13 23:57 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR
2013-12-16 11:49 - 2013-12-16 11:49 - 00000000 ____D C:\Users\PAULO\AppData\Local\Secunia PSI
2013-12-16 11:44 - 2013-12-16 11:44 - 00000000 ____D C:\Program Files\Secunia
2013-12-16 11:44 - 2012-04-04 23:28 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-12-16 11:44 - 2011-05-25 02:58 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-12-16 11:31 - 2013-12-16 11:31 - 00087358 _____ C:\Users\PAULO\Documents\ResultReport.html
2013-12-16 04:43 - 2009-07-04 11:24 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-16 02:57 - 2013-07-02 16:34 - 00001967 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-12-15 21:43 - 2009-07-04 11:24 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-13 03:31 - 2013-12-13 03:31 - 04583424 _____ (Google Inc.) C:\Windows\system32\GPhotos.scr

Files to move or delete:
====================
C:\ProgramData\PKP_DLdu.DAT


Some content of TEMP:
====================
C:\Users\PAULO\AppData\Local\temp\Checkupdate.exe
C:\Users\PAULO\AppData\Local\temp\Foxit Reader Updater.exe
C:\Users\PAULO\AppData\Local\temp\gcapi_dll.dll
C:\Users\PAULO\AppData\Local\temp\gtapi_signed.dll
C:\Users\PAULO\AppData\Local\temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-07 15:50

==================== End Of Log ============================
--- --- ---

schrauber 08.01.2014 09:25
Adobe updaten.


Fertig :)

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun :)

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.


Alle Zeitangaben in WEZ +1. Es ist jetzt 05:37 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131