Ads by BlockAndSurf - Virus/Adware

17.01.2015, 20:35
Member
Avatar HBG

Beiträge: 59
#1 Hallo,

ich habe den oben beschriebenen Virus. Ich hänge hier auch einen Screenshot bei.

Hab seit 2 Tagen einen neuen PC. Firefox und avira installiert.. BÄM Virus. Ich habe schon mit diversen Programen gescannt und der ist immer noch da. Der Virus nistet sich im Browser ein und zeigt mir Ads auf allen 4 Seiten, auch über dem Webseiten Kontext. Auch makiert er Wörter und zeigt mir dann dazu Werbung. Auch eine Seite mit "Repariere Windows" öffnet sich andauernd.

Bitte hilft mir, ich bin am verzweifeln ;)

http://www.bilder-upload.eu/show.php?file=635c2b-1421523629.png
http://www.bilder-upload.eu/show.php?file=1631c7-1421523653.png
http://www.bilder-upload.eu/show.php?file=bee5e1-1421523781.png

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:39:28, on 17.01.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
C:\Users\Sylvia\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\SysWOW64\qimlsrv.exe
C:\Users\Sylvia\AppData\Local\Akamai\netsession_win.exe
C:\Windows\SysWOW64\dsrviml.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_257.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_257.exe
C:\Users\Sylvia\AppData\Local\Temp\DMR\Downloads\fc14996dfa99adfc7baae624196888c5\7b4e384f5b096b9656fee276ba88bb81\HiJackThis204.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback>;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AMD SteadyVideo BHO - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll
O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SmartWeb] C:\Users\Sylvia\AppData\Local\SmartWeb\SmartWebHelper.exe
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Sylvia\AppData\Local\Akamai\netsession_win.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O4 - Global Startup: IML.lnk = C:\Windows\System32\iml.vbs
O4 - Global Startup: IML64.lnk = C:\Windows\SysWOW64\iml.vbs
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Avira Planer (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Echtzeit-Scanner (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Google Update-Dienst (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: SU Service component (serversu) - Unknown owner - C:\Users\Sylvia\AppData\Roaming\SoftwareUpdater\SUsrv.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9493 bytes


************************************************

OTL logfile created on: 18.01.2015 12:19:03 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Sylvia\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17501)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

7,94 Gb Total Physical Memory | 6,26 Gb Available Physical Memory | 78,81% Memory free
15,89 Gb Paging File | 13,52 Gb Available in Paging File | 85,09% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 463,98 Gb Total Space | 389,45 Gb Free Space | 83,94% Space Free | Partition Type: NTFS
Drive E: | 455,43 Gb Total Space | 455,33 Gb Free Space | 99,98% Space Free | Partition Type: NTFS

Computer Name: SYLVIA-PC | User Name: Sylvia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2015.01.18 12:16:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Sylvia\Downloads\OTL.exe
PRC - [2015.01.15 20:05:03 | 001,880,752 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_257.exe
PRC - [2015.01.15 18:02:38 | 000,431,920 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2015.01.15 18:02:26 | 000,702,768 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2015.01.15 18:02:26 | 000,431,920 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2015.01.09 10:04:44 | 000,338,032 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014.12.13 01:47:37 | 000,410,768 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2014.12.13 01:13:07 | 002,531,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014.12.13 01:13:04 | 001,701,520 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2014.12.03 07:31:16 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014.10.29 23:25:46 | 004,673,432 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Sylvia\AppData\Local\Akamai\netsession_win.exe
PRC - [2012.04.11 10:41:04 | 000,097,280 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
PRC - [2011.05.22 12:10:22 | 000,243,776 | ---- | M] (Comvigo, Inc.) -- C:\Windows\SysWOW64\qimlsrv.exe
PRC - [2011.03.21 01:42:48 | 000,096,320 | ---- | M] (Comvigo, Inc.) -- C:\Windows\SysWOW64\dsrviml.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2015.01.15 20:05:03 | 016,844,464 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll
MOD - [2015.01.09 10:05:21 | 003,925,104 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:64bit: - [2014.11.22 03:35:29 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013.12.20 19:13:44 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013.12.20 13:22:46 | 000,344,064 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2009.07.14 02:39:31 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\windows\SysNative\rundll32.exe -- (372ab9f0)
SRV - [2015.01.15 20:59:17 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015.01.15 18:02:38 | 000,431,920 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2015.01.15 18:02:26 | 000,431,920 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2015.01.09 10:05:11 | 000,114,800 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014.12.13 01:47:37 | 000,410,768 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014.12.13 01:13:04 | 001,701,520 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014.12.13 01:13:04 | 001,148,560 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
SRV - [2014.12.13 01:13:03 | 019,823,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV - [2014.12.11 10:30:48 | 000,315,496 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014.12.03 07:31:16 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014.03.20 23:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013.09.11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.09.22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010.09.21 14:49:00 | 002,286,976 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:64bit: - [2015.01.16 13:31:08 | 000,056,432 | ---- | M] (Corsica) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\webinstrNHKT.sys -- (webinstrNHKT)
DRV:64bit: - [2015.01.15 18:02:26 | 000,131,608 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2015.01.15 18:02:26 | 000,119,272 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2014.11.22 11:46:30 | 000,038,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2014.10.09 18:02:39 | 000,195,728 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2014.02.08 19:34:51 | 000,451,872 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvstusb.sys -- (NvStUSB)
DRV:64bit: - [2013.12.20 20:12:36 | 013,259,776 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013.12.20 18:41:16 | 000,625,152 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013.12.19 17:45:50 | 000,094,720 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2013.12.18 09:32:56 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2013.11.06 04:40:46 | 000,083,176 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2013.11.06 04:40:46 | 000,043,240 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2013.10.02 03:22:44 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013.10.02 03:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013.06.05 07:02:46 | 000,849,992 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2013.05.27 20:09:38 | 000,227,648 | ---- | M] (Advanced Micro Devices, INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdxhc.sys -- (amdxhc)
DRV:64bit: - [2013.05.27 20:09:38 | 000,106,816 | ---- | M] (Advanced Micro Devices, INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdhub30.sys -- (amdhub30)
DRV:64bit: - [2012.08.23 15:12:16 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012.08.23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.12.19 22:49:22 | 000,637,360 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaStorS.sys -- (iaStorS)
DRV:64bit: - [2011.12.19 22:49:18 | 000,566,192 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2011.12.19 22:49:18 | 000,024,496 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorF.sys -- (iaStorF)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.09.23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2009.07.23 08:07:36 | 000,096,768 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PciPPorts.sys -- (PciPPorts)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008.12.19 03:25:34 | 000,122,880 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PciSPorts.sys -- (PciSPorts)
DRV:64bit: - [2008.12.19 03:23:30 | 000,068,608 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PciIsaSerial.sys -- (PciIsaSerial)
DRV - [2014.12.13 01:13:03 | 000,019,600 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Programme\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV - [2013.12.16 01:07:48 | 000,059,648 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.3)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = about:blank
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{812AE120-1420-485A-9BA3-C52CED4AD4E4}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MNMTDF&pc=MANM&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{812AE120-1420-485A-9BA3-C52CED4AD4E4}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MNMTDF&pc=MANM&src=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.hyrican.de [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.hyrican.de [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>;<local>

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.isUS: false
FF - prefs.js..browser.startup.homepage: "google.de"
FF - prefs.js..extensions.enabledAddons: subtitles.timeline%40gmail.com:1.8.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:35.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 35.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 35.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2015.01.16 12:49:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sylvia\AppData\Roaming\mozilla\Extensions
[2015.01.17 20:37:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sylvia\AppData\Roaming\mozilla\Firefox\Profiles\nmlooans.default-1421519737204\extensions
[2015.01.17 19:36:59 | 000,009,418 | ---- | M] () (No name found) -- C:\Users\Sylvia\AppData\Roaming\mozilla\firefox\profiles\nmlooans.default-1421519737204\extensions\d.lehr@chello.at.xpi
[2015.01.17 20:26:59 | 000,775,833 | ---- | M] () (No name found) -- C:\Users\Sylvia\AppData\Roaming\mozilla\firefox\profiles\nmlooans.default-1421519737204\extensions\subtitles.timeline@gmail.com.xpi
[2015.01.17 19:36:58 | 000,985,112 | ---- | M] () (No name found) -- C:\Users\Sylvia\AppData\Roaming\mozilla\firefox\profiles\nmlooans.default-1421519737204\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2015.01.16 15:48:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2015.01.16 13:24:51 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Sylvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.8_0\
CHR - Extension: No name found = C:\Users\Sylvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: No name found = C:\Users\Sylvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\Sylvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: No name found = C:\Users\Sylvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\Sylvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\Sylvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.0_0\
CHR - Extension: No name found = C:\Users\Sylvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk\1.4.3_0\
CHR - Extension: No name found = C:\Users\Sylvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.16.3_0\
CHR - Extension: No name found = C:\Users\Sylvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijbgodfidfimmjgeapafonbdkkkndpmp\1.4.1_0\
CHR - Extension: No name found = C:\Users\Sylvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfjkehmceppcpjoaoegdmffmkdhiegmc\2.0.2_0\
CHR - Extension: No name found = C:\Users\Sylvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\khhckppjhonfmcpegdjdibmngahahhck\3.1.4_0\
CHR - Extension: No name found = C:\Users\Sylvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpekolbadenjphaaapbgdienjjpgbali\3.3_0\
CHR - Extension: No name found = C:\Users\Sylvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: No name found = C:\Users\Sylvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmameahlembdcigphohgiodcgjomcgeo\1.27_0\
CHR - Extension: No name found = C:\Users\Sylvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\Sylvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic\2.0_0\
CHR - Extension: No name found = C:\Users\Sylvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Programme\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe (Advanced Micro Devices, Inc.)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [SmartWeb] C:\Users\Sylvia\AppData\Local\SmartWeb\SmartWebHelper.exe File not found
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Sylvia\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.188.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A00D7B98-023E-4B09-A08D-123BC7CFF69D}: DhcpNameServer = 192.168.188.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18:64bit: - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Programme\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18:64bit: - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Programme\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\System32\Userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2015.01.16 14:21:30 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2015.01.18 00:49:41 | 000,000,000 | ---D | C] -- C:\Users\Sylvia\AppData\Local\Chromium
[2015.01.18 00:46:33 | 000,000,000 | ---D | C] -- C:\Users\Sylvia\AppData\Local\The Lord of the Rings Online
[2015.01.17 23:38:24 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_42.dll
[2015.01.17 23:38:24 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx11_42.dll
[2015.01.17 19:11:12 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDYAK.DLL
[2015.01.17 19:11:12 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDYAK.DLL
[2015.01.17 19:11:12 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDTAT.DLL
[2015.01.17 19:11:12 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDTAT.DLL
[2015.01.17 19:11:12 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDRU1.DLL
[2015.01.17 19:11:12 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDBASH.DLL
[2015.01.17 19:11:12 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDRU1.DLL
[2015.01.17 19:11:12 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDRU.DLL
[2015.01.17 19:11:12 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDRU.DLL
[2015.01.17 19:11:12 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDBASH.DLL
[2015.01.17 19:11:09 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollector.exe
[2015.01.17 19:11:09 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2015.01.17 19:11:09 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwproxystub.dll
[2015.01.17 19:11:09 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieetwproxystub.dll
[2015.01.17 19:11:09 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2015.01.17 19:11:08 | 000,718,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2015.01.17 19:11:08 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\JavaScriptCollectionAgent.dll
[2015.01.17 19:11:08 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
[2015.01.17 19:11:08 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2015.01.17 19:11:07 | 002,052,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2015.01.17 19:11:07 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2015.01.17 19:11:07 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9diag.dll
[2015.01.17 19:11:07 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2015.01.17 19:11:07 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollectorres.dll
[2015.01.17 19:11:06 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe
[2015.01.17 19:11:06 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2015.01.17 19:11:06 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2015.01.17 19:11:06 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2015.01.17 19:11:06 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2015.01.17 19:11:06 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2015.01.17 19:11:06 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2015.01.17 19:11:05 | 002,125,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2015.01.17 19:11:05 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll
[2015.01.17 19:11:04 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2015.01.17 19:11:04 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2015.01.17 19:11:04 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2015.01.17 19:11:04 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2015.01.17 19:11:04 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MshtmlDac.dll
[2015.01.17 19:11:03 | 006,039,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2015.01.17 19:11:03 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll
[2015.01.17 19:11:03 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9diag.dll
[2015.01.17 19:11:03 | 000,580,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2015.01.17 19:11:03 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2015.01.17 19:11:02 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2015.01.17 19:11:02 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MshtmlDac.dll
[2015.01.17 03:30:29 | 000,028,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IEUDINIT.EXE
[2015.01.17 03:24:43 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\elshyph.dll
[2015.01.17 03:24:41 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jsIntl.dll
[2015.01.17 03:24:41 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dat
[2015.01.17 03:24:41 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec
[2015.01.17 03:24:41 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\elshyph.dll
[2015.01.17 03:24:41 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2015.01.17 03:24:41 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iexpress.exe
[2015.01.17 03:24:41 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wextract.exe
[2015.01.17 03:24:41 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\occache.dll
[2015.01.17 03:24:41 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inseng.dll
[2015.01.17 03:24:41 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe
[2015.01.17 03:24:41 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\icardie.dll
[2015.01.17 03:24:41 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tdc.ocx
[2015.01.17 03:24:41 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\pngfilt.dll
[2015.01.17 03:24:41 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\licmgr10.dll
[2015.01.17 03:24:40 | 000,942,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jsIntl.dll
[2015.01.17 03:24:40 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dat
[2015.01.17 03:24:40 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2015.01.17 03:24:40 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\html.iec
[2015.01.17 03:24:40 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msls31.dll
[2015.01.17 03:24:40 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2015.01.17 03:24:40 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IEAdvpack.dll
[2015.01.17 03:24:40 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll
[2015.01.17 03:24:40 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\IEAdvpack.dll
[2015.01.17 03:24:40 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2015.01.17 03:24:40 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inseng.dll
[2015.01.17 03:24:40 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SetIEInstalledDate.exe
[2015.01.17 03:24:40 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe
[2015.01.17 03:24:40 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2015.01.17 03:24:40 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\icardie.dll
[2015.01.17 03:24:40 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tdc.ocx
[2015.01.17 03:24:40 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SetIEInstalledDate.exe
[2015.01.17 03:24:40 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmler.dll
[2015.01.17 03:24:40 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmler.dll
[2015.01.17 03:24:40 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\licmgr10.dll
[2015.01.17 03:24:40 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeedssync.exe
[2015.01.17 03:24:40 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedssync.exe
[2015.01.17 03:24:39 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2015.01.17 03:24:39 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iexpress.exe
[2015.01.17 03:24:39 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\occache.dll
[2015.01.17 03:24:39 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wextract.exe
[2015.01.17 03:24:39 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll
[2015.01.17 03:24:39 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pngfilt.dll
[2015.01.17 03:24:39 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imgutil.dll
[2015.01.17 03:24:39 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshta.exe
[2015.01.17 03:07:44 | 003,209,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mf.dll
[2015.01.17 03:07:44 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfps.dll
[2015.01.17 03:07:44 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfps.dll
[2015.01.17 03:07:44 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rrinstaller.exe
[2015.01.17 03:07:44 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rrinstaller.exe
[2015.01.17 03:07:44 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfpmp.exe
[2015.01.17 03:07:44 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfpmp.exe
[2015.01.17 03:07:44 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mferror.dll
[2015.01.17 03:07:44 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mferror.dll
[2015.01.17 03:07:43 | 004,121,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mf.dll
[2015.01.17 03:03:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft ASP.NET
[2015.01.17 03:03:18 | 002,777,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msmpeg2vdec.dll
[2015.01.17 03:03:18 | 002,285,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msmpeg2vdec.dll
[2015.01.17 03:01:17 | 001,389,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\icardagt.exe
[2015.01.17 03:01:17 | 000,171,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\infocardapi.dll
[2015.01.17 03:01:17 | 000,099,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\infocardapi.dll
[2015.01.17 03:01:16 | 000,619,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\icardagt.exe
[2015.01.17 03:01:15 | 000,008,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\icardres.dll
[2015.01.17 03:01:15 | 000,008,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\icardres.dll
[2015.01.17 03:00:56 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\TsWpfWrp.exe
[2015.01.17 03:00:56 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TsWpfWrp.exe
[2015.01.17 00:15:37 | 000,000,000 | ---D | C] -- C:\Users\Sylvia\AppData\Local\Akamai
[2015.01.17 00:15:16 | 000,000,000 | ---D | C] -- C:\Users\Sylvia\AppData\Local\Turbine
[2015.01.17 00:13:13 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_33.dll
[2015.01.17 00:13:13 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_42.dll
[2015.01.17 00:13:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Turbine
[2015.01.17 00:13:00 | 000,000,000 | ---D | C] -- C:\Users\Sylvia\Documents\The Lord of the Rings Online
[2015.01.17 00:12:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Turbine
[2015.01.16 21:07:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2015.01.16 21:07:28 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2015.01.16 21:07:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2015.01.16 20:49:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2015.01.16 20:49:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2015.01.16 15:54:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2015.01.16 15:54:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015.01.16 15:48:02 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2015.01.16 15:37:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Emsisoft
[2015.01.16 15:02:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Emsisoft Anti-Malware
[2015.01.16 14:20:46 | 000,000,000 | ---D | C] -- C:\Users\Sylvia\Start Menu
[2015.01.16 14:05:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shape Collage
[2015.01.16 14:05:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Shape Collage
[2015.01.16 13:45:02 | 000,000,000 | ---D | C] -- C:\Users\Sylvia\AppData\Local\Windows Live
[2015.01.16 13:44:45 | 000,000,000 | ---D | C] -- C:\Users\Sylvia\AppData\Local\{FE0B23EF-99C4-4634-B374-83114E9E3E59}
[2015.01.16 13:38:48 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2015.01.16 13:34:20 | 000,000,000 | ---D | C] -- C:\Users\Sylvia\AppData\Roaming\Opera Software
[2015.01.16 13:34:20 | 000,000,000 | ---D | C] -- C:\Users\Sylvia\AppData\Local\Opera Software
[2015.01.16 13:34:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera
[2015.01.16 13:33:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Optimizer Pro 3.31
[2015.01.16 13:33:13 | 000,000,000 | ---D | C] -- C:\Users\Sylvia\AppData\Local\Programs
[2015.01.16 13:32:15 | 000,000,000 | ---D | C] -- C:\Users\Sylvia\AppData\Local\CrashDumps
[2015.01.16 13:31:24 | 000,056,432 | ---- | C] (Corsica) -- C:\windows\SysNative\drivers\webinstrNHKT.sys
[2015.01.16 13:21:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2015.01.16 12:41:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2015.01.16 12:40:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2015.01.16 12:40:46 | 000,000,000 | ---D | C] -- C:\Users\Sylvia\AppData\Local\Google
[2015.01.16 12:32:40 | 000,000,000 | ---D | C] -- C:\Users\Sylvia\Desktop\Alte Firefox-Daten
[2015.01.16 12:25:37 | 000,000,000 | ---D | C] -- C:\Downloads
[2015.01.16 11:58:34 | 005,553,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2015.01.16 11:58:33 | 003,971,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe
[2015.01.16 11:58:33 | 003,916,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe
[2015.01.16 11:58:33 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srcore.dll
[2015.01.16 11:58:33 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rstrui.exe
[2015.01.16 11:58:33 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srclient.dll
[2015.01.16 11:57:42 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\usp10.dll
[2015.01.16 11:57:41 | 001,031,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TSWorkspace.dll
[2015.01.16 11:57:41 | 000,793,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\TSWorkspace.dll
[2015.01.16 11:57:35 | 001,943,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dfshim.dll
[2015.01.16 11:57:35 | 001,131,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dfshim.dll
[2015.01.16 11:57:35 | 000,156,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mscorier.dll
[2015.01.16 11:57:35 | 000,156,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mscorier.dll
[2015.01.16 11:57:35 | 000,081,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mscories.dll
[2015.01.16 11:57:35 | 000,073,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mscories.dll
[2015.01.16 11:57:34 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wer.dll
[2015.01.16 11:57:34 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wer.dll
[2015.01.16 11:57:34 | 000,288,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\FWPKCLNT.SYS
[2015.01.16 11:57:29 | 000,681,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\adtschema.dll
[2015.01.16 11:57:29 | 000,681,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\adtschema.dll
[2015.01.16 11:57:29 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msaudite.dll
[2015.01.16 11:57:29 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msaudite.dll
[2015.01.16 11:57:27 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ncsi.dll
[2015.01.16 11:57:26 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10warp.dll
[2015.01.16 11:57:26 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msxml6r.dll
[2015.01.16 11:57:26 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msxml6r.dll
[2015.01.16 11:57:21 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\osk.exe
[2015.01.16 11:57:21 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\osk.exe
[2015.01.16 11:57:19 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WindowsCodecs.dll
[2015.01.16 11:57:19 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qedit.dll
[2015.01.16 11:57:19 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qedit.dll
[2015.01.16 11:57:19 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msxml3r.dll
[2015.01.16 11:57:19 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msxml3r.dll
[2015.01.16 11:57:09 | 000,722,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\objsel.dll
[2015.01.16 11:57:09 | 000,538,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\objsel.dll
[2015.01.16 11:57:08 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KernelBase.dll
[2015.01.16 11:57:08 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cngprovider.dll
[2015.01.16 11:57:08 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\adprovider.dll
[2015.01.16 11:57:08 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\capiprovider.dll
[2015.01.16 11:57:08 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpapiprovider.dll
[2015.01.16 11:57:08 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cngprovider.dll
[2015.01.16 11:57:08 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\adprovider.dll
[2015.01.16 11:57:08 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\capiprovider.dll
[2015.01.16 11:57:08 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpapiprovider.dll
[2015.01.16 11:57:08 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dimsroam.dll
[2015.01.16 11:57:08 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wincredprovider.dll
[2015.01.16 11:57:08 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dimsroam.dll
[2015.01.16 11:57:08 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wincredprovider.dll
[2015.01.16 11:57:04 | 000,878,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IMJP10K.DLL
[2015.01.16 11:57:04 | 000,701,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\IMJP10K.DLL
[2015.01.16 11:57:04 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qdvd.dll
[2015.01.16 11:57:04 | 000,371,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qdvd.dll
[2015.01.16 11:57:04 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TSWbPrxy.exe
[2015.01.16 11:57:02 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll
[2015.01.16 11:57:02 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspicli.dll
[2015.01.16 11:57:02 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspisrv.dll
[2015.01.16 11:57:02 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secur32.dll
[2015.01.16 11:57:00 | 000,500,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AUDIOKSE.dll
[2015.01.16 11:57:00 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\AUDIOKSE.dll
[2015.01.16 11:57:00 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AudioEng.dll
[2015.01.16 11:57:00 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AudioSes.dll
[2015.01.16 11:57:00 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\EncDump.dll
[2015.01.16 11:56:59 | 000,190,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\storport.sys
[2015.01.16 11:56:59 | 000,027,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\Diskdump.sys
[2015.01.16 11:56:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iologmsg.dll
[2015.01.16 11:56:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iologmsg.dll
[2015.01.16 11:56:56 | 003,179,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcorets.dll
[2015.01.16 11:56:56 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RdpGroupPolicyExtension.dll
[2015.01.16 11:56:52 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\charmap.exe
[2015.01.16 11:56:52 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\charmap.exe
[2015.01.16 11:56:51 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rastls.dll
[2015.01.16 11:56:51 | 000,372,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rastls.dll
[2015.01.16 11:56:51 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WSManMigrationPlugin.dll
[2015.01.16 11:56:51 | 000,310,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WsmWmiPl.dll
[2015.01.16 11:56:51 | 000,266,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WSManHTTPConfig.exe
[2015.01.16 11:56:51 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WsmAuto.dll
[2015.01.16 11:56:50 | 000,248,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WSManMigrationPlugin.dll
[2015.01.16 11:56:50 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WsmWmiPl.dll
[2015.01.16 11:56:50 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WSManHTTPConfig.exe
[2015.01.16 11:56:50 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WsmAuto.dll
[2015.01.16 11:56:30 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncrypt.dll
[2015.01.16 11:56:27 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\packager.dll
[2015.01.16 11:56:27 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\packager.dll
[2015.01.16 11:56:21 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winlogon.exe
[2015.01.16 11:56:21 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsta.dll
[2015.01.16 11:56:20 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcorekmts.dll
[2015.01.16 11:56:16 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kernel32.dll
[2015.01.16 11:56:16 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64win.dll
[2015.01.16 11:56:16 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64.dll
[2015.01.16 11:56:16 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setup16.exe
[2015.01.16 11:56:16 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntvdm64.dll
[2015.01.16 11:56:16 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntvdm64.dll
[2015.01.16 11:56:16 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64cpu.dll
[2015.01.16 11:56:16 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\instnm.exe
[2015.01.16 11:56:16 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wow32.dll
[2015.01.16 11:56:16 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\user.exe
[2015.01.16 11:56:14 | 003,241,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msi.dll
[2015.01.16 11:56:14 | 001,941,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\authui.dll
[2015.01.16 11:56:14 | 001,805,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\authui.dll
[2015.01.16 11:56:14 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msihnd.dll
[2015.01.16 11:56:14 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msihnd.dll
[2015.01.16 11:56:14 | 000,112,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\consent.exe
[2015.01.16 11:56:07 | 006,584,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstscax.dll
[2015.01.16 11:56:06 | 005,703,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstscax.dll
[2015.01.16 11:56:06 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gdi32.dll
[2015.01.16 11:56:05 | 001,216,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rpcrt4.dll
[2015.01.16 11:56:05 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\oleaut32.dll
[2015.01.15 20:05:53 | 000,000,000 | ---D | C] -- C:\Users\Sylvia\AppData\Local\Macromedia
[2015.01.15 19:12:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2015.01.15 19:11:27 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2015.01.15 18:55:31 | 000,000,000 | ---D | C] -- C:\Users\Sylvia\AppData\Local\Skype
[2015.01.15 18:55:30 | 000,000,000 | ---D | C] -- C:\Users\Sylvia\AppData\Roaming\Skype
[2015.01.15 18:55:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2015.01.15 18:55:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2015.01.15 18:55:23 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2015.01.15 18:55:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2015.01.15 18:30:44 | 002,620,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wucltux.dll
[2015.01.15 18:30:44 | 000,058,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuauclt.exe
[2015.01.15 18:30:44 | 000,044,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups2.dll
[2015.01.15 18:30:37 | 000,700,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapi.dll
[2015.01.15 18:30:37 | 000,581,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuapi.dll
[2015.01.15 18:30:37 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wudriver.dll
[2015.01.15 18:30:37 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wudriver.dll
[2015.01.15 18:30:37 | 000,038,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups.dll
[2015.01.15 18:30:37 | 000,036,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wups.dll
[2015.01.15 18:30:29 | 000,198,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuwebv.dll
[2015.01.15 18:30:29 | 000,179,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuwebv.dll
[2015.01.15 18:30:29 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapp.exe
[2015.01.15 18:30:29 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuapp.exe
[2015.01.15 18:03:44 | 000,043,064 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\windows\SysNative\drivers\avnetflt.sys
[2015.01.15 17:59:56 | 000,000,000 | ---D | C] -- C:\Users\Sylvia\AppData\Roaming\NVIDIA
[2015.01.15 17:59:52 | 000,000,000 | ---D | C] -- C:\Users\Sylvia\AppData\Local\FirestormOS_x64
[2015.01.15 17:59:52 | 000,000,000 | ---D | C] -- C:\Users\Sylvia\AppData\Roaming\Firestorm_x64
[2015.01.15 17:57:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firestorm
[2015.01.15 17:57:50 | 000,000,000 | ---D | C] -- C:\Program Files\Firestorm-Releasex64
[2015.01.15 17:50:31 | 000,000,000 | ---D | C] -- C:\Users\Sylvia\AppData\Local\Adobe
[2015.01.15 17:50:25 | 000,000,000 | ---D | C] -- C:\Users\Sylvia\AppData\Roaming\Avira
[2015.01.15 17:49:25 | 000,131,608 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\windows\SysNative\drivers\avipbb.sys
[2015.01.15 17:49:25 | 000,119,272 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\windows\SysNative\drivers\avgntflt.sys
[2015.01.15 17:49:25 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\windows\SysNative\drivers\avkmgr.sys
[2015.01.15 17:49:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2015.01.15 17:49:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2015.01.15 17:48:46 | 000,000,000 | ---D | C] -- C:\Users\Sylvia\AppData\Roaming\dlg
[2015.01.15 17:42:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2015.01.15 17:42:35 | 000,620,176 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvStreaming.exe
[2015.01.15 17:42:12 | 000,000,000 | ---D | C] -- C:\Users\Sylvia\AppData\Roaming\Windows Live Writer
[2015.01.15 17:42:12 | 000,000,000 | ---D | C] -- C:\Users\Sylvia\AppData\Local\Windows Live Writer
[2015.01.15 17:41:18 | 032,099,472 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvoglv64.dll
[2015.01.15 17:41:18 | 025,460,552 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvcompiler.dll
[2015.01.15 17:41:18 | 024,764,232 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvoglv32.dll
[2015.01.15 17:41:18 | 020,465,808 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvcompiler.dll
[2015.01.15 17:41:18 | 016,040,184 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvwgf2um.dll
[2015.01.15 17:41:18 | 013,288,360 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvopencl.dll
[2015.01.15 17:41:18 | 013,202,520 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvcuda.dll
[2015.01.15 17:41:18 | 010,710,160 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvcuda.dll
[2015.01.15 17:41:18 | 003,610,440 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvcuvid.dll
[2015.01.15 17:41:18 | 003,248,968 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvcuvid.dll
[2015.01.15 17:41:18 | 001,895,056 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvdispco6434709.dll
[2015.01.15 17:41:18 | 001,556,624 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvdispgenco6434709.dll
[2015.01.15 17:41:18 | 001,540,240 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvhdagenco64.dll
[2015.01.15 17:41:18 | 000,994,384 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvumdshimx.dll
[2015.01.15 17:41:18 | 000,968,336 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\NvIFR64.dll
[2015.01.15 17:41:18 | 000,942,400 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\NvFBC64.dll
[2015.01.15 17:41:18 | 000,928,072 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\NvIFR.dll
[2015.01.15 17:41:18 | 000,906,560 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\NvFBC.dll
[2015.01.15 17:41:18 | 000,876,976 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvumdshim.dll
[2015.01.15 17:41:18 | 000,496,272 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvEncodeAPI64.dll
[2015.01.15 17:41:18 | 000,399,688 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvEncodeAPI.dll
[2015.01.15 17:41:18 | 000,391,488 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\NvIFROpenGL.dll
[2015.01.15 17:41:18 | 000,353,224 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvoglshim64.dll
[2015.01.15 17:41:18 | 000,346,944 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\NvIFROpenGL.dll
[2015.01.15 17:41:18 | 000,306,328 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvoglshim32.dll
[2015.01.15 17:41:18 | 000,195,728 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\drivers\nvhda64v.sys
[2015.01.15 17:41:18 | 000,178,632 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvinitx.dll
[2015.01.15 17:41:18 | 000,165,760 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvinit.dll
[2015.01.15 17:41:18 | 000,030,536 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvhdap64.dll
[2015.01.15 17:37:25 | 000,000,000 | ---D | C] -- C:\Users\Sylvia\AppData\Roaming\Mozilla
[2015.01.15 17:37:25 | 000,000,000 | ---D | C] -- C:\Users\Sylvia\AppData\Local\Mozilla
[2015.01.15 17:37:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2015.01.15 17:37:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2015.01.15 17:36:25 | 001,715,224 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvspbridge64.dll
[2015.01.15 17:36:25 | 001,291,464 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvspbridge.dll
[2015.01.15 17:36:16 | 000,038,032 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\drivers\nvvad64v.sys
[2015.01.15 17:36:16 | 000,032,400 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvaudcap32v.dll
[2015.01.15 17:36:16 | 000,000,000 | ---D | C] -- C:\Users\Sylvia\AppData\Roaming\Macromedia
[2015.01.15 17:34:15 | 000,000,000 | ---D | C] -- C:\Users\Sylvia\AppData\Local\AMD
[2015.01.15 17:34:07 | 000,000,000 | ---D | C] -- C:\Users\Sylvia\AppData\Roaming\ATI
[2015.01.15 17:34:07 | 000,000,000 | ---D | C] -- C:\Users\Sylvia\AppData\Local\ATI
[2015.01.15 17:33:46 | 000,000,000 | ---D | C] -- C:\Users\Sylvia\AppData\Roaming\Adobe
[2015.01.15 17:33:42 | 000,000,000 | R--D | C] -- C:\Users\Sylvia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2015.01.15 17:33:42 | 000,000,000 | R--D | C] -- C:\Users\Sylvia\Searches
[2015.01.15 17:33:42 | 000,000,000 | R--D | C] -- C:\Users\Sylvia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2015.01.15 17:33:34 | 000,000,000 | ---D | C] -- C:\Users\Sylvia\AppData\Roaming\Identities
[2015.01.15 17:33:33 | 000,000,000 | R--D | C] -- C:\Users\Sylvia\Contacts
[2015.01.15 17:33:30 | 000,000,000 | ---D | C] -- C:\Users\Sylvia\AppData\Local\VirtualStore
[2015.01.15 17:32:27 | 000,000,000 | ---D | C] -- C:\Users\Sylvia\AppData\Local\NVIDIA Corporation
[2015.01.15 17:31:21 | 000,000,000 | ---D | C] -- C:\Users\Sylvia\AppData\Local\NVIDIA
[2015.01.15 17:31:19 | 000,000,000 | --SD | C] -- C:\Users\Sylvia\AppData\Roaming\Microsoft
[2015.01.15 17:31:19 | 000,000,000 | R--D | C] -- C:\Users\Sylvia\Videos
[2015.01.15 17:31:19 | 000,000,000 | R--D | C] -- C:\Users\Sylvia\Saved Games
[2015.01.15 17:31:19 | 000,000,000 | R--D | C] -- C:\Users\Sylvia\Pictures
[2015.01.15 17:31:19 | 000,000,000 | R--D | C] -- C:\Users\Sylvia\Music
[2015.01.15 17:31:19 | 000,000,000 | R--D | C] -- C:\Users\Sylvia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2015.01.15 17:31:19 | 000,000,000 | R--D | C] -- C:\Users\Sylvia\Links
[2015.01.15 17:31:19 | 000,000,000 | R--D | C] -- C:\Users\Sylvia\Favorites
[2015.01.15 17:31:19 | 000,000,000 | R--D | C] -- C:\Users\Sylvia\Downloads
[2015.01.15 17:31:19 | 000,000,000 | R--D | C] -- C:\Users\Sylvia\Documents
[2015.01.15 17:31:19 | 000,000,000 | R--D | C] -- C:\Users\Sylvia\Desktop
[2015.01.15 17:31:19 | 000,000,000 | R--D | C] -- C:\Users\Sylvia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2015.01.15 17:31:19 | 000,000,000 | -HSD | C] -- C:\Users\Sylvia\Vorlagen
[2015.01.15 17:31:19 | 000,000,000 | -HSD | C] -- C:\Users\Sylvia\AppData\Local\Verlauf
[2015.01.15 17:31:19 | 000,000,000 | -HSD | C] -- C:\Users\Sylvia\AppData\Local\Temporary Internet Files
[2015.01.15 17:31:19 | 000,000,000 | -HSD | C] -- C:\Users\Sylvia\Startmenü
[2015.01.15 17:31:19 | 000,000,000 | -HSD | C] -- C:\Users\Sylvia\SendTo
[2015.01.15 17:31:19 | 000,000,000 | -HSD | C] -- C:\Users\Sylvia\Recent
[2015.01.15 17:31:19 | 000,000,000 | -HSD | C] -- C:\Users\Sylvia\Netzwerkumgebung
[2015.01.15 17:31:19 | 000,000,000 | -HSD | C] -- C:\Users\Sylvia\Lokale Einstellungen
[2015.01.15 17:31:19 | 000,000,000 | -HSD | C] -- C:\Users\Sylvia\Documents\Eigene Videos
[2015.01.15 17:31:19 | 000,000,000 | -HSD | C] -- C:\Users\Sylvia\Documents\Eigene Musik
[2015.01.15 17:31:19 | 000,000,000 | -HSD | C] -- C:\Users\Sylvia\Eigene Dateien
[2015.01.15 17:31:19 | 000,000,000 | -HSD | C] -- C:\Users\Sylvia\Documents\Eigene Bilder
[2015.01.15 17:31:19 | 000,000,000 | -HSD | C] -- C:\Users\Sylvia\Druckumgebung
[2015.01.15 17:31:19 | 000,000,000 | -HSD | C] -- C:\Users\Sylvia\Cookies
[2015.01.15 17:31:19 | 000,000,000 | -HSD | C] -- C:\Users\Sylvia\AppData\Local\Anwendungsdaten
[2015.01.15 17:31:19 | 000,000,000 | -HSD | C] -- C:\Users\Sylvia\Anwendungsdaten
[2015.01.15 17:31:19 | 000,000,000 | -H-D | C] -- C:\Users\Sylvia\AppData
[2015.01.15 17:31:19 | 000,000,000 | ---D | C] -- C:\Users\Sylvia\AppData\Local\Temp
[2015.01.15 17:31:19 | 000,000,000 | ---D | C] -- C:\Users\Sylvia\AppData\Local\Microsoft
[2015.01.15 17:31:19 | 000,000,000 | ---D | C] -- C:\Users\Sylvia\AppData\Roaming\Media Center Programs
[2015.01.15 17:31:05 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2015.01.15 17:31:05 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2015.01.15 17:31:05 | 000,000,000 | -HSD | C] -- C:\Programme
[2015.01.15 17:31:05 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2015.01.15 17:31:05 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2015.01.15 17:31:05 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2015.01.15 17:31:05 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2015.01.15 17:31:05 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2015.01.15 17:31:05 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2015.01.15 17:31:05 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2015.01.15 17:31:05 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2015.01.18 12:13:29 | 000,000,894 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2015.01.18 11:59:00 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2015.01.18 11:45:00 | 000,000,898 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2015.01.18 10:45:16 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2015.01.18 03:25:39 | 001,619,284 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2015.01.18 03:25:39 | 000,699,092 | ---- | M] () -- C:\windows\SysNative\perfh007.dat
[2015.01.18 03:25:39 | 000,653,930 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2015.01.18 03:25:39 | 000,149,232 | ---- | M] () -- C:\windows\SysNative\perfc007.dat
[2015.01.18 03:25:39 | 000,121,802 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2015.01.18 03:24:09 | 000,016,752 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015.01.18 03:24:09 | 000,016,752 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015.01.18 03:18:37 | 2103,054,335 | -HS- | M] () -- C:\hiberfil.sys
[2015.01.17 03:51:30 | 000,267,816 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2015.01.17 03:24:43 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\elshyph.dll
[2015.01.17 03:24:41 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\jsIntl.dll
[2015.01.17 03:24:41 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dat
[2015.01.17 03:24:41 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec
[2015.01.17 03:24:41 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\elshyph.dll
[2015.01.17 03:24:41 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2015.01.17 03:24:41 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iexpress.exe
[2015.01.17 03:24:41 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\wextract.exe
[2015.01.17 03:24:41 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\occache.dll
[2015.01.17 03:24:41 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\inseng.dll
[2015.01.17 03:24:41 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe
[2015.01.17 03:24:41 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\icardie.dll
[2015.01.17 03:24:41 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\tdc.ocx
[2015.01.17 03:24:41 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\pngfilt.dll
[2015.01.17 03:24:41 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\licmgr10.dll
[2015.01.17 03:24:41 | 000,016,284 | ---- | M] () -- C:\windows\SysWow64\ieuinit.inf
[2015.01.17 03:24:40 | 000,942,592 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jsIntl.dll
[2015.01.17 03:24:40 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dat
[2015.01.17 03:24:40 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2015.01.17 03:24:40 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\html.iec
[2015.01.17 03:24:40 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msls31.dll
[2015.01.17 03:24:40 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2015.01.17 03:24:40 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\IEAdvpack.dll
[2015.01.17 03:24:40 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll
[2015.01.17 03:24:40 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\IEAdvpack.dll
[2015.01.17 03:24:40 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2015.01.17 03:24:40 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\inseng.dll
[2015.01.17 03:24:40 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\SetIEInstalledDate.exe
[2015.01.17 03:24:40 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe
[2015.01.17 03:24:40 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2015.01.17 03:24:40 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\icardie.dll
[2015.01.17 03:24:40 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\tdc.ocx
[2015.01.17 03:24:40 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\SetIEInstalledDate.exe
[2015.01.17 03:24:40 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmler.dll
[2015.01.17 03:24:40 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmler.dll
[2015.01.17 03:24:40 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\licmgr10.dll
[2015.01.17 03:24:40 | 000,016,284 | ---- | M] () -- C:\windows\SysNative\ieuinit.inf
[2015.01.17 03:24:40 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeedssync.exe
[2015.01.17 03:24:40 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedssync.exe
[2015.01.17 03:24:39 | 000,774,144 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2015.01.17 03:24:39 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iexpress.exe
[2015.01.17 03:24:39 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\occache.dll
[2015.01.17 03:24:39 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wextract.exe
[2015.01.17 03:24:39 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll
[2015.01.17 03:24:39 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\pngfilt.dll
[2015.01.17 03:24:39 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\imgutil.dll
[2015.01.17 03:24:39 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshta.exe
[2015.01.17 03:10:08 | 001,592,628 | ---- | M] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2015.01.17 00:13:00 | 000,002,205 | ---- | M] () -- C:\Users\Sylvia\Desktop\Der Herr der Ringe Online.lnk
[2015.01.16 20:49:30 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2015.01.16 14:21:30 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2015.01.16 13:53:18 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2015.01.16 13:31:32 | 000,001,934 | ---- | M] () -- C:\windows\patsearch.bin
[2015.01.16 13:31:31 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_Kernel_webinstrNHKT_01009.Wdf
[2015.01.16 13:31:08 | 000,056,432 | ---- | M] (Corsica) -- C:\windows\SysNative\drivers\webinstrNHKT.sys
[2015.01.16 13:24:53 | 000,001,154 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015.01.16 13:22:08 | 000,002,096 | ---- | M] () -- C:\Users\Sylvia\Desktop\eBay Sidebar for Firefox.lnk
[2015.01.16 13:21:27 | 000,074,010 | ---- | M] () -- C:\Users\Sylvia\Documents\bookmarks.html
[2015.01.16 12:10:08 | 000,000,000 | -H-- | M] () -- C:\Users\Sylvia\Documents\Default.rdp
[2015.01.15 20:59:14 | 000,701,616 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2015.01.15 20:59:14 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2015.01.15 18:02:26 | 000,131,608 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\windows\SysNative\drivers\avipbb.sys
[2015.01.15 18:02:26 | 000,119,272 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\windows\SysNative\drivers\avgntflt.sys
[2015.01.15 18:02:26 | 000,043,064 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\windows\SysNative\drivers\avnetflt.sys
[2015.01.15 17:30:35 | 000,159,772 | ---- | M] () -- C:\windows\SysWow64\license.rtf
[2015.01.15 17:30:35 | 000,159,772 | ---- | M] () -- C:\windows\SysNative\license.rtf

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2015.01.17 03:24:41 | 000,016,284 | ---- | C] () -- C:\windows\SysWow64\ieuinit.inf
[2015.01.17 03:24:40 | 000,016,284 | ---- | C] () -- C:\windows\SysNative\ieuinit.inf
[2015.01.17 00:13:00 | 000,002,205 | ---- | C] () -- C:\Users\Sylvia\Desktop\Der Herr der Ringe Online.lnk
[2015.01.16 20:49:30 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2015.01.16 14:21:30 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2015.01.16 13:53:18 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2015.01.16 13:31:32 | 000,001,934 | ---- | C] () -- C:\windows\patsearch.bin
[2015.01.16 13:31:31 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_Kernel_webinstrNHKT_01009.Wdf
[2015.01.16 13:22:08 | 000,002,096 | ---- | C] () -- C:\Users\Sylvia\Desktop\eBay Sidebar for Firefox.lnk
[2015.01.16 13:21:27 | 000,074,010 | ---- | C] () -- C:\Users\Sylvia\Documents\bookmarks.html
[2015.01.16 12:40:49 | 000,000,898 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2015.01.16 12:40:49 | 000,000,894 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2015.01.16 12:10:08 | 000,000,000 | -H-- | C] () -- C:\Users\Sylvia\Documents\Default.rdp
[2015.01.15 17:37:19 | 000,001,166 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2015.01.15 17:37:19 | 000,001,154 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015.01.15 17:33:46 | 000,001,428 | ---- | C] () -- C:\Users\Sylvia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2015.01.15 17:31:19 | 000,001,304 | ---- | C] () -- C:\Users\Sylvia\Desktop\Backup and Restore Center.lnk
[2015.01.15 17:31:19 | 000,000,830 | ---- | C] () -- C:\Users\Sylvia\Desktop\Treiber und Software.lnk
[2014.02.24 16:28:41 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2014.02.24 16:22:52 | 000,995,342 | ---- | C] () -- C:\windows\SysWow64\amdocl_as32.exe
[2014.02.24 16:22:52 | 000,346,624 | ---- | C] () -- C:\windows\SysWow64\newhsacore.dll
[2014.02.24 16:22:51 | 001,638,400 | ---- | C] () -- C:\windows\SysWow64\hsaservices.dll
[2014.02.24 16:22:51 | 000,798,734 | ---- | C] () -- C:\windows\SysWow64\amdocl_ld32.exe
[2014.02.24 16:22:51 | 000,003,917 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat
[2014.02.24 16:22:50 | 000,068,608 | ---- | C] () -- C:\windows\SysWow64\hsaumd.dll
[2014.02.24 16:22:47 | 000,157,144 | ---- | C] () -- C:\windows\SysWow64\ativvsva.dat
[2014.02.24 16:22:45 | 000,204,952 | ---- | C] () -- C:\windows\SysWow64\ativvsvl.dat
[2014.02.24 14:20:05 | 001,592,628 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2014.02.24 13:48:15 | 000,085,761 | ---- | C] () -- C:\windows\SysWow64\tnblf.exe
[2013.12.20 14:04:54 | 000,038,912 | ---- | C] () -- C:\windows\SysWow64\kdbsdk32.dll
[2011.05.22 14:09:18 | 000,019,624 | ---- | C] () -- C:\ProgramData\winiml.dat
[2011.05.22 14:09:18 | 000,019,624 | ---- | C] () -- C:\ProgramData\iml.xml

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014.06.25 03:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.06.25 02:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
Dieser Beitrag wurde am 18.01.2015 um 12:25 Uhr von HBG editiert.
Seitenanfang Seitenende
18.01.2015, 17:42
Member

Themenstarter
Avatar HBG

Beiträge: 59
#2 Kann mir bitte jemand helfen?
Hat schon den SpyHunter gekauft und das hilft mir auch nicht.
Seitenanfang Seitenende
21.01.2015, 10:41
Member
Avatar Gool

Beiträge: 4730
#3 Diese Einträge könnten für das Problem verantwortlich sein:
O4 - HKLM\..\Run: [SmartWeb] C:\Users\Sylvia\AppData\Local\SmartWeb\SmartWebHelper.exe
O23 - Service: SU Service component (serversu) - Unknown owner - C:\Users\Sylvia\AppData\Roaming\SoftwareUpdater\SUsrv.exe (file missing)


Der erste gehört wohl zu PriceGong (das sollte man normal deinstallieren können) und der zweite ist eine bekannte Adware. Schau bitte nach, ob unter C:\Users\Sylvia\AppData\Roaming\ (ist ein versteckter Ordner und im Explorer wird statt "Users" der Name "Benutzer" angezeigt) ein Ordner SoftwareUpdater existiert. Wenn ja, starte eine Eingabeaufforderung als Administrator und führe folgende Befehle aus:
sc stop serversu
sc delete serversu

Anschließend lösche den Ordner "SoftwareUpdater".

Die hier finde ich auch verdächtig und sollten entfernt werden:
O4 - Global Startup: IML.lnk = C:\Windows\System32\iml.vbs
O4 - Global Startup: IML64.lnk = C:\Windows\SysWOW64\iml.vbs

Mehr verdächtige Einträge habe ich nicht entdeckt. Das Problem könnte sich aber auch über eine Browsererweiterung eingeschlichen haben. Tritt es nur beim Firefox auf oder auch bei anderen Browsern? Kannst Du testweise mal alle Addons von Firefox deaktivieren und falls es dann nicht auftritt, alle Erweiterungen nach und nach wieder aktivieren, um die "böse" Browsererweiterung zu finden?
__________
Dies ist eine Signatur! Persönlicher Service: Du kommst aus Berlin? Dann melde Dich per PN bei mir, evtl. können wir einen Termin vereinbaren.
Der Grabsteinschubser
Seitenanfang Seitenende